idnits 2.17.1 draft-degener-sieve-editheader-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 1 longer page, the longest (page 1) being 288 lines Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** There are 3 instances of too long lines in the document, the longest one being 4 characters in excess of 72. ** There are 25 instances of lines with control characters in the document. ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 58: '...eader. The name MUST be a valid 7-bit...' RFC 2119 keyword, line 63: '...the implementation MUST either flag an...' RFC 2119 keyword, line 68: '...The header field MUST be added at the ...' RFC 2119 keyword, line 71: '...n implementation MAY impose a length l...' RFC 2119 keyword, line 72: '...r field; such a limit MUST NOT be less...' (4 more instances...) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == Line 226 has weird spacing: '...ription reque...' -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (April 2003) is 7680 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Missing reference section? 'SIEVE' on line 237 looks like a reference -- Missing reference section? 'KEYWORDS' on line 240 looks like a reference -- Missing reference section? 'COMPARATOR' on line 125 looks like a reference -- Missing reference section? 'MATCH-TYPE' on line 125 looks like a reference -- Missing reference section? 'VARIABLES' on line 243 looks like a reference -- Missing reference section? 'ADV' on line 167 looks like a reference Summary: 5 errors (**), 0 flaws (~~), 4 warnings (==), 9 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group Jutta Degener 2 Internet Draft Sendmail, Inc. 3 Expires: October 2003 April 2003 5 Sieve -- "editheader" extension 6 8 Status of this memo 10 This document is an Internet-Draft and is subject to all 11 provisions of Section 10 of RFC2026. 13 Internet-Drafts are working documents of the Internet Engineering 14 Task Force (IETF), its areas, and its working groups. Note that 15 other groups may also distribute working documents as 16 Internet-Drafts. 18 Internet-Drafts are draft documents valid for a maximum of six 19 months and may be updated, replaced, or obsoleted by other 20 documents at any time. It is inappropriate to use Internet- 21 Drafts as reference material or to cite them other than as 22 "work in progress." 24 The list of current Internet-Drafts can be accessed at 25 http://www.ietf.org/1id-abstracts.html 27 The list of Internet-Draft Shadow Directories can be accessed at 28 http://www.ietf.org/shadow.html 30 Abstract 32 This document defines three new actions for the "sieve" 33 language that add, delete, and change e-mail header fields. 35 1. Introduction 37 Email headers are a flexible and easy to understand means 38 of communication between email processors. 39 This extension enables sieve scripts to interact with other 40 components that consume or produce header fields by allowing 41 the script to delete, modify, and add header fields itself. 43 2. Conventions used. 45 Conventions for notations are as in [SIEVE] section 1.1, including 46 use of [KEYWORDS] and "Syntax:" label for the definition of action 47 and tagged arguments syntax. 49 The capability string associated with extension defined in this 50 document is "editheader". 52 3. Action addheader 54 Syntax: 55 "addheader" 57 The addheader action appends a header field to the existing 58 message header. The name MUST be a valid 7-bit US-ASCII header 59 field name as described by RFC 2822 "field-name" nonterminal. 61 If the specified field value does not match the RFC 2822 62 "unstructured" nonterminal or exceeds a length limit set by 63 the implementation, the implementation MUST either flag an 64 error or encode the field using folding white space and the 65 encodings described in RFC 2047 or RFC 2231 to be compliant 66 with RFC 2822. 68 The header field MUST be added at the end of the existing 69 header. 71 An implementation MAY impose a length limit onto the size of 72 the encoded header field; such a limit MUST NOT be less 73 than 998 characters, not including the terminating CRLF 74 supplied by the implementation. 76 Example: 77 /* Don't redirect if we already redirected */ 78 if not header :contains "X-Sieve-Filtered" 79 ["", ""] 80 { 81 addheader "X-Sieve-Filtered" ""; 82 redirect "kim@home.tld"; 83 } 85 4. Action deleteheader 87 Syntax: 88 "deleteheader" 89 [":index" [":last"]] 90 [COMPARATOR] [MATCH-TYPE] 91 92 [] 94 By default, the deleteheader action deletes all occurrences 95 of the named header field. 97 The field-name is mandatory and always matched as a 98 case-insensitive us-ascii string. The value-patterns, 99 if specified, are matched according to the match type and 100 comparator. If none are specified, all values match. 102 The field-name MUST be a valid 7-bit header field name as 103 described by the RFC 2822 "field-name" nonterminal. 105 If :index is specified, the attempts to match 106 a value are limited to the header field (beginning 107 at 1, the first named header field). If :last is specified, 108 the count is backwards; 1 denotes the last named header field, 109 2 the second to last, and so on. The counting happens 110 before the match, if any; 112 deleteheader :index 2 :contains "Received" "via carrier-pigeon" 114 deletes the second "Received:" header field if it contains 115 the string "via carrier-pigeon" (not the second Received: field 116 that contains "via carrier-pigeon"). 118 5. Action replaceheader 120 Syntax: 121 "replaceheader" 122 [":index" [":last"]] 123 [":newname" ] 124 [":newvalue" ] 125 [COMPARATOR] [MATCH-TYPE] 126 [] 128 The replaceheader action replaces all or parts of a header 129 field, in some or all occurrences of that header field. 131 If :index is specified, the attempts to match 132 a value are limited to the named header field (beginning 133 at 1, the first named header field). If :last is specified, 134 the count is backwards; 1 denotes the last named header field, 135 2 the second to last, and so on. As with "deleteheader", 136 the counting happens before the match, if any. 138 The header field names in the field-name and in the ":newname" 139 argument, if specified, MUST be valid 7-bit header field names 140 as described by the RFC 2822 "field-name" nonterminal. 142 The field-name is mandatory and always matched as a 143 case-insensitive us-ascii string. The value-patterns, 144 if specified, are matched according to the match type and 145 comparator. (If no value-patterns are specified, they 146 always match.) 148 If :newname is specified, the action changes the 149 name of all matching header fields to . 151 If :newvalue is specified, the action changes the 152 value of all matching header fields to to . 153 If the [VARIABLES] extension is present and the MATCH-TYPE 154 is a type that interacts with the [VARIABLES] extension, 155 variable references to ${1}...${N} in the replacement string 156 following ":newvalue" are evaluated according to the matched 157 substring in the header field that is being replaced. 159 For example, 161 replaceheader :newvalue "[ADV] ${1}" :matches "Subject" "*"; 163 would insert an "[ADV]" tag before the value of the 164 "Subject" header field, changing 166 Subject: Make Money Fast!! 167 to Subject: [ADV] Make Money Fast!! 169 If neither :newname nor :newvalue are specified, the operation 170 still matches its argument and, in the presence of the 171 [VARIABLES] extension and a match type that interacts with it, 172 sets the ${1}...${N} variables to the last header matched. 174 6. Interaction with Other Sieve Extensions 176 Tests and actions such as "exist" or "header" that examine 177 headers MUST examine the current state of a header as modified 178 by any actions that have taken place so far. 180 Actions that create messages in storage or in transport to 181 MTAs MUST store and send messages with the current set of 182 header fields. 184 7. Security Considerations 186 Someone with write access to a user's script storage may use this 187 extension to generate headers that a user would otherwise be 188 shielded from (by a gateway MTA that removes them). 190 A sieve filter that removes headers may unwisely destroy 191 evidence about the path a header has taken. 193 Any change in a message content may interfere with digital 194 signature mechanisms that include the header in the signed 195 material. 197 Any decision mechanism in a user's filter that is based 198 on headers is vulnerable to header spoofing. For example, 199 if the user adds an APPROVED header or tag, a malicious sender 200 may add that tag or header themselves. One way to guard against 201 this is to delete or rename any such headers or stamps prior 202 to processing the message. 204 8. Acknowledgments 206 Thanks to Eric Allman, Philip Guenther, Will Lee, Chris Markle, 207 Randall Schwartz, and Rand Wacker for extensive corrections 208 and suggestions. 210 9. Author's Address 212 Jutta Degener 213 Sendmail, Inc. 214 6425 Christie Ave, 4th Floor 215 Emeryville, CA 94608 217 Email: jutta@sendmail.com 219 10. Discussion 221 This section will be removed when this document leaves the 222 Internet-Draft stage. 224 This draft is intended as an extension to the Sieve mail filtering 225 language. Sieve extensions are discussed on the MTA Filters mailing 226 list at . Subscription requests can 227 be sent to (send an email 228 message with the word "subscribe" in the body). 230 More information on the mailing list along with a WWW archive of 231 back messages is available at . 233 Appendices 235 Appendix A. References 237 [SIEVE] Showalter, T., "Sieve: A Mail Filtering Language", RFC 3028, 238 January 2001. 240 [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate 241 Requirement Levels", RFC 2119, March 1997. 243 [VARIABLES] Homme, K.T., "Sieve -- Variables Extension", 244 draft-homme-sieve-variables-01.txt, April 2003. 246 Appendix B. Full Copyright Statement 248 Copyright (C) The Internet Society 2002. All Rights Reserved. 250 This document and translations of it may be copied and furnished to 251 others, and derivative works that comment on or otherwise explain it 252 or assist in its implementation may be prepared, copied, published 253 and distributed, in whole or in part, without restriction of any 254 kind, provided that the above copyright notice and this paragraph 255 are included on all such copies and derivative works. However, this 256 document itself may not be modified in any way, such as by removing 257 the copyright notice or references to the Internet Society or other 258 Internet organizations, except as needed for the purpose of 259 developing Internet standards in which case the procedures for 260 copyrights defined in the Internet Standards process must be 261 followed, or as required to translate it into languages other than 262 English. 264 The limited permissions granted above are perpetual and will not be 265 revoked by the Internet Society or its successors or assigns. 267 This document and the information contained herein is provided on an 268 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 269 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 270 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 271 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 272 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.