draft-ietf-sieve-notify-mailto-10.txt   rfc5436.txt 
Sieve Working Group B. Leiba Network Working Group B. Leiba
Internet-Draft IBM T.J. Watson Research Center Request for Comments: 5436 IBM T.J. Watson Research Center
Updates: 3834 (if approved) M. Haardt Updates: 3834 M. Haardt
Intended status: Standards Track freenet.de GmbH Category: Standards Track freenet.de GmbH
Expires: June 7, 2009 December 4, 2008 January 2009
Sieve Notification Mechanism: mailto Sieve Notification Mechanism: mailto
draft-ietf-sieve-notify-mailto-10
Status of this Memo Status of This Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months This document specifies an Internet standards track protocol for the
and may be updated, replaced, or obsoleted by other documents at any Internet community, and requests discussion and suggestions for
time. It is inappropriate to use Internet-Drafts as reference improvements. Please refer to the current edition of the "Internet
material or to cite them other than as "work in progress." Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
The list of current Internet-Drafts can be accessed at Copyright Notice
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at Copyright (c) 2009 IETF Trust and the persons identified as the
http://www.ietf.org/shadow.html. document authors. All rights reserved.
This Internet-Draft will expire on June 7, 2009. This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (http://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document.
Abstract Abstract
This document describes a profile of the Sieve extension for This document describes a profile of the Sieve extension for
notifications, to allow notifications to be sent by electronic mail. notifications, to allow notifications to be sent by electronic mail.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction ....................................................3
1.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Overview ...................................................3
1.2. Conventions used in this document . . . . . . . . . . . . 3 1.2. Conventions Used in This Document ..........................3
2. Definition ......................................................3
2. Definition . . . . . . . . . . . . . . . . . . . . . . . . 4 2.1. Notify Parameter "method" ..................................3
2.1. Notify parameter "method" . . . . . . . . . . . . . . . . 4 2.2. Test notify_method_capability ..............................3
2.2. Test notify_method_capability . . . . . . . . . . . . . . 4 2.3. Notify Tag ":from" .........................................3
2.3. Notify tag ":from" . . . . . . . . . . . . . . . . . . . . 4 2.4. Notify Tag ":importance" ...................................4
2.4. Notify tag ":importance" . . . . . . . . . . . . . . . . . 4 2.5. Notify Tag ":options" ......................................4
2.5. Notify tag ":options" . . . . . . . . . . . . . . . . . . 4 2.6. Notify Tag ":message" ......................................4
2.6. Notify tag ":message" . . . . . . . . . . . . . . . . . . 4 2.7. Other Definitions ..........................................4
2.7. Other Definitions . . . . . . . . . . . . . . . . . . . . 5 2.7.1. The Auto-Submitted Header Field .....................6
2.7.1. The Auto-Submitted header field . . . . . . . . . . . . . 7 3. Examples ........................................................7
4. Internationalization Considerations .............................8
3. Examples . . . . . . . . . . . . . . . . . . . . . . . . . 8 5. Security Considerations .........................................9
6. IANA Considerations ............................................10
4. Internationalization Considerations . . . . . . . . . . . 10 6.1. Registration of Notification Mechanism ....................10
6.2. New Registry for Auto-Submitted Header Field Keywords .....10
5. Security Considerations . . . . . . . . . . . . . . . . . 11 6.3. Initial Registration of Auto-Submitted Header
Field Keywords ............................................11
6. IANA Considerations . . . . . . . . . . . . . . . . . . . 13 7. References .....................................................11
6.1. Registration of notification mechanism . . . . . . . . . . 13 7.1. Normative References ......................................11
6.2. New registry for Auto-Submitted header field keywords . . 13 7.2. Informative References ....................................12
6.3. Initial registration of Auto-Submitted header field
keywords . . . . . . . . . . . . . . . . . . . . . . . . . 13
7. References . . . . . . . . . . . . . . . . . . . . . . . . 15
7.1. Normative References . . . . . . . . . . . . . . . . . . . 15
7.2. Non-Normative References . . . . . . . . . . . . . . . . . 15
Authors' Addresses . . . . . . . . . . . . . . . . . . . . 16
Intellectual Property and Copyright Statements . . . . . . 17
1. Introduction 1. Introduction
1.1. Overview 1.1. Overview
The [Notify] extension to the [Sieve] mail filtering language is a The [Notify] extension to the [Sieve] mail filtering language is a
framework for providing notifications by employing URIs to specify framework for providing notifications by employing URIs to specify
the notification mechanism. This document defines how [mailto] URIs the notification mechanism. This document defines how [mailto] URIs
are used to generate notifications by e-mail. are used to generate notifications by email.
1.2. Conventions used in this document 1.2. Conventions Used in This Document
Conventions for notations are as in [Sieve] section 1.1, including Conventions for notations are as in Section 1.1 of [Sieve], including
the use of [Kwds]. the use of [Kwds].
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [Kwds]. document are to be interpreted as described in [Kwds].
2. Definition 2. Definition
The mailto mechanism results in the sending of a new email message (a The mailto mechanism results in the sending of a new email message (a
"notification message") to notify a recipient about a "triggering "notification message") to notify a recipient about a "triggering
message". message".
2.1. Notify parameter "method" 2.1. Notify Parameter "method"
The mailto notification mechanism uses standard mailto URIs as The mailto notification mechanism uses standard mailto URIs as
specified in [mailto]. mailto URIs may contain header fields specified in [mailto]. mailto URIs may contain header fields
consisting of a header name and value. These header fields are consisting of a header name and value. These header fields are
called "URI headers" to distinguish them from "message headers". called "URI headers" to distinguish them from "message headers".
2.2. Test notify_method_capability 2.2. Test notify_method_capability
The notify_method_capability test for "online" may return "yes" or The notify_method_capability test for "online" may return "yes" or
"no" only if the Sieve processor can determine with certainty whether "no" only if the Sieve processor can determine with certainty whether
or not the recipients of the notification message are online and or not the recipients of the notification message are online and
logged in. Otherwise, the test returns "maybe" for this notification logged in. Otherwise, the test returns "maybe" for this notification
method. method.
2.3. Notify tag ":from" 2.3. Notify Tag ":from"
The :from tag overrides the default sender of the notification The ":from" tag overrides the default sender of the notification
message. "Sender", here, refers to the value used in the [RFC5322] message. "Sender", here, refers to the value used in the [RFC5322]
"From" header. Implementations MAY also use this value in the "From" header. Implementations MAY also use this value in the
[RFC5321] "MAIL FROM" command (the "envelope sender"), or they may [RFC5321] "MAIL FROM" command (the "envelope sender"), or they may
prefer to establish a mailbox that receives bounces from notification prefer to establish a mailbox that receives bounces from notification
messages. messages.
2.4. Notify tag ":importance" 2.4. Notify Tag ":importance"
The :importance tag has no special meaning for this notification The ":importance" tag has no special meaning for this notification
mechanism, and this specification puts no restriction on its use. mechanism, and this specification puts no restriction on its use.
Implementations MAY use the value of :importance to set a priority or Implementations MAY use the value of ":importance" to set a priority
importance indication on the notification message (perhaps a visual or importance indication on the notification message (perhaps a
indication, or perhaps making use of one of the non-standard but visual indication, or perhaps making use of one of the non-standard
commonly used message headers). but commonly used message headers).
2.5. Notify tag ":options" 2.5. Notify Tag ":options"
This tag is not used by the mailto method. This tag is not used by the mailto method.
2.6. Notify tag ":message" 2.6. Notify Tag ":message"
The value of this tag, if it is present, is used as the subject of The value of this tag, if it is present, is used as the subject of
the notification message, and overrides all other mechanisms for the notification message, and overrides all other mechanisms for
determining the subject (as described below). Its value SHOULD NOT determining the subject (as described below). Its value SHOULD NOT
normally be truncated, though it may be sensible to truncate an normally be truncated, though it may be sensible to truncate an
excessively long value. excessively long value.
2.7. Other Definitions 2.7. Other Definitions
Because the receipt of an email message is generating another email Because the receipt of an email message is generating another email
skipping to change at page 5, line 31 skipping to change at page 4, line 50
Because this notification method uses a store-and-forward system for Because this notification method uses a store-and-forward system for
delivery of the notification message, the Sieve processor should not delivery of the notification message, the Sieve processor should not
have a need to retry notifications. Therefore, implementations of have a need to retry notifications. Therefore, implementations of
this method SHOULD use normal mechanisms for submitting SMTP messages this method SHOULD use normal mechanisms for submitting SMTP messages
and for retrying the initial submission. Once the notification and for retrying the initial submission. Once the notification
message is submitted, implementations MUST NOT resubmit it, as this message is submitted, implementations MUST NOT resubmit it, as this
is likely to result in multiple notifications, and increases the is likely to result in multiple notifications, and increases the
danger of message loops. danger of message loops.
Implementations SHOULD consider limiting notification messages. In
particular, they SHOULD NOT sent duplicate notifications to the same
address from the same script invocation. Batching of notifications
within a short time to the same address might also be useful.
Different implementations, different administrative domains, and
different users may have different needs; configuration options are a
good idea here.
The overall notification message is composed using the following The overall notification message is composed using the following
guidelines (see [RFC5322] for references to message header fields): guidelines (see [RFC5322] for references to message header fields):
o If the envelope sender of the triggering message is empty, the o If the envelope sender of the triggering message is empty, the
envelope sender of the notification message MUST be empty as well, envelope sender of the notification message MUST be empty as well,
to avoid message loops. Otherwise, the envelope sender of the to avoid message loops. Otherwise, the envelope sender of the
notification message SHOULD be set to the value of the ":from" notification message SHOULD be set to the value of the ":from" tag
parameter to the notify action, if one is specified, has email to the notify action, if one is specified, has email address
address syntax and is valid according to the implementation syntax, and is valid according to the implementation-specific
specific security checks (see Section 3.3 of [Notify]). If security checks (see Section 3.3 of [Notify]). If ":from" is not
":from" is not specified or is not valid, the envelope sender of specified or is not valid, the envelope sender of the notification
the notification message SHOULD be set either to the envelope "to" message SHOULD be set either to the envelope "to" field from the
field from the triggering message, as used by Sieve, or to an triggering message, as used by Sieve, or to an email address
email address associated with the notification system, at the associated with the notification system, at the discretion of the
discretion of the implementation. This MUST NOT be overridden by implementation. This MUST NOT be overridden by a "from" URI
a "from" URI header, and any such URI header MUST be ignored. header, and any such URI header MUST be ignored.
o The envelope recipient(s) of the notification message SHOULD be o The envelope recipient(s) of the notification message SHOULD be
set to the address(es) specified in the URI (including any URI set to the address(es) specified in the URI (including any URI
headers where the hname is "to" or "cc"). headers where the hname is "to" or "cc").
o The header field "Auto-Submitted: auto-notified" MUST be included o The header field "Auto-Submitted: auto-notified" MUST be included
in the notification message (see Section 2.7.1). This is to in the notification message (see Section 2.7.1). This is to
reduce the likelihood of message loops, by tagging this as an reduce the likelihood of message loops, by tagging this as an
automatically generated message. Among other results, it will automatically generated message. Among other results, it will
inform other notification systems not to generate further inform other notification systems not to generate further
notifications. mailto URI headers with hname "auto-submitted" are notifications. mailto URI headers with hname "auto-submitted" are
considered unsafe and MUST be ignored. considered unsafe and MUST be ignored.
o The "From:" header field of the notification message SHOULD be set o The "From:" header field of the notification message SHOULD be set
to the value of the ":from" parameter to the notify action, if one to the value of the ":from" tag to the notify action, if one is
is specified, has email address syntax and is valid according to specified, has email address syntax, and is valid according to the
the implementation specific security checks (see Section 3.3 of implementation-specific security checks (see Section 3.3 of
[Notify]). If ":from" is not specified or is not valid, the [Notify]). If ":from" is not specified or is not valid, the
"From:" header field of the notification message SHOULD be set "From:" header field of the notification message SHOULD be set
either to the envelope "to" field from the triggering message, as either to the envelope "to" field from the triggering message, as
used by Sieve, or to an email address associated with the used by Sieve, or to an email address associated with the
notification system, at the discretion of the implementation. notification system, at the discretion of the implementation.
This MUST NOT be overridden by a "from" URI header, and any such This MUST NOT be overridden by a "from" URI header, and any such
URI header MUST be ignored. URI header MUST be ignored.
o The "To:" header field of the notification message SHOULD be set o The "To:" header field of the notification message SHOULD be set
to the address(es) specified in the URI (including any URI headers to the address(es) specified in the URI (including any URI headers
where the hname is "to"). where the hname is "to").
o The "Subject:" field of the notification message SHOULD contain o The "Subject:" field of the notification message SHOULD contain
the value defined by the :message notify tag, as described in the value defined by the ":message" tag, as described in [Notify].
[Notify]. If there is no :message tag and there is a "subject" If there is no ":message" tag and there is a "subject" header on
header on the URI, then that value SHOULD be used. If that is the URI, then that value SHOULD be used. If the "subject" header
also absent, the subject SHOULD be retained from the triggering is also absent, the subject SHOULD be retained from the triggering
message. Note that Sieve [Variables] can be used to advantage message. Note that Sieve [Variables] can be used to advantage
here, as shown in the example in Section 3. here, as shown in the example in Section 3.
o The "References:" field of the notification message MAY be set to o The "References:" field of the notification message MAY be set to
refer to the triggering message, and MAY include references from refer to the triggering message, and MAY include references from
the triggering message. the triggering message.
o If the mailto URI contains a "body" header, the value of that o If the mailto URI contains a "body" header, the value of that
header SHOULD be used as the body of the notification message. If header SHOULD be used as the body of the notification message. If
there is no "body" header, it is up to the implementation whether there is no "body" header, it is up to the implementation whether
skipping to change at page 7, line 20 skipping to change at page 6, line 48
header serves as the notification timestamp defined in [Notify]. header serves as the notification timestamp defined in [Notify].
o All other header fields of the notification message either are as o All other header fields of the notification message either are as
specified by URI headers, or have implementation-specific values; specified by URI headers, or have implementation-specific values;
their values are not defined here. It is suggested that the their values are not defined here. It is suggested that the
implementation capitalize the first letter of URI headers and add implementation capitalize the first letter of URI headers and add
a space character after the colon between the mail header name and a space character after the colon between the mail header name and
value when adding URI headers to the message, to be consistent value when adding URI headers to the message, to be consistent
with common practice in email headers. with common practice in email headers.
2.7.1. The Auto-Submitted header field 2.7.1. The Auto-Submitted Header Field
The header field "Auto-Submitted: auto-notified" MUST be included in The header field "Auto-Submitted: auto-notified" MUST be included in
the notification message (see [RFC3834]). The "Auto-Submitted" the notification message (see [RFC3834]). The "Auto-Submitted"
header field is considered a "trace field", similar to "Received" header field is considered a "trace field", similar to "Received"
header fields (see [RFC5321]). If the implementation retains the header fields (see [RFC5321]). If the implementation retains the
"Received" fields from the triggering message (see above), the "Auto- "Received" fields from the triggering message (see above), the "Auto-
Submitted" field MUST be placed above those "Received" fields, Submitted" field MUST be placed above those "Received" fields,
serving as a boundary between the ones from the triggering message serving as a boundary between the ones from the triggering message
and those that will be part of the notification message. and those that will be part of the notification message.
The auto-notified Auto-Submitted field MUST include one or both of The header field "Auto-Submitted: auto-notified" MUST include one or
the following parameters: both of the following parameters:
o owner-email - specifies an email address of the owner of the Sieve o owner-email - specifies an email address, determined by the
script that generated this notification. If specified, it might implementation, of the owner of the Sieve script that generated
be used to identify or contact the script's owner. The parameter this notification. If specified, it might be used to identify or
attribute is "owner-email", and the parameter value is a quoted contact the script's owner. The parameter attribute is "owner-
string containing an email address, as defined by "addr-spec" in email", and the parameter value is a quoted string containing an
[RFC5322]. Example: email address, as defined by "addr-spec" in [RFC5322]. Example:
Auto-Submitted: auto-notified; owner-email="me@example.com" Auto-Submitted: auto-notified; owner-email="me@example.com"
o owner-token - specifies an opaque token that the administrative o owner-token - specifies an opaque token, determined by the
domain of the owner of the Sieve script that generated this implementation, that the administrative domain of the owner of the
notification can identify the owner with. This might be used to Sieve script that generated this notification can use to identify
allow identification of the owner while protecting the owner's the owner. This might be used to allow identification of the
privacy. The parameter attribute is "owner-token", and the owner while protecting the owner's privacy. The parameter
parameter value is as defined by "token" in [RFC3834]. Example: attribute is "owner-token", and the parameter value is as defined
by "token" in [RFC3834]. Example:
Auto-Submitted: auto-notified; owner-token=af3NN2pK5dDXI0W Auto-Submitted: auto-notified; owner-token=af3NN2pK5dDXI0W
See Section 5 for discussion of possible uses of these parameters. See Section 5 for discussion of possible uses of these parameters.
3. Examples 3. Examples
Triggering message (received by recipient@example.org): Triggering message (received by recipient@example.org):
Return-Path: <knitting-bounces@example.com> Return-Path: <knitting-bounces@example.com>
Received: from mail.example.com by mail.example.org Received: from mail.example.com by mail.example.org
skipping to change at page 8, line 25 skipping to change at page 8, line 4
Date: Wed, 07 Dec 2005 10:59:19 +0100 Date: Wed, 07 Dec 2005 10:59:19 +0100
Precedence: list Precedence: list
List-Id: Knitting Mailing List <knitting.example.com> List-Id: Knitting Mailing List <knitting.example.com>
Sender: knitting-bounces@example.com Sender: knitting-bounces@example.com
Errors-To: knitting-bounces@example.com Errors-To: knitting-bounces@example.com
From: "Jeff Smith" <jeff@hobbies.example.com> From: "Jeff Smith" <jeff@hobbies.example.com>
To: "Knitting Mailing List" <knitting@example.com> To: "Knitting Mailing List" <knitting@example.com>
Subject: [Knitting] A new sweater Subject: [Knitting] A new sweater
I just finished a great new sweater! I just finished a great new sweater!
Sieve script (run on behalf of recipient@example.org): Sieve script (run on behalf of recipient@example.org):
require ["notify", "variables"]; require ["enotify", "variables"];
if header :contains "list-id" "knitting.example.com" { if header :contains "list-id" "knitting.example.com" {
if header :matches "Subject" "[*] *" { if header :matches "Subject" "[*] *" {
notify :message "From ${1} list: ${2}" notify :message "From ${1} list: ${2}"
:importance "3" :importance "3"
"mailto:0123456789@sms.example.net?to=backup@example.com"; "mailto:0123456789@sms.example.net?to=backup@example.com";
} }
} }
Notification message: Notification message:
skipping to change at page 9, line 4 skipping to change at page 8, line 28
Auto-Submitted: auto-notified; owner-email="recipient@example.org" Auto-Submitted: auto-notified; owner-email="recipient@example.org"
Received: from mail.example.com by mail.example.org Received: from mail.example.com by mail.example.org
for <recipient@example.org>; Wed, 7 Dec 2005 05:08:02 -0500 for <recipient@example.org>; Wed, 7 Dec 2005 05:08:02 -0500
Received: from hobbies.example.com by mail.example.com Received: from hobbies.example.com by mail.example.com
for <knitting@example.com>; Wed, 7 Dec 2005 02:00:26 -0800 for <knitting@example.com>; Wed, 7 Dec 2005 02:00:26 -0800
Date: Wed, 7 Dec 2005 05:08:55 -0500 Date: Wed, 7 Dec 2005 05:08:55 -0500
Message-ID: <A2299BB.FF7788@example.org> Message-ID: <A2299BB.FF7788@example.org>
From: recipient@example.org From: recipient@example.org
To: 0123456789@sms.example.net, backup@example.com To: 0123456789@sms.example.net, backup@example.com
Subject: From Knitting list: A new sweater Subject: From Knitting list: A new sweater
Note that: Note that:
o Fields such as "Message-ID:" and "Date:" were generated afresh for o Fields such as "Message-ID:" and "Date:" were generated afresh for
the notification message, and do not relate to the triggering the notification message, and do not relate to the triggering
message. message.
o Additional "Received:" fields will be added to the notification o Additional "Received:" fields will be added to the notification
message in transit; the ones shown were copied from the triggering message in transit; the ones shown were copied from the triggering
message. New ones will be added above the "Auto-Submitted:" message. New ones will be added above the Auto-Submitted: header
field. field.
o If this message should appear at the mail.example.org server o If this message should appear at the mail.example.org server
again, the server can use the presence of a "mail.example.org" again, the server can use the presence of a "mail.example.org"
received line to recognize that. The Auto-Submitted header field received line to recognize that. The Auto-Submitted header field
is also present to tell the server to avoid sending another is also present to tell the server to avoid sending another
notification, and it includes an optional owner-email parameter notification, and it includes an optional owner-email parameter
for identification. for identification.
4. Internationalization Considerations 4. Internationalization Considerations
skipping to change at page 11, line 18 skipping to change at page 9, line 18
notification recipient. Care must be taken when forwarding mail notification recipient. Care must be taken when forwarding mail
automatically, to ensure that confidential information is not sent automatically, to ensure that confidential information is not sent
into an insecure environment. into an insecure environment.
The automated sending of email messages exposes the system to mail The automated sending of email messages exposes the system to mail
loops, which can cause operational problems. Implementations of this loops, which can cause operational problems. Implementations of this
specification MUST protect themselves against mail loops; see specification MUST protect themselves against mail loops; see
Section 2.7 for discussion of this and some suggestions. Other Section 2.7 for discussion of this and some suggestions. Other
possible mitigations for mail loops involve types of service possible mitigations for mail loops involve types of service
limitations. For example, the number of notifications generated for limitations. For example, the number of notifications generated for
a single user might be limited to no more than, say, 30 in a 60- a single user might be limited to no more than, say, 30 in a
minute period. Of course, this technique presents its own problems, 60-minute period. Of course, this technique presents its own
in that the actual rate limit must be selected carefully, to allow problems, in that the actual rate-limit must be selected carefully,
most legitimate situations in the given environment, and even with to allow most legitimate situations in the given environment. Even
careful selection it's inevitable that there will be false positives with careful selection, it's inevitable that there will be false
-- and false negatives. positives -- and false negatives.
Ultimately, human intervention may be necessary to re-enable Ultimately, human intervention may be necessary to re-enable
notifications that have been disabled because a loop was detected, or notifications that have been disabled because a loop was detected, or
to terminate a very slow loop that's under the automatic-detection to terminate a very slow loop that's under the automatic-detection
radar. Administrative mechanisms MUST be available to handle these radar. Administrative mechanisms MUST be available to handle these
sorts of situations. sorts of situations.
Email addresses specified as recipients of notifications might not be Email addresses specified as recipients of notifications might not be
owned by the entity that owns the Sieve script. As a result, a owned by the entity that owns the Sieve script. As a result, a
notification recipient could wind up as the target of unwanted notification recipient could wind up as the target of unwanted
skipping to change at page 12, line 5 skipping to change at page 10, line 7
In particular, note that the Auto-Submitted header field is required In particular, note that the Auto-Submitted header field is required
to include a value that a recipient can use when contacting the to include a value that a recipient can use when contacting the
source domain of the notification message (see Section 2.7.1). That source domain of the notification message (see Section 2.7.1). That
value will allow the domain to track down the script's owner and have value will allow the domain to track down the script's owner and have
the script corrected or disabled. Domains that enable this extension the script corrected or disabled. Domains that enable this extension
MUST be prepared to respond to such complaints, in order to limit the MUST be prepared to respond to such complaints, in order to limit the
damage caused by a faulty script. damage caused by a faulty script.
Problems can also show up if notification messages are sent to a Problems can also show up if notification messages are sent to a
gateway into another service, such as SMS. Information from the gateway into another service, such as SMS. Information from the
email message is often lost in the gateway translation, and in this email message is often lost in the gateway translation; and in this
case critical information needed to avoid loops, to contact the case, critical information needed to avoid loops, to contact the
script owner, and to resolve other problems might be lost. script owner, and to resolve other problems might be lost.
Developers of email gateways should consider these issues, and try to Developers of email gateways should consider these issues, and try to
preseve as much information as possible, including what appears in preserve as much information as possible, including what appears in
email trace headers and Auto-Submitted. email trace headers and the Auto-Submitted header field.
Additional security considerations are discussed in [Sieve] and in Additional security considerations are discussed in [Sieve] and in
[Notify]. [Notify].
6. IANA Considerations 6. IANA Considerations
6.1. Registration of notification mechanism 6.1. Registration of Notification Mechanism
The following template specifies the IANA registration of the Sieve The following template specifies the IANA registration of the Sieve
notification mechanism specified in this document: notification mechanism specified in this document:
To: iana@iana.org To: iana@iana.org
Subject: Registration of new Sieve notification mechanism Subject: Registration of new Sieve notification mechanism
Mechanism name: mailto Mechanism name: mailto
Mechanism URI: RFC2368 Mechanism URI: RFC2368
Mechanism-specific tags: none Mechanism-specific options: none
Standards Track/IESG-approved experimental RFC number: this RFC Permanent and readily available reference: RFC 5436
Person and email address to contact for further information: Person and email address to contact for further information:
Michael Haardt <michael.haardt@freenet.ag> Michael Haardt <michael.haardt@freenet.ag>
This information should be added to the list of sieve notification This information should be added to the list of Sieve notification
mechanisms given on mechanisms available from http://www.iana.org.
http://www.iana.org/assignments/sieve-notification.
6.2. New registry for Auto-Submitted header field keywords 6.2. New Registry for Auto-Submitted Header Field Keywords
Because [RFC3834] does not define a registry for new keywords used in Because [RFC3834] does not define a registry for new keywords used in
the Auto-Submitted header field, we define one here, to be created as the Auto-Submitted header field, we define one here, which has been
http://www.iana.org/assignments/auto-submitted-keywords. Keywords created and is available from http://www.iana.org. Keywords are
are registered using the "Specification Required" policy [IANA]. registered using the "Specification Required" policy [IANA].
This defines the template to be used to register new keywords. This defines the template to be used to register new keywords.
Initial entries to this registry follow in Section 6.3. Initial entries to this registry follow in Section 6.3.
To: iana@iana.org To: iana@iana.org
Subject: Registration of new auto-submitted header field keyword Subject: Registration of new auto-submitted header field keyword
Keyword value: [the text value of the field] Keyword value: [the text value of the field]
Description: [a brief explanation of the purpose of this value] Description: [a brief explanation of the purpose of this value]
Parameters: [list any keyword-specific parameters, specify their Parameters: [list any keyword-specific parameters, specify their
meanings, specify whether they are required or optional; use "none" meanings, specify whether they are required or optional; use
if there are none] "none" if there are none]
Standards Track/IESG-approved experimental RFC number: [identifies Permanent and readily available reference: [identifies
the specification that defines the value being registered] the specification that defines the value being registered]
Contact: [name and email address to contact for further information] Contact: [name and email address to contact for further information]
6.3. Initial registration of Auto-Submitted header field keywords 6.3. Initial Registration of Auto-Submitted Header Field Keywords
The following are the initial keywords to be registered for the Auto- The following are the initial keywords that have been registered in
Submitted header field, to be entered in the "Auto-Submitted Header Field Keywords" registry, available from
http://www.iana.org/assignments/auto-submitted-keywords. http://www.iana.org.
Keyword value: no Keyword value: no
Description: Indicates that a message was NOT automatically Description: Indicates that a message was NOT automatically
generated, but was created by a human. It is the equivalent to the generated, but was created by a human. It is the equivalent to
absence of an Auto-Submitted header altogether. the absence of an Auto-Submitted header altogether.
Parameters: none Parameters: none
Standards Track/IESG-approved experimental RFC number: RFC3834 Permanent and readily available reference: RFC3834
Contact: Keith Moore <moore@network-heretics.com> Contact: Keith Moore <moore@network-heretics.com>
Keyword value: auto-generated Keyword value: auto-generated
Description: Indicates that a message was generated by an automatic Description: Indicates that a message was generated by an automatic
process, and is not a direct response to another message. process, and is not a direct response to another message.
Parameters: none Parameters: none
Standards Track/IESG-approved experimental RFC number: RFC3834 Permanent and readily available reference: RFC3834
Contact: Keith Moore <moore@network-heretics.com> Contact: Keith Moore <moore@network-heretics.com>
Keyword value: auto-replied Keyword value: auto-replied
Description: Indicates that a message was automatically generated as Description: Indicates that a message was automatically generated as
a direct response to another message. a direct response to another message.
Parameters: none Parameters: none
Standards Track/IESG-approved experimental RFC number: RFC3834 Permanent and readily available reference: RFC3834
Contact: Keith Moore <moore@network-heretics.com> Contact: Keith Moore <moore@network-heretics.com>
Keyword value: auto-notified Keyword value: auto-notified
Description: Indicates that a message was generated by a Sieve Description: Indicates that a message was generated by a Sieve
notification system. notification system.
Parameters: owner-email, owner-token. Both optional, both refer to Parameters: owner-email, owner-token. At least one is required;
the owner of the Sieve script that generated this message. See the both refer to the owner of the Sieve script that generated this
relevant RFC for details. message. See the relevant RFC for details.
Standards Track/IESG-approved experimental RFC number: this RFC Permanent and readily available reference: RFC 5436
Contact: Michael Haardt <michael.haardt@freenet.ag> Contact: Michael Haardt <michael.haardt@freenet.ag>
7. References 7. References
7.1. Normative References 7.1. Normative References
[IANA] Narten, T. and H. Alvestrand, "Guidelines for Writing an [IANA] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", BCP 26, RFC 5226, IANA Considerations Section in RFCs", BCP 26, RFC 5226,
May 2008. May 2008.
[Kwds] Bradner, S., "Key words for use in RFCs to Indicate [Kwds] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[Notify] Melnikov, A., Ed., Leiba, B., Ed., Segmuller, W., and T. [Notify] Melnikov, A., Ed., Leiba, B., Ed., Segmuller, W., and T.
Martin, "Sieve Extension: Notifications", work in Martin, "Sieve Email Filtering: Extension for
progress, draft-ietf-sieve-notify, December 2007. Notifications", RFC 5435, January 2009.
[RFC3834] Moore, K., "Recommendations for Automatic Responses to [RFC3834] Moore, K., "Recommendations for Automatic Responses to
Electronic Mail", RFC 3834, August 2004. Electronic Mail", RFC 3834, August 2004.
[RFC5322] Resnick, P., Ed., "Internet Message Format", RFC 5322, [RFC5322] Resnick, P., Ed., "Internet Message Format", RFC 5322,
October 2008. October 2008.
[Sieve] Guenther, P., Ed. and T. Showalter, Ed., "Sieve: An Email [Sieve] Guenther, P., Ed. and T. Showalter, Ed., "Sieve: An
Filtering Language", RFC 5228, January 2008. Email Filtering Language", RFC 5228, January 2008.
[mailto] Hoffman, P., Masinter, L., and J. Zawinski, "The mailto [mailto] Hoffman, P., Masinter, L., and J. Zawinski, "The mailto
URL scheme", RFC 2368, July 1998. URL scheme", RFC 2368, July 1998.
7.2. Non-Normative References 7.2. Informative References
[RFC5321] Klensin, J., Ed., "Simple Mail Transfer Protocol", [RFC5321] Klensin, J., Ed., "Simple Mail Transfer Protocol",
RFC 5321, October 2008. RFC 5321, October 2008.
[Variables] [Variables] Homme, K., "Sieve Extension: Variables", RFC 5229,
Homme, K., "Sieve Extension: Variables", RFC 5229,
January 2008. January 2008.
Authors' Addresses Authors' Addresses
Barry Leiba Barry Leiba
IBM T.J. Watson Research Center IBM T.J. Watson Research Center
19 Skyline Drive 19 Skyline Drive
Hawthorne, NY 10532 Hawthorne, NY 10532
US US
Phone: +1 914 784 7941 Phone: +1 914 784 7941
Email: leiba@watson.ibm.com EMail: leiba@watson.ibm.com
Michael Haardt Michael Haardt
freenet.de GmbH freenet.de GmbH
Willstaetter Str. 13 Willstaetter Str. 13
Duesseldorf, NRW 40549 Duesseldorf, NRW 40549
Germany Germany
Phone: +49 241 53087 520 Phone: +49 241 53087 520
Email: michael.haardt@freenet.ag EMail: michael.haardt@freenet.ag
Full Copyright Statement
Copyright (C) The IETF Trust (2008).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
 End of changes. 54 change blocks. 
152 lines changed or deleted 143 lines changed or added

This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/