Access Control Defaults
***********************


Administrators
==============

Regardless of the ACL on a mailbox, users who are listed in the
"admins" configuration option in imapd.conf(5) implicitly have the "l"
and "a" rights on all mailboxes.

Administrators can also see across domains which normal users cannot.

Warning:

  An admin user should not be a normal email account.


Mailbox owners
==============

The user who owns a mailbox folder has additional rights which are set
regardless of any additional ACLs. These are:

* **l** - lookup

* **k** - create subfolders

* **x** - delete this folder

* **a** - administer

These are set in "implicit_owner_rights" of imapd.conf(5).


Default
=======

For all other mailboxes not owned by a user, any user accessing these
mailboxes have the following default privileges:

* **l** - lookup

* **r** - read contents

* **s** - seen

These are set in "defaultacl" of imapd.conf(5).


Initial ACLs for Newly Created Mailboxes
========================================

When a mailbox is created, its ACL starts off with a copy of the ACL
of its closest parent mailbox. When a user is created, the ACL on the
user's "INBOX" starts off with a single entry granting all rights to
the user. When a non-user mailbox is created and does not have a
parent, its ACL is initialized to the value of the "defaultacl" option
in imapd.conf(5).


Other Implicit Rights
=====================

Note that some rights are available implicitly, for example
'anonymous' always has 'p' on user INBOXes, and users always have "la"
rights on mailboxes within their INBOX hierarchy.