IETF Logo Mail Archive

Re: sieve/managesieve/time and ACL

Ned Freed <ned.freed@mrochek.com> Sat, 13 May 2006 14:31 UTC

Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k4DEVWs5075641; Sat, 13 May 2006 07:31:32 -0700 (MST) (envelope-from owner-ietf-mta-filters@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id k4DEVWXa075640; Sat, 13 May 2006 07:31:32 -0700 (MST) (envelope-from owner-ietf-mta-filters@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-mta-filters@mail.imc.org using -f
Received: from mauve.mrochek.com (206.117.180.234.brandx.net [206.117.180.234] (may be forged)) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k4DEVUhI075632 for <ietf-mta-filters@imc.org>; Sat, 13 May 2006 07:31:30 -0700 (MST) (envelope-from ned.freed@mrochek.com)
Received: from dkim-sign.mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01M2D5WDBMR4008N9R@mauve.mrochek.com> for ietf-mta-filters@imc.org; Sat, 13 May 2006 07:31:24 -0700 (PDT)
DKIM-Signature: a=rsa-sha1; c=nowsp; d=mrochek.com; s=mauve; t=1147530548; h=Date: From:Subject:MIME-version:Content-type; b=lCxq+CiXekTuYy3Yr1PdWKzr4 P1TfnHX/XiMaR4p9GysGip5AOQTt+KhFHRdN12SsQoOGdXZyWTyYwWtMN7oPA==
Received: from mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01M2CK0RIXY80008CX@mauve.mrochek.com>; Sat, 13 May 2006 07:31:22 -0700 (PDT)
Cc: ietf-mta-filters@imc.org, Ned Freed <ned.freed@mrochek.com>
To: Arnt Gulbrandsen <arnt@gulbrandsen.priv.no>
Message-id: <01M2D5WCJXCQ0008CX@mauve.mrochek.com>
Date: Sat, 13 May 2006 07:27:10 -0700
From: Ned Freed <ned.freed@mrochek.com>
Subject: Re: sieve/managesieve/time and ACL
In-reply-to: "Your message dated Fri, 12 May 2006 19:59:59 +0200" <8lojjOJ0LiRYfWrumr19dw.md5@libertango.oryx.com>
MIME-version: 1.0
Content-type: TEXT/PLAIN; format="flowed"
References: <8lojjOJ0LiRYfWrumr19dw.md5@libertango.oryx.com>
Sender: owner-ietf-mta-filters@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-mta-filters/mail-archive/>
List-ID: <ietf-mta-filters.imc.org>
List-Unsubscribe: <mailto:ietf-mta-filters-request@imc.org?body=unsubscribe>

> Ned Freed writes:
> > The implication here is that you might want to check fileinto validity
> > in managesieve.

> Right, with emphasis on the might. I'm all in favour if picking
> low-hanging fruit.

> >  I'm very dubious about this being a good idea - in addition to ACLs
> > changing after the fact, there's also the issue of uploading the
> > sieve referring to the mailbox before the mailbox is created.

> I believe that managesieve, as well as pretty much every other piece of
> software, should perform all the sanity checks it easily can. If
> putscript can easily check more than just syntax, it should.

Again, this check seems like it forces an unnecessary ordering on how users
set things up. I don't think that's a good idea.

> > I also suspect that in many architectures it would be quite difficult
> > to perform such a check. It certainly is next to impossible to do a
> > meaningful check of this sort in ours.

> Then don't do it ;)

I wouldn't even if it was easy to do.

> >> What should happen when a message arrives and the script wants to
> >> fileinto? I can't find any mention at all of access control in 3028bis,
> >> far less of access control which changes after the sieve is blessed by
> >> managesieve.

> > We handle this case essentially by converting the fileinto into a
> > keep. I don't thinking requiring such behavior is a good idea,
> > however, we might want to point out the issue and suggest this as one
> > way to deal with it.

> Yes (in a more general form, ideally).

In any case, some discussion of how to handle error conditions that creep
in between sieve evaluation and execution of the resulting actions would
be fine.

				Ned

v2.29.0 | Report a Bug | By Email | System Status