On Nov 16, 2008, at 5:09 AM, Timo Sirainen wrote:
Any thoughts?
1. How to handle "anyone" and "authenticated"? It might be nice to let users share mailboxes, but if they'll start spamming their mailboxes visible to everyone it'll get really annoying and fast. So I'm thinking about a setting:
acl_anyone = allow : Let them do what they intended to do. Admins could have this setting set.
acl_anyone = disallow : Don't allow user to add any ACLs with them. Fail with NO if tried.
acl_anyone = domain : Treat them as alias for [EMAIL PROTECTED] which matches all users from the user's domain ([EMAIL PROTECTED] matching not implemented yet).
The default would probably be "disallow".2. There probably need to be some limits to how many different users and groups can be used by ACLs and perhaps a limit to how many ACLs in general each mailbox can have. The latter limit could be configurable, defaulting to 100 maybe?
The former then would require tracking the users and groups somehow. Actually the reason why I'm even thinking about it is because of mailbox listing. I was planning on storing to a dict sharing_user/ acl_user and sharing_user/acl_group keys for each (non-negative) ACL in user's mailboxes. So to prevent user from spamming the dict full there would have to be some kind of a limit for this. Again perhaps 100 as the default. The current value could always be read by iterating through sharing_user/* in dict and counting how many entries there are.
PGP.sig
Description: This is a digitally signed message part
