                               Courier 0.45 Beta

   Contents of this NEWS file:

     Introduction                                         
     Shared folders and access control lists              
     The new Courier-IMAP installation script (version 2) 
     Upgrading from Courier-IMAP 1.2.3 and earlier        

  Introduction

   This is a beta build of the next major release of the Courier server.
   Extensive testing of this beta release is strongly desired. Even if you do
   not have an immediate use for any major features in the new release, such
   as virtual shared folders and access control lists, there have been major
   internal changes to the code to accomodate all the new stuff. Beta testing
   should concentrate on the following areas:

     * Interoperability with IMAP clients that make use of access control
       lists
     * Virtual shared folders, with various kinds of authenticatiom
       back-ends: PostgreSQL, LDAP, MySQL
     * Memory leaks in either the IMAP server, or the authentication daemons
     * Impact of new shared folder and ACL functionality on other IMAP
       aspects: namely quotas, and concurrent access

   Starting with Courier 0.45, the default configuration enables metadata
   dot-locking. In previous version metadata dot-locking (IMAP_USELOCKS
   setting in the imapd configuration file) is disabled by default.
   Dot-locking was, and still is optional. When enabled, its value-added
   functionality is elimination of certain non-critical race conditions with
   concurrent access. Dot-locking is now enabled by default due to its proven
   record of "mostly harmless", and that it now provides added benefit with
   ACLs and shared folders. However, when upgrading from an earlier version,
   the existing configuration setting is left in place; only new installation
   of Courier will default to enabled dot-locking.

  Shared folders and access control lists

   New to Courier 0.45 are the ACL (access control list) IMAP extension, and
   ACL-based virtual shared folders. Courier 0.45 implements both the
   existing ACL specification, RFC 2086, as well as an experimental
   implementation of the second draft revision of the ACL specification.
   Virtual shared folders is a different implementation of shared folders
   that supplements an older implementation in previous versions. The older,
   POSIX permission-based shared folders are still implemented and supported.
   Here's a summary of the differences between the two shared folder
   mechanisms:

      POSIX-based shared folders              ACL shared folders              
                                  May be used with virtual accounts only;     
     May be used with system      cannot be used on systems that have         
     accounts only^1              end-user login shell access: bypassing ACLs 
                                  and accessing the folders directly is       
                                  trivial                                     
     Access rights based on       Access rights based on IMAP access control  
     traditional POSIX filesystem lists                                       
     permissions                  
     Sharable folders must be set A site-specific process must be installed   
     up manually, using the       to compile an index of all virtual          
     "maildirmake" command        mailboxes; afterwords, individual users may 
                                  create and manage shared folders themselves 

       ^1 This is because access rights are governed by filesystem
       permissions. POSIX shared folders may also be used with virtual
       accounts, but it will not be possible to grant read-only access to
       shared folders, and everyone will be able to delete messages from
       shared folders (instead of only the creator of each message)

   After installation, read the "maildiracl" manual page for a brief overview
   of access control lists.

   Read "maildir/README.sharedfolders.html" for information on configuring
   virtual shared folders
