IETF Logo Mail Archive

Comments on draft-freed-sieve-environment-04

Philip Guenther <guenther@sendmail.com> Wed, 19 March 2008 08:22 UTC

Return-Path: <owner-ietf-mta-filters@mail.imc.org>
X-Original-To: ietfarch-sieve-archive-Aet6aiqu@core3.amsl.com
Delivered-To: ietfarch-sieve-archive-Aet6aiqu@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 123EC3A6A9E for <ietfarch-sieve-archive-Aet6aiqu@core3.amsl.com>; Wed, 19 Mar 2008 01:22:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o1A2B0v2+JCq for <ietfarch-sieve-archive-Aet6aiqu@core3.amsl.com>; Wed, 19 Mar 2008 01:22:32 -0700 (PDT)
Received: from balder-227.proper.com (cl-240.ewr-01.us.sixxs.net [IPv6:2001:4830:1200:ef::2]) by core3.amsl.com (Postfix) with ESMTP id 5206C3A67F2 for <sieve-archive-Aet6aiqu@ietf.org>; Wed, 19 Mar 2008 01:22:32 -0700 (PDT)
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id m2J87GGC067255 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 19 Mar 2008 01:07:16 -0700 (MST) (envelope-from owner-ietf-mta-filters@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.14.2/8.13.5/Submit) id m2J87GaK067254; Wed, 19 Mar 2008 01:07:16 -0700 (MST) (envelope-from owner-ietf-mta-filters@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-mta-filters@mail.imc.org using -f
Received: from ladle.sendmail.com (ladle.sendmail.com [209.246.26.53]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id m2J87F3U067248 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for <ietf-mta-filters@imc.org>; Wed, 19 Mar 2008 01:07:16 -0700 (MST) (envelope-from guenther@sendmail.com)
Received: from spork.sendmail.com (tls.sendmail.com [209.246.26.41]) by ladle.sendmail.com (Switch-3.3.1/Sentrion-3.0.0) with ESMTP id m2J88koF014106 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Wed, 19 Mar 2008 01:08:46 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=sendmail.com; s=ladle.dkim; t=1205914126; bh=qh7TiqdvmxROS82e7eDAlir+gglLUzAyaNeh 7ZZ1YWc=; h=Received:X-DKIM:DKIM-Signature:Date:From:X-X-Sender:To: cc:Subject:Message-ID:User-Agent:MIME-Version:Content-Type: X-MM-Ex-RefId; b=oy91Nn/+1z5OM5jOhFKwB7dJMMEWV9xGUdSu0kDscqzrzS901 45faUECqP6YrleChndrFhVEa3cVlJbzhGA18pocJvQ8EcdHAigehChKgU8CuZRn6Fjo dZvhQQLqd/bVUSWiiHOMXPoHos1qG0DviEU9n7/0KKqPXvaaF9OYpSU=
Received: from [192.168.0.2] (adsl-64-58-1-252.mho.net [64.58.1.252] (may be forged)) (authenticated bits=0) by spork.sendmail.com (Switch-3.3.1/Switch-3.3.1) with ESMTP id m2J82xH1028973 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 19 Mar 2008 01:08:17 -0700
X-DKIM: Sendmail DKIM Filter v2.2.2 spork.sendmail.com m2J82xH1028973
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sendmail.com; s=spork.dkim; t=1205914099; bh=qh7TiqdvmxROS82e7eDAlir+gglLUzAyaNeh 7ZZ1YWc=; h=Date:From:X-X-Sender:To:cc:Subject:Message-ID: User-Agent:MIME-Version:Content-Type:X-MM-Ex-RefId; b=jmX6Wa5SlJol TK9ntCq4stLG+ETq4f1zgIAVAfk1pgO3n3Ge92p76LfaQj0smPZy04CAKgjiJZyng8a Bm5py4T5hf5LEfkffNTMVuESJJwS4wWC+hhcdC1nsQWNwLdJ6moSoLio2IyaXI5lZqR qHPIUG17RTbVAPpPPq4WznySM=
Date: Wed, 19 Mar 2008 02:01:52 -0600
From: Philip Guenther <guenther@sendmail.com>
X-X-Sender: guenther@vanye.mho.net
To: Ned Freed <ned.freed@mrochek.com>
cc: ietf-mta-filters@imc.org
Subject: Comments on draft-freed-sieve-environment-04
Message-ID: <alpine.BSO.1.00.0803190129540.441@vanye.mho.net>
User-Agent: Alpine 1.00 (BSO 882 2007-12-20)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
X-MM-Ex-RefId: 149371::080319010818-0E88FB90-527599E9/0-0/0-1
Sender: owner-ietf-mta-filters@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-mta-filters/mail-archive/>
List-ID: <ietf-mta-filters.imc.org>
List-Unsubscribe: <mailto:ietf-mta-filters-request@imc.org?body=unsubscribe>


If the SMTP session was over IPv6, what should the "remote-ip" environment 
item be set to?  Perhaps there should be a prefix on the value that 
indicates the address family, or it should be formatted like the 'host' 
part of URI?

Note that the obvious test of
 	environment :matches "remote-ip" "*.*.*.*"

will match an IPv6 address literal if the implementation uses the
 	x:x:x:x:x:x:d.d.d.d
form, such as with the IPv4 compat addresses, ala "::FFFF:1.2.3.4".

(Yes, this thought was triggered by the "IPv6-only" experiment during the 
IETF technical plenary.)


There probably should be a security consideration that explains that the 
value of the "remote-host" item may be controlled by an untrusted source. 
For example, the test
 	environment :matches "remote-host" "*.mydomain.com"

is *not* a good way to test whether the message came from 'outside' unless 
the implementation there's some sort of IP->host->IP consistency check 
made.


(The sendmail MTA faced the above issues some time ago for the pre-defined 
variables it provides to its rulesets.  To quote the sendmail operations 
guide, it defined variables as follows:
       ${client_addr}
            The  IP  address  of  the  SMTP   client.    IPv6
            addresses  are  tagged  with  "IPv6:"  before the
            address.  Defined in the SMTP server only.

       ${client_name}
            The host name of the SMTP client.   This  may  be
            the  client's  bracketed IP address in the form [
            nnn.nnn.nnn.nnn    ]    for    IPv4     and     [
            IPv6:nnnn:...:nnnn  ] for IPv6 if the client's IP
            address is not resolvable, or if it is resolvable
            but  the  IP  address  of  the  resolved hostname
            doesn't match the original IP  address.   Defined
            in    the    SMTP    server   only.    See   also
            ${client_resolve}.

       ${client_ptr}
            The  result  of  the PTR lookup for the client IP
            address.    Note:   this   is   the    same    as
            ${client_name}  if  and only if ${client_resolve}
            is OK.  Defined in the SMTP server only.

       ${client_resolve}
            Holds  the  result  of  the  resolve   call   for
            ${client_name}.  Possible values are:

                OK        resolved successfully
                FAIL      permanent lookup failure
                FORGED    forward lookup doesn't match reverse lookup
                TEMP      temporary lookup failure

            Defined   in  the  SMTP  server  only.   sendmail
            performs a hostname lookup on the IP  address  of
            the  connecting client.  Next the IP addresses of
            that hostname are looked up.  If  the  client  IP
            address  does  not  appear in that list, then the
            hostname is maybe forged.  This is  reflected  as
            the  value  FORGED  for  ${client_resolve} and it
            also shows up in $_ as "(may be forged)".

While client_ptr and client_resolve are probably overkill for the sieve 
environment extension, the tagging in client_addr and precise definition 
of when client_name contains a name and not an address literal seem like 
practical guidance in this area.)


Philip Guenther

v2.23.0 | Report a Bug | By Email