Access Control


Cyrus IMAP documentation is a work in progress. The completion of this particular part of the documentation is pending the resolution of :task:`51`.

Cyrus IMAP features powerful access control compliant with RFC 2086, RFC 4314, RFC 5257 and RFC 5464.

Combined, this provides powerful mechanisms to enable or restrict access to information contained within the Cyrus IMAP mailspool.

Discretionary Access Control

Cyrus IMAP employs discretionary access control, meaning that users themselves are in charge of what folders are shared, and with whom.

Two means exist to suppress sharing folders between users:

  1. Revoke the a (administration) right on all mailboxes in the personal namespace for each user.

  2. Suppress the listing of the Other Users Namespace by enabling disable_user_namespace in imapd.conf(5).

    disable_user_namespace: 0

    Preclude list command on user namespace. If set to ‘yes’, the LIST response will never include any other user’s mailbox. Admin users will always see all mailboxes. The default is ‘no’

Back to IMAP Features