IETF Logo Mail Archive

Re: WGLC on IMAP Sieve (draft-ietf-lemonade-imap-sieve)

Alexey Melnikov <alexey.melnikov@isode.com> Mon, 26 May 2008 06:50 UTC

Return-Path: <owner-ietf-mta-filters@mail.imc.org>
X-Original-To: ietfarch-sieve-archive-Aet6aiqu@core3.amsl.com
Delivered-To: ietfarch-sieve-archive-Aet6aiqu@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 66A6B3A6B1B for <ietfarch-sieve-archive-Aet6aiqu@core3.amsl.com>; Sun, 25 May 2008 23:50:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sCehxzcrB3p5 for <ietfarch-sieve-archive-Aet6aiqu@core3.amsl.com>; Sun, 25 May 2008 23:50:04 -0700 (PDT)
Received: from balder-227.proper.com (properopus-pt.tunnel.tserv3.fmt2.ipv6.he.net [IPv6:2001:470:1f04:392::2]) by core3.amsl.com (Postfix) with ESMTP id 66D683A68CB for <sieve-archive-Aet6aiqu@ietf.org>; Sun, 25 May 2008 23:50:04 -0700 (PDT)
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id m4Q6OFwN011567 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 25 May 2008 23:24:15 -0700 (MST) (envelope-from owner-ietf-mta-filters@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.14.2/8.13.5/Submit) id m4Q6OFfq011565; Sun, 25 May 2008 23:24:15 -0700 (MST) (envelope-from owner-ietf-mta-filters@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-mta-filters@mail.imc.org using -f
Received: from rufus.isode.com (rufus.isode.com [62.3.217.251]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id m4Q6OCNb011525 for <ietf-mta-filters@imc.org>; Sun, 25 May 2008 23:24:14 -0700 (MST) (envelope-from alexey.melnikov@isode.com)
Received: from [192.168.1.4] ((unknown) [89.163.8.23]) by rufus.isode.com (submission channel) via TCP with ESMTPA id <SDpXiwA4ESd4@rufus.isode.com>; Mon, 26 May 2008 07:24:11 +0100
X-SMTP-Protocol-Errors: NORDNS
Message-ID: <483A5789.4000206@isode.com>
Date: Mon, 26 May 2008 07:24:09 +0100
From: Alexey Melnikov <alexey.melnikov@isode.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915
X-Accept-Language: en-us, en
To: Ned Freed <ned.freed@mrochek.com>
CC: Dave Cridland <dave@cridland.net>, ietf-mta-filters@imc.org
Subject: Re: WGLC on IMAP Sieve (draft-ietf-lemonade-imap-sieve)
References: <480F17C6.6040404@isode.com> <4836C34B.1030700@isode.com> <01MV4RRQJI7Q00007A@mauve.mrochek.com> <23290.1211585629.941276@peirce.dave.cridland.net> <4837C2B3.8080304@isode.com> <01MV7NX7SMKM00007A@mauve.mrochek.com>
In-Reply-To: <01MV7NX7SMKM00007A@mauve.mrochek.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-mta-filters@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-mta-filters/mail-archive/>
List-ID: <ietf-mta-filters.imc.org>
List-Unsubscribe: <mailto:ietf-mta-filters-request@imc.org?body=unsubscribe>

Ned Freed wrote:

>> > > I finally had a chance to look at this. Having done so, the 
>> question I really
>> > > want to ask is has anyone implemented this, and if they  did, how 
>> well did it
>> > > work? And if the answer to that is "no implementations yet", I'd 
>> then like to
>> > > hear if anyone is planning to implement this, and if so, when and 
>> for what
>> > > puropse?
>
>> > The whole thing just leaves me a quivering mess, whimpering in a
>> > corner and yearning for the good old days, when if one APPENDed
>> > message literal in a MULTAPPEND set was accepted, one could breathe a
>> > sigh of relief and use LITERAL+ to do heavy pipelining on the rest.
>
>> > I'm still not entirely sure how IMAP-SIEVE would signal *which*
>> > message failed in a MULTIAPPEND set, actually
>
>> Dave, I don't understand how is this different from MULTIAPPEND without
>> IMAP Sieve: an IMAP Sieve script can't "fail" append. It can only
>> discard message after it gets appended (see section 3.6).
>
> And as I said in my comments, I view this as a significant omission 
> that needs
> to be corrected.

Possibly (I haven't made my mind on this yet).
I would just point out that your change would create an extra failure 
case that isn't present in IMAP Sieve now.

> As for the MULTIAPPEND issue, well, I've already commented on
> what I view to be the inadequacy of IMAP error reporting in other 
> contexts.

This is solvable by defining a new response code (or a new response).

>> > - I did look, and Section 2.2.2's coverage of this particular problem
>> > is, well, exceedingly economic.
>> >
>> > But this is a specific issue, rather than the more general problem.
>>  [...]
>> > This ignores the interesting cases of whether an implementation
>> > ignores, for the purposes of Sieve, events caused by Sieve scripts,
>> > since otherwise two mailboxes could have conflicting scripts that
>> > cheerfully bounced an APPENDed message backwards and forwards for all
>> > eternity.
>
>> Sieve fileinto caused by IMAP Sieve is not the same as IMAP COPY, but in
>> order to avoid any doubts I agree that the Security Considerations
>> should also mention that.
>
> I agree with this as far it goes, but it caused me to review the text on
> fileinto in the base Sieve specification as well as in the IMAP sieve 
> document,
> and I'm afraid what turned up is another impedance mismatch that needs 
> to be
> addressed.
>
> The base spec basically says that
>
>   fileinto "foo";
>
> causes the message to be placed in a mailbox named "foo". It then goes 
> on to
> discuss the access control issues this can cause, especially in the 
> case where
> the mailbox doesn't already exist. Conspiciously absent from any of 
> this is
> discussion of mailbox hierarchy - what, say,
>
>   fileinto "foo/bar";
> means is entirely implementation dependent. And if this case is 
> interesting,
> something like
>
>   fileinto "/foo/bar";
>
> has even more interesting implications. The reason for not nailing any 
> of this
> down is of course that Sieve does not presuppose a particular store 
> backend of
> any kind.
>
> Also implicit in this discussion is that the sieve in question has an
> identifiable owner that has access rights to the store. Also, in 
> practice the
> argument of fileinto is also interpreted in the context of where the 
> user's
> default mailbox is located - foo is normally placed at the same level 
> in the
> hierarchy as their inbox.
>
> Now consider how this changes when Sieves are used in IMAP. Now we're 
> dealing
> with a specific sort of store with very specific semantics. So now these
> semantics can and should be nailed down, but the draft currently fails 
> to do
> so.

Maybe so. I am not entirely clear what needs to be written to clarify that.

Isode's implementation just treats the fileinto argument as an IMAP 
mailbox name. So if it contains a shared folder prefix, this would cause 
mail to be filed into the shared folder.

> And then there's the access control issue. Presumably if a script is 
> attached
> to a user mailbox is "owned" by that user and inherits his or her access
> rights. (If so, this also needs to be explicitly stated.)

Right.

> But what about scripts attached to public mailboxes, ones that have no 
> owner?
> Who owns them and what rights do such scripts have?
>
> And what about the server script? Who owns it and what rights does it 
> have?

These are all interesting questions. I agree that they should be discussed.

v2.23.0 | Report a Bug | By Email