go to Index

IMAP Shared Folders
DBMA Home | Demo | Contact | Security | FAQ | INSTALL | News | DBMA.ca home

Using ACLs and Shared Folders

  • ACL / ACL List
    • IMAP4 Access Control Lists (ACL's) (RFC 2086) provide the option to share IMAP folders. If you do not have any shared folders, this is your tool to create them. DBMA first checks your system to make certain that the critical system accounts exist within Group 0.
  • Popular IMAP Feature
    • Remember that once you have created the infrastructure and assigned some administrative rights (SETACL) to key trusted users, your Shared Folder Forest under #Users is likely to grow fast. #Public folders can be controlled exclusively by you, the Mail System Administrator, or you can give Administrative Access Rights to #Public/folders to trusted users or Group Admins.
  • How To Start Sharing #Public Folders with DBMA
    • Select "ACL" from the main screen. Type the name of the folder you wish to create and press "Create Shared Folder." DBMA will do the rest. DBMA will assign limited user access rights to "anyone". If "anyone or __public__ does not exist on your system, DBMA will create them for you.
    • The Global function screen for ACLs also has an Access Rights tool for manually adding a folder to a users ACL or updating any user for any shared folder. Be careful how you use this as it is a powerful and highly flexible tool.
    • Any User Account Window provides a means to manage specific user access rights to shared folders. You can permit users to have higher privileged access rights or even administration rights. To understand these rights, hold your cursor over the text block at the bottom which corresponds to the item for which you seek help. Or click help.
  • Configuring the MUA (Mail User Agent)
    • Once you have your shared folders set up and appropriate user rights assigned (for anyone), you will want to get your email client configured to subscribe to these folders. The internet is abound with opinions on what is the best email MUA (Mail User Agent - Email Client). If you are using Thunderbird or a fairly new Mozilla Mail, you are in luck. These MUAs will "subscribe" to the shared folders in a flash. You can drag and drop or copy to, move to or whatever you like in these folders.
    • With Microsoft's Outlook Express and Outlook you will need to do a little coaxing. Select the account and click on "IMAP4 Folders". Don't try to first subscribe to #Public after you "Reset List". Instead, select just the sub folders of #Public and subscribe to them. Close the "Folders" window. Reset the list of folders. Next open "IMAP4 Folders" again and select #Public. Close. This two-step process of subscribing to the subfolders first and then later subscribing to the root #Public seems to work. You should be in business.
  • Useage Example
    • Here is a usage example of IMAP4 Shared Folders. Let's say you have some pictures you want to show many people on your mail server. Create a folder or use what you have and create a message containing with your pictures and save it in your drafts folder with a subject line "Pictures of me Winning The Lottery" or whatever. Next, select the email in your drafts folder and copy it to your "Common Shared Folder". Now 'anyone' has access. Hopefully your target audience is not using one of the ACL Shared Folders 'unfriendly' MUAs. You perhaps can share the following advice.
  • How To Start Sharing #User Folders with DBMA
    • Sharing a Users' Folders This is normally done with an ACL-friendly MUA but DBMA can help you create much of what the user can do from their MUA if it is easier to do it for them than explain how; or in the event that your user has made a mistake and you are on a repair mission. In the drop-down display of available ACL-eligible folders in the User Account Window you will see all of the "#Public" folders plus all of the users folders. They are all eligible for sharing. Example for User Account Window for: Bob 
                  #Public/common 
            bob/INBOX
            bob/Trash
            bob/Sent
            bob/shared
    • If you select and add a set of Access Rights to "bob/shared", it will be available across the system under #Users but no one will be able to share it unless you assign Access Rights to additional users; or allow bob SETACL (Admin) rights for that folder and he can do it all for you.
    • You manage individual user rights from the User Account Window and manage #Public and #User rights from the global Access Control List Tools (select ACL on the Main Screen). Assigning rights to #Users/folder can be done with the DBMA Access Control List Tools after the #User/folder has been shared from the User Account Window. The first step is to go to the User Account Window, create the shared folder by assigning the owner full Access Rights. Next you return to the DBMA ACL Tools and select the new shared #User/folder you created and one after another add the users need ing acces rights on this folder.
  • How Do Permissions Work in DBMA
    • All ACL Permissions are set to either 1-On or 0-Off
      • lookup_flag: mailbox is visible to LIST/LSUB commands
      • read_flag: SELECT the mailbox, perform CHECK, FETCH, PARTIAL SEARCH, COPY from mailbox
      • seen_flag: keep seen/unseen information across session
      • write_flag: STORE flags other than SEEN and DELETED
      • insert_flag: perform APPEND, COPY into mailbox
      • post_flag: send mail to submission address for mailbox
      • create_flag: CREATE new sub-mailboxes in any implementation defined hierarchy
      • delete_flag: STORE DELETED flag perform EXPUNGE
      • administer_flag: perform SETACL