On 26.09.2013 14:07, Reindl Harald wrote:

again: *not* on the roundcube side, roundcube is a mail *client*

Not on the Roundcube side? Sure; can we configure the IMAP side somehow so that Roundcube hides things that are not permitted?

How about the address book? That comes from a database, not IMAP.

the client *must not* be responsible for permissions http://tools.ietf.org/html/rfc4314#page-19

The archive IMPA4 account can itself have access restrictions in it. I'm only concerned with not showing irrelevant UI, not proposing that access control depends on whether or not the UI is hidden.

Of course if someone logs into that special archive account in regular mode (or with another client), they should not be permitted to mess with the contents.

For my purposes, it would be good enough that nobody knows the name of this account or is password. (Of course, the RC installation would have these credentials in its configuration.)

what you want is make roundcube with a mode without email-functions

Without *some* e-mail functions, obviously; not without *all* of them.

why do you think that a webmail-client with hidden email-functions is a good idea as base?

Because it's already done, debugged and has a good-looking UI for viewing messages and some search capability. That alone is a lot do develop and test from scratch.