                            Courier-IMAP version 4.0

   Contents of this NEWS file:

   > Introduction
   > Shared folders and access control lists

  Introduction

   Courier-IMAP 4.0 brings many changes and improvements. All
   authentication-related code in Courier-IMAP has been moved into the
   external Courier Authentication Library. See the contents of the INSTALL
   file for more information. Courier-IMAP now includes an IMAP/POP3
   aggregation proxy, like Perdition. See the "imap/README.proxy" file in the
   source distribution for more information. Mail accounts can be distributed
   across a pool of servers. A separate server (or another pool of servers)
   accept connections from IMAP and POP3 clients, waits for the client's
   login request, looks the mail account's server, and connects to the
   IMAP/POP3 server on the right host, with the IMAP/POP3 client being no
   wiser. Any kind of an upper limit on the scalability of the IMAP/POP3
   server, or how large of a mail store it can support, has been eliminated.
   The only limit to Courier-IMAP's horizontal scaling is the available
   bandwidth on the LAN.

  Shared folders and access control lists

   New to Courier-IMAP 3 are the ACL (access control list) IMAP extension,
   and ACL-based virtual shared folders. Courier-IMAP 3 implements both the
   existing ACL specification, RFC 2086, as well as an experimental
   implementation of the second draft revision of the ACL specification.
   Virtual shared folders is a different implementation of shared folders
   that supplements an older implementation in Courier-IMAP 2, and earlier.
   The older, POSIX permission-based shared folders are still implemented and
   supported. Here's a summary of the differences between the two shared
   folder mechanisms:

   >   POSIX-based shared folders                ACL shared folders
   >                                 May be used with virtual accounts only;
   > May be used with system         cannot be used on systems that have
   > accounts only^1                 end-user login shell access: bypassing
   >                                 ACLs and accessing the folders directly is
   >                                 trivial
   > Access rights based on          Access rights based on IMAP access control
   > traditional POSIX filesystem    lists
   > permissions
   >                                 A site-specific process must be installed
   > Sharable folders must be set up to compile an index of all virtual
   > manually, using the             mailboxes; afterwords, individual users
   > "maildirmake" command           may create and manage shared folders
   >                                 themselves

   >> ^1 This is because access rights are governed by filesystem
   >> permissions. POSIX shared folders may also be used with virtual
   >> accounts, but it will not be possible to grant read-only access to
   >> shared folders, and everyone will be able to delete messages from
   >> shared folders (instead of only the creator of each message)

   After installation, read the "maildiracl" manual page for a brief overview
   of access control lists.

   Read "maildir/README.sharedfolders.html" for information on configuring
   virtual shared folders
