draft-ietf-sieve-3028bis-13.txt   rfc5228.txt 
Network Working Group P. Guenther Network Working Group P. Guenther, Ed.
Internet-Draft Sendmail, Inc. Request for Comments: 5228 Sendmail, Inc.
Intended status: Standards Track T. Showalter Obsoletes: 3028 T. Showalter, Ed.
Expires: April 2008 Editors Category: Standards Track January 2008
Obsoletes: 3028 (if approved) October 2007
Sieve: An Email Filtering Language Sieve: An Email Filtering Language
draft-ietf-sieve-3028bis-13.txt
Status of this Memo
By submitting this Internet-Draft, each author represents that any Status of This Memo
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
A revised version of this draft document will be submitted to the RFC
editor as a Standard Track RFC for the Internet Community.
Discussion and suggestions for improvement are requested, and should
be sent to ietf-mta-filters@imc.org. Distribution of this memo is
unlimited.
Copyright Notice
Copyright (C) The IETF Trust (2007). This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Abstract Abstract
This document describes a language for filtering email messages at This document describes a language for filtering email messages at
time of final delivery. It is designed to be implementable on either time of final delivery. It is designed to be implementable on either
a mail client or mail server. It is meant to be extensible, simple, a mail client or mail server. It is meant to be extensible, simple,
and independent of access protocol, mail architecture, and operating and independent of access protocol, mail architecture, and operating
system. It is suitable for running on a mail server where users may system. It is suitable for running on a mail server where users may
not be allowed to execute arbitrary programs, such as on black box not be allowed to execute arbitrary programs, such as on black box
Internet Message Access Protocol (IMAP) servers, as the base language Internet Message Access Protocol (IMAP) servers, as the base language
has no variables, loops, or ability to shell out to external has no variables, loops, or ability to shell out to external
programs. programs.
Table of Contents Table of Contents
1. Introduction ........................................... 3 1. Introduction ....................................................4
1.1. Conventions Used in This Document ..................... 4 1.1. Conventions Used in This Document ..........................4
1.2. Example mail messages ................................. 5 1.2. Example Mail Messages ......................................5
2. Design ................................................. 6 2. Design ..........................................................6
2.1. Form of the Language .................................. 6 2.1. Form of the Language .......................................6
2.2. Whitespace ............................................ 6 2.2. Whitespace .................................................7
2.3. Comments .............................................. 6 2.3. Comments ...................................................7
2.4. Literal Data .......................................... 7 2.4. Literal Data ...............................................7
2.4.1. Numbers ............................................... 7 2.4.1. Numbers .............................................7
2.4.2. Strings ............................................... 7 2.4.2. Strings .............................................8
2.4.2.1. String Lists .......................................... 8 2.4.2.1. String Lists ...............................9
2.4.2.2. Headers ............................................... 9 2.4.2.2. Headers ....................................9
2.4.2.3. Addresses ............................................. 9 2.4.2.3. Addresses .................................10
2.4.2.4. Encoding characters using "encoded-character" ......... 10 2.4.2.4. Encoding Characters Using
2.5. Tests ................................................. 11 "encoded-character" .......................10
2.5.1. Test Lists ............................................ 11 2.5. Tests .....................................................11
2.6. Arguments ............................................. 11 2.5.1. Test Lists .........................................12
2.6.1. Positional Arguments .................................. 11 2.6. Arguments .................................................12
2.6.2. Tagged Arguments ...................................... 12 2.6.1. Positional Arguments ...............................12
2.6.3. Optional Arguments .................................... 12 2.6.2. Tagged Arguments ...................................12
2.6.4. Types of Arguments .................................... 12 2.6.3. Optional Arguments .................................13
2.7. String Comparison ..................................... 13 2.6.4. Types of Arguments .................................13
2.7.1. Match Type ............................................ 13 2.7. String Comparison .........................................13
2.7.2. Comparisons Across Character Sets ..................... 14 2.7.1. Match Type .........................................14
2.7.3. Comparators ........................................... 15 2.7.2. Comparisons across Character Sets ..................15
2.7.4. Comparisons Against Addresses ......................... 16 2.7.3. Comparators ........................................15
2.8. Blocks ................................................ 16 2.7.4. Comparisons against Addresses ......................16
2.9. Commands .............................................. 16 2.8. Blocks ....................................................17
2.10. Evaluation ............................................ 17 2.9. Commands ..................................................17
2.10.1. Action Interaction .................................... 17 2.10. Evaluation ...............................................18
2.10.2. Implicit Keep ......................................... 17 2.10.1. Action Interaction ................................18
2.10.3. Message Uniqueness in a Mailbox ....................... 18 2.10.2. Implicit Keep .....................................18
2.10.4. Limits on Numbers of Actions .......................... 18 2.10.3. Message Uniqueness in a Mailbox ...................19
2.10.5. Extensions and Optional Features ...................... 18 2.10.4. Limits on Numbers of Actions ......................19
2.10.6. Errors ................................................ 19 2.10.5. Extensions and Optional Features ..................19
2.10.7. Limits on Execution ................................... 19 2.10.6. Errors ............................................20
3. Control Commands ....................................... 20 2.10.7. Limits on Execution ...............................20
3.1. Control if ............................................ 20 3. Control Commands ...............................................21
3.2. Control require ....................................... 21 3.1. Control if ................................................21
3.3. Control stop .......................................... 21 3.2. Control require ...........................................22
4. Action Commands ........................................ 21 3.3. Control stop ..............................................22
4.1. Action fileinto ....................................... 22 4. Action Commands ................................................23
4.2. Action redirect ....................................... 22 4.1. Action fileinto ...........................................23
4.3. Action keep ........................................... 23 4.2. Action redirect ...........................................23
4.4. Action discard ........................................ 24 4.3. Action keep ...............................................24
5. Test Commands .......................................... 24 4.4. Action discard ............................................25
5.1. Test address .......................................... 25 5. Test Commands ..................................................26
5.2. Test allof ............................................ 25 5.1. Test address ..............................................26
5.3. Test anyof ............................................ 26 5.2. Test allof ................................................27
5.4. Test envelope ......................................... 26 5.3. Test anyof ................................................27
5.5. Test exists ........................................... 27 5.4. Test envelope .............................................27
5.6. Test false ............................................ 27 5.5. Test exists ...............................................28
5.7. Test header ........................................... 27 5.6. Test false ................................................28
5.8. Test not .............................................. 28 5.7. Test header ...............................................29
5.9. Test size ............................................. 28 5.8. Test not ..................................................29
5.10. Test true ............................................. 29 5.9. Test size .................................................29
6. Extensibility .......................................... 29 5.10. Test true ................................................30
6.1. Capability String ..................................... 29 6. Extensibility ..................................................30
6.2. IANA Considerations ................................... 30 6.1. Capability String .........................................31
6.2.1. Template for Capability Registrations ................. 30 6.2. IANA Considerations .......................................31
6.2.2. Handling of Existing Capability Registrations ......... 31 6.2.1. Template for Capability Registrations ..............32
6.2.3. Initial Capability Registrations ...................... 31 6.2.2. Handling of Existing Capability Registrations ......32
6.3. Capability Transport .................................. 32 6.2.3. Initial Capability Registrations ...................32
7. Transmission ........................................... 32 6.3. Capability Transport ......................................33
8. Parsing ................................................ 32 7. Transmission ...................................................33
8.1. Lexical Tokens ........................................ 33 8. Parsing ........................................................34
8.2. Grammar ............................................... 35 8.1. Lexical Tokens ............................................34
9. Extended Example ....................................... 35 8.2. Grammar ...................................................36
10. Security Considerations ................................ 36 8.3. Statement Elements ........................................36
11. Acknowledgments ........................................ 38 9. Extended Example ...............................................37
12. Editors' Addresses ..................................... 38 10. Security Considerations .......................................38
13. Normative References ................................... 38 11. Acknowledgments ...............................................39
14. Informative References ................................. 39 12. Normative References ..........................................39
15. Changes from RFC 3028 .................................. 39 13. Informative References ........................................40
16. Full Copyright Statement ............................... 40 14. Changes from RFC 3028 .........................................41
1. Introduction 1. Introduction
This memo documents a language that can be used to create filters for This memo documents a language that can be used to create filters for
electronic mail. It is not tied to any particular operating system electronic mail. It is not tied to any particular operating system
or mail architecture. It requires the use of [IMAIL]-compliant or mail architecture. It requires the use of [IMAIL]-compliant
messages, but should otherwise generalize to many systems. messages, but should otherwise generalize to many systems.
The language is powerful enough to be useful but limited in order to The language is powerful enough to be useful but limited in order to
allow for a safe server-side filtering system. The intention is to allow for a safe server-side filtering system. The intention is to
make it impossible for users to do anything more complex (and make it impossible for users to do anything more complex (and
dangerous) than write simple mail filters, along with facilitating dangerous) than write simple mail filters, along with facilitating
the use of GUIs for filter creation and manipulation. The base the use of graphical user interfaces (GUIs) for filter creation and
language was not designed to be Turing-complete: it does not have a manipulation. The base language was not designed to be Turing-
loop control structure or functions. complete: it does not have a loop control structure or functions.
Scripts written in Sieve are executed during final delivery, when the Scripts written in Sieve are executed during final delivery, when the
message is moved to the user-accessible mailbox. In systems where message is moved to the user-accessible mailbox. In systems where
the Mail Transfer Agent (MTA) does final delivery, such as the Mail Transfer Agent (MTA) does final delivery, such as
traditional Unix mail, it is reasonable to filter when the MTA traditional Unix mail, it is reasonable to filter when the MTA
deposits mail into the user's mailbox. deposits mail into the user's mailbox.
There are a number of reasons to use a filtering system. Mail There are a number of reasons to use a filtering system. Mail
traffic for most users has been increasing due to increased usage of traffic for most users has been increasing due to increased usage of
email, the emergence of unsolicited email as a form of advertising, email, the emergence of unsolicited email as a form of advertising,
skipping to change at page 4, line 49 skipping to change at page 5, line 12
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [KEYWORDS]. document are to be interpreted as described in [KEYWORDS].
Each section on a command (test, action, or control) has a line Each section on a command (test, action, or control) has a line
labeled "Usage:". This line describes the usage of the command, labeled "Usage:". This line describes the usage of the command,
including its name and its arguments. Required arguments are listed including its name and its arguments. Required arguments are listed
inside angle brackets ("<" and ">"). Optional arguments are listed inside angle brackets ("<" and ">"). Optional arguments are listed
inside square brackets ("[" and "]"). Each argument is followed by inside square brackets ("[" and "]"). Each argument is followed by
its type, so "<key: string>" represents an argument called "key" that its type, so "<key: string>" represents an argument called "key" that
is a string. Literal strings are represented with double-quoted is a string. Literal strings are represented with double-quoted
strings. Alternatives are separated with slashes, and parenthesis strings. Alternatives are separated with slashes, and parentheses
are used for grouping, similar to [ABNF]. are used for grouping, similar to [ABNF].
In the "Usage:" line, there are three special pieces of syntax that In the "Usage:" line, there are three special pieces of syntax that
are frequently repeated, MATCH-TYPE, COMPARATOR, and ADDRESS-PART. are frequently repeated, MATCH-TYPE, COMPARATOR, and ADDRESS-PART.
These are discussed in sections 2.7.1, 2.7.3, and 2.7.4, These are discussed in sections 2.7.1, 2.7.3, and 2.7.4,
respectively. respectively.
The formal grammar for these commands is defined in section 10 and is The formal grammar for these commands is defined in section 8 and is
the authoritative reference on how to construct commands, but the the authoritative reference on how to construct commands, but the
formal grammar does not specify the order, semantics, number or types formal grammar does not specify the order, semantics, number or types
of arguments to commands, nor the legal command names. The intent is of arguments to commands, or the legal command names. The intent is
to allow for extension without changing the grammar. to allow for extension without changing the grammar.
1.2. Example mail messages 1.2. Example Mail Messages
The following mail messages will be used throughout this document in The following mail messages will be used throughout this document in
examples. examples.
Message A Message A
----------------------------------------------------------- -----------------------------------------------------------
Date: Tue, 1 Apr 1997 09:06:31 -0800 (PST) Date: Tue, 1 Apr 1997 09:06:31 -0800 (PST)
From: coyote@desert.example.org From: coyote@desert.example.org
To: roadrunner@acme.example.com To: roadrunner@acme.example.com
Subject: I have a present for you Subject: I have a present for you
skipping to change at page 6, line 23 skipping to change at page 6, line 37
the first token and it is followed by zero or more argument tokens. the first token and it is followed by zero or more argument tokens.
Arguments may be literal data, tags, blocks of commands, or test Arguments may be literal data, tags, blocks of commands, or test
commands. commands.
With the exceptions of strings and comments, the language is limited With the exceptions of strings and comments, the language is limited
to US-ASCII characters. Strings and comments may contain octets to US-ASCII characters. Strings and comments may contain octets
outside the US-ASCII range. Specifically, they will normally be in outside the US-ASCII range. Specifically, they will normally be in
UTF-8, as specified in [UTF-8]. NUL (US-ASCII 0) is never permitted UTF-8, as specified in [UTF-8]. NUL (US-ASCII 0) is never permitted
in scripts, while CR and LF can only appear as the CRLF line ending. in scripts, while CR and LF can only appear as the CRLF line ending.
While this specification permits arbitrary octets to appear in Note: While this specification permits arbitrary octets to appear
sieve scripts inside strings and comments, this has made it in Sieve scripts inside strings and comments, this has made it
difficult to robustly handle sieve scripts in programs that are difficult to robustly handle Sieve scripts in programs that are
sensitive to the encodings used. The "encoded-character" sensitive to the encodings used. The "encoded-character"
capability (section 2.4.2.4) provides an alternative means of capability (section 2.4.2.4) provides an alternative means of
representing such octets in strings using just US-ASCII representing such octets in strings using just US-ASCII
characters. As such, the use of non-UTF-8 text in scripts should characters. As such, the use of non-UTF-8 text in scripts should
be considered a deprecated feature that may be abandoned. be considered a deprecated feature that may be abandoned.
Tokens other than strings are considered case-insensitive. Tokens other than strings are considered case-insensitive.
2.2. Whitespace 2.2. Whitespace
skipping to change at page 8, line 14 skipping to change at page 8, line 32
Scripts SHOULD NOT escape other characters with a backslash. Scripts SHOULD NOT escape other characters with a backslash.
An undefined escape sequence (such as "\a" in a context where "a" has An undefined escape sequence (such as "\a" in a context where "a" has
no special meaning) is interpreted as if there were no backslash (in no special meaning) is interpreted as if there were no backslash (in
this case, "\a" is just "a"), though that may be changed by this case, "\a" is just "a"), though that may be changed by
extensions. extensions.
Non-printing characters such as tabs, CRLF, and control characters Non-printing characters such as tabs, CRLF, and control characters
are permitted in quoted strings. Quoted strings MAY span multiple are permitted in quoted strings. Quoted strings MAY span multiple
lines. An unencoded NUL (US-ASCII 0) is not allowed in strings, see lines. An unencoded NUL (US-ASCII 0) is not allowed in strings; see
section 2.4.2.4 for how it can be encoded. section 2.4.2.4 for how it can be encoded.
As message header data is converted to [UTF-8] for comparison (see As message header data is converted to [UTF-8] for comparison (see
section 2.7.2), most string values will use the UTF-8 encoding. section 2.7.2), most string values will use the UTF-8 encoding.
However, implementations MUST accept all strings that match the However, implementations MUST accept all strings that match the
grammar in section 8. The ability to use non-UTF-8 encoded strings grammar in section 8. The ability to use non-UTF-8 encoded strings
matches existing practice and has proven to be useful both in tests matches existing practice and has proven to be useful both in tests
for invalid data and in arguments containing raw MIME parts for for invalid data and in arguments containing raw MIME parts for
extension actions that generate outgoing messages. extension actions that generate outgoing messages.
For entering larger amounts of text, such as an email message, a For entering larger amounts of text, such as an email message, a
multi-line form is allowed. It starts with the keyword "text:", multi-line form is allowed. It starts with the keyword "text:",
followed by a CRLF, and ends with the sequence of a CRLF, a single followed by a CRLF, and ends with the sequence of a CRLF, a single
period, and another CRLF. The CRLF before the final period is period, and another CRLF. The CRLF before the final period is
considered part of the value. In order to allow the message to considered part of the value. In order to allow the message to
contain lines with a single-dot, lines are dot-stuffed. That is, contain lines with a single dot, lines are dot-stuffed. That is,
when composing a message body, an extra `.' is added before each line when composing a message body, an extra '.' is added before each line
which begins with a `.'. When the server interprets the script, that begins with a '.'. When the server interprets the script, these
these extra dots are removed. Note that a line that begins with a extra dots are removed. Note that a line that begins with a dot
dot followed by a non-dot character is not interpreted dot-stuffed; followed by a non-dot character is not interpreted as dot-stuffed;
that is, ".foo" is interpreted as ".foo". However, because this is that is, ".foo" is interpreted as ".foo". However, because this is
potentially ambiguous, scripts SHOULD be properly dot-stuffed so such potentially ambiguous, scripts SHOULD be properly dot-stuffed so such
lines do not appear. lines do not appear.
Note that a hashed comment or whitespace may occur in between the Note that a hashed comment or whitespace may occur in between the
"text:" and the CRLF, but not within the string itself. Bracketed "text:" and the CRLF, but not within the string itself. Bracketed
comments are not allowed here. comments are not allowed here.
2.4.2.1. String Lists 2.4.2.1. String Lists
When matching patterns, it is frequently convenient to match against When matching patterns, it is frequently convenient to match against
groups of strings instead of single strings. For this reason, a list groups of strings instead of single strings. For this reason, a list
of strings is allowed in many tests, implying that if the test is of strings is allowed in many tests, implying that if the test is
true using any one of the strings, then the test is true. true using any one of the strings, then the test is true.
For instance, the test `header :contains ["To", "Cc"] For instance, the test 'header :contains ["To", "Cc"]
["me@example.com", "me00@landru.example.com"]' is true if either a To ["me@example.com", "me00@landru.example.com"]' is true if either a To
header or Cc header of the input message contains either of the email header or Cc header of the input message contains either of the email
addresses "me@example.com" or "me00@landru.example.com". addresses "me@example.com" or "me00@landru.example.com".
Conversely, in any case where a list of strings is appropriate, a Conversely, in any case where a list of strings is appropriate, a
single string is allowed without being a member of a list: it is single string is allowed without being a member of a list: it is
equivalent to a list with a single member. This means that the test equivalent to a list with a single member. This means that the test
`exists "To"' is equivalent to the test `exists ["To"]'. 'exists "To"' is equivalent to the test 'exists ["To"]'.
2.4.2.2. Headers 2.4.2.2. Headers
Headers are a subset of strings. In the Internet Message Headers are a subset of strings. In the Internet Message
Specification [IMAIL], each header line is allowed to have whitespace Specification [IMAIL], each header line is allowed to have whitespace
nearly anywhere in the line, including after the field name and nearly anywhere in the line, including after the field name and
before the subsequent colon. Extra spaces between the header name before the subsequent colon. Extra spaces between the header name
and the ":" in a header field are ignored. and the ":" in a header field are ignored.
A header name never contains a colon. The "From" header refers to a A header name never contains a colon. The "From" header refers to a
line beginning "From:" (or "From :", etc.). No header will match line beginning "From:" (or "From :", etc.). No header will match
the string "From:" due to the trailing colon. the string "From:" due to the trailing colon.
Similarly, no header will match a syntactically invalid header name. Similarly, no header will match a syntactically invalid header name.
An implementation MUST NOT cause an error for syntactically invalid An implementation MUST NOT cause an error for syntactically invalid
header names in tests. header names in tests.
Header lines are unfolded as described in [IMAIL] section 2.2.3. Header lines are unfolded as described in [IMAIL] section 2.2.3.
Interpretation of header data SHOULD be done according to [MIME3] Interpretation of header data SHOULD be done according to [MIME3]
section 6.2 (see 2.7.2 below for details). section 6.2 (see section 2.7.2 below for details).
2.4.2.3. Addresses 2.4.2.3. Addresses
A number of commands call for email addresses, which are also a A number of commands call for email addresses, which are also a
subset of strings. When these addresses are used in outbound subset of strings. When these addresses are used in outbound
contexts, addresses must be compliant with [IMAIL], but are further contexts, addresses must be compliant with [IMAIL], but are further
constrained within this document. Using the symbols defined in constrained within this document. Using the symbols defined in
[IMAIL], section 3, the syntax of an address is: [IMAIL], section 3, the syntax of an address is:
sieve-address = addr-spec ; simple address sieve-address = addr-spec ; simple address
/ phrase "<" addr-spec ">" ; name & addr-spec / phrase "<" addr-spec ">" ; name & addr-spec
That is, routes and group syntax are not permitted. If multiple That is, routes and group syntax are not permitted. If multiple
addresses are required, use a string list. Named groups are not addresses are required, use a string list. Named groups are not
permitted. permitted.
It is an error for a script to execute an action with a value for use It is an error for a script to execute an action with a value for use
as an outbound address that doesn't match the "sieve-address" syntax. as an outbound address that doesn't match the "sieve-address" syntax.
2.4.2.4. Encoding characters using "encoded-character" 2.4.2.4. Encoding Characters Using "encoded-character"
When the "encoded-character" extension is in effect, certain When the "encoded-character" extension is in effect, certain
character sequences in strings are replaced by their decoded value. character sequences in strings are replaced by their decoded value.
This happens after escape sequences are interpreted and dot- This happens after escape sequences are interpreted and dot-
unstuffing has been done. Implementations SHOULD support "encoded- unstuffing has been done. Implementations SHOULD support "encoded-
character". character".
Arbitrary octets can be embedded in strings by using the syntax Arbitrary octets can be embedded in strings by using the syntax
encoded-arb-octets. The sequence is replaced by the octets with the encoded-arb-octets. The sequence is replaced by the octets with the
hexadecimal values given by each hex-pair. hexadecimal values given by each hex-pair.
blank = WSP / CRLF blank = WSP / CRLF
encoded-arb-octets = "${hex:" hex-pair-seq "}" encoded-arb-octets = "${hex:" hex-pair-seq "}"
hex-pair-seq = *blank hex-pair *(1*blank hex-pair) *blank hex-pair-seq = *blank hex-pair *(1*blank hex-pair) *blank
hex-pair = 1*2HEXDIG hex-pair = 1*2HEXDIG
Where WSP and HEXDIG non-terminals are defined in Appendix B.1 of
[ABNF].
It may be inconvenient or undesirable to enter Unicode characters It may be inconvenient or undesirable to enter Unicode characters
verbatim and for these cases the syntax encoded-unicode-char can be verbatim, and for these cases the syntax encoded-unicode-char can be
used. The sequence is replaced by the UTF-8 encoding of the used. The sequence is replaced by the UTF-8 encoding of the
specified Unicode characters, which are identified by the hexadecimal specified Unicode characters, which are identified by the hexadecimal
value of unicode-hex. value of unicode-hex.
encoded-unicode-char = "${unicode:" unicode-hex-seq "}" encoded-unicode-char = "${unicode:" unicode-hex-seq "}"
unicode-hex-seq = *blank unicode-hex unicode-hex-seq = *blank unicode-hex
*(1*blank unicode-hex) *blank *(1*blank unicode-hex) *blank
unicode-hex = 1*HEXDIG unicode-hex = 1*HEXDIG
It is an error for a script to use a hexadecimal value that isn't in It is an error for a script to use a hexadecimal value that isn't in
either the range 0 to D7FF or the range E000 to 10FFFF. (The range either the range 0 to D7FF or the range E000 to 10FFFF. (The range
D800 to DFFF is excluded as those character numbers are only used as D800 to DFFF is excluded as those character numbers are only used as
part of the UTF-16 encoding form and are not applicable to the UTF-8 part of the UTF-16 encoding form and are not applicable to the UTF-8
encoding that the syntax here represents.) encoding that the syntax here represents.)
Note: Implementations MUST NOT raise an error for an out of range Note: Implementations MUST NOT raise an error for an out-of-range
Unicode value unless the sequence containing it is well-formed Unicode value unless the sequence containing it is well-formed
according to the grammar. according to the grammar.
The capability string for use with the require command is "encoded- The capability string for use with the require command is "encoded-
character". character".
In the following script, message B is discarded, since the specified In the following script, message B is discarded, since the specified
test string is equivalent to "$$$". test string is equivalent to "$$$".
Example: require "encoded-character"; Example: require "encoded-character";
skipping to change at page 11, line 33 skipping to change at page 12, line 10
Tests are given as arguments to commands in order to control their Tests are given as arguments to commands in order to control their
actions. In this document, tests are given to if/elsif to decide actions. In this document, tests are given to if/elsif to decide
which block of code is run. which block of code is run.
2.5.1. Test Lists 2.5.1. Test Lists
Some tests ("allof" and "anyof", which implement logical "and" and Some tests ("allof" and "anyof", which implement logical "and" and
logical "or", respectively) may require more than a single test as an logical "or", respectively) may require more than a single test as an
argument. The test-list syntax element provides a way of grouping argument. The test-list syntax element provides a way of grouping
tests as a comma separated list in parens. tests as a comma-separated list in parentheses.
Example: if anyof (not exists ["From", "Date"], Example: if anyof (not exists ["From", "Date"],
header :contains "from" "fool@example.com") { header :contains "from" "fool@example.com") {
discard; discard;
} }
2.6. Arguments 2.6. Arguments
In order to specify what to do, most commands take arguments. There In order to specify what to do, most commands take arguments. There
are three types of arguments: positional, tagged, and optional. are three types of arguments: positional, tagged, and optional.
It is an error for a script, on a single command, to use conflicting It is an error for a script, on a single command, to use conflicting
arguments or to use a tagged or optional argument more than once. arguments or to use a tagged or optional argument more than once.
2.6.1. Positional Arguments 2.6.1. Positional Arguments
Positional arguments are given to a command which discerns their Positional arguments are given to a command that discerns their
meaning based on their order. When a command takes positional meaning based on their order. When a command takes positional
arguments, all positional arguments must be supplied and must be in arguments, all positional arguments must be supplied and must be in
the order prescribed. the order prescribed.
2.6.2. Tagged Arguments 2.6.2. Tagged Arguments
This document provides for tagged arguments in the style of This document provides for tagged arguments in the style of
CommonLISP. These are also similar to flags given to commands in CommonLISP. These are also similar to flags given to commands in
most command-line systems. most command-line systems.
A tagged argument is an argument for a command that begins with ":" A tagged argument is an argument for a command that begins with ":"
followed by a tag naming the argument, such as ":contains". This followed by a tag naming the argument, such as ":contains". This
argument means that zero or more of the next tokens have some argument means that zero or more of the next tokens have some
particular meaning depending on the argument. These next tokens may particular meaning depending on the argument. These next tokens may
be literal data but they are never blocks. be literal data, but they are never blocks.
Tagged arguments are similar to positional arguments, except that Tagged arguments are similar to positional arguments, except that
instead of the meaning being derived from the command, it is derived instead of the meaning being derived from the command, it is derived
from the tag. from the tag.
Tagged arguments must appear before positional arguments, but they Tagged arguments must appear before positional arguments, but they
may appear in any order with other tagged arguments. For simplicity may appear in any order with other tagged arguments. For simplicity
of the specification, this is not expressed in the syntax definitions of the specification, this is not expressed in the syntax definitions
with commands, but they still may be reordered arbitrarily provided with commands, but they still may be reordered arbitrarily provided
they appear before positional arguments. Tagged arguments may be they appear before positional arguments. Tagged arguments may be
skipping to change at page 13, line 5 skipping to change at page 13, line 31
2.6.4. Types of Arguments 2.6.4. Types of Arguments
Abstractly, arguments may be literal data, tests, or blocks of Abstractly, arguments may be literal data, tests, or blocks of
commands. In this way, an "if" control structure is merely a command commands. In this way, an "if" control structure is merely a command
that happens to take a test and a block as arguments and may execute that happens to take a test and a block as arguments and may execute
the block of code. the block of code.
However, this abstraction is ambiguous from a parsing standpoint. However, this abstraction is ambiguous from a parsing standpoint.
The grammar in section 9.2 presents a parsable version of this: The grammar in section 8.2 presents a parsable version of this:
Arguments are string-lists, numbers, and tags, which may be followed Arguments are string lists (string-lists), numbers, and tags, which
by a test or a test-list, which may be followed by a block of may be followed by a test or a test list (test-list), which may be
commands. No more than one test or test list, nor more than one followed by a block of commands. No more than one test or test list,
block of commands, may be used, and commands that end with a block of or more than one block of commands, may be used, and commands that
commands do not end with semicolons. end with a block of commands do not end with semicolons.
2.7. String Comparison 2.7. String Comparison
When matching one string against another, there are a number of ways When matching one string against another, there are a number of ways
of performing the match operation. These are accomplished with three of performing the match operation. These are accomplished with three
types of matches: an exact match, a substring match, and a wildcard types of matches: an exact match, a substring match, and a wildcard
glob-style match. These are described below. glob-style match. These are described below.
In order to provide for matches between character sets and case In order to provide for matches between character sets and case
insensitivity, Sieve uses the comparators defined in the Internet insensitivity, Sieve uses the comparators defined in the Internet
Application Protocol Collation Registry [COLLATION]. Application Protocol Collation Registry [COLLATION].
However, when a string represents the name of a header, the However, when a string represents the name of a header, the
comparator is never user-specified. Header comparisons are always comparator is never user-specified. Header comparisons are always
done with the "i;ascii-casemap" operator, i.e., case-insensitive done with the "i;ascii-casemap" operator, i.e., case-insensitive
comparisons, because this is the way things are defined in the comparisons, because this is the way things are defined in the
message specification [IMAIL]. message specification [IMAIL].
2.7.1. Match Type 2.7.1. Match Type
Commands which perform string comparisons may have an optional match Commands that perform string comparisons may have an optional match
type argument. The three match types in this specification are ":is", type argument. The three match types in this specification are
":contains", and ":matches". ":contains", ":is", and ":matches".
The ":contains" match type describes a substring match. If the value The ":contains" match type describes a substring match. If the value
argument contains the key argument as a substring, the match is true. argument contains the key argument as a substring, the match is true.
For instance, the string "frobnitzm" contains "frob" and "nit", but For instance, the string "frobnitzm" contains "frob" and "nit", but
not "fbm". The empty key ("") is contained in all values. not "fbm". The empty key ("") is contained in all values.
The ":is" match type describes an absolute match; if the contents of The ":is" match type describes an absolute match; if the contents of
the first string are absolutely the same as the contents of the the first string are absolutely the same as the contents of the
second string, they match. Only the string "frobnitzm" is the string second string, they match. Only the string "frobnitzm" is the string
"frobnitzm". The empty key ":is" and only ":is" the empty value. "frobnitzm". The empty key ("") only ":is" matches with the empty
value.
The ":matches" match type specifies a wildcard match using the The ":matches" match type specifies a wildcard match using the
characters "*" and "?"; the entire value must be matched. "*" characters "*" and "?"; the entire value must be matched. "*"
matches zero or more characters in the value and "?" matches a single matches zero or more characters in the value and "?" matches a single
character in the value, where the comparator that is used (see 2.7.3) character in the value, where the comparator that is used (see
defines what a character is. For example, the comparators "i;octet" section 2.7.3) defines what a character is. For example, the
and "i;ascii-casemap" define a character to be a single octet so "?" comparators "i;octet" and "i;ascii-casemap" define a character to be
will always match exactly one octet when one of those comparators is a single octet, so "?" will always match exactly one octet when one
in use. In contrast, a Unicode-based comparator would define a of those comparators is in use. In contrast, a Unicode-based
character to be any UTF-8 octet sequence encoding one Unicode comparator would define a character to be any UTF-8 octet sequence
character and thus "?" may match more than one octet. "?" and "*" encoding one Unicode character and thus "?" may match more than one
may be escaped as "\\?" and "\\*" in strings to match against octet. "?" and "*" may be escaped as "\\?" and "\\*" in strings to
themselves. The first backslash escapes the second backslash; match against themselves. The first backslash escapes the second
together, they escape the "*". This is awkward, but it is backslash; together, they escape the "*". This is awkward, but it is
commonplace in several programming languages that use globs and commonplace in several programming languages that use globs and
regular expressions. regular expressions.
In order to specify what type of match is supposed to happen, In order to specify what type of match is supposed to happen,
commands that support matching take optional arguments ":matches", commands that support matching take optional arguments ":matches",
":is", and ":contains". Commands default to using ":is" matching if ":is", and ":contains". Commands default to using ":is" matching if
no match type argument is supplied. Note that these modifiers no match type argument is supplied. Note that these modifiers
interact with comparators; in particular, only comparators that interact with comparators; in particular, only comparators that
support the "substring match" operation are suitable for matching support the "substring match" operation are suitable for matching
with ":contains" or ":matches". It is an error to use a comparator with ":contains" or ":matches". It is an error to use a comparator
with ":contains" or ":matches" that is not compatible with it. with ":contains" or ":matches" that is not compatible with it.
It is an error to give more than one of these arguments to a given It is an error to give more than one of these arguments to a given
command. command.
For convenience, the "MATCH-TYPE" syntax element is defined here as For convenience, the "MATCH-TYPE" syntax element is defined here as
follows: follows:
Syntax: ":is" / ":contains" / ":matches" Syntax: ":is" / ":contains" / ":matches"
2.7.2. Comparisons Across Character Sets 2.7.2. Comparisons across Character Sets
Messages may involve a number of character sets. In order for Messages may involve a number of character sets. In order for
comparisons to work across character sets, implementations SHOULD comparisons to work across character sets, implementations SHOULD
implement the following behavior: implement the following behavior:
Comparisons are performed on octets. Implementations convert text Comparisons are performed on octets. Implementations convert text
from header fields in all charsets [MIME3] to Unicode, encoded as from header fields in all charsets [MIME3] to Unicode, encoded as
UTF-8, as input to the comparator (see 2.7.3). Implementations UTF-8, as input to the comparator (see section 2.7.3).
MUST be capable of converting US-ASCII, ISO-8859-1, the US-ASCII Implementations MUST be capable of converting US-ASCII, ISO-8859-
subset of ISO-8859-* character sets, and UTF-8. Text that the 1, the US-ASCII subset of ISO-8859-* character sets, and UTF-8.
implementation cannot convert to Unicode for any reason MAY be Text that the implementation cannot convert to Unicode for any
treated as plain US-ASCII (including any [MIME3] syntax) or reason MAY be treated as plain US-ASCII (including any [MIME3]
processed according to local conventions. An encoded NUL octet syntax) or processed according to local conventions. An encoded
(character zero) SHOULD NOT cause early termination of the header NUL octet (character zero) SHOULD NOT cause early termination of
content being compared against. the header content being compared against.
If implementations fail to support the above behavior, they MUST If implementations fail to support the above behavior, they MUST
conform to the following: conform to the following:
No two strings can be considered equal if one contains octets No two strings can be considered equal if one contains octets
greater than 127. greater than 127.
2.7.3. Comparators 2.7.3. Comparators
In order to allow for language-independent, case-independent matches, In order to allow for language-independent, case-independent matches,
the match type may be coupled with a comparator name. The Internet the match type may be coupled with a comparator name. The Internet
Application Protocol Collation Registry [COLLATION] provides the Application Protocol Collation Registry [COLLATION] provides the
framework for describing and naming comparators. framework for describing and naming comparators.
All implementations MUST support the "i;octet" comparator (simply All implementations MUST support the "i;octet" comparator (simply
compares octets) and the "i;ascii-casemap" comparator (which treats compares octets) and the "i;ascii-casemap" comparator (which treats
uppercase and lowercase characters in the US-ASCII subset of UTF-8 as uppercase and lowercase characters in the US-ASCII subset of UTF-8 as
the same). If left unspecified, the default is "i;ascii-casemap". the same). If left unspecified, the default is "i;ascii-casemap".
Some comparators may not be usable with substring matches; that is, Some comparators may not be usable with substring matches; that is,
they may only work with ":is". It is an error to try and use a they may only work with ":is". It is an error to try to use a
comparator with ":matches" or ":contains" that is not compatible with comparator with ":matches" or ":contains" that is not compatible with
it. it.
Sieve treats a comparator result of "undefined" the same as a result Sieve treats a comparator result of "undefined" the same as a result
of "no-match". That is, this base specification does not provide any of "no-match". That is, this base specification does not provide any
means to directly detect invalid comparator input. means to directly detect invalid comparator input.
A comparator is specified by the ":comparator" option with commands A comparator is specified by the ":comparator" option with commands
that support matching. This option is followed by a string providing that support matching. This option is followed by a string providing
the name of the comparator to be used. For convenience, the syntax the name of the comparator to be used. For convenience, the syntax
skipping to change at page 15, line 49 skipping to change at page 16, line 32
} }
would discard any message with subjects like "You can MAKE MONEY would discard any message with subjects like "You can MAKE MONEY
FAST", but not "You can Make Money Fast", since the comparator used FAST", but not "You can Make Money Fast", since the comparator used
is case-sensitive. is case-sensitive.
Comparators other than "i;octet" and "i;ascii-casemap" must be Comparators other than "i;octet" and "i;ascii-casemap" must be
declared with require, as they are extensions. If a comparator declared with require, as they are extensions. If a comparator
declared with require is not known, it is an error, and execution declared with require is not known, it is an error, and execution
fails. If the comparator is not declared with require, it is also an fails. If the comparator is not declared with require, it is also an
error, even if the comparator is supported. (See 2.10.5.) error, even if the comparator is supported. (See section 2.10.5.)
Both ":matches" and ":contains" match types are compatible with the Both ":matches" and ":contains" match types are compatible with the
"i;octet" and "i;ascii-casemap" comparators and may be used with "i;octet" and "i;ascii-casemap" comparators and may be used with
them. them.
It is an error to give more than one of these arguments to a given It is an error to give more than one of these arguments to a given
command. command.
2.7.4. Comparisons Against Addresses 2.7.4. Comparisons against Addresses
Addresses are one of the most frequent things represented as strings. Addresses are one of the most frequent things represented as strings.
These are structured, and being able to compare against the local- These are structured, and being able to compare against the local-
part or the domain of an address is useful, so some tests that act part or the domain of an address is useful, so some tests that act
exclusively on addresses take an additional optional argument that exclusively on addresses take an additional optional argument that
specifies what the test acts on. specifies what the test acts on.
These optional arguments are ":localpart", ":domain", and ":all", These optional arguments are ":localpart", ":domain", and ":all",
which act on the local-part (left-side), the domain part (right- which act on the local-part (left side), the domain-part (right
side), and the whole address. side), and the whole address.
If an address is not syntactically valid then it will not be matched If an address is not syntactically valid, then it will not be matched
by tests specifying ":localpart" or ":domain". by tests specifying ":localpart" or ":domain".
The kind of comparison done, such as whether or not the test done is The kind of comparison done, such as whether or not the test done is
case-insensitive, is specified as a comparator argument to the test. case-insensitive, is specified as a comparator argument to the test.
If an optional address-part is omitted, the default is ":all". If an optional address-part is omitted, the default is ":all".
It is an error to give more than one of these arguments to a given It is an error to give more than one of these arguments to a given
command. command.
skipping to change at page 17, line 13 skipping to change at page 17, line 45
the tokens above as arguments, and arguments may be either tagged or the tokens above as arguments, and arguments may be either tagged or
positional arguments. Not all commands take all arguments. positional arguments. Not all commands take all arguments.
There are three kinds of commands: test commands, action commands, There are three kinds of commands: test commands, action commands,
and control commands. and control commands.
The simplest is an action command. An action command is an The simplest is an action command. An action command is an
identifier followed by zero or more arguments, terminated by a identifier followed by zero or more arguments, terminated by a
semicolon. Action commands do not take tests or blocks as arguments. semicolon. Action commands do not take tests or blocks as arguments.
The actions referenced in this document are: The actions referenced in this document are:
- keep, to save the message in the default location - keep, to save the message in the default location
- fileinto, to save the message in a specific mailbox - fileinto, to save the message in a specific mailbox
- redirect, to forward the message to another address, - redirect, to forward the message to another address
- discard, to silently throw away the message - discard, to silently throw away the message
A control command is a command that affects the parsing or the flow A control command is a command that affects the parsing or the flow
of execution of the Sieve script in some way. A control structure is of execution of the Sieve script in some way. A control structure is
a control command which ends with a block instead of a semicolon. a control command that ends with a block instead of a semicolon.
A test command is used as part of a control command. It is used to A test command is used as part of a control command. It is used to
specify whether or not the block of code given to the control command specify whether or not the block of code given to the control command
is executed. is executed.
2.10. Evaluation 2.10. Evaluation
2.10.1. Action Interaction 2.10.1. Action Interaction
Some actions cannot be used with other actions because the result Some actions cannot be used with other actions because the result
skipping to change at page 17, line 42 skipping to change at page 18, line 28
Extension actions MUST state how they interact with actions defined Extension actions MUST state how they interact with actions defined
in this specification. in this specification.
2.10.2. Implicit Keep 2.10.2. Implicit Keep
Previous experience with filtering systems suggests that cases tend Previous experience with filtering systems suggests that cases tend
to be missed in scripts. To prevent errors, Sieve has an "implicit to be missed in scripts. To prevent errors, Sieve has an "implicit
keep". keep".
An implicit keep is a keep action (see 4.4) performed in absence of An implicit keep is a keep action (see section 4.3) performed in
any action that cancels the implicit keep. absence of any action that cancels the implicit keep.
An implicit keep is performed if a message is not written to a An implicit keep is performed if a message is not written to a
mailbox, redirected to a new address, or explicitly thrown out. That mailbox, redirected to a new address, or explicitly thrown out. That
is, if a fileinto, a keep, a redirect, or a discard is performed, an is, if a fileinto, a keep, a redirect, or a discard is performed, an
implicit keep is not. implicit keep is not.
Some actions may be defined to not cancel the implicit keep. These Some actions may be defined to not cancel the implicit keep. These
actions may not directly affect the delivery of a message, and are actions may not directly affect the delivery of a message, and are
used for their side effects. None of the actions specified in this used for their side effects. None of the actions specified in this
document meet that criteria, but extension actions may. document meet that criteria, but extension actions may.
skipping to change at page 18, line 45 skipping to change at page 19, line 36
2.10.5. Extensions and Optional Features 2.10.5. Extensions and Optional Features
Because of the differing capabilities of many mail systems, several Because of the differing capabilities of many mail systems, several
features of this specification are optional. Before any of these features of this specification are optional. Before any of these
extensions can be executed, they must be declared with the "require" extensions can be executed, they must be declared with the "require"
action. action.
If an extension is not enabled with "require", implementations MUST If an extension is not enabled with "require", implementations MUST
treat it as if they did not support it at all. This protects scripts treat it as if they did not support it at all. This protects scripts
from having their behavior altered by extensions which the script from having their behavior altered by extensions that the script
author might not have even been aware of. author might not have even been aware of.
Implementations MUST NOT execute any Sieve script test or command Implementations MUST NOT execute any Sieve script test or command
subsequent to "require" if one of the required extensions is subsequent to "require" if one of the required extensions is
unavailable. unavailable.
Note: The reason for this restriction is that prior experiences with Note: The reason for this restriction is that prior experiences
languages such as LISP and Tcl suggest that this is a workable with languages such as LISP and Tcl suggest that this is a
way of noting that a given script uses an extension. workable way of noting that a given script uses an extension.
Extensions which define actions MUST state how they interact with Extensions that define actions MUST state how they interact with
actions discussed in the base specification. actions discussed in the base specification.
2.10.6. Errors 2.10.6. Errors
In any programming language, there are compile-time and run-time In any programming language, there are compile-time and run-time
errors. errors.
Compile-time errors are ones in syntax that are detectable if a Compile-time errors are ones in syntax that are detectable if a
syntax check is done. syntax check is done.
skipping to change at page 19, line 41 skipping to change at page 20, line 34
Other implementations may choose to parse and run at the same time. Other implementations may choose to parse and run at the same time.
Such implementations are simpler, but have issues with partial Such implementations are simpler, but have issues with partial
failure (some actions happen, others don't). failure (some actions happen, others don't).
Implementations MUST perform syntactic, semantic, and run-time checks Implementations MUST perform syntactic, semantic, and run-time checks
on code that is actually executed. Implementations MAY perform those on code that is actually executed. Implementations MAY perform those
checks or any part of them on code that is not reached during checks or any part of them on code that is not reached during
execution. execution.
When an error happens, implementations MUST notify the user that an When an error happens, implementations MUST notify the user that an
error occurred, which actions (if any) were taken, and do an implicit error occurred and which actions (if any) were taken, and do an
keep. implicit keep.
2.10.7. Limits on Execution 2.10.7. Limits on Execution
Implementations may limit certain constructs. However, this Implementations may limit certain constructs. However, this
specification places a lower bound on some of these limits. specification places a lower bound on some of these limits.
Implementations MUST support fifteen levels of nested blocks. Implementations MUST support fifteen levels of nested blocks.
Implementations MUST support fifteen levels of nested test lists. Implementations MUST support fifteen levels of nested test lists.
skipping to change at page 20, line 40 skipping to change at page 21, line 40
elsif's block. An elsif may be followed by an elsif, in which case, elsif's block. An elsif may be followed by an elsif, in which case,
the interpreter repeats this process until it runs out of elsifs. the interpreter repeats this process until it runs out of elsifs.
When the interpreter runs out of elsifs, there may be an "else" case. When the interpreter runs out of elsifs, there may be an "else" case.
If there is, and none of the if or elsif tests were true, the If there is, and none of the if or elsif tests were true, the
interpreter runs the else's block. interpreter runs the else's block.
This provides a way of performing exactly one of the blocks in the This provides a way of performing exactly one of the blocks in the
chain. chain.
In the following example, both Message A and B are dropped. In the following example, both messages A and B are dropped.
Example: require "fileinto"; Example: require "fileinto";
if header :contains "from" "coyote" { if header :contains "from" "coyote" {
discard; discard;
} elsif header :contains ["subject"] ["$$$"] { } elsif header :contains ["subject"] ["$$$"] {
discard; discard;
} else { } else {
fileinto "INBOX"; fileinto "INBOX";
} }
When the script below is run over message A, it redirects the message When the script below is run over message A, it redirects the message
to acm@example.com; message B, to postmaster@example.com; any other to acm@example.com; message B, to postmaster@example.com; any other
message is redirected to field@example.com. message is redirected to field@example.com.
Example: if header :contains ["From"] ["coyote"] { Example: if header :contains ["From"] ["coyote"] {
redirect "acm@example.com"; redirect "acm@example.com";
} elsif header :contains "Subject" "$$$" { } elsif header :contains "Subject" "$$$" {
redirect "postmaster@example.com"; redirect "postmaster@example.com";
} else { } else {
redirect "field@example.com"; redirect "field@example.com";
skipping to change at page 23, line 6 skipping to change at page 24, line 14
headers, but it may add new headers. In particular, existing headers, but it may add new headers. In particular, existing
Received headers MUST be preserved and the count of Received headers Received headers MUST be preserved and the count of Received headers
in the outgoing message MUST be larger than the same count on the in the outgoing message MUST be larger than the same count on the
message as received by the implementation. (An implementation that message as received by the implementation. (An implementation that
adds a Received header before processing the message does not need to adds a Received header before processing the message does not need to
add another when redirecting.) add another when redirecting.)
The message is sent back out with the address from the redirect The message is sent back out with the address from the redirect
command as an envelope recipient. Implementations MAY combine command as an envelope recipient. Implementations MAY combine
separate redirects for a given message into a single submission with separate redirects for a given message into a single submission with
multiple envelope recipients. (This is not an MUA-style forward, multiple envelope recipients. (This is not a Mail User Agent (MUA)-
which creates a new message with a different sender and message ID, style forward, which creates a new message with a different sender
wrapping the old message in a new one.) and message ID, wrapping the old message in a new one.)
The envelope sender address on the outgoing message is chosen by the The envelope sender address on the outgoing message is chosen by the
sieve implementation. It MAY be copied from the message being sieve implementation. It MAY be copied from the message being
processed. However, if the message being processed has an empty processed. However, if the message being processed has an empty
envelope sender address the outgoing message MUST also have an empty envelope sender address the outgoing message MUST also have an empty
envelope sender address. This last requirement is imposed to prevent envelope sender address. This last requirement is imposed to prevent
loops in the case where a message is redirected to an invalid address loops in the case where a message is redirected to an invalid address
when then returns a delivery status notification that also ends up when then returns a delivery status notification that also ends up
being redirected to the same invalid address. being redirected to the same invalid address.
The envelope sender address on the outgoing message is chosen by the
sieve implementation. It MAY be copied from the message being
processed.
A simple script can be used for redirecting all mail: A simple script can be used for redirecting all mail:
Example: redirect "bart@example.com"; Example: redirect "bart@example.com";
Implementations MUST take measures to implement loop control, Implementations MUST take measures to implement loop control,
possibly including adding headers to the message or counting Received possibly including adding headers to the message or counting Received
headers as specified in section 6.2 of [SMTP]. If an implementation headers as specified in section 6.2 of [SMTP]. If an implementation
detects a loop, it causes an error. detects a loop, it causes an error.
Implementations MUST provide means of limiting the number of Implementations MUST provide means of limiting the number of
redirects a Sieve script can perform. See Section 10 for more redirects a Sieve script can perform. See section 10 for more
details. details.
Implementations MAY ignore a redirect action silently due to policy Implementations MAY ignore a redirect action silently due to policy
reasons. For example, an implementation MAY choose not to redirect reasons. For example, an implementation MAY choose not to redirect
to an address that is known to be undeliverable. Any ignored redirect to an address that is known to be undeliverable. Any ignored
MUST NOT cancel the implicit keep. redirect MUST NOT cancel the implicit keep.
4.3. Action keep 4.3. Action keep
Usage: keep Usage: keep
The "keep" action is whatever action is taken in lieu of all other The "keep" action is whatever action is taken in lieu of all other
actions, if no filtering happens at all; generally, this simply means actions, if no filtering happens at all; generally, this simply means
to file the message into the user's main mailbox. This command to file the message into the user's main mailbox. This command
provides a way to execute this action without needing to know the provides a way to execute this action without needing to know the
name of the user's main mailbox, providing a way to call it without name of the user's main mailbox, providing a way to call it without
needing to understand the user's setup, or the underlying mail needing to understand the user's setup or the underlying mail system.
system.
For instance, in an implementation where the IMAP server is running For instance, in an implementation where the IMAP server is running
scripts on behalf of the user at time of delivery, a keep command is scripts on behalf of the user at time of delivery, a keep command is
equivalent to a fileinto "INBOX". equivalent to a fileinto "INBOX".
Example: if size :under 1M { keep; } else { discard; } Example: if size :under 1M { keep; } else { discard; }
Note that the above script is identical to the one below. Note that the above script is identical to the one below.
Example: if not size :under 1M { discard; } Example: if not size :under 1M { discard; }
4.4. Action discard 4.4. Action discard
Usage: discard Usage: discard
Discard is used to silently throw away the message. It does so by Discard is used to silently throw away the message. It does so by
simply canceling the implicit keep. If discard is used with other simply canceling the implicit keep. If discard is used with other
actions, the other actions still happen. Discard is compatible with actions, the other actions still happen. Discard is compatible with
all other actions. (For instance fileinto+discard is equivalent to all other actions. (For instance, fileinto+discard is equivalent to
fileinto.) fileinto.)
Discard MUST be silent; that is, it MUST NOT return a non-delivery Discard MUST be silent; that is, it MUST NOT return a non-delivery
notification of any kind ([DSN], [MDN], or otherwise). notification of any kind ([DSN], [MDN], or otherwise).
In the following script, any mail from "idiot@example.com" is thrown In the following script, any mail from "idiot@example.com" is thrown
out. out.
Example: if header :contains ["from"] ["idiot@example.com"] { Example: if header :contains ["from"] ["idiot@example.com"] {
discard; discard;
skipping to change at page 25, line 19 skipping to change at page 26, line 29
The "address" test matches Internet addresses in structured headers The "address" test matches Internet addresses in structured headers
that contain addresses. It returns true if any header contains any that contain addresses. It returns true if any header contains any
key in the specified part of the address, as modified by the key in the specified part of the address, as modified by the
comparator and the match keyword. Whether there are other addresses comparator and the match keyword. Whether there are other addresses
present in the header doesn't affect this test; this test does not present in the header doesn't affect this test; this test does not
provide any way to determine whether an address is the only address provide any way to determine whether an address is the only address
in a header. in a header.
Like envelope and header, this test returns true if any combination Like envelope and header, this test returns true if any combination
of the header-list and key-list arguments match and false otherwise. of the header-list and key-list arguments match and returns false
otherwise.
Internet email addresses [IMAIL] have the somewhat awkward Internet email addresses [IMAIL] have the somewhat awkward
characteristic that the local-part to the left of the at-sign is characteristic that the local-part to the left of the at-sign is
considered case sensitive, and the domain-part to the right of the considered case sensitive, and the domain-part to the right of the
at-sign is case insensitive. The "address" command does not deal at-sign is case insensitive. The "address" command does not deal
with this itself, but provides the ADDRESS-PART argument for allowing with this itself, but provides the ADDRESS-PART argument for allowing
users to deal with it. users to deal with it.
The address primitive never acts on the phrase part of an email The address primitive never acts on the phrase part of an email
address, nor on comments within that address. It also never acts on address or on comments within that address. It also never acts on
group names, although it does act on the addresses within the group group names, although it does act on the addresses within the group
construct. construct.
Implementations MUST restrict the address test to headers that Implementations MUST restrict the address test to headers that
contain addresses, but MUST include at least From, To, Cc, Bcc, contain addresses, but MUST include at least From, To, Cc, Bcc,
Sender, Resent-From, Resent-To, and SHOULD include any other header Sender, Resent-From, and Resent-To, and it SHOULD include any other
that utilizes an "address-list" structured header body. header that utilizes an "address-list" structured header body.
Example: if address :is :all "from" "tim@example.com" { Example: if address :is :all "from" "tim@example.com" {
discard; discard;
} }
5.2. Test allof 5.2. Test allof
Usage: allof <tests: test-list> Usage: allof <tests: test-list>
The "allof" test performs a logical AND on the tests supplied to it. The "allof" test performs a logical AND on the tests supplied to it.
skipping to change at page 26, line 43 skipping to change at page 28, line 6
matching occurs against the TO address used in the SMTP RCPT command matching occurs against the TO address used in the SMTP RCPT command
that resulted in this message getting delivered to this user. Note that resulted in this message getting delivered to this user. Note
that only the most recent TO is available, and only the one relevant that only the most recent TO is available, and only the one relevant
to this user. to this user.
The envelope-part is a string list and may contain more than one The envelope-part is a string list and may contain more than one
parameter, in which case all of the strings specified in the key-list parameter, in which case all of the strings specified in the key-list
are matched against all parts given in the envelope-part list. are matched against all parts given in the envelope-part list.
Like address and header, this test returns true if any combination of Like address and header, this test returns true if any combination of
the envelope-part list and key-list arguments match and false the envelope-part list and key-list arguments match and returns false
otherwise. otherwise.
All tests against envelopes MUST drop source routes. All tests against envelopes MUST drop source routes.
If the SMTP transaction involved several RCPT commands, only the data If the SMTP transaction involved several RCPT commands, only the data
from the RCPT command that caused delivery to this user is available from the RCPT command that caused delivery to this user is available
in the "to" part of the envelope. in the "to" part of the envelope.
If a protocol other than SMTP is used for message transport, If a protocol other than SMTP is used for message transport,
implementations are expected to adapt this command appropriately. implementations are expected to adapt this command appropriately.
skipping to change at page 27, line 47 skipping to change at page 29, line 16
Usage: header [COMPARATOR] [MATCH-TYPE] Usage: header [COMPARATOR] [MATCH-TYPE]
<header-names: string-list> <key-list: string-list> <header-names: string-list> <key-list: string-list>
The "header" test evaluates to true if the value of any of the named The "header" test evaluates to true if the value of any of the named
headers, ignoring leading and trailing whitespace, matches any key. headers, ignoring leading and trailing whitespace, matches any key.
The type of match is specified by the optional match argument, which The type of match is specified by the optional match argument, which
defaults to ":is" if not specified, as specified in section 2.6. defaults to ":is" if not specified, as specified in section 2.6.
Like address and envelope, this test returns true if any combination Like address and envelope, this test returns true if any combination
of the header-names list and key-list arguments match and false of the header-names list and key-list arguments match and returns
otherwise. false otherwise.
If a header listed in the header-names argument exists, it contains If a header listed in the header-names argument exists, it contains
the empty key (""). However, if the named header is not present, it the empty key (""). However, if the named header is not present, it
does not match any key, including the empty key. So if a message does not match any key, including the empty key. So if a message
contained the header contained the header
X-Caffeine: C8H10N4O2 X-Caffeine: C8H10N4O2
these tests on that header evaluate as follows: these tests on that header evaluate as follows:
skipping to change at page 30, line 7 skipping to change at page 31, line 22
capabilities are supported by the server. capabilities are supported by the server.
Capability strings beginning with "vnd." represent vendor-defined Capability strings beginning with "vnd." represent vendor-defined
extensions. Such extensions are not defined by Internet standards or extensions. Such extensions are not defined by Internet standards or
RFCs, but are still registered with IANA in order to prevent RFCs, but are still registered with IANA in order to prevent
conflicts. Extensions starting with "vnd." SHOULD be followed by the conflicts. Extensions starting with "vnd." SHOULD be followed by the
name of the vendor and product, such as "vnd.acme.rocket-sled". name of the vendor and product, such as "vnd.acme.rocket-sled".
The following capability strings are defined by this document: The following capability strings are defined by this document:
encoded-character encoded-character The string "encoded-character" indicates that the
The string "encoded-character" indicates that the
implementation supports the interpretation of implementation supports the interpretation of
"${hex:...}" and "${unicode:...}" in strings. "${hex:...}" and "${unicode:...}" in strings.
envelope The string "envelope" indicates that the implementation envelope The string "envelope" indicates that the implementation
supports the "envelope" command. supports the "envelope" command.
fileinto The string "fileinto" indicates that the implementation fileinto The string "fileinto" indicates that the implementation
supports the "fileinto" command. supports the "fileinto" command.
comparator- The string "comparator-elbonia" is provided if the comparator- The string "comparator-elbonia" is provided if the
implementation supports the "elbonia" comparator. implementation supports the "elbonia" comparator.
Therefore, all implementations have at least the Therefore, all implementations have at least the
"comparator-i;octet" "comparator-i;octet" and "comparator-i;ascii-casemap"
and "comparator-i;ascii-casemap" capabilities. However, capabilities. However, these comparators may be used
these comparators may be used without being declared without being declared with require.
with require.
6.2. IANA Considerations 6.2. IANA Considerations
In order to provide a standard set of extensions, a registry is In order to provide a standard set of extensions, a registry is
maintained by IANA. Capability names may be registered on a first- maintained by IANA. This registry contains both vendor-controlled
come, first-served basis. Extensions designed for interoperable use capability names (beginning with "vnd.") and IETF-controlled
SHOULD be defined as standards track or IESG approved experimental capability names. Vendor-controlled capability names may be
RFCs. Registration of capability prefixes that do not begin with registered on a first-come, first-served basis, by applying to IANA
"vnd." REQUIRES a standards track or IESG approved experimental RFC. with the form in the following section. Registration of capability
prefixes that do not begin with "vnd." REQUIRES a standards track or
IESG-approved experimental RFC.
Extensions designed for interoperable use SHOULD use IETF-controlled
capability names.
6.2.1. Template for Capability Registrations 6.2.1. Template for Capability Registrations
The following template is to be used for registering new Sieve The following template is to be used for registering new Sieve
extensions with IANA. extensions with IANA.
To: iana@iana.org To: iana@iana.org
Subject: Registration of new Sieve extension Subject: Registration of new Sieve extension
Capability name: [the string for use in the 'require' statement] Capability name: [the string for use in the 'require' statement]
Description: [a brief description of what the extension adds Description: [a brief description of what the extension adds
or changes] or changes]
RFC number: [for extensions published as RFCs] RFC number: [for extensions published as RFCs]
Contact address: [email and/or physical address to contact for Contact address: [email and/or physical address to contact for
additional information] additional information]
6.2.2. Handling of Existing Capability Registrations 6.2.2. Handling of Existing Capability Registrations
In order to bring the existing capability registrations in line with In order to bring the existing capability registrations in line with
the new template, IANA is asked to modify each as follows: the new template, IANA has modified each as follows:
1. The "capability name" and "capability arguments" fields 1. The "capability name" and "capability arguments" fields have been
should be eliminated eliminated
2. The "capability keyword" field should be renamed to "Capability 2. The "capability keyword" field have been renamed to "Capability
name" name"
3. An empty "Description" field should be added 3. An empty "Description" field has been added
4. The "Standards Track/IESG-approved experimental RFC number" field 4. The "Standards Track/IESG-approved experimental RFC number" field
should be renamed to "RFC number" has been renamed to "RFC number"
5. The "Person and email address to contact for further information" 5. The "Person and email address to contact for further information"
field should be renamed to "Contact address" field should be renamed to "Contact address"
6.2.3. Initial Capability Registrations 6.2.3. Initial Capability Registrations
This RFC updates the the following entries in the IANA registry for This RFC updates the following entries in the IANA registry for Sieve
Sieve extensions. extensions.
Capability name: encoded-character Capability name: encoded-character
Description: changes the interpretation of strings to allow Description: changes the interpretation of strings to allow
arbitrary octets and Unicode characters to be arbitrary octets and Unicode characters to be
represented using US-ASCII represented using US-ASCII
RFC number: this RFC (Sieve base spec) RFC number: RFC 5228 (Sieve base spec)
Contact address: The Sieve discussion list <ietf-mta-filters@imc.org> Contact address: The Sieve discussion list <ietf-mta-filters@imc.org>
Capability name: fileinto Capability name: fileinto
Description: adds the 'fileinto' action for delivering to a Description: adds the 'fileinto' action for delivering to a
mailbox other than the default mailbox other than the default
RFC number: this RFC (Sieve base spec) RFC number: RFC 5228 (Sieve base spec)
Contact address: The Sieve discussion list <ietf-mta-filters@imc.org> Contact address: The Sieve discussion list <ietf-mta-filters@imc.org>
Capability name: envelope Capability name: envelope
Description: adds the 'envelope' test for testing the message Description: adds the 'envelope' test for testing the message
transport sender and recipient address transport sender and recipient address
RFC number: this RFC (Sieve base spec) RFC number: RFC 5228 (Sieve base spec)
Contact address: The Sieve discussion list <ietf-mta-filters@imc.org> Contact address: The Sieve discussion list <ietf-mta-filters@imc.org>
Capability name: comparator-* (anything starting with "comparator-") Capability name: comparator-* (anything starting with "comparator-")
Description: adds the indicated comparator for use with the Description: adds the indicated comparator for use with the
:comparator argument :comparator argument
RFC number: this RFC (Sieve base spec) and [COLLATION] RFC number: RFC 5228 (Sieve base spec) and [COLLATION]
Contact address: The Sieve discussion list <ietf-mta-filters@imc.org> Contact address: The Sieve discussion list <ietf-mta-filters@imc.org>
6.3. Capability Transport 6.3. Capability Transport
A method of advertising which capabilities an implementation supports A method of advertising which capabilities an implementation supports
is difficult due to the wide range of possible implementations. Such is difficult due to the wide range of possible implementations. Such
a mechanism, however, should have the property that the a mechanism, however, should have the property that the
implementation can advertise the complete set of extensions that it implementation can advertise the complete set of extensions that it
supports. supports.
skipping to change at page 32, line 26 skipping to change at page 33, line 37
The registration of this type for RFC 2048 requirements is updated as The registration of this type for RFC 2048 requirements is updated as
follows: follows:
Subject: Registration of MIME media type application/sieve Subject: Registration of MIME media type application/sieve
MIME media type name: application MIME media type name: application
MIME subtype name: sieve MIME subtype name: sieve
Required parameters: none Required parameters: none
Optional parameters: none Optional parameters: none
Encoding considerations: Most sieve scripts will be textual, Encoding considerations: Most Sieve scripts will be textual,
written in UTF-8. When non-7bit characters are used, written in UTF-8. When non-7bit characters are used,
quoted-printable is appropriate for transport systems quoted-printable is appropriate for transport systems
that require 7bit encoding. that require 7bit encoding.
Security considerations: Discussed in section 10 of this RFC. Security considerations: Discussed in section 10 of this RFC.
Interoperability considerations: Discussed in section 2.10.5 Interoperability considerations: Discussed in section 2.10.5
of this RFC. of this RFC.
Published specification: this RFC. Published specification: this RFC.
Applications which use this media type: sieve-enabled mail Applications that use this media type: sieve-enabled mail
servers and clients servers and clients
Additional information: Additional information:
Magic number(s): Magic number(s):
File extension(s): .siv .sieve File extension(s): .siv .sieve
Macintosh File Type Code(s): Macintosh File Type Code(s):
Person & email address to contact for further information: Person & email address to contact for further information:
See the discussion list at ietf-mta-filters@imc.org. See the discussion list at ietf-mta-filters@imc.org.
Intended usage: Intended usage:
COMMON COMMON
Author/Change controller: Author/Change controller:
See Editor information in this RFC. The SIEVE WG, delegated by the IESG.
8. Parsing 8. Parsing
The Sieve grammar is separated into tokens and a separate grammar as The Sieve grammar is separated into tokens and a separate grammar as
most programming languages are. most programming languages are. Additional rules are supplied here
for common arguments to various language facilities.
8.1. Lexical Tokens 8.1. Lexical Tokens
Sieve scripts are encoded in UTF-8. The following assumes a valid Sieve scripts are encoded in UTF-8. The following assumes a valid
UTF-8 encoding; special characters in Sieve scripts are all US-ASCII. UTF-8 encoding; special characters in Sieve scripts are all US-ASCII.
The following are tokens in Sieve: The following are tokens in Sieve:
- identifiers - identifiers
- tags - tags
skipping to change at page 33, line 27 skipping to change at page 34, line 40
- other separators - other separators
Identifiers, tags, and numbers are case-insensitive, while quoted Identifiers, tags, and numbers are case-insensitive, while quoted
strings and multi-line strings are case-sensitive. strings and multi-line strings are case-sensitive.
Blanks, horizontal tabs, CRLFs, and comments ("white space") are Blanks, horizontal tabs, CRLFs, and comments ("white space") are
ignored except as they separate tokens. Some white space is required ignored except as they separate tokens. Some white space is required
to separate otherwise adjacent tokens and in specific places in the to separate otherwise adjacent tokens and in specific places in the
multi-line strings. CR and LF can only appear in CRLF pairs. multi-line strings. CR and LF can only appear in CRLF pairs.
The other separators are single individual characters, and are The other separators are single individual characters and are
mentioned explicitly in the grammar. mentioned explicitly in the grammar.
The lexical structure of sieve is defined in the following grammar The lexical structure of sieve is defined in the following grammar
(as described in [ABNF]): (as described in [ABNF]):
bracket-comment = "/*" *not-star 1*STAR bracket-comment = "/*" *not-star 1*STAR
*(not-star-slash *not-star 1*STAR) "/" *(not-star-slash *not-star 1*STAR) "/"
; No */ allowed inside a comment. ; No */ allowed inside a comment.
; (No * is allowed unless it is the last ; (No * is allowed unless it is the last
; character, or unless it is followed by a ; character, or unless it is followed by a
skipping to change at page 35, line 9 skipping to change at page 36, line 21
STAR = "*" STAR = "*"
tag = ":" identifier tag = ":" identifier
white-space = 1*(SP / CRLF / HTAB) / comment white-space = 1*(SP / CRLF / HTAB) / comment
8.2. Grammar 8.2. Grammar
The following is the grammar of Sieve after it has been lexically The following is the grammar of Sieve after it has been lexically
interpreted. No white space or comments appear below. The start interpreted. No white space or comments appear below. The start
symbol is "start". Non-terminals for MATCH-TYPE, COMPARATOR, and symbol is "start".
ADDRESS-PART are provided for use by extensions.
ADDRESS-PART = ":localpart" / ":domain" / ":all"
argument = string-list / number / tag argument = string-list / number / tag
arguments = *argument [ test / test-list ] arguments = *argument [ test / test-list ]
block = "{" commands "}" block = "{" commands "}"
command = identifier arguments (";" / block) command = identifier arguments (";" / block)
commands = *command commands = *command
COMPARATOR = ":comparator" string
MATCH-TYPE = ":is" / ":contains" / ":matches"
start = commands start = commands
string = quoted-string / multi-line string = quoted-string / multi-line
string-list = "[" string *("," string) "]" / string string-list = "[" string *("," string) "]" / string
; if there is only a single string, the brackets ; if there is only a single string, the brackets
; are optional ; are optional
test = identifier arguments test = identifier arguments
test-list = "(" test *("," test) ")" test-list = "(" test *("," test) ")"
8.3. Statement Elements
These elements are collected from the "Syntax" sections elsewhere in
this document, and are provided here in [ABNF] syntax so that they
can be modified by extensions.
ADDRESS-PART = ":localpart" / ":domain" / ":all"
COMPARATOR = ":comparator" string
MATCH-TYPE = ":is" / ":contains" / ":matches"
9. Extended Example 9. Extended Example
The following is an extended example of a Sieve script. Note that it The following is an extended example of a Sieve script. Note that it
does not make use of the implicit keep. does not make use of the implicit keep.
# #
# Example Sieve Filter # Example Sieve Filter
# Declare any optional features or extension used by the script # Declare any optional features or extension used by the script
# #
require ["fileinto"]; require ["fileinto"];
skipping to change at page 36, line 38 skipping to change at page 38, line 7
} }
else else
{ {
# Move all other (non-company) mail to "personal" # Move all other (non-company) mail to "personal"
# mailbox. # mailbox.
fileinto "personal"; fileinto "personal";
} }
10. Security Considerations 10. Security Considerations
Users must get their mail. It is imperative that whatever method Users must get their mail. It is imperative that whatever
implementations use to store the user-defined filtering scripts be implementations use to store the user-defined filtering scripts
secure. protect them from unauthorized modification, to preserve the
integrity of the mail system. An attacker who can modify a script
can cause mail to be discarded, rejected, or forwarded to an
unauthorized recipient. In addition, it's possible that Sieve
scripts might expose private information, such as mailbox names, or
email addresses of favored (or disfavored) correspondents. Because
of that, scripts SHOULD also be protected from unauthorized
retrieval.
Several commands, such as "discard", "redirect", and "fileinto" allow Several commands, such as "discard", "redirect", and "fileinto",
for actions to be taken that are potentially very dangerous. allow for actions to be taken that are potentially very dangerous.
Use of the "redirect" command to generate notifications may easily Use of the "redirect" command to generate notifications may easily
overwhelm the target address, especially if it was not designed to overwhelm the target address, especially if it was not designed to
handle large messages. handle large messages.
Allowing a single script to redirect to multiple destinations can be Allowing a single script to redirect to multiple destinations can be
used as a means of amplifying the number of messages in an attack. used as a means of amplifying the number of messages in an attack.
Moreover, if loop detection is not properly implemented it may be Moreover, if loop detection is not properly implemented, it may be
possible to set up exponentially growing message loops. According, possible to set up exponentially growing message loops. Accordingly,
Sieve implementations: Sieve implementations:
(1) MUST implement facilities to detect and break message loops. See (1) MUST implement facilities to detect and break message loops. See
section 6.2 of [SMTP] for additional information on basic loop section 6.2 of [SMTP] for additional information on basic loop
detection strategies. detection strategies.
(2) MUST provide the means for administrators to limit the ability of (2) MUST provide the means for administrators to limit the ability of
users to abuse redirect. In particular, it MUST be possible to users to abuse redirect. In particular, it MUST be possible to
limit the number of redirects a script can perform. Additionally, limit the number of redirects a script can perform.
if no use cases exist for using redirect to multiple Additionally, if no use cases exist for using redirect to
destinations, this limit SHOULD be set to 1. Additional limits, multiple destinations, this limit SHOULD be set to 1. Additional
such as the ability to restrict redirect to local users MAY also limits, such as the ability to restrict redirect to local users,
be implemented. MAY also be implemented.
(3) MUST provide facilities to log use of redirect in order to (3) MUST provide facilities to log use of redirect in order to
facilitate tracking down abuse. facilitate tracking down abuse.
(4) MAY use script analysis to determine whether or not a given (4) MAY use script analysis to determine whether or not a given
script can be executed safely. While the Sieve language is script can be executed safely. While the Sieve language is
sufficiently complex that full analysis of all possible scripts sufficiently complex that full analysis of all possible scripts
is computationally infeasible, the majority of real-world is computationally infeasible, the majority of real-world scripts
scripts are amenable to analysis. For example, an are amenable to analysis. For example, an implementation might
implementation might allow scripts that it has determined are allow scripts that it has determined are safe to run unhindered,
safe to run unhindered, block scripts that are potentially block scripts that are potentially problematic, and subject
problematic, and subject unclassifiable scripts to additional unclassifiable scripts to additional auditing and logging.
auditing and logging.
Allowing redirects at all may not be appropriate in situations where Allowing redirects at all may not be appropriate in situations where
email accounts are freely-available and/or not trackable to a human email accounts are freely available and/or not trackable to a human
who can be held accountable for creating message bombs or other who can be held accountable for creating message bombs or other
abuse. abuse.
As with any filter on a message stream, if the sieve implementation As with any filter on a message stream, if the Sieve implementation
and the mail agents 'behind' sieve in the message stream differ in and the mail agents 'behind' Sieve in the message stream differ in
their interpretation of the messages, it may be possible for an their interpretation of the messages, it may be possible for an
attacker to subvert the filter. Of particular note are differences attacker to subvert the filter. Of particular note are differences
in the interpretation of malformed messages (e.g., missing or extra in the interpretation of malformed messages (e.g., missing or extra
syntax characters) or those that exhibit corner cases (e.g., NUL syntax characters) or those that exhibit corner cases (e.g., NUL
octets encoded via [MIME3]). octets encoded via [MIME3]).
11. Acknowledgments 11. Acknowledgments
This document has been revised in part based on comments and This document has been revised in part based on comments and
discussions that took place on and off the SIEVE mailing list. discussions that took place on and off the SIEVE mailing list.
Thanks to Sharon Chisholm, Cyrus Daboo, Ned Freed, Arnt Gulbrandsen, Thanks to Sharon Chisholm, Cyrus Daboo, Ned Freed, Arnt Gulbrandsen,
Michael Haardt, Kjetil Torgrim Homme, Barry Leiba, Mark E. Mallett, Michael Haardt, Kjetil Torgrim Homme, Barry Leiba, Mark E. Mallett,
Alexey Melnikov, Eric Rescorla, Rob Siemborski, and Nigel Swinson for Alexey Melnikov, Eric Rescorla, Rob Siemborski, and Nigel Swinson for
reviews and suggestions. reviews and suggestions.
12. Editors' Addresses 12. Normative References
Philip Guenther
Sendmail, Inc.
6425 Christie St. Ste 400
Emeryville, CA 94608
Email: guenther@sendmail.com
Tim Showalter
Email: tjs@psaux.com
13. Normative References
[ABNF] D. Crocker, Ed., P. Overell "Augmented BNF for Syntax [ABNF] Crocker, D., Ed., and P. Overell, "Augmented BNF for
Specifications: ABNF", RFC 4234, October 2005. Syntax Specifications: ABNF", RFC 4234, October 2005.
[COLLATION] Newman, C., Duerst, M., and A. Gulbrandsen, "Internet [COLLATION] Newman, C., Duerst, M., and A. Gulbrandsen, "Internet
Application Protocol Collation Registry", RFC 4790, March Application Protocol Collation Registry", RFC 4790, March
2007. 2007.
[IMAIL] P. Resnick, Ed., "Internet Message Format", RFC 2822, [IMAIL] Resnick, P., Ed., "Internet Message Format", RFC 2822,
April 2001. April 2001.
[KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[MIME] Freed, N. and N. Borenstein, "Multipurpose Internet Mail [MIME] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
Extensions (MIME) Part One: Format of Internet Message Extensions (MIME) Part One: Format of Internet Message
Bodies", RFC 2045, November 1996. Bodies", RFC 2045, November 1996.
[MIME3] Moore, K., "MIME (Multipurpose Internet Mail Extensions) [MIME3] Moore, K., "MIME (Multipurpose Internet Mail Extensions)
Part Three: Message Header Extensions for Non-ASCII Part Three: Message Header Extensions for Non-ASCII
Text", RFC 2047, November 1996. Text", RFC 2047, November 1996.
[SMTP] J. Klensin, Ed., "Simple Mail Transfer Protocol", RFC [SMTP] Klensin, J., Ed., "Simple Mail Transfer Protocol", RFC
2821, April 2001. 2821, April 2001.
[UTF-8] Yergeau, F., "UTF-8, a transformation format of ISO [UTF-8] Yergeau, F., "UTF-8, a transformation format of ISO
10646", RFC 3629, November 2003. 10646", STD 63, RFC 3629, November 2003.
14. Informative References 13. Informative References
[BINARY-SI] "Standard IEC 60027-2: Letter symbols to be used in [BINARY-SI] "Standard IEC 60027-2: Letter symbols to be used in
electrical technology - Part 2: Telecommunications and electrical technology - Part 2: Telecommunications and
electronics", January 1999. electronics", January 1999.
[DSN] Moore, K. and G. Vaudreuil, "An Extensible Message Format [DSN] Moore, K. and G. Vaudreuil, "An Extensible Message Format
for Delivery Status Notifications", RFC 3464, January for Delivery Status Notifications", RFC 3464, January
2003. 2003.
[FLAMES] Borenstein, N, and C. Thyberg, "Power, Ease of Use, and [FLAMES] Borenstein, N, and C. Thyberg, "Power, Ease of Use, and
skipping to change at page 39, line 30 skipping to change at page 40, line 33
System", Int. J. of Man-Machine Studies, April, 1991. System", Int. J. of Man-Machine Studies, April, 1991.
Reprinted in Computer-Supported Cooperative Work and Reprinted in Computer-Supported Cooperative Work and
Groupware, Saul Greenberg, editor, Harcourt Brace Groupware, Saul Greenberg, editor, Harcourt Brace
Jovanovich, 1991. Reprinted in Readings in Groupware and Jovanovich, 1991. Reprinted in Readings in Groupware and
Computer-Supported Cooperative Work, Ronald Baecker, Computer-Supported Cooperative Work, Ronald Baecker,
editor, Morgan Kaufmann, 1993. editor, Morgan Kaufmann, 1993.
[IMAP] Crispin, M., "Internet Message Access Protocol - version [IMAP] Crispin, M., "Internet Message Access Protocol - version
4rev1", RFC 3501, March 2003. 4rev1", RFC 3501, March 2003.
[MDN] T. Hansen, Ed., G. Vaudreuil, Ed., "Message Disposition [MDN] Hansen, T., Ed., and G. Vaudreuil, Ed., "Message
Notification", RFC 3798, May 2004. Disposition Notification", RFC 3798, May 2004.
[RFC3028] Showalter, T., "Sieve: A Mail Filtering Language", RFC [RFC3028] Showalter, T., "Sieve: A Mail Filtering Language", RFC
3028, January 2001. 3028, January 2001.
15. Changes from RFC 3028 14. Changes from RFC 3028
This following list is a summary of the changes that have been made This following list is a summary of the changes that have been made
in the Sieve language base specification from [RFC3028]. in the Sieve language base specification from [RFC3028].
1. Removed ban on tests having side-effects 1. Removed ban on tests having side-effects
2. Removed reject extension (will be specified in a separate RFC) 2. Removed reject extension (will be specified in a separate RFC)
3. Clarified description of comparators to match [COLLATION], the 3. Clarified description of comparators to match [COLLATION], the
new base specification for them new base specification for them
4. Require stripping of leading and trailing whitespace in 4. Require stripping of leading and trailing whitespace in "header"
"header" test test
5. Clarified or tightened handling of many minor items, including: 5. Clarified or tightened handling of many minor items, including:
- invalid [MIME3] encoding - invalid [MIME3] encoding
- invalid addresses in headers - invalid addresses in headers
- invalid header field names in tests - invalid header field names in tests
- 'undefined' comparator result - 'undefined' comparator result
- unknown envelope parts - unknown envelope parts
- null return-path in "envelope" test - null return-path in "envelope" test
6. Capability strings are case-sensitive 6. Capability strings are case-sensitive
7. Clarified that fileinto should reencode non-ASCII mailbox 7. Clarified that fileinto should reencode non-ASCII mailbox
names to match the mailstore's conventions names to match the mailstore's conventions
8. Errors in the ABNF were corrected 8. Errors in the ABNF were corrected
9. The references were updated and split into normative and 9. The references were updated and split into normative and
informative informative
10. Added encoded-character capability and deprecated (but did not 10. Added encoded-character capability and deprecated (but did not
remove) use of arbitrary binary octets in Sieve scripts. remove) use of arbitrary binary octets in Sieve scripts.
11. Updated IANA registration template, and added IANA 11. Updated IANA registration template, and added IANA
considerations to permit capability prefix registrations. considerations to permit capability prefix registrations.
12. Added .sieve as a valid extension for sieve scripts. 12. Added .sieve as a valid extension for Sieve scripts.
16. Full Copyright Statement Editors' Addresses
Copyright (C) The IETF Trust (2007). Philip Guenther
Sendmail, Inc.
6425 Christie St. Ste 400
Emeryville, CA 94608
EMail: guenther@sendmail.com
Tim Showalter
EMail: tjs@psaux.com
Full Copyright Statement
Copyright (C) The IETF Trust (2008).
This document is subject to the rights, licenses and restrictions This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors contained in BCP 78, and except as set forth therein, the authors
retain all their rights. retain all their rights.
This document and the information contained herein are provided on an This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
skipping to change at page 41, line 6 skipping to change at page 42, line 42
Copies of IPR disclosures made to the IETF Secretariat and any Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr. http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at ietf- this standard. Please address the information to the IETF at
ipr@ietf.org. ietf-ipr@ietf.org.
Acknowledgement
Funding for the RFC Editor function is currently provided by the IETF
Administrative Support Activity (IASA).
Appendix A. Change History
This section will be removed when this document leaves the Internet-
Draft stage.
Changes from draft-ietf-sieve-3028bis-12.txt
1. Merged in changes from original RFC Editor note
2. Added additional security considerations for redirect
Changes from draft-ietf-sieve-3028bis-11.txt
1. Correct typo in boilerplate
2. Update [DSN] reference to RFC 3464
Changes from draft-ietf-sieve-3028bis-10.txt
1. Clarify how the "redirect" action uses the address argument
2. Eliminate the phrase "original message"
3. If an outbound address doesn't match the syntax, it's an error
Changes from draft-ietf-sieve-3028bis-09.txt
1. [MDN] reference is merely informative
2. Whitespace tweaks in the ABNF
3. Extensions can't change "require"
4. fileinto a nonexistent mailbox is implementation defined behavior
5. Clarify the definition of the size of a message
6. Make the KEYWORDS boilerplate match expectations
7. Add the encoded-character extension
8. Remove duplication in text regarding unknown extensions
9. Address security concerns about looping with redirect or other
extensions
10. Valid numbers include zero
11. Various changes suggested by the gen-art reviewer
12. Removed references to the Halting Problem. Humor is dead
13. Clarify which tokens are case-insensitive and which are
case-sensitive; use the 'unexpected' case in several examples
14. Add .sieve as an extension for the application/sieve MIME type
15. Permit registration of capability prefixes (like "comparator-"),
but require an IESG approved RFC when they're outside the
"vnd." 'namespace'
16. Replace "example.edu" with "example.com"
17. Update boilerplate
18. Updated pages numbers in table of contents
Changes from draft-ietf-sieve-3028bis-08.txt
1. [RFC3028] reference is merely informative
2. String lists are literal data
3. Tagged and optional arguments can take any sort of literal data
as arguments
4. Change "folder" to "mailbox" throughout
5. Added more items to the "Changes from RFC 3028" list
6. A multi-line string includes the CRLF before the final dot
Changes from draft-ietf-sieve-3028bis-07.txt
1. Improve description in the extension registrations
2. Give IANA directions on how to massage existing registrations
into the new form
3. Added "Changes from RFC 3028" section
4. Updated pages numbers in table of contents
5. Permit non-UTF-8 octet sequences in comments
6. It's an error to use conflicting or repeated tagged and optional
arguments
7. Update description of script encoding
Changes from draft-ietf-sieve-3028bis-06.txt
1. Tweak wording of how :matches uses character definition
of comparator
2. Add security consideration regarding "redirect" as a notification
method
3. fileinto SHOULD reencode; mention IMAP's mUTF-7
4. en;ascii-casemap is gone; switch back to i;ascii-casemap
5. Permit non-UTF-8 octet sequences in strings
6. Sort grammar non-terminals
7. Syntactically invalid addresses don't match :localpart or :domain
8. The null return-path has empty address parts
9. Treat comparator result of "undefined" the same as "no-match"
10. Envelope sender on redirects is implementation defined
11. Change IANA registration template
Changes from draft-ietf-sieve-3028bis-05.txt
1. The specifics of what names are acceptable for fileinto and
the handling of invalid names are both implementation-defined
2. Update to draft-newman-i18n-comparator-07.txt
3. Adjust the example in 5.7 again
Changes from draft-ietf-sieve-3028bis-04.txt
1. Change "Syntax:" to "Usage:"
2. Update ABNF reference to RFC 4234
3. Add non-terminals for MATCH-TYPE, COMPARATOR, and ADDRESS-PART
4. Strip leading and trailing whitespace in the value being matched
by header
5. Collations operate on octets, not characters, and for character
data that is the UTF-8 encoding of the Unicode characters
6. :matches uses character definition of comparator
Changes from draft-ietf-sieve-3028bis-03.txt
1. Remove section 2.4.2.4., MIME Parts, as unreferenced
2. Update to draft-newman-i18n-comparator-04.txt
3. Various tweaks to examples and syntax lines
4. Define "control structure" as a control command with a block
argument, then use it consistently. Reword description of
blocks to match
5. Clarify that "header" can never match an absent header and give
the preferred way to test for absent or empty
6. Invalid header name syntax is not an error _in tests_ (but could
be elsewhere)
7. Implementation SHOULD consider unknown envelope parts an error
8. Remove explicit "omitted" option from 2.7.2p2
Changes from draft-ietf-sieve-3028bis-02.txt
1. Change "ASCII" to "US-ASCII" throughout
2. Tweak section 2.7.2 to not require use of UTF-8 internally and
to explicitly leave implementation-defined the handling of text
that can't be converted to Unicode
3. Add reference to RFC 2047
4. Clarify that capability strings are case-sensitive
5. Clarify that address, envelope, and header return false if no
combination of arguments match
6. Directly state that code that isn't reached may still be checked
for errors
7. Invalid header name syntax is not an error
8. Remove description of header unfolding that conflicts with
[IMAIL]
9. Warn that filters may be subvertable if agents interpret messages
differently
10. Encoded NUL octets SHOULD NOT cause truncation
Changes from draft-ietf-sieve-3028bis-01.txt
1. Remove ban on side effects
2. Remove definition of the 'reject' action, as it is being moved
to the doc that also defines the 'refuse' action
3. Update capability registrations to reference the mailing list
4. Add Tim back as an editor
5. Refer to the zero-length string ("") as "empty" instead of
"null"
Changes from draft-ietf-sieve-3028bis-00.txt
1. More grammar corrections:
- permit /***/,
- remove ambiguity in finding end of bracket comment,
- require valid UTF-8,
- express quoting in the grammar
- ban bare CR and LF in all locations
2. Correct a bunch of whitespace and linewrapping nits
3. Update IMAIL and SMTP references to RFC 2822 and RFC 2821
4. Require support for en;ascii-casemap comparator as well as the
old i;ascii-casemap. As with the old one, you do not need to
use 'require' to use the new comparator
5. Update IANA considerations to update the existing registrations
to point at this doc instead of 3028
6. Scripts SHOULD NOT contain superfluous backslashes
7. Update Acknowledgments
Changes from RFC 3028
1. Split references into normative and informative
2. Update references to current versions of DSN, IMAP, MDN, and
UTF-8 RFCs
3. Replace "e-mail" with "email"
4. Incorporate RFC 3028 errata
5. The "reject" action cancels the implicit keep
6. Replace references to ACAP with references to the i18n-comparator
draft. Further work is needed to completely sync with that
draft
7. Start to update grammar to only permit legal UTF-8 (incomplete)
and correct various other errors and typos
8. Update IPR broilerplate to RFC 3978/3979
 End of changes. 100 change blocks. 
291 lines changed or deleted 275 lines changed or added

This html diff was produced by rfcdiff 1.34. The latest version is available from http://tools.ietf.org/tools/rfcdiff/