Sieve Email Filtering: delivery by mailboxid FastMail
Level 2, 114 William St Melbourne VIC 3000 Australia brong@fastmailteam.com https://www.fastmail.com
Applications EXTRA sieve email The OBJECTID capability of the IMAP protocol (I-D.ietf-extra-imap-objectid) allows clients to identify mailboxes by a unique identifier which survives rename. In contrast, the Sieve mail filtering language (RFC 5228) currently has no such capability. This memo defines a Sieve extension that fills this gap: it adds a method for specifying the unique identifier of a mailbox as a target for fileinto rules, and a method for testing the existence of a mailbox by its unique identifier.
Sieve rules are sometimes created using graphical interfaces which allow users to select the mailbox to be used as a target for a rule. If that mailbox is renamed, the client may also update its internal representation of the rule and update the sieve script to match, however this is a multi-step process and subject to partial failures. Also, if the folder is renamed by a different mechanism (e.g. another IMAP client) the rules will get out of sync. By extending fileinto to reference an immutable mailboxid, sieve rules can continue to target the same mailbox, regardless of how it gets renamed.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.
The server advertises the capability "mailboxid", and scripts which use the following extensions MUST explicitly request the capability "mailboxid". Example:
require "mailboxid";
Normally, the "fileinto" command delivers the message in the mailbox specified using its positional mailbox argument. However, if the optional ":mailboxid" argument is also specified, the "fileinto" command first checks whether a mailbox exists in the user's personal namespace with the specified MAILBOXID. If that is the case, that mailbox is used for delivery instead. If there is no such mailbox, the "fileinto" action proceeds as it would without the ":mailboxid" argument. The tagged argument :mailboxid to fileinto consumes one additional token, a string with the objectid of the mailbox to file into. Example:
require "fileinto"; require "mailboxid"; if header :contains ["from"] "coyote" { fileinto :mailboxid "F6352ae03-b7f5-463c-896f-d8b48ee3" "INBOX.harassment"; }
For servers which also support the mailbox extension, the ":create" modifier to fileinto does not create mailbox with the specified mailboxid, however it may be specified and interacts as normal with all other extensions. Example:
require "fileinto"; require "mailboxid"; require "mailbox"; fileinto :mailboxid "Fnosuch" :create "INBOX.no-such-folder"; # creates INBOX.no-such-folder, but it doesn't # get the "Fnosuch" mailboxid.
For servers which also support , if a fileinto command has both ":mailboxid" and ":special-use" specified, then the mailboxid is resolved first. If the mailboxid does not exist, then the special-use is evaluated next following the process specified in - this includes processing of ":create" tags to add the special-use on creation. Example:
require "fileinto"; require "mailboxid"; require "special-use"; if header :contains ["from"] "coyote" { fileinto :mailboxid "F6352ae03-b7f5-463c-896f-d8b48ee3" :specialuse "\\Junk" "INBOX.harassment"; }
Example:
require "fileinto"; require "mailboxid"; require "mailbox"; require "special-use"; fileinto :mailboxid "F1234567" :specialuse "\\Archive" :create "INBOX.Archive"; # creates INBOX.Archive with use \Archive but # with a different mailboxid.
This document extends the definition of the :fcc argument so that it can optionally be used with the ":mailboxid" argument.
FCC =/ [":mailboxid" <mailboxid: string>]
If the optional ":mailboxid" argument is specified with ":fcc", it instructs the Sieve interpreter to check whether a mailbox exists with the specific mailboxid. If such a mailbox exists, the generated message is filed into that mailbox. Otherwise, the generated message is filed into the ":fcc" target mailbox. Example:
require ["enotify", "fcc", "mailboxid"]; notify :fcc "INBOX.Sent" :mailboxid "F6352ae03-b7f5-463c-896f-d8b48ee3" :message "You got mail!" "mailto:ken@example.com";
The "mailboxidexists" test is true if all mailboxes listed in the "mailboxids" argument exist in the mailstore, and each allows the user in whose context the Sieve script runs to "deliver" messages into it. When the mailstore is an IMAP server, "delivery" of messages is possible if: a) the READ-WRITE response code is present for the mailbox (see Section 7.1 of ), if IMAP Access Control List (ACL) is not supported by the server, or b) the user has 'p' or 'i' rights for the mailbox (see Section 5.2 of ). Note that a successful "mailboxidexists" test for a mailbox doesn't necessarily mean that a "fileinto :mailboxid" action on this mailbox would succeed. For example, the "fileinto" action might put user over quota. The "mailboxidexists" only verifies existence of the mailbox and whether the user in whose context the Sieve script runs has permissions to execute "fileinto" on it. Example:
require "fileinto"; require "mailboxid"; if header :contains ["from"] "coyote" { if mailboxidexists "F6352ae03-b7f5-463c-896f-d8b48ee3" { fileinto :mailboxid "F6352ae03-b7f5-463c-896f-d8b48ee3" "INBOX.harassment"; } else { fileinto "INBOX.harassment"; } }
Not to implementers: this test behaves identically to the mailboxexists test defined in but operates on mailboxids rather than mailbox names.
test /= ":mailboxidexists" string-list tag /= ":mailboxid" string
If is supported:
FCC =/ [":mailboxid" <mailboxid: string>]
Because mailboxid is always generated by the server, implementations MUST NOT allow sieve to make an endrun around this protection by creating mailboxes with the specified ID by using ":create" and ":mailboxid" in a fileinto rule for a non-existant mailbox. Implementers are referred to the security considerations sections of those documents in , .
IANA are requested to add a capability to the sieve-extensions registry:
To: iana@iana.org Subject: Registration of new Sieve extension Capability name: mailboxid Description: adds test for checking for mailbox existence by objectid and a new optional argument to fileinto to select the destination mailbox using objectid. RFC number: this RFC Contact address: The EXTRA discussion list <extra@ietf.org>
This document borrows heavily from for the matching mailboxexists test, and from for an example of modifying the fileinto command. Thanks to Ned Freed and Ken Murchison for feedback on the EXTRA mailing list.
(EDITOR: remove this section before publication)
Switch to :mailboxid tagged parameter value with fallback mailbox name. Document interation with special-use. Document security considerations around :mailboxid and :create.
Initial version.
Is there a more explicit way to update the grammar? It seems less fully specified than IMAP.