Background: We have an installation hosting different mailing list like categories. We have a mailing list/category hidden-external which every user should be able to post to, but not be able to read (e.g. a support group). Equivalent would be a mailing list non-members can write to, without a public archive.
Example: User Alice is member of mailing list/category public-internal (thus has an account on the discourse instance), but not of hidden-external. Bob has no (regular) account at all (only a staged account). Alice should be able to post & read within public-internal and be able to write (e.g. via email) to hidden-external but not see the posts of it.
I thus created a group hidden-external where Alice is not a member of and a category hidden-external, giving only the group hidden-external rights to view, reply and post, but allowing incoming email from anonymous users.
Bob can now send an email to hidden-external (as he should), but Alice unfortunately cannot (error: invalid access rights - you have not the necessary rights to post to this category).
What did I do wrong? How to configure it?
There was apparently a wish for a plug-in development three years ago, but I cannot see if it got developed and released as open source.
Edit: got feedback from the at that time contacted developer, that he did not develop it back then.