doveadm acl set -A Public authenticated lookup read
does solve the SOGo error.
SOGo expects “read” right and dovecot doesn’t provide it so it’s really hard to say if it’s server or client misbehavior. For TB it’s definitely a clients misbehavior.
But changing rights on the server may affect other clients. Maybe another client uses the “read” right for making folders visible which may not be wanted.