idnits 2.17.1 draft-ietf-sieve-3028bis-13.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 16. -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on line 1884. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 1895. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 1902. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 1908. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The draft header indicates that this document obsoletes RFC3028, but the abstract doesn't seem to mention this, which it should. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (October 2007) is 6036 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'COMPARATOR' is mentioned on line 1281, but not defined == Missing Reference: 'ADDRESS-PART' is mentioned on line 1211, but not defined == Missing Reference: 'MATCH-TYPE' is mentioned on line 1281, but not defined ** Obsolete normative reference: RFC 4234 (ref. 'ABNF') (Obsoleted by RFC 5234) ** Obsolete normative reference: RFC 2822 (ref. 'IMAIL') (Obsoleted by RFC 5322) ** Obsolete normative reference: RFC 2821 (ref. 'SMTP') (Obsoleted by RFC 5321) -- Obsolete informational reference (is this intentional?): RFC 3501 (ref. 'IMAP') (Obsoleted by RFC 9051) -- Obsolete informational reference (is this intentional?): RFC 3798 (ref. 'MDN') (Obsoleted by RFC 8098) -- Obsolete informational reference (is this intentional?): RFC 3028 (Obsoleted by RFC 5228, RFC 5429) Summary: 4 errors (**), 0 flaws (~~), 4 warnings (==), 12 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group P. Guenther 3 Internet-Draft Sendmail, Inc. 4 Intended status: Standards Track T. Showalter 5 Expires: April 2008 Editors 6 Obsoletes: 3028 (if approved) October 2007 8 Sieve: An Email Filtering Language 9 draft-ietf-sieve-3028bis-13.txt 11 Status of this Memo 13 By submitting this Internet-Draft, each author represents that any 14 applicable patent or other IPR claims of which he or she is aware 15 have been or will be disclosed, and any of which he or she becomes 16 aware will be disclosed, in accordance with Section 6 of BCP 79. 18 Internet-Drafts are working documents of the Internet Engineering 19 Task Force (IETF), its areas, and its working groups. Note that 20 other groups may also distribute working documents as Internet- 21 Drafts. 23 Internet-Drafts are draft documents valid for a maximum of six months 24 and may be updated, replaced, or obsoleted by other documents at any 25 time. It is inappropriate to use Internet-Drafts as reference 26 material or to cite them other than as "work in progress." 28 The list of current Internet-Drafts can be accessed at 29 http://www.ietf.org/ietf/1id-abstracts.txt 31 The list of Internet-Draft Shadow Directories can be accessed at 32 http://www.ietf.org/shadow.html. 34 A revised version of this draft document will be submitted to the RFC 35 editor as a Standard Track RFC for the Internet Community. 36 Discussion and suggestions for improvement are requested, and should 37 be sent to ietf-mta-filters@imc.org. Distribution of this memo is 38 unlimited. 40 Copyright Notice 42 Copyright (C) The IETF Trust (2007). 44 Abstract 46 This document describes a language for filtering email messages at 47 time of final delivery. It is designed to be implementable on either 48 a mail client or mail server. It is meant to be extensible, simple, 49 and independent of access protocol, mail architecture, and operating 50 system. It is suitable for running on a mail server where users may 51 not be allowed to execute arbitrary programs, such as on black box 52 Internet Message Access Protocol (IMAP) servers, as the base language 53 has no variables, loops, or ability to shell out to external 54 programs. 56 Table of Contents 58 1. Introduction ........................................... 3 59 1.1. Conventions Used in This Document ..................... 4 60 1.2. Example mail messages ................................. 5 61 2. Design ................................................. 6 62 2.1. Form of the Language .................................. 6 63 2.2. Whitespace ............................................ 6 64 2.3. Comments .............................................. 6 65 2.4. Literal Data .......................................... 7 66 2.4.1. Numbers ............................................... 7 67 2.4.2. Strings ............................................... 7 68 2.4.2.1. String Lists .......................................... 8 69 2.4.2.2. Headers ............................................... 9 70 2.4.2.3. Addresses ............................................. 9 71 2.4.2.4. Encoding characters using "encoded-character" ......... 10 72 2.5. Tests ................................................. 11 73 2.5.1. Test Lists ............................................ 11 74 2.6. Arguments ............................................. 11 75 2.6.1. Positional Arguments .................................. 11 76 2.6.2. Tagged Arguments ...................................... 12 77 2.6.3. Optional Arguments .................................... 12 78 2.6.4. Types of Arguments .................................... 12 79 2.7. String Comparison ..................................... 13 80 2.7.1. Match Type ............................................ 13 81 2.7.2. Comparisons Across Character Sets ..................... 14 82 2.7.3. Comparators ........................................... 15 83 2.7.4. Comparisons Against Addresses ......................... 16 84 2.8. Blocks ................................................ 16 85 2.9. Commands .............................................. 16 86 2.10. Evaluation ............................................ 17 87 2.10.1. Action Interaction .................................... 17 88 2.10.2. Implicit Keep ......................................... 17 89 2.10.3. Message Uniqueness in a Mailbox ....................... 18 90 2.10.4. Limits on Numbers of Actions .......................... 18 91 2.10.5. Extensions and Optional Features ...................... 18 92 2.10.6. Errors ................................................ 19 93 2.10.7. Limits on Execution ................................... 19 94 3. Control Commands ....................................... 20 95 3.1. Control if ............................................ 20 96 3.2. Control require ....................................... 21 97 3.3. Control stop .......................................... 21 98 4. Action Commands ........................................ 21 99 4.1. Action fileinto ....................................... 22 100 4.2. Action redirect ....................................... 22 101 4.3. Action keep ........................................... 23 102 4.4. Action discard ........................................ 24 103 5. Test Commands .......................................... 24 104 5.1. Test address .......................................... 25 105 5.2. Test allof ............................................ 25 106 5.3. Test anyof ............................................ 26 107 5.4. Test envelope ......................................... 26 108 5.5. Test exists ........................................... 27 109 5.6. Test false ............................................ 27 110 5.7. Test header ........................................... 27 111 5.8. Test not .............................................. 28 112 5.9. Test size ............................................. 28 113 5.10. Test true ............................................. 29 114 6. Extensibility .......................................... 29 115 6.1. Capability String ..................................... 29 116 6.2. IANA Considerations ................................... 30 117 6.2.1. Template for Capability Registrations ................. 30 118 6.2.2. Handling of Existing Capability Registrations ......... 31 119 6.2.3. Initial Capability Registrations ...................... 31 120 6.3. Capability Transport .................................. 32 121 7. Transmission ........................................... 32 122 8. Parsing ................................................ 32 123 8.1. Lexical Tokens ........................................ 33 124 8.2. Grammar ............................................... 35 125 9. Extended Example ....................................... 35 126 10. Security Considerations ................................ 36 127 11. Acknowledgments ........................................ 38 128 12. Editors' Addresses ..................................... 38 129 13. Normative References ................................... 38 130 14. Informative References ................................. 39 131 15. Changes from RFC 3028 .................................. 39 132 16. Full Copyright Statement ............................... 40 134 1. Introduction 136 This memo documents a language that can be used to create filters for 137 electronic mail. It is not tied to any particular operating system 138 or mail architecture. It requires the use of [IMAIL]-compliant 139 messages, but should otherwise generalize to many systems. 141 The language is powerful enough to be useful but limited in order to 142 allow for a safe server-side filtering system. The intention is to 143 make it impossible for users to do anything more complex (and 144 dangerous) than write simple mail filters, along with facilitating 145 the use of GUIs for filter creation and manipulation. The base 146 language was not designed to be Turing-complete: it does not have a 147 loop control structure or functions. 149 Scripts written in Sieve are executed during final delivery, when the 150 message is moved to the user-accessible mailbox. In systems where 151 the Mail Transfer Agent (MTA) does final delivery, such as 152 traditional Unix mail, it is reasonable to filter when the MTA 153 deposits mail into the user's mailbox. 155 There are a number of reasons to use a filtering system. Mail 156 traffic for most users has been increasing due to increased usage of 157 email, the emergence of unsolicited email as a form of advertising, 158 and increased usage of mailing lists. 160 Experience at Carnegie Mellon has shown that if a filtering system is 161 made available to users, many will make use of it in order to file 162 messages from specific users or mailing lists. However, many others 163 did not make use of the Andrew system's FLAMES filtering language 164 [FLAMES] due to difficulty in setting it up. 166 Because of the expectation that users will make use of filtering if 167 it is offered and easy to use, this language has been made simple 168 enough to allow many users to make use of it, but rich enough that it 169 can be used productively. However, it is expected that GUI-based 170 editors will be the preferred way of editing filters for a large 171 number of users. 173 1.1. Conventions Used in This Document 175 In the sections of this document that discuss the requirements of 176 various keywords and operators, the following conventions have been 177 adopted. 179 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 180 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 181 document are to be interpreted as described in [KEYWORDS]. 183 Each section on a command (test, action, or control) has a line 184 labeled "Usage:". This line describes the usage of the command, 185 including its name and its arguments. Required arguments are listed 186 inside angle brackets ("<" and ">"). Optional arguments are listed 187 inside square brackets ("[" and "]"). Each argument is followed by 188 its type, so "" represents an argument called "key" that 189 is a string. Literal strings are represented with double-quoted 190 strings. Alternatives are separated with slashes, and parenthesis 191 are used for grouping, similar to [ABNF]. 193 In the "Usage:" line, there are three special pieces of syntax that 194 are frequently repeated, MATCH-TYPE, COMPARATOR, and ADDRESS-PART. 195 These are discussed in sections 2.7.1, 2.7.3, and 2.7.4, 196 respectively. 198 The formal grammar for these commands is defined in section 10 and is 199 the authoritative reference on how to construct commands, but the 200 formal grammar does not specify the order, semantics, number or types 201 of arguments to commands, nor the legal command names. The intent is 202 to allow for extension without changing the grammar. 204 1.2. Example mail messages 206 The following mail messages will be used throughout this document in 207 examples. 209 Message A 210 ----------------------------------------------------------- 211 Date: Tue, 1 Apr 1997 09:06:31 -0800 (PST) 212 From: coyote@desert.example.org 213 To: roadrunner@acme.example.com 214 Subject: I have a present for you 216 Look, I'm sorry about the whole anvil thing, and I really 217 didn't mean to try and drop it on you from the top of the 218 cliff. I want to try to make it up to you. I've got some 219 great birdseed over here at my place--top of the line 220 stuff--and if you come by, I'll have it all wrapped up 221 for you. I'm really sorry for all the problems I've caused 222 for you over the years, but I know we can work this out. 223 -- 224 Wile E. Coyote "Super Genius" coyote@desert.example.org 225 ----------------------------------------------------------- 227 Message B 228 ----------------------------------------------------------- 229 From: youcouldberich!@reply-by-postal-mail.invalid 230 Sender: b1ff@de.res.example.com 231 To: rube@landru.example.com 232 Date: Mon, 31 Mar 1997 18:26:10 -0800 233 Subject: $$$ YOU, TOO, CAN BE A MILLIONAIRE! $$$ 235 YOU MAY HAVE ALREADY WON TEN MILLION DOLLARS, BUT I DOUBT 236 IT! SO JUST POST THIS TO SIX HUNDRED NEWSGROUPS! IT WILL 237 GUARANTEE THAT YOU GET AT LEAST FIVE RESPONSES WITH MONEY! 238 MONEY! MONEY! COLD HARD CASH! YOU WILL RECEIVE OVER 239 $20,000 IN LESS THAN TWO MONTHS! AND IT'S LEGAL!!!!!!!!! 240 !!!!!!!!!!!!!!!!!!111111111!!!!!!!11111111111!!1 JUST 241 SEND $5 IN SMALL, UNMARKED BILLS TO THE ADDRESSES BELOW! 242 ----------------------------------------------------------- 244 2. Design 246 2.1. Form of the Language 248 The language consists of a set of commands. Each command consists of 249 a set of tokens delimited by whitespace. The command identifier is 250 the first token and it is followed by zero or more argument tokens. 251 Arguments may be literal data, tags, blocks of commands, or test 252 commands. 254 With the exceptions of strings and comments, the language is limited 255 to US-ASCII characters. Strings and comments may contain octets 256 outside the US-ASCII range. Specifically, they will normally be in 257 UTF-8, as specified in [UTF-8]. NUL (US-ASCII 0) is never permitted 258 in scripts, while CR and LF can only appear as the CRLF line ending. 260 While this specification permits arbitrary octets to appear in 261 sieve scripts inside strings and comments, this has made it 262 difficult to robustly handle sieve scripts in programs that are 263 sensitive to the encodings used. The "encoded-character" 264 capability (section 2.4.2.4) provides an alternative means of 265 representing such octets in strings using just US-ASCII 266 characters. As such, the use of non-UTF-8 text in scripts should 267 be considered a deprecated feature that may be abandoned. 269 Tokens other than strings are considered case-insensitive. 271 2.2. Whitespace 273 Whitespace is used to separate tokens. Whitespace is made up of 274 tabs, newlines (CRLF, never just CR or LF), and the space character. 275 The amount of whitespace used is not significant. 277 2.3. Comments 279 Two types of comments are offered. Comments are semantically 280 equivalent to whitespace and can be used anyplace that whitespace is 281 (with one exception in multi-line strings, as described in the 282 grammar). 284 Hash comments begin with a "#" character that is not contained within 285 a string and continue until the next CRLF. 287 Example: if size :over 100k { # this is a comment 288 discard; 289 } 291 Bracketed comments begin with the token "/*" and end with "*/" 292 outside of a string. Bracketed comments may span multiple lines. 293 Bracketed comments do not nest. 295 Example: if size :over 100K { /* this is a comment 296 this is still a comment */ discard /* this is a comment 297 */ ; 298 } 300 2.4. Literal Data 302 Literal data means data that is not executed, merely evaluated "as 303 is", to be used as arguments to commands. Literal data is limited to 304 numbers, strings, and string lists. 306 2.4.1. Numbers 308 Numbers are given as ordinary decimal numbers. As a shorthand for 309 expressing larger values, such as message sizes, a suffix of "K", 310 "M", or "G" MAY be appended to indicate a multiple of a power of two. 311 To be comparable with the power-of-two-based versions of SI units 312 that computers frequently use, "K" specifies kibi-, or 1,024 (2^10) 313 times the value of the number; "M" specifies mebi-, or 1,048,576 314 (2^20) times the value of the number; and "G" specifies gibi-, or 315 1,073,741,824 (2^30) times the value of the number [BINARY-SI]. 317 Implementations MUST support integer values in the inclusive range 318 zero to 2,147,483,647 (2^31 - 1), but MAY support larger values. 320 Only non-negative integers are permitted by this specification. 322 2.4.2. Strings 324 Scripts involve large numbers of string values as they are used for 325 pattern matching, addresses, textual bodies, etc. Typically, short 326 quoted strings suffice for most uses, but a more convenient form is 327 provided for longer strings such as bodies of messages. 329 A quoted string starts and ends with a single double quote (the <"> 330 character, US-ASCII 34). A backslash ("\", US-ASCII 92) inside of a 331 quoted string is followed by either another backslash or a double 332 quote. These two-character sequences represent a single backslash or 333 double quote within the value, respectively. 335 Scripts SHOULD NOT escape other characters with a backslash. 337 An undefined escape sequence (such as "\a" in a context where "a" has 338 no special meaning) is interpreted as if there were no backslash (in 339 this case, "\a" is just "a"), though that may be changed by 340 extensions. 342 Non-printing characters such as tabs, CRLF, and control characters 343 are permitted in quoted strings. Quoted strings MAY span multiple 344 lines. An unencoded NUL (US-ASCII 0) is not allowed in strings, see 345 section 2.4.2.4 for how it can be encoded. 347 As message header data is converted to [UTF-8] for comparison (see 348 section 2.7.2), most string values will use the UTF-8 encoding. 349 However, implementations MUST accept all strings that match the 350 grammar in section 8. The ability to use non-UTF-8 encoded strings 351 matches existing practice and has proven to be useful both in tests 352 for invalid data and in arguments containing raw MIME parts for 353 extension actions that generate outgoing messages. 355 For entering larger amounts of text, such as an email message, a 356 multi-line form is allowed. It starts with the keyword "text:", 357 followed by a CRLF, and ends with the sequence of a CRLF, a single 358 period, and another CRLF. The CRLF before the final period is 359 considered part of the value. In order to allow the message to 360 contain lines with a single-dot, lines are dot-stuffed. That is, 361 when composing a message body, an extra `.' is added before each line 362 which begins with a `.'. When the server interprets the script, 363 these extra dots are removed. Note that a line that begins with a 364 dot followed by a non-dot character is not interpreted dot-stuffed; 365 that is, ".foo" is interpreted as ".foo". However, because this is 366 potentially ambiguous, scripts SHOULD be properly dot-stuffed so such 367 lines do not appear. 369 Note that a hashed comment or whitespace may occur in between the 370 "text:" and the CRLF, but not within the string itself. Bracketed 371 comments are not allowed here. 373 2.4.2.1. String Lists 375 When matching patterns, it is frequently convenient to match against 376 groups of strings instead of single strings. For this reason, a list 377 of strings is allowed in many tests, implying that if the test is 378 true using any one of the strings, then the test is true. 380 For instance, the test `header :contains ["To", "Cc"] 381 ["me@example.com", "me00@landru.example.com"]' is true if either a To 382 header or Cc header of the input message contains either of the email 383 addresses "me@example.com" or "me00@landru.example.com". 385 Conversely, in any case where a list of strings is appropriate, a 386 single string is allowed without being a member of a list: it is 387 equivalent to a list with a single member. This means that the test 388 `exists "To"' is equivalent to the test `exists ["To"]'. 390 2.4.2.2. Headers 392 Headers are a subset of strings. In the Internet Message 393 Specification [IMAIL], each header line is allowed to have whitespace 394 nearly anywhere in the line, including after the field name and 395 before the subsequent colon. Extra spaces between the header name 396 and the ":" in a header field are ignored. 398 A header name never contains a colon. The "From" header refers to a 399 line beginning "From:" (or "From :", etc.). No header will match 400 the string "From:" due to the trailing colon. 402 Similarly, no header will match a syntactically invalid header name. 403 An implementation MUST NOT cause an error for syntactically invalid 404 header names in tests. 406 Header lines are unfolded as described in [IMAIL] section 2.2.3. 407 Interpretation of header data SHOULD be done according to [MIME3] 408 section 6.2 (see 2.7.2 below for details). 410 2.4.2.3. Addresses 412 A number of commands call for email addresses, which are also a 413 subset of strings. When these addresses are used in outbound 414 contexts, addresses must be compliant with [IMAIL], but are further 415 constrained within this document. Using the symbols defined in 416 [IMAIL], section 3, the syntax of an address is: 418 sieve-address = addr-spec ; simple address 419 / phrase "<" addr-spec ">" ; name & addr-spec 421 That is, routes and group syntax are not permitted. If multiple 422 addresses are required, use a string list. Named groups are not 423 permitted. 425 It is an error for a script to execute an action with a value for use 426 as an outbound address that doesn't match the "sieve-address" syntax. 428 2.4.2.4. Encoding characters using "encoded-character" 430 When the "encoded-character" extension is in effect, certain 431 character sequences in strings are replaced by their decoded value. 432 This happens after escape sequences are interpreted and dot- 433 unstuffing has been done. Implementations SHOULD support "encoded- 434 character". 436 Arbitrary octets can be embedded in strings by using the syntax 437 encoded-arb-octets. The sequence is replaced by the octets with the 438 hexadecimal values given by each hex-pair. 440 blank = WSP / CRLF 441 encoded-arb-octets = "${hex:" hex-pair-seq "}" 442 hex-pair-seq = *blank hex-pair *(1*blank hex-pair) *blank 443 hex-pair = 1*2HEXDIG 445 It may be inconvenient or undesirable to enter Unicode characters 446 verbatim and for these cases the syntax encoded-unicode-char can be 447 used. The sequence is replaced by the UTF-8 encoding of the 448 specified Unicode characters, which are identified by the hexadecimal 449 value of unicode-hex. 451 encoded-unicode-char = "${unicode:" unicode-hex-seq "}" 452 unicode-hex-seq = *blank unicode-hex 453 *(1*blank unicode-hex) *blank 454 unicode-hex = 1*HEXDIG 456 It is an error for a script to use a hexadecimal value that isn't in 457 either the range 0 to D7FF or the range E000 to 10FFFF. (The range 458 D800 to DFFF is excluded as those character numbers are only used as 459 part of the UTF-16 encoding form and are not applicable to the UTF-8 460 encoding that the syntax here represents.) 462 Note: Implementations MUST NOT raise an error for an out of range 463 Unicode value unless the sequence containing it is well-formed 464 according to the grammar. 466 The capability string for use with the require command is "encoded- 467 character". 469 In the following script, message B is discarded, since the specified 470 test string is equivalent to "$$$". 472 Example: require "encoded-character"; 473 if header :contains "Subject" "$${hex:24 24}" { 474 discard; 475 } 477 The following examples demonstrate valid and invalid encodings and 478 how they are handled: 480 "$${hex:40}" -> "$@" 481 "${hex: 40 }" -> "@" 482 "${HEX: 40}" -> "@" 483 "${hex:40" -> "${hex:40" 484 "${hex:400}" -> "${hex:400}" 485 "${hex:4${hex:30}}" -> "${hex:40}" 486 "${unicode:40}" -> "@" 487 "${ unicode:40}" -> "${ unicode:40}" 488 "${UNICODE:40}" -> "@" 489 "${UnICoDE:0000040}" -> "@" 490 "${Unicode:40}" -> "@" 491 "${Unicode:Cool}" -> "${Unicode:Cool}" 492 "${unicode:200000}" -> error 493 "${Unicode:DF01} -> error 495 2.5. Tests 497 Tests are given as arguments to commands in order to control their 498 actions. In this document, tests are given to if/elsif to decide 499 which block of code is run. 501 2.5.1. Test Lists 503 Some tests ("allof" and "anyof", which implement logical "and" and 504 logical "or", respectively) may require more than a single test as an 505 argument. The test-list syntax element provides a way of grouping 506 tests as a comma separated list in parens. 508 Example: if anyof (not exists ["From", "Date"], 509 header :contains "from" "fool@example.com") { 510 discard; 511 } 513 2.6. Arguments 515 In order to specify what to do, most commands take arguments. There 516 are three types of arguments: positional, tagged, and optional. 518 It is an error for a script, on a single command, to use conflicting 519 arguments or to use a tagged or optional argument more than once. 521 2.6.1. Positional Arguments 523 Positional arguments are given to a command which discerns their 524 meaning based on their order. When a command takes positional 525 arguments, all positional arguments must be supplied and must be in 526 the order prescribed. 528 2.6.2. Tagged Arguments 530 This document provides for tagged arguments in the style of 531 CommonLISP. These are also similar to flags given to commands in 532 most command-line systems. 534 A tagged argument is an argument for a command that begins with ":" 535 followed by a tag naming the argument, such as ":contains". This 536 argument means that zero or more of the next tokens have some 537 particular meaning depending on the argument. These next tokens may 538 be literal data but they are never blocks. 540 Tagged arguments are similar to positional arguments, except that 541 instead of the meaning being derived from the command, it is derived 542 from the tag. 544 Tagged arguments must appear before positional arguments, but they 545 may appear in any order with other tagged arguments. For simplicity 546 of the specification, this is not expressed in the syntax definitions 547 with commands, but they still may be reordered arbitrarily provided 548 they appear before positional arguments. Tagged arguments may be 549 mixed with optional arguments. 551 Tagged arguments SHOULD NOT take tagged arguments as arguments. 553 2.6.3. Optional Arguments 555 Optional arguments are exactly like tagged arguments except that they 556 may be left out, in which case a default value is implied. Because 557 optional arguments tend to result in shorter scripts, they have been 558 used far more than tagged arguments. 560 One particularly noteworthy case is the ":comparator" argument, which 561 allows the user to specify which comparator [COLLATION] will be used 562 to compare two strings, since different languages may impose 563 different orderings on UTF-8 [UTF-8] strings. 565 2.6.4. Types of Arguments 567 Abstractly, arguments may be literal data, tests, or blocks of 568 commands. In this way, an "if" control structure is merely a command 569 that happens to take a test and a block as arguments and may execute 570 the block of code. 572 However, this abstraction is ambiguous from a parsing standpoint. 574 The grammar in section 9.2 presents a parsable version of this: 575 Arguments are string-lists, numbers, and tags, which may be followed 576 by a test or a test-list, which may be followed by a block of 577 commands. No more than one test or test list, nor more than one 578 block of commands, may be used, and commands that end with a block of 579 commands do not end with semicolons. 581 2.7. String Comparison 583 When matching one string against another, there are a number of ways 584 of performing the match operation. These are accomplished with three 585 types of matches: an exact match, a substring match, and a wildcard 586 glob-style match. These are described below. 588 In order to provide for matches between character sets and case 589 insensitivity, Sieve uses the comparators defined in the Internet 590 Application Protocol Collation Registry [COLLATION]. 592 However, when a string represents the name of a header, the 593 comparator is never user-specified. Header comparisons are always 594 done with the "i;ascii-casemap" operator, i.e., case-insensitive 595 comparisons, because this is the way things are defined in the 596 message specification [IMAIL]. 598 2.7.1. Match Type 600 Commands which perform string comparisons may have an optional match 601 type argument. The three match types in this specification are ":is", 602 ":contains", and ":matches". 604 The ":contains" match type describes a substring match. If the value 605 argument contains the key argument as a substring, the match is true. 606 For instance, the string "frobnitzm" contains "frob" and "nit", but 607 not "fbm". The empty key ("") is contained in all values. 609 The ":is" match type describes an absolute match; if the contents of 610 the first string are absolutely the same as the contents of the 611 second string, they match. Only the string "frobnitzm" is the string 612 "frobnitzm". The empty key ":is" and only ":is" the empty value. 614 The ":matches" match type specifies a wildcard match using the 615 characters "*" and "?"; the entire value must be matched. "*" 616 matches zero or more characters in the value and "?" matches a single 617 character in the value, where the comparator that is used (see 2.7.3) 618 defines what a character is. For example, the comparators "i;octet" 619 and "i;ascii-casemap" define a character to be a single octet so "?" 620 will always match exactly one octet when one of those comparators is 621 in use. In contrast, a Unicode-based comparator would define a 622 character to be any UTF-8 octet sequence encoding one Unicode 623 character and thus "?" may match more than one octet. "?" and "*" 624 may be escaped as "\\?" and "\\*" in strings to match against 625 themselves. The first backslash escapes the second backslash; 626 together, they escape the "*". This is awkward, but it is 627 commonplace in several programming languages that use globs and 628 regular expressions. 630 In order to specify what type of match is supposed to happen, 631 commands that support matching take optional arguments ":matches", 632 ":is", and ":contains". Commands default to using ":is" matching if 633 no match type argument is supplied. Note that these modifiers 634 interact with comparators; in particular, only comparators that 635 support the "substring match" operation are suitable for matching 636 with ":contains" or ":matches". It is an error to use a comparator 637 with ":contains" or ":matches" that is not compatible with it. 639 It is an error to give more than one of these arguments to a given 640 command. 642 For convenience, the "MATCH-TYPE" syntax element is defined here as 643 follows: 645 Syntax: ":is" / ":contains" / ":matches" 647 2.7.2. Comparisons Across Character Sets 649 Messages may involve a number of character sets. In order for 650 comparisons to work across character sets, implementations SHOULD 651 implement the following behavior: 653 Comparisons are performed on octets. Implementations convert text 654 from header fields in all charsets [MIME3] to Unicode, encoded as 655 UTF-8, as input to the comparator (see 2.7.3). Implementations 656 MUST be capable of converting US-ASCII, ISO-8859-1, the US-ASCII 657 subset of ISO-8859-* character sets, and UTF-8. Text that the 658 implementation cannot convert to Unicode for any reason MAY be 659 treated as plain US-ASCII (including any [MIME3] syntax) or 660 processed according to local conventions. An encoded NUL octet 661 (character zero) SHOULD NOT cause early termination of the header 662 content being compared against. 664 If implementations fail to support the above behavior, they MUST 665 conform to the following: 667 No two strings can be considered equal if one contains octets 668 greater than 127. 670 2.7.3. Comparators 672 In order to allow for language-independent, case-independent matches, 673 the match type may be coupled with a comparator name. The Internet 674 Application Protocol Collation Registry [COLLATION] provides the 675 framework for describing and naming comparators. 677 All implementations MUST support the "i;octet" comparator (simply 678 compares octets) and the "i;ascii-casemap" comparator (which treats 679 uppercase and lowercase characters in the US-ASCII subset of UTF-8 as 680 the same). If left unspecified, the default is "i;ascii-casemap". 682 Some comparators may not be usable with substring matches; that is, 683 they may only work with ":is". It is an error to try and use a 684 comparator with ":matches" or ":contains" that is not compatible with 685 it. 687 Sieve treats a comparator result of "undefined" the same as a result 688 of "no-match". That is, this base specification does not provide any 689 means to directly detect invalid comparator input. 691 A comparator is specified by the ":comparator" option with commands 692 that support matching. This option is followed by a string providing 693 the name of the comparator to be used. For convenience, the syntax 694 of a comparator is abbreviated to "COMPARATOR", and (repeated in 695 several tests) is as follows: 697 Syntax: ":comparator" 699 So in this example, 701 Example: if header :contains :comparator "i;octet" "Subject" 702 "MAKE MONEY FAST" { 703 discard; 704 } 706 would discard any message with subjects like "You can MAKE MONEY 707 FAST", but not "You can Make Money Fast", since the comparator used 708 is case-sensitive. 710 Comparators other than "i;octet" and "i;ascii-casemap" must be 711 declared with require, as they are extensions. If a comparator 712 declared with require is not known, it is an error, and execution 713 fails. If the comparator is not declared with require, it is also an 714 error, even if the comparator is supported. (See 2.10.5.) 716 Both ":matches" and ":contains" match types are compatible with the 717 "i;octet" and "i;ascii-casemap" comparators and may be used with 718 them. 720 It is an error to give more than one of these arguments to a given 721 command. 723 2.7.4. Comparisons Against Addresses 725 Addresses are one of the most frequent things represented as strings. 726 These are structured, and being able to compare against the local- 727 part or the domain of an address is useful, so some tests that act 728 exclusively on addresses take an additional optional argument that 729 specifies what the test acts on. 731 These optional arguments are ":localpart", ":domain", and ":all", 732 which act on the local-part (left-side), the domain part (right- 733 side), and the whole address. 735 If an address is not syntactically valid then it will not be matched 736 by tests specifying ":localpart" or ":domain". 738 The kind of comparison done, such as whether or not the test done is 739 case-insensitive, is specified as a comparator argument to the test. 741 If an optional address-part is omitted, the default is ":all". 743 It is an error to give more than one of these arguments to a given 744 command. 746 For convenience, the "ADDRESS-PART" syntax element is defined here as 747 follows: 749 Syntax: ":localpart" / ":domain" / ":all" 751 2.8. Blocks 753 Blocks are sets of commands enclosed within curly braces and supplied 754 as the final argument to a command. Such a command is a control 755 structure: when executed it has control over the number of times the 756 commands in the block are executed. 758 With the commands supplied in this memo, there are no loops. The 759 control structures supplied--if, elsif, and else--run a block either 760 once or not at all. 762 2.9. Commands 764 Sieve scripts are sequences of commands. Commands can take any of 765 the tokens above as arguments, and arguments may be either tagged or 766 positional arguments. Not all commands take all arguments. 768 There are three kinds of commands: test commands, action commands, 769 and control commands. 771 The simplest is an action command. An action command is an 772 identifier followed by zero or more arguments, terminated by a 773 semicolon. Action commands do not take tests or blocks as arguments. 774 The actions referenced in this document are: 775 - keep, to save the message in the default location 776 - fileinto, to save the message in a specific mailbox 777 - redirect, to forward the message to another address, 778 - discard, to silently throw away the message 780 A control command is a command that affects the parsing or the flow 781 of execution of the Sieve script in some way. A control structure is 782 a control command which ends with a block instead of a semicolon. 784 A test command is used as part of a control command. It is used to 785 specify whether or not the block of code given to the control command 786 is executed. 788 2.10. Evaluation 790 2.10.1. Action Interaction 792 Some actions cannot be used with other actions because the result 793 would be absurd. These restrictions are noted throughout this memo. 795 Extension actions MUST state how they interact with actions defined 796 in this specification. 798 2.10.2. Implicit Keep 800 Previous experience with filtering systems suggests that cases tend 801 to be missed in scripts. To prevent errors, Sieve has an "implicit 802 keep". 804 An implicit keep is a keep action (see 4.4) performed in absence of 805 any action that cancels the implicit keep. 807 An implicit keep is performed if a message is not written to a 808 mailbox, redirected to a new address, or explicitly thrown out. That 809 is, if a fileinto, a keep, a redirect, or a discard is performed, an 810 implicit keep is not. 812 Some actions may be defined to not cancel the implicit keep. These 813 actions may not directly affect the delivery of a message, and are 814 used for their side effects. None of the actions specified in this 815 document meet that criteria, but extension actions may. 817 For instance, with any of the short messages offered above, the 818 following script produces no actions. 820 Example: if size :over 500K { discard; } 822 As a result, the implicit keep is taken. 824 2.10.3. Message Uniqueness in a Mailbox 826 Implementations SHOULD NOT deliver a message to the same mailbox more 827 than once, even if a script explicitly asks for a message to be 828 written to a mailbox twice. 830 The test for equality of two messages is implementation-defined. 832 If a script asks for a message to be written to a mailbox twice, it 833 MUST NOT be treated as an error. 835 2.10.4. Limits on Numbers of Actions 837 Site policy MAY limit the number of actions taken and MAY impose 838 restrictions on which actions can be used together. In the event 839 that a script hits a policy limit on the number of actions taken for 840 a particular message, an error occurs. 842 Implementations MUST allow at least one keep or one fileinto. If 843 fileinto is not implemented, implementations MUST allow at least one 844 keep. 846 2.10.5. Extensions and Optional Features 848 Because of the differing capabilities of many mail systems, several 849 features of this specification are optional. Before any of these 850 extensions can be executed, they must be declared with the "require" 851 action. 853 If an extension is not enabled with "require", implementations MUST 854 treat it as if they did not support it at all. This protects scripts 855 from having their behavior altered by extensions which the script 856 author might not have even been aware of. 858 Implementations MUST NOT execute any Sieve script test or command 859 subsequent to "require" if one of the required extensions is 860 unavailable. 862 Note: The reason for this restriction is that prior experiences with 863 languages such as LISP and Tcl suggest that this is a workable 864 way of noting that a given script uses an extension. 866 Extensions which define actions MUST state how they interact with 867 actions discussed in the base specification. 869 2.10.6. Errors 871 In any programming language, there are compile-time and run-time 872 errors. 874 Compile-time errors are ones in syntax that are detectable if a 875 syntax check is done. 877 Run-time errors are not detectable until the script is run. This 878 includes transient failures like disk full conditions, but also 879 includes issues like invalid combinations of actions. 881 When an error occurs in a Sieve script, all processing stops. 883 Implementations MAY choose to do a full parse, then evaluate the 884 script, then do all actions. Implementations might even go so far as 885 to ensure that execution is atomic (either all actions are executed 886 or none are executed). 888 Other implementations may choose to parse and run at the same time. 889 Such implementations are simpler, but have issues with partial 890 failure (some actions happen, others don't). 892 Implementations MUST perform syntactic, semantic, and run-time checks 893 on code that is actually executed. Implementations MAY perform those 894 checks or any part of them on code that is not reached during 895 execution. 897 When an error happens, implementations MUST notify the user that an 898 error occurred, which actions (if any) were taken, and do an implicit 899 keep. 901 2.10.7. Limits on Execution 903 Implementations may limit certain constructs. However, this 904 specification places a lower bound on some of these limits. 906 Implementations MUST support fifteen levels of nested blocks. 908 Implementations MUST support fifteen levels of nested test lists. 910 3. Control Commands 912 Control structures are needed to allow for multiple and conditional 913 actions. 915 3.1. Control if 917 There are three pieces to if: "if", "elsif", and "else". Each is 918 actually a separate command in terms of the grammar. However, an 919 elsif or else MUST only follow an if or elsif. An error occurs if 920 these conditions are not met. 922 Usage: if 924 Usage: elsif 926 Usage: else 928 The semantics are similar to those of any of the many other 929 programming languages these control structures appear in. When the 930 interpreter sees an "if", it evaluates the test associated with it. 931 If the test is true, it executes the block associated with it. 933 If the test of the "if" is false, it evaluates the test of the first 934 "elsif" (if any). If the test of "elsif" is true, it runs the 935 elsif's block. An elsif may be followed by an elsif, in which case, 936 the interpreter repeats this process until it runs out of elsifs. 938 When the interpreter runs out of elsifs, there may be an "else" case. 939 If there is, and none of the if or elsif tests were true, the 940 interpreter runs the else's block. 942 This provides a way of performing exactly one of the blocks in the 943 chain. 945 In the following example, both Message A and B are dropped. 947 Example: require "fileinto"; 948 if header :contains "from" "coyote" { 949 discard; 950 } elsif header :contains ["subject"] ["$$$"] { 951 discard; 952 } else { 953 fileinto "INBOX"; 954 } 956 When the script below is run over message A, it redirects the message 957 to acm@example.com; message B, to postmaster@example.com; any other 958 message is redirected to field@example.com. 960 Example: if header :contains ["From"] ["coyote"] { 961 redirect "acm@example.com"; 962 } elsif header :contains "Subject" "$$$" { 963 redirect "postmaster@example.com"; 964 } else { 965 redirect "field@example.com"; 966 } 968 Note that this definition prohibits the "... else if ..." sequence 969 used by C. This is intentional, because this construct produces a 970 shift-reduce conflict. 972 3.2. Control require 974 Usage: require 976 The require action notes that a script makes use of a certain 977 extension. Such a declaration is required to use the extension, as 978 discussed in section 2.10.5. Multiple capabilities can be declared 979 with a single require. 981 The require command, if present, MUST be used before anything other 982 than a require can be used. An error occurs if a require appears 983 after a command other than require. 985 Example: require ["fileinto", "reject"]; 987 Example: require "fileinto"; 988 require "vacation"; 990 3.3. Control stop 992 Usage: stop 994 The "stop" action ends all processing. If the implicit keep has not 995 been cancelled, then it is taken. 997 4. Action Commands 999 This document supplies four actions that may be taken on a message: 1000 keep, fileinto, redirect, and discard. 1002 Implementations MUST support the "keep", "discard", and "redirect" 1003 actions. 1005 Implementations SHOULD support "fileinto". 1007 Implementations MAY limit the number of certain actions taken (see 1008 section 2.10.4). 1010 4.1. Action fileinto 1012 Usage: fileinto 1014 The "fileinto" action delivers the message into the specified 1015 mailbox. Implementations SHOULD support fileinto, but in some 1016 environments this may be impossible. Implementations MAY place 1017 restrictions on mailbox names; use of an invalid mailbox name MAY be 1018 treated as an error or result in delivery to an implementation- 1019 defined mailbox. If the specified mailbox doesn't exist, the 1020 implementation MAY treat it as an error, create the mailbox, or 1021 deliver the message to an implementation-defined mailbox. If the 1022 implementation uses a different encoding scheme than UTF-8 for 1023 mailbox names, it SHOULD reencode the mailbox name from UTF-8 to its 1024 encoding scheme. For example, the Internet Message Access Protocol 1025 [IMAP] uses modified UTF-7, such that a mailbox argument of "odds & 1026 ends" would appear in IMAP as "odds &- ends". 1028 The capability string for use with the require command is "fileinto". 1030 In the following script, message A is filed into mailbox 1031 "INBOX.harassment". 1033 Example: require "fileinto"; 1034 if header :contains ["from"] "coyote" { 1035 fileinto "INBOX.harassment"; 1036 } 1038 4.2. Action redirect 1040 Usage: redirect 1042 The "redirect" action is used to send the message to another user at 1043 a supplied address, as a mail forwarding feature does. The 1044 "redirect" action makes no changes to the message body or existing 1045 headers, but it may add new headers. In particular, existing 1046 Received headers MUST be preserved and the count of Received headers 1047 in the outgoing message MUST be larger than the same count on the 1048 message as received by the implementation. (An implementation that 1049 adds a Received header before processing the message does not need to 1050 add another when redirecting.) 1052 The message is sent back out with the address from the redirect 1053 command as an envelope recipient. Implementations MAY combine 1054 separate redirects for a given message into a single submission with 1055 multiple envelope recipients. (This is not an MUA-style forward, 1056 which creates a new message with a different sender and message ID, 1057 wrapping the old message in a new one.) 1059 The envelope sender address on the outgoing message is chosen by the 1060 sieve implementation. It MAY be copied from the message being 1061 processed. However, if the message being processed has an empty 1062 envelope sender address the outgoing message MUST also have an empty 1063 envelope sender address. This last requirement is imposed to prevent 1064 loops in the case where a message is redirected to an invalid address 1065 when then returns a delivery status notification that also ends up 1066 being redirected to the same invalid address. 1068 The envelope sender address on the outgoing message is chosen by the 1069 sieve implementation. It MAY be copied from the message being 1070 processed. 1072 A simple script can be used for redirecting all mail: 1074 Example: redirect "bart@example.com"; 1076 Implementations MUST take measures to implement loop control, 1077 possibly including adding headers to the message or counting Received 1078 headers as specified in section 6.2 of [SMTP]. If an implementation 1079 detects a loop, it causes an error. 1081 Implementations MUST provide means of limiting the number of 1082 redirects a Sieve script can perform. See Section 10 for more 1083 details. 1085 Implementations MAY ignore a redirect action silently due to policy 1086 reasons. For example, an implementation MAY choose not to redirect 1087 to an address that is known to be undeliverable. Any ignored redirect 1088 MUST NOT cancel the implicit keep. 1090 4.3. Action keep 1092 Usage: keep 1094 The "keep" action is whatever action is taken in lieu of all other 1095 actions, if no filtering happens at all; generally, this simply means 1096 to file the message into the user's main mailbox. This command 1097 provides a way to execute this action without needing to know the 1098 name of the user's main mailbox, providing a way to call it without 1099 needing to understand the user's setup, or the underlying mail 1100 system. 1102 For instance, in an implementation where the IMAP server is running 1103 scripts on behalf of the user at time of delivery, a keep command is 1104 equivalent to a fileinto "INBOX". 1106 Example: if size :under 1M { keep; } else { discard; } 1108 Note that the above script is identical to the one below. 1110 Example: if not size :under 1M { discard; } 1112 4.4. Action discard 1114 Usage: discard 1116 Discard is used to silently throw away the message. It does so by 1117 simply canceling the implicit keep. If discard is used with other 1118 actions, the other actions still happen. Discard is compatible with 1119 all other actions. (For instance fileinto+discard is equivalent to 1120 fileinto.) 1122 Discard MUST be silent; that is, it MUST NOT return a non-delivery 1123 notification of any kind ([DSN], [MDN], or otherwise). 1125 In the following script, any mail from "idiot@example.com" is thrown 1126 out. 1128 Example: if header :contains ["from"] ["idiot@example.com"] { 1129 discard; 1130 } 1132 While an important part of this language, "discard" has the potential 1133 to create serious problems for users: Students who leave themselves 1134 logged in to an unattended machine in a public computer lab may find 1135 their script changed to just "discard". In order to protect users in 1136 this situation (along with similar situations), implementations MAY 1137 keep messages destroyed by a script for an indefinite period, and MAY 1138 disallow scripts that throw out all mail. 1140 5. Test Commands 1142 Tests are used in conditionals to decide which part(s) of the 1143 conditional to execute. 1145 Implementations MUST support these tests: "address", "allof", 1146 "anyof", "exists", "false", "header", "not", "size", and "true". 1148 Implementations SHOULD support the "envelope" test. 1150 5.1. Test address 1152 Usage: address [COMPARATOR] [ADDRESS-PART] [MATCH-TYPE] 1153 1155 The "address" test matches Internet addresses in structured headers 1156 that contain addresses. It returns true if any header contains any 1157 key in the specified part of the address, as modified by the 1158 comparator and the match keyword. Whether there are other addresses 1159 present in the header doesn't affect this test; this test does not 1160 provide any way to determine whether an address is the only address 1161 in a header. 1163 Like envelope and header, this test returns true if any combination 1164 of the header-list and key-list arguments match and false otherwise. 1166 Internet email addresses [IMAIL] have the somewhat awkward 1167 characteristic that the local-part to the left of the at-sign is 1168 considered case sensitive, and the domain-part to the right of the 1169 at-sign is case insensitive. The "address" command does not deal 1170 with this itself, but provides the ADDRESS-PART argument for allowing 1171 users to deal with it. 1173 The address primitive never acts on the phrase part of an email 1174 address, nor on comments within that address. It also never acts on 1175 group names, although it does act on the addresses within the group 1176 construct. 1178 Implementations MUST restrict the address test to headers that 1179 contain addresses, but MUST include at least From, To, Cc, Bcc, 1180 Sender, Resent-From, Resent-To, and SHOULD include any other header 1181 that utilizes an "address-list" structured header body. 1183 Example: if address :is :all "from" "tim@example.com" { 1184 discard; 1185 } 1187 5.2. Test allof 1189 Usage: allof 1191 The "allof" test performs a logical AND on the tests supplied to it. 1193 Example: allof (false, false) => false 1194 allof (false, true) => false 1195 allof (true, true) => true 1197 The allof test takes as its argument a test-list. 1199 5.3. Test anyof 1201 Usage: anyof 1203 The "anyof" test performs a logical OR on the tests supplied to it. 1205 Example: anyof (false, false) => false 1206 anyof (false, true) => true 1207 anyof (true, true) => true 1209 5.4. Test envelope 1211 Usage: envelope [COMPARATOR] [ADDRESS-PART] [MATCH-TYPE] 1212 1214 The "envelope" test is true if the specified part of the [SMTP] (or 1215 equivalent) envelope matches the specified key. This specification 1216 defines the interpretation of the (case insensitive) "from" and "to" 1217 envelope-parts. Additional envelope-parts may be defined by other 1218 extensions; implementations SHOULD consider unknown envelope parts an 1219 error. 1221 If one of the envelope-part strings is (case insensitive) "from", 1222 then matching occurs against the FROM address used in the SMTP MAIL 1223 command. The null reverse-path is matched against as the empty 1224 string, regardless of the ADDRESS-PART argument specified. 1226 If one of the envelope-part strings is (case insensitive) "to", then 1227 matching occurs against the TO address used in the SMTP RCPT command 1228 that resulted in this message getting delivered to this user. Note 1229 that only the most recent TO is available, and only the one relevant 1230 to this user. 1232 The envelope-part is a string list and may contain more than one 1233 parameter, in which case all of the strings specified in the key-list 1234 are matched against all parts given in the envelope-part list. 1236 Like address and header, this test returns true if any combination of 1237 the envelope-part list and key-list arguments match and false 1238 otherwise. 1240 All tests against envelopes MUST drop source routes. 1242 If the SMTP transaction involved several RCPT commands, only the data 1243 from the RCPT command that caused delivery to this user is available 1244 in the "to" part of the envelope. 1246 If a protocol other than SMTP is used for message transport, 1247 implementations are expected to adapt this command appropriately. 1249 The envelope command is optional. Implementations SHOULD support it, 1250 but the necessary information may not be available in all cases. The 1251 capability string for use with the require command is "envelope". 1253 Example: require "envelope"; 1254 if envelope :all :is "from" "tim@example.com" { 1255 discard; 1256 } 1258 5.5. Test exists 1260 Usage: exists 1262 The "exists" test is true if the headers listed in the header-names 1263 argument exist within the message. All of the headers must exist or 1264 the test is false. 1266 The following example throws out mail that doesn't have a From header 1267 and a Date header. 1269 Example: if not exists ["From","Date"] { 1270 discard; 1271 } 1273 5.6. Test false 1275 Usage: false 1277 The "false" test always evaluates to false. 1279 5.7. Test header 1281 Usage: header [COMPARATOR] [MATCH-TYPE] 1282 1284 The "header" test evaluates to true if the value of any of the named 1285 headers, ignoring leading and trailing whitespace, matches any key. 1286 The type of match is specified by the optional match argument, which 1287 defaults to ":is" if not specified, as specified in section 2.6. 1289 Like address and envelope, this test returns true if any combination 1290 of the header-names list and key-list arguments match and false 1291 otherwise. 1293 If a header listed in the header-names argument exists, it contains 1294 the empty key (""). However, if the named header is not present, it 1295 does not match any key, including the empty key. So if a message 1296 contained the header 1298 X-Caffeine: C8H10N4O2 1300 these tests on that header evaluate as follows: 1302 header :is ["X-Caffeine"] [""] => false 1303 header :contains ["X-Caffeine"] [""] => true 1305 Testing whether a given header is either absent or doesn't contain 1306 any non-whitespace characters can be done using a negated "header" 1307 test: 1309 not header :matches "Cc" "?*" 1311 5.8. Test not 1313 Usage: not 1315 The "not" test takes some other test as an argument, and yields the 1316 opposite result. "not false" evaluates to "true" and "not true" 1317 evaluates to "false". 1319 5.9. Test size 1321 Usage: size <":over" / ":under"> 1323 The "size" test deals with the size of a message. It takes either a 1324 tagged argument of ":over" or ":under", followed by a number 1325 representing the size of the message. 1327 If the argument is ":over", and the size of the message is greater 1328 than the number provided, the test is true; otherwise, it is false. 1330 If the argument is ":under", and the size of the message is less than 1331 the number provided, the test is true; otherwise, it is false. 1333 Exactly one of ":over" or ":under" must be specified, and anything 1334 else is an error. 1336 The size of a message is defined to be the number of octets in the 1337 [IMAIL] representation of the message. 1339 Note that for a message that is exactly 4,000 octets, the message is 1340 neither ":over" nor ":under" 4000 octets. 1342 5.10. Test true 1344 Usage: true 1346 The "true" test always evaluates to true. 1348 6. Extensibility 1350 New control commands, actions, and tests can be added to the 1351 language. Sites must make these features known to their users; this 1352 document does not define a way to discover the list of extensions 1353 supported by the server. 1355 Any extensions to this language MUST define a capability string that 1356 uniquely identifies that extension. Capability string are case- 1357 sensitive; for example, "foo" and "FOO" are different capabilities. 1358 If a new version of an extension changes the functionality of a 1359 previously defined extension, it MUST use a different name. 1360 Extensions may register a set of related capabilities by registering 1361 just a unique prefix for them. The "comparator-" prefix is an 1362 example of this. The prefix MUST end with a "-" and MUST NOT overlap 1363 any existing registrations. 1365 In a situation where there is a script submission protocol and an 1366 extension advertisement mechanism aware of the details of this 1367 language, scripts submitted can be checked against the mail server to 1368 prevent use of an extension that the server does not support. 1370 Extensions MUST state how they interact with constraints defined in 1371 section 2.10, e.g., whether they cancel the implicit keep, and which 1372 actions they are compatible and incompatible with. Extensions MUST 1373 NOT change the behavior of the "require" control command or alter the 1374 interpretation of the argument to the "require" control. 1376 Extensions that can submit new email messages or otherwise generate 1377 new protocol requests MUST consider loop suppression, at least to 1378 document any security considerations. 1380 6.1. Capability String 1382 Capability strings are typically short strings describing what 1383 capabilities are supported by the server. 1385 Capability strings beginning with "vnd." represent vendor-defined 1386 extensions. Such extensions are not defined by Internet standards or 1387 RFCs, but are still registered with IANA in order to prevent 1388 conflicts. Extensions starting with "vnd." SHOULD be followed by the 1389 name of the vendor and product, such as "vnd.acme.rocket-sled". 1391 The following capability strings are defined by this document: 1393 encoded-character 1394 The string "encoded-character" indicates that the 1395 implementation supports the interpretation of 1396 "${hex:...}" and "${unicode:...}" in strings. 1398 envelope The string "envelope" indicates that the implementation 1399 supports the "envelope" command. 1401 fileinto The string "fileinto" indicates that the implementation 1402 supports the "fileinto" command. 1404 comparator- The string "comparator-elbonia" is provided if the 1405 implementation supports the "elbonia" comparator. 1406 Therefore, all implementations have at least the 1407 "comparator-i;octet" 1408 and "comparator-i;ascii-casemap" capabilities. However, 1409 these comparators may be used without being declared 1410 with require. 1412 6.2. IANA Considerations 1414 In order to provide a standard set of extensions, a registry is 1415 maintained by IANA. Capability names may be registered on a first- 1416 come, first-served basis. Extensions designed for interoperable use 1417 SHOULD be defined as standards track or IESG approved experimental 1418 RFCs. Registration of capability prefixes that do not begin with 1419 "vnd." REQUIRES a standards track or IESG approved experimental RFC. 1421 6.2.1. Template for Capability Registrations 1423 The following template is to be used for registering new Sieve 1424 extensions with IANA. 1426 To: iana@iana.org 1427 Subject: Registration of new Sieve extension 1429 Capability name: [the string for use in the 'require' statement] 1430 Description: [a brief description of what the extension adds 1431 or changes] 1432 RFC number: [for extensions published as RFCs] 1433 Contact address: [email and/or physical address to contact for 1434 additional information] 1436 6.2.2. Handling of Existing Capability Registrations 1438 In order to bring the existing capability registrations in line with 1439 the new template, IANA is asked to modify each as follows: 1441 1. The "capability name" and "capability arguments" fields 1442 should be eliminated 1443 2. The "capability keyword" field should be renamed to "Capability 1444 name" 1445 3. An empty "Description" field should be added 1446 4. The "Standards Track/IESG-approved experimental RFC number" field 1447 should be renamed to "RFC number" 1448 5. The "Person and email address to contact for further information" 1449 field should be renamed to "Contact address" 1451 6.2.3. Initial Capability Registrations 1453 This RFC updates the the following entries in the IANA registry for 1454 Sieve extensions. 1456 Capability name: encoded-character 1457 Description: changes the interpretation of strings to allow 1458 arbitrary octets and Unicode characters to be 1459 represented using US-ASCII 1460 RFC number: this RFC (Sieve base spec) 1461 Contact address: The Sieve discussion list 1463 Capability name: fileinto 1464 Description: adds the 'fileinto' action for delivering to a 1465 mailbox other than the default 1466 RFC number: this RFC (Sieve base spec) 1467 Contact address: The Sieve discussion list 1469 Capability name: envelope 1470 Description: adds the 'envelope' test for testing the message 1471 transport sender and recipient address 1472 RFC number: this RFC (Sieve base spec) 1473 Contact address: The Sieve discussion list 1475 Capability name: comparator-* (anything starting with "comparator-") 1476 Description: adds the indicated comparator for use with the 1477 :comparator argument 1478 RFC number: this RFC (Sieve base spec) and [COLLATION] 1479 Contact address: The Sieve discussion list 1481 6.3. Capability Transport 1483 A method of advertising which capabilities an implementation supports 1484 is difficult due to the wide range of possible implementations. Such 1485 a mechanism, however, should have the property that the 1486 implementation can advertise the complete set of extensions that it 1487 supports. 1489 7. Transmission 1491 The [MIME] type for a Sieve script is "application/sieve". 1493 The registration of this type for RFC 2048 requirements is updated as 1494 follows: 1496 Subject: Registration of MIME media type application/sieve 1498 MIME media type name: application 1499 MIME subtype name: sieve 1500 Required parameters: none 1501 Optional parameters: none 1502 Encoding considerations: Most sieve scripts will be textual, 1503 written in UTF-8. When non-7bit characters are used, 1504 quoted-printable is appropriate for transport systems 1505 that require 7bit encoding. 1507 Security considerations: Discussed in section 10 of this RFC. 1508 Interoperability considerations: Discussed in section 2.10.5 1509 of this RFC. 1510 Published specification: this RFC. 1511 Applications which use this media type: sieve-enabled mail 1512 servers and clients 1513 Additional information: 1514 Magic number(s): 1515 File extension(s): .siv .sieve 1516 Macintosh File Type Code(s): 1517 Person & email address to contact for further information: 1518 See the discussion list at ietf-mta-filters@imc.org. 1519 Intended usage: 1520 COMMON 1521 Author/Change controller: 1522 See Editor information in this RFC. 1524 8. Parsing 1526 The Sieve grammar is separated into tokens and a separate grammar as 1527 most programming languages are. 1529 8.1. Lexical Tokens 1531 Sieve scripts are encoded in UTF-8. The following assumes a valid 1532 UTF-8 encoding; special characters in Sieve scripts are all US-ASCII. 1534 The following are tokens in Sieve: 1536 - identifiers 1537 - tags 1538 - numbers 1539 - quoted strings 1540 - multi-line strings 1541 - other separators 1543 Identifiers, tags, and numbers are case-insensitive, while quoted 1544 strings and multi-line strings are case-sensitive. 1546 Blanks, horizontal tabs, CRLFs, and comments ("white space") are 1547 ignored except as they separate tokens. Some white space is required 1548 to separate otherwise adjacent tokens and in specific places in the 1549 multi-line strings. CR and LF can only appear in CRLF pairs. 1551 The other separators are single individual characters, and are 1552 mentioned explicitly in the grammar. 1554 The lexical structure of sieve is defined in the following grammar 1555 (as described in [ABNF]): 1557 bracket-comment = "/*" *not-star 1*STAR 1558 *(not-star-slash *not-star 1*STAR) "/" 1559 ; No */ allowed inside a comment. 1560 ; (No * is allowed unless it is the last 1561 ; character, or unless it is followed by a 1562 ; character that isn't a slash.) 1564 comment = bracket-comment / hash-comment 1566 hash-comment = "#" *octet-not-crlf CRLF 1568 identifier = (ALPHA / "_") *(ALPHA / DIGIT / "_") 1570 multi-line = "text:" *(SP / HTAB) (hash-comment / CRLF) 1571 *(multiline-literal / multiline-dotstart) 1572 "." CRLF 1574 multiline-literal = [ octet-not-period *octet-not-crlf ] CRLF 1576 multiline-dotstart = "." 1*octet-not-crlf CRLF 1577 ; A line containing only "." ends the 1578 ; multi-line. Remove a leading '.' if 1579 ; followed by another '.'. 1581 not-star = CRLF / %x01-09 / %x0B-0C / %x0E-29 / %x2B-FF 1582 ; either a CRLF pair, OR a single octet 1583 ; other than NUL, CR, LF, or star 1585 not-star-slash = CRLF / %x01-09 / %x0B-0C / %x0E-29 / %x2B-2E / 1586 %x30-FF 1587 ; either a CRLF pair, OR a single octet 1588 ; other than NUL, CR, LF, star, or slash 1590 number = 1*DIGIT [ QUANTIFIER ] 1592 octet-not-crlf = %x01-09 / %x0B-0C / %x0E-FF 1593 ; a single octet other than NUL, CR, or LF 1595 octet-not-period = %x01-09 / %x0B-0C / %x0E-2D / %x2F-FF 1596 ; a single octet other than NUL, 1597 ; CR, LF, or period 1599 octet-not-qspecial = %x01-09 / %x0B-0C / %x0E-21 / %x23-5B / %x5D-FF 1600 ; a single octet other than NUL, 1601 ; CR, LF, double-quote, or backslash 1603 QUANTIFIER = "K" / "M" / "G" 1605 quoted-other = "\" octet-not-qspecial 1606 ; represents just the octet-no-qspecial 1607 ; character. SHOULD NOT be used 1609 quoted-safe = CRLF / octet-not-qspecial 1610 ; either a CRLF pair, OR a single octet other 1611 ; than NUL, CR, LF, double-quote, or backslash 1613 quoted-special = "\" (DQUOTE / "\") 1614 ; represents just a double-quote or backslash 1616 quoted-string = DQUOTE quoted-text DQUOTE 1618 quoted-text = *(quoted-safe / quoted-special / quoted-other) 1620 STAR = "*" 1622 tag = ":" identifier 1624 white-space = 1*(SP / CRLF / HTAB) / comment 1626 8.2. Grammar 1628 The following is the grammar of Sieve after it has been lexically 1629 interpreted. No white space or comments appear below. The start 1630 symbol is "start". Non-terminals for MATCH-TYPE, COMPARATOR, and 1631 ADDRESS-PART are provided for use by extensions. 1633 ADDRESS-PART = ":localpart" / ":domain" / ":all" 1635 argument = string-list / number / tag 1637 arguments = *argument [ test / test-list ] 1639 block = "{" commands "}" 1641 command = identifier arguments (";" / block) 1643 commands = *command 1645 COMPARATOR = ":comparator" string 1647 MATCH-TYPE = ":is" / ":contains" / ":matches" 1649 start = commands 1651 string = quoted-string / multi-line 1653 string-list = "[" string *("," string) "]" / string 1654 ; if there is only a single string, the brackets 1655 ; are optional 1657 test = identifier arguments 1659 test-list = "(" test *("," test) ")" 1661 9. Extended Example 1663 The following is an extended example of a Sieve script. Note that it 1664 does not make use of the implicit keep. 1666 # 1667 # Example Sieve Filter 1668 # Declare any optional features or extension used by the script 1669 # 1670 require ["fileinto"]; 1672 # 1673 # Handle messages from known mailing lists 1674 # Move messages from IETF filter discussion list to filter mailbox 1675 # 1676 if header :is "Sender" "owner-ietf-mta-filters@imc.org" 1677 { 1678 fileinto "filter"; # move to "filter" mailbox 1679 } 1680 # 1681 # Keep all messages to or from people in my company 1682 # 1683 elsif address :DOMAIN :is ["From", "To"] "example.com" 1684 { 1685 keep; # keep in "In" mailbox 1686 } 1688 # 1689 # Try and catch unsolicited email. If a message is not to me, 1690 # or it contains a subject known to be spam, file it away. 1691 # 1692 elsif anyof (NOT address :all :contains 1693 ["To", "Cc", "Bcc"] "me@example.com", 1694 header :matches "subject" 1695 ["*make*money*fast*", "*university*dipl*mas*"]) 1696 { 1697 fileinto "spam"; # move to "spam" mailbox 1698 } 1699 else 1700 { 1701 # Move all other (non-company) mail to "personal" 1702 # mailbox. 1703 fileinto "personal"; 1704 } 1706 10. Security Considerations 1708 Users must get their mail. It is imperative that whatever method 1709 implementations use to store the user-defined filtering scripts be 1710 secure. 1712 Several commands, such as "discard", "redirect", and "fileinto" allow 1713 for actions to be taken that are potentially very dangerous. 1715 Use of the "redirect" command to generate notifications may easily 1716 overwhelm the target address, especially if it was not designed to 1717 handle large messages. 1719 Allowing a single script to redirect to multiple destinations can be 1720 used as a means of amplifying the number of messages in an attack. 1721 Moreover, if loop detection is not properly implemented it may be 1722 possible to set up exponentially growing message loops. According, 1723 Sieve implementations: 1725 (1) MUST implement facilities to detect and break message loops. See 1726 section 6.2 of [SMTP] for additional information on basic loop 1727 detection strategies. 1729 (2) MUST provide the means for administrators to limit the ability of 1730 users to abuse redirect. In particular, it MUST be possible to 1731 limit the number of redirects a script can perform. Additionally, 1732 if no use cases exist for using redirect to multiple 1733 destinations, this limit SHOULD be set to 1. Additional limits, 1734 such as the ability to restrict redirect to local users MAY also 1735 be implemented. 1737 (3) MUST provide facilities to log use of redirect in order to 1738 facilitate tracking down abuse. 1740 (4) MAY use script analysis to determine whether or not a given 1741 script can be executed safely. While the Sieve language is 1742 sufficiently complex that full analysis of all possible scripts 1743 is computationally infeasible, the majority of real-world 1744 scripts are amenable to analysis. For example, an 1745 implementation might allow scripts that it has determined are 1746 safe to run unhindered, block scripts that are potentially 1747 problematic, and subject unclassifiable scripts to additional 1748 auditing and logging. 1750 Allowing redirects at all may not be appropriate in situations where 1751 email accounts are freely-available and/or not trackable to a human 1752 who can be held accountable for creating message bombs or other 1753 abuse. 1755 As with any filter on a message stream, if the sieve implementation 1756 and the mail agents 'behind' sieve in the message stream differ in 1757 their interpretation of the messages, it may be possible for an 1758 attacker to subvert the filter. Of particular note are differences 1759 in the interpretation of malformed messages (e.g., missing or extra 1760 syntax characters) or those that exhibit corner cases (e.g., NUL 1761 octets encoded via [MIME3]). 1763 11. Acknowledgments 1765 This document has been revised in part based on comments and 1766 discussions that took place on and off the SIEVE mailing list. 1767 Thanks to Sharon Chisholm, Cyrus Daboo, Ned Freed, Arnt Gulbrandsen, 1768 Michael Haardt, Kjetil Torgrim Homme, Barry Leiba, Mark E. Mallett, 1769 Alexey Melnikov, Eric Rescorla, Rob Siemborski, and Nigel Swinson for 1770 reviews and suggestions. 1772 12. Editors' Addresses 1774 Philip Guenther 1775 Sendmail, Inc. 1776 6425 Christie St. Ste 400 1777 Emeryville, CA 94608 1778 Email: guenther@sendmail.com 1780 Tim Showalter 1781 Email: tjs@psaux.com 1783 13. Normative References 1785 [ABNF] D. Crocker, Ed., P. Overell "Augmented BNF for Syntax 1786 Specifications: ABNF", RFC 4234, October 2005. 1788 [COLLATION] Newman, C., Duerst, M., and A. Gulbrandsen, "Internet 1789 Application Protocol Collation Registry", RFC 4790, March 1790 2007. 1792 [IMAIL] P. Resnick, Ed., "Internet Message Format", RFC 2822, 1793 April 2001. 1795 [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate 1796 Requirement Levels", BCP 14, RFC 2119, March 1997. 1798 [MIME] Freed, N. and N. Borenstein, "Multipurpose Internet Mail 1799 Extensions (MIME) Part One: Format of Internet Message 1800 Bodies", RFC 2045, November 1996. 1802 [MIME3] Moore, K., "MIME (Multipurpose Internet Mail Extensions) 1803 Part Three: Message Header Extensions for Non-ASCII 1804 Text", RFC 2047, November 1996. 1806 [SMTP] J. Klensin, Ed., "Simple Mail Transfer Protocol", RFC 1807 2821, April 2001. 1809 [UTF-8] Yergeau, F., "UTF-8, a transformation format of ISO 1810 10646", RFC 3629, November 2003. 1812 14. Informative References 1814 [BINARY-SI] "Standard IEC 60027-2: Letter symbols to be used in 1815 electrical technology - Part 2: Telecommunications and 1816 electronics", January 1999. 1818 [DSN] Moore, K. and G. Vaudreuil, "An Extensible Message Format 1819 for Delivery Status Notifications", RFC 3464, January 1820 2003. 1822 [FLAMES] Borenstein, N, and C. Thyberg, "Power, Ease of Use, and 1823 Cooperative Work in a Practical Multimedia Message 1824 System", Int. J. of Man-Machine Studies, April, 1991. 1825 Reprinted in Computer-Supported Cooperative Work and 1826 Groupware, Saul Greenberg, editor, Harcourt Brace 1827 Jovanovich, 1991. Reprinted in Readings in Groupware and 1828 Computer-Supported Cooperative Work, Ronald Baecker, 1829 editor, Morgan Kaufmann, 1993. 1831 [IMAP] Crispin, M., "Internet Message Access Protocol - version 1832 4rev1", RFC 3501, March 2003. 1834 [MDN] T. Hansen, Ed., G. Vaudreuil, Ed., "Message Disposition 1835 Notification", RFC 3798, May 2004. 1837 [RFC3028] Showalter, T., "Sieve: A Mail Filtering Language", RFC 1838 3028, January 2001. 1840 15. Changes from RFC 3028 1842 This following list is a summary of the changes that have been made 1843 in the Sieve language base specification from [RFC3028]. 1845 1. Removed ban on tests having side-effects 1846 2. Removed reject extension (will be specified in a separate RFC) 1847 3. Clarified description of comparators to match [COLLATION], the 1848 new base specification for them 1849 4. Require stripping of leading and trailing whitespace in 1850 "header" test 1851 5. Clarified or tightened handling of many minor items, including: 1852 - invalid [MIME3] encoding 1853 - invalid addresses in headers 1854 - invalid header field names in tests 1855 - 'undefined' comparator result 1856 - unknown envelope parts 1857 - null return-path in "envelope" test 1858 6. Capability strings are case-sensitive 1859 7. Clarified that fileinto should reencode non-ASCII mailbox 1860 names to match the mailstore's conventions 1861 8. Errors in the ABNF were corrected 1862 9. The references were updated and split into normative and 1863 informative 1864 10. Added encoded-character capability and deprecated (but did not 1865 remove) use of arbitrary binary octets in Sieve scripts. 1866 11. Updated IANA registration template, and added IANA 1867 considerations to permit capability prefix registrations. 1868 12. Added .sieve as a valid extension for sieve scripts. 1870 16. Full Copyright Statement 1872 Copyright (C) The IETF Trust (2007). 1874 This document is subject to the rights, licenses and restrictions 1875 contained in BCP 78, and except as set forth therein, the authors 1876 retain all their rights. 1878 This document and the information contained herein are provided on an 1879 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 1880 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND 1881 THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS 1882 OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF 1883 THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 1884 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 1886 Intellectual Property 1888 The IETF takes no position regarding the validity or scope of any 1889 Intellectual Property Rights or other rights that might be claimed to 1890 pertain to the implementation or use of the technology described in 1891 this document or the extent to which any license under such rights 1892 might or might not be available; nor does it represent that it has 1893 made any independent effort to identify any such rights. Information 1894 on the procedures with respect to rights in RFC documents can be 1895 found in BCP 78 and BCP 79. 1897 Copies of IPR disclosures made to the IETF Secretariat and any 1898 assurances of licenses to be made available, or the result of an 1899 attempt made to obtain a general license or permission for the use of 1900 such proprietary rights by implementers or users of this 1901 specification can be obtained from the IETF on-line IPR repository at 1902 http://www.ietf.org/ipr. 1904 The IETF invites any interested party to bring to its attention any 1905 copyrights, patents or patent applications, or other proprietary 1906 rights that may cover technology that may be required to implement 1907 this standard. Please address the information to the IETF at ietf- 1908 ipr@ietf.org. 1910 Acknowledgement 1912 Funding for the RFC Editor function is currently provided by the IETF 1913 Administrative Support Activity (IASA). 1915 Appendix A. Change History 1917 This section will be removed when this document leaves the Internet- 1918 Draft stage. 1920 Changes from draft-ietf-sieve-3028bis-12.txt 1921 1. Merged in changes from original RFC Editor note 1922 2. Added additional security considerations for redirect 1924 Changes from draft-ietf-sieve-3028bis-11.txt 1925 1. Correct typo in boilerplate 1926 2. Update [DSN] reference to RFC 3464 1928 Changes from draft-ietf-sieve-3028bis-10.txt 1929 1. Clarify how the "redirect" action uses the address argument 1930 2. Eliminate the phrase "original message" 1931 3. If an outbound address doesn't match the syntax, it's an error 1933 Changes from draft-ietf-sieve-3028bis-09.txt 1934 1. [MDN] reference is merely informative 1935 2. Whitespace tweaks in the ABNF 1936 3. Extensions can't change "require" 1937 4. fileinto a nonexistent mailbox is implementation defined behavior 1938 5. Clarify the definition of the size of a message 1939 6. Make the KEYWORDS boilerplate match expectations 1940 7. Add the encoded-character extension 1941 8. Remove duplication in text regarding unknown extensions 1942 9. Address security concerns about looping with redirect or other 1943 extensions 1944 10. Valid numbers include zero 1945 11. Various changes suggested by the gen-art reviewer 1946 12. Removed references to the Halting Problem. Humor is dead 1947 13. Clarify which tokens are case-insensitive and which are 1948 case-sensitive; use the 'unexpected' case in several examples 1949 14. Add .sieve as an extension for the application/sieve MIME type 1950 15. Permit registration of capability prefixes (like "comparator-"), 1951 but require an IESG approved RFC when they're outside the 1952 "vnd." 'namespace' 1953 16. Replace "example.edu" with "example.com" 1954 17. Update boilerplate 1955 18. Updated pages numbers in table of contents 1957 Changes from draft-ietf-sieve-3028bis-08.txt 1958 1. [RFC3028] reference is merely informative 1959 2. String lists are literal data 1960 3. Tagged and optional arguments can take any sort of literal data 1961 as arguments 1962 4. Change "folder" to "mailbox" throughout 1963 5. Added more items to the "Changes from RFC 3028" list 1964 6. A multi-line string includes the CRLF before the final dot 1966 Changes from draft-ietf-sieve-3028bis-07.txt 1967 1. Improve description in the extension registrations 1968 2. Give IANA directions on how to massage existing registrations 1969 into the new form 1970 3. Added "Changes from RFC 3028" section 1971 4. Updated pages numbers in table of contents 1972 5. Permit non-UTF-8 octet sequences in comments 1973 6. It's an error to use conflicting or repeated tagged and optional 1974 arguments 1975 7. Update description of script encoding 1977 Changes from draft-ietf-sieve-3028bis-06.txt 1978 1. Tweak wording of how :matches uses character definition 1979 of comparator 1980 2. Add security consideration regarding "redirect" as a notification 1981 method 1982 3. fileinto SHOULD reencode; mention IMAP's mUTF-7 1983 4. en;ascii-casemap is gone; switch back to i;ascii-casemap 1984 5. Permit non-UTF-8 octet sequences in strings 1985 6. Sort grammar non-terminals 1986 7. Syntactically invalid addresses don't match :localpart or :domain 1987 8. The null return-path has empty address parts 1988 9. Treat comparator result of "undefined" the same as "no-match" 1989 10. Envelope sender on redirects is implementation defined 1990 11. Change IANA registration template 1992 Changes from draft-ietf-sieve-3028bis-05.txt 1993 1. The specifics of what names are acceptable for fileinto and 1994 the handling of invalid names are both implementation-defined 1995 2. Update to draft-newman-i18n-comparator-07.txt 1996 3. Adjust the example in 5.7 again 1998 Changes from draft-ietf-sieve-3028bis-04.txt 1999 1. Change "Syntax:" to "Usage:" 2000 2. Update ABNF reference to RFC 4234 2001 3. Add non-terminals for MATCH-TYPE, COMPARATOR, and ADDRESS-PART 2002 4. Strip leading and trailing whitespace in the value being matched 2003 by header 2004 5. Collations operate on octets, not characters, and for character 2005 data that is the UTF-8 encoding of the Unicode characters 2006 6. :matches uses character definition of comparator 2008 Changes from draft-ietf-sieve-3028bis-03.txt 2009 1. Remove section 2.4.2.4., MIME Parts, as unreferenced 2010 2. Update to draft-newman-i18n-comparator-04.txt 2011 3. Various tweaks to examples and syntax lines 2012 4. Define "control structure" as a control command with a block 2013 argument, then use it consistently. Reword description of 2014 blocks to match 2015 5. Clarify that "header" can never match an absent header and give 2016 the preferred way to test for absent or empty 2017 6. Invalid header name syntax is not an error _in tests_ (but could 2018 be elsewhere) 2019 7. Implementation SHOULD consider unknown envelope parts an error 2020 8. Remove explicit "omitted" option from 2.7.2p2 2022 Changes from draft-ietf-sieve-3028bis-02.txt 2023 1. Change "ASCII" to "US-ASCII" throughout 2024 2. Tweak section 2.7.2 to not require use of UTF-8 internally and 2025 to explicitly leave implementation-defined the handling of text 2026 that can't be converted to Unicode 2027 3. Add reference to RFC 2047 2028 4. Clarify that capability strings are case-sensitive 2029 5. Clarify that address, envelope, and header return false if no 2030 combination of arguments match 2031 6. Directly state that code that isn't reached may still be checked 2032 for errors 2033 7. Invalid header name syntax is not an error 2034 8. Remove description of header unfolding that conflicts with 2035 [IMAIL] 2036 9. Warn that filters may be subvertable if agents interpret messages 2037 differently 2038 10. Encoded NUL octets SHOULD NOT cause truncation 2040 Changes from draft-ietf-sieve-3028bis-01.txt 2041 1. Remove ban on side effects 2042 2. Remove definition of the 'reject' action, as it is being moved 2043 to the doc that also defines the 'refuse' action 2044 3. Update capability registrations to reference the mailing list 2045 4. Add Tim back as an editor 2046 5. Refer to the zero-length string ("") as "empty" instead of 2047 "null" 2049 Changes from draft-ietf-sieve-3028bis-00.txt 2050 1. More grammar corrections: 2051 - permit /***/, 2052 - remove ambiguity in finding end of bracket comment, 2053 - require valid UTF-8, 2054 - express quoting in the grammar 2055 - ban bare CR and LF in all locations 2056 2. Correct a bunch of whitespace and linewrapping nits 2057 3. Update IMAIL and SMTP references to RFC 2822 and RFC 2821 2058 4. Require support for en;ascii-casemap comparator as well as the 2059 old i;ascii-casemap. As with the old one, you do not need to 2060 use 'require' to use the new comparator 2061 5. Update IANA considerations to update the existing registrations 2062 to point at this doc instead of 3028 2063 6. Scripts SHOULD NOT contain superfluous backslashes 2064 7. Update Acknowledgments 2066 Changes from RFC 3028 2067 1. Split references into normative and informative 2068 2. Update references to current versions of DSN, IMAP, MDN, and 2069 UTF-8 RFCs 2070 3. Replace "e-mail" with "email" 2071 4. Incorporate RFC 3028 errata 2072 5. The "reject" action cancels the implicit keep 2073 6. Replace references to ACAP with references to the i18n-comparator 2074 draft. Further work is needed to completely sync with that 2075 draft 2076 7. Start to update grammar to only permit legal UTF-8 (incomplete) 2077 and correct various other errors and typos 2078 8. Update IPR broilerplate to RFC 3978/3979