[Search] [pdf|bibtex] [Tracker] [WG] [Email] [Diff1] [Diff2] [Nits]

Versions: 00 01 02 03 04 rfc5463                                        
Network Working Group                                           N. Freed
Internet-Draft                                          Sun Microsystems
Intended status: Standards Track                            May 25, 2008
Expires: November 26, 2008


                Sieve Email Filtering:  Ihave Extension
                       draft-freed-sieve-ihave-02

Status of this Memo

   By submitting this Internet-Draft, each author represents that any
   applicable patent or other IPR claims of which he or she is aware
   have been or will be disclosed, and any of which he or she becomes
   aware will be disclosed, in accordance with Section 6 of BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on November 26, 2008.

Abstract

   This document describes the "ihave" extension to the Sieve email
   filtering language.  The "ihave" extension provides a means to write
   scripts that can take advantage of optional Sieve features but can
   still run when those optional features are not available.  The
   extension also defines a new error control command intended to be
   used to report situations where no combination of available
   extensions satisfies the needs of the script.

Change History (to be removed prior to publication as an RFC)

   Changed the comparator used in the ihave test from "i;ascii-casemap"
   to "i;octet".



Freed                   Expires November 26, 2008               [Page 1]


Internet-Draft            Sieve Ihave Extension                 May 2008


   Updated the IANA registration template.

   Simplified the semantics of ihave to be independent of block
   structure.

   Moved the environment extension to a separate document so the
   standards status of the two extensions can be different.

   Added error action.

   Added some text to make the portability advantages of ihave clearer.

   Added a note about the possibility that the argument to error uses
   UTF-8 characters.


1.  Introduction

   Sieve [RFC5228] is a language for filtering email messages at or
   around the time of final delivery.  It is designed to be
   implementable on either a mail client or mail server.  It is suitable
   for running on a mail server where users may not be allowed to
   execute arbitrary programs, such as on black box Internet Message
   Access Protocol [RFC3501] servers, as it has no user-controlled loops
   or the ability to run external programs.

   Various sieve extensions have already been defined, e.g., [RFC5229]
   [RFC5230] [RFC5231] [RFC5232] [RFC5233] [RFC5235], and many more are
   sure to be created over time.  Sieve's require clause is used to
   specify the extensions a particular sieve needs; an error results if
   the script's require clause calls for an extension that isn't
   available.  This mechanism is sufficient in most situations.
   However, there can be cases where a script may be able to take
   advantage of an extension if it is available but can still operate if
   it is not, possibly with some degradation of functionality.  Cases
   can also arise where a script would prefer one extension but can
   employ a different one if the first one is not available.

   The "ihave" extension provides a means to write scripts that make use
   of extensions only when they are actually available.  Ihave defines a
   new ihave test that takes a list of capability names as an argument
   and succeeds if and only if all of the those capabilities are
   present.  Additionally, specification of the "ihave" extension in the
   require clause disables parse time checking of extension use in
   scripts; run-time checking must be used instead.  This makes it
   possible to write portable scripts that can operate in multiple
   environments making effective use of whatever extensions are
   available even though differing sets of extensions are provided in



Freed                   Expires November 26, 2008               [Page 2]


Internet-Draft            Sieve Ihave Extension                 May 2008


   different places.

   The "ihave" extension also defines a new error control command.
   Error causes script execution to terminate with the error message
   given as the argument to the error control.


2.  Conventions Used in this Document

   "The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

   The terms used to describe the various components of the Sieve
   language are taken from Section 1.1 of [RFC5228].


3.  Capability Identifiers

   The capability string associated with the extension defined in this
   document is "ihave".


4.  Ihave Test

   Usage:   ihave <capabilities: string-list>

   The ihave test provides a means for Sieve scripts to test for the
   existence of a given extension prior to actually using it.  The
   capabilities argument to ihave is the same as the similarly-named
   argument to the require control statement: It specifies the names of
   one or more Sieve extensions or comparators.  The ihave test succeeds
   if all the extensions specified in the capabilities list are
   available to the script.

   Unlike most Sieve tests, ihave accepts no match or comparator
   arguments.  The type of match for ihave is always ":is" and the
   comparator is always "i;octet".

   The strings in the capabilities list are constant strings in context
   of Sieve variables [RFC5229].  It is an error to pass a non-constant
   string as an argument to ihave.

   The Sieve base specification demands that that all Sieve extensions
   used in a given script be specified in the initial require control
   statement.  It is an error for a script to call for extensions the
   interpreter doesn't support or to attempt to use extensions that have
   not been listed in the script's require clause.  Using ihave changes



Freed                   Expires November 26, 2008               [Page 3]


Internet-Draft            Sieve Ihave Extension                 May 2008


   Sieve interpreter behavior and the underlying requirements in the
   following ways:

   1.  Use of a given extension is allowed subsequent to the successful
       evaluation of an ihave test on that extension all the way to the
       end of the script, even outside the block enclosed by the ihave
       test.  In other words, subsequent to a successful ihave things
       operate just as if the extension had been specified in the
       script's require clause.  The extension cannot be used prior to
       the evaluation of such a test and a runtime error MUST be
       generated if such usage is attempted.  However, subsequent use of
       that extension may still need to be conditionally handled via an
       ihave test to deal with the case where it is not supported.  The
       extension cannot be used prior to the evaluation of such a test
       and a runtime error MUST be generated if such usage is attempted.

   2.  Sieve interpreters normally have the option of checking extension
       use at either parse time or execution time.  The specification of
       "ihave" in a script's require clause changes this behavior:
       Scripts MUST either defer extension checking to run time or else
       take the presence of ihave tests into account at parse time.
       Note that since ihave can be used inside of anyof, allof, and not
       tests full parse time checking of ihave may be very difficult to
       implement.

   3.  Although it makes little sense to do so, an extension can be
       specified in both the require control statement and in an ihave
       test.  If this is done and the extension has been implemented the
       extension can be used anywhere in the script and an ihave test of
       that extension will always return true.

   4.  Ihave accepts a list of capabilities.  The ihave test fails and
       none of the capabilities are enabled if any of the specified
       capabilities are unavailable.

   Ihave is designed to be used with extensions that add tests, actions,
   or comparators.  It MUST NOT be used with extensions that change how
   the content of Sieve scripts are interpreted such as the variables
   extension [RFC5229].


5.  Error Control

   Usage:   error <message: string>

   The error control causes script execution to terminate with a run-
   time error.  The message argument provides a text description of the
   error condition that SHOULD be included in any generated report



Freed                   Expires November 26, 2008               [Page 4]


Internet-Draft            Sieve Ihave Extension                 May 2008


   regarding the error.  Section 2.10.6 of [RFC5228] describes how run-
   time errors are handled in Sieve.

   Note that the message argument, like all Sieve string, employs the
   UTF-8 charset and can contain non-US-ASCII characters.  This must be
   taken into consideration when reporting script errors.

   The error control is included as part of the ihave extension so that
   it is unconditionally available to scripts using ihave.


6.  Security Considerations

   A potential security issue with Sieve scripts is that when a script
   fails to run due to the lack of some extension it may fail to block
   dangerous email.  The ihave extension makes it possible to improve
   script portability and generality, which may improve the overall
   security provided by Sieve.

   Script robustness aside, ihave is essentially a more flexible variant
   of Sieve's existing require mechanism.  As such, it does not add any
   additional capabilities to a Sieve implementation that could create
   security issues.  Of course all of the security considerations given
   in the base Sieve specification and in any extensions that are
   employed are still relevant.


7.  IANA Considerations

   The following template specifies the IANA registration of the Sieve
   extension specified in this document:

      To: iana@iana.org
      Subject: Registration of new Sieve extension

      Capability name: ihave
      Description:     The "ihave" extension provides a means to write
                       scripts that make use of other extensions only
                       when they are actually available.
      RFC number:      RFC XXXX
      Contact address: Sieve discussion list <ietf-mta-filters@imc.org>


8.  References







Freed                   Expires November 26, 2008               [Page 5]


Internet-Draft            Sieve Ihave Extension                 May 2008


8.1.  Normative references

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC5228]  Guenther, P. and T. Showalter, "Sieve: An Email Filtering
              Language", RFC 5228, January 2008.

8.2.  Informative references

   [RFC3501]  Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION
              4rev1", RFC 3501, March 2003.

   [RFC5229]  Homme, K., "Sieve Email Filtering: Variables Extension",
              RFC 5229, January 2008.

   [RFC5230]  Showalter, T. and N. Freed, "Sieve Email Filtering:
              Vacation Extension", RFC 5230, January 2008.

   [RFC5231]  Segmuller, W. and B. Leiba, "Sieve Email Filtering:
              Relational Extension", RFC 5231, January 2008.

   [RFC5232]  Melnikov, A., "Sieve Email Filtering: Imap4flags
              Extension", RFC 5232, January 2008.

   [RFC5233]  Murchison, K., "Sieve Email Filtering: Subaddress
              Extension", RFC 5233, January 2008.

   [RFC5235]  Daboo, C., "Sieve Email Filtering: Spamtest and Virustest
              Extensions", RFC 5235, January 2008.


Appendix A.  Acknowledgements

   Cyrus Daboo and Alexey Melnikov provided helpful suggestions and
   corrections.















Freed                   Expires November 26, 2008               [Page 6]


Internet-Draft            Sieve Ihave Extension                 May 2008


Author's Address

   Ned Freed
   Sun Microsystems
   3401 Centrelake Drive, Suite 410
   Ontario, CA  92761-1205
   USA

   Phone: +1 909 457 4293
   Email: ned.freed@mrochek.com









































Freed                   Expires November 26, 2008               [Page 7]


Internet-Draft            Sieve Ihave Extension                 May 2008


Full Copyright Statement

   Copyright (C) The IETF Trust (2008).

   This document is subject to the rights, licenses and restrictions
   contained in BCP 78, and except as set forth therein, the authors
   retain all their rights.

   This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
   THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
   OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
   THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.


Intellectual Property

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the procedures with respect to rights in RFC documents can be
   found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use of
   such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository at
   http://www.ietf.org/ipr.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at
   ietf-ipr@ietf.org.











Freed                   Expires November 26, 2008               [Page 8]