IMAP Shared Folders and ACLs

In previous article we briefly mentioned shared IMAP folders, ACLs (Access Control List), and collaboration

This is an extremely useful and powerful component of IMAP, allowing for group collaboration and sharing of emails. Combined with the power of ACLs to define fine grained of who has access to a folder and what they are allowed to do with that folder, make for a very powerful platform.

Typically IMAP folder that are to be shared or published to a group of people are created by the administrator, and the ACLs are set by the administrator.

An administrator might want to setup a public shared folder for users to deposit the spam samples that get through the corporate filter. These samples are then used to train and refine a Bayesian filter or similar. Since end users must not b allowed to contribute samples directly to the training system this public folder acts as a depository for their contributions.

Users can then subscribe to this folder in their email client software, and the actually details of doing that depend on which client software is used. But a little poking around the menu system of the client will quickly reveal how to do it.

ACLs for this folder would be set so that anyone inside the organization can subscribe to the folder, drag / drop spam samples. Then the administrator gives himself exclusive ACLs to the actual training sample folders so have can pick and chose from the contributions the best samples for training. This example outlines perfectly the use of shared public folders and how ACLs fit in.

In addition to public shared folders, IMAP allows each user can create their own private folders for categorizing and organizing their incoming emails. Combined with client side filter rules, incoming emails can be automatically shuffled into the appropriate folder. And again, because these folders are stored on the server side, their contents are available from any computer or webmail interface.

Any situation where a group of people must have access to an email can benefit from this. Resumes, support requests, sales inquiries, you name it. You could always setup a distribution list to handle these scenarios, but there is a lack of communication in that case, since no one will know who has responded to what message, and how.