Sun Microsystems

3401 Centrelake Drive, Suite 410 Ontario CA 92761-1205 USA +1 909 457 4293 ned.freed@mrochek.com

Applications RFC Request for Comments SMTP ESMTP Sieve I-D Internet-Draft This document describes the "environment" extension to the Sieve email filtering language. The "environment" extension gives Sieve access to information about the environment where the Sieve interpreter is running. Changed one place string result from "UA" to "MUA". Updated the IANA registration template. Moved the ihave extension to a separate document. Added remote-host and remote-ip environment items to the initial set. Updated references, completed IANA registration templates. Added text recommending the use of a "name." prefix for groups of items with a common purpose. Also rearranged the text regarding the IANA registry so that the relevant information isn't more centralized. Added test explaining how to test to see if an implementation knows about a particular environment item. Added text to make it clear that remote-ip and remote-host can refer to LMTP and submsision clients as well as SMTP clients. Changed evaluation-time to evaluation-agent, the former sounds too much like it is going to return a date/time value, Rearranged and cleaned up the IANA considerations text, making it clearer what IANA's concerns are. Clarified that the product version item is product-specific and should always be considered in the context of the product name item. Added a note to the security considerations section about the possibile unreliability of remote-host information. Defined the format of remote-ip more precisely as well as what happens when remote-host cannot be determined. Split the evaluation-type item into separate location and phase items.

Sieve is a language for filtering email messages at or around the time of final delivery. It is designed to be implementable on either a mail client or mail server. It is suitable for running on a mail server where users may not be allowed to execute arbitrary programs, such as on black box Internet Message Access Protocol servers, as it has no user-controlled loops or the ability to run external programs. Although Sieve is intended to be independent of access protocol, mail architecture, and operating system, in some cases it is useful to allow scripts to access information about their execution context. The "environment" extension provides a new environment test that can be used to implement scripts that behave differently when moved from one system to another, when messages arrive from different remote sources or when otherwise operated in different contexts.

"The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in . The terms used to describe the various components of the Sieve language are taken from section 1.1. This document refers to the ABNF productions IPv4-address-literal, IPv6-address-literal, and General-address-literal defined in section 4.1.3. The location item makes use of standard terms for email service components. Additional information and background on these terms can be found in .

The capability string associated with the extension defined in this document is "environment".

]]>

The environment test retrieves the item of environment information specified by the name string and matches it to the values specified in the key-list. The test succeeds if a match occurs. The type of match defaults to ":is" and the default comparator is "i;ascii-casemap". The current message is not a direct source of information for the environment test; the item of information specified by the name string is extracted from the script's operating environment and key-list comes from the script. The environment test MUST fail unconditionally if the specified information item does not exist. A script MUST NOT fail with an error if the item does not exist. This allows scripts to be written that handle nonexistent items gracefully. In particular, the test:

only succeeds if "item" is known to the implementation, and always succeeds if it is. The "relational" extension adds a match type called ":count". The count of an environment test is 0 if the environment information returned is the empty string, or 1 otherwise. Environment items can be standardized or vendor-defined. An IANA registry is defined for both types of items. Extensions designed for interoperable use SHOULD be defined in standards track or experimental RFCs.

The initial set of standardized environment items is as follows:

"domain" => The primary DNS domain associated with the Sieve execution context, usually but not always a proper suffix of the host name. "host" => The fully-qualified domain name of the host where the Sieve script is executing. "location" => Sieve evaluation can be performed at various different points as messages are processed. This item provides additional information about the type of service that is evaluating the script. Possible values are "MTA", meaning the Sieve is being evaluated by a Message Transfer Agent, "MDA", meaning evaluation is being performed by a Mail Delivery Agent, "MUA", meaning evaluation is being performed by a Mail User Agent, and "MS", meaning evaluation is being performed by a Message Store. Additional information and background on these terms can be found in [I-D.crocker-email-arch]. "name" => The product name associated with the Sieve interpreter. "phase" => The point relative to final delivery where the Sieve script is being evaluated. Possible values are "pre", "during", and "post", referring respectively to processing before, during, and after final delivery has taken place. "remote-host" => Host name of remote SMTP/LMTP/Submission client expressed as a FQDN, if applicable and available. The empty string will be returned if for some reason this information cannot be obtained for the current client. "remote-ip" => IP address of remote SMTP/LMTP/Submission client, if applicable and available. IPv4, IPv6, and other types of addresses are respectively represented in the formats defined by the IPv4-address-literal, IPv6-address-literal, and General-address-literal productions defined in [RFC2821] section 4.1.3. "version" => The product version associated with the Sieve interpreter. The meaning of the product version string is product-specific and should always be considered in the context of the product name given by the "name" item.

Implementations SHOULD support as many of the items on this initial list as possible. Additional standardized items can only be defined in standards-track or experimental RFCs.

Environment item names beginning with "vnd." represent vendor-defined extensions. Such extensions are not defined by Internet standards or RFCs, but are still registered with IANA in order to prevent conflicts.

A registry of environment items is provided by IANA. Item names may be registered on a first-come, first-served basis. Groups of items defined in a standards track or experimenal RFC MAY choose to use a common name prefix of the form "name.", where "name" is a string that identifies the group of related items. Items not defined in a standards track or experimental RFC MUST have a name that begins with the "vnd." prefix and this prefix is followed by the name of the vendor or product, such as "vnd.acme.rocket-sled-status".

The following template is to be used for registering new Sieve environment item names with IANA.

Multiple items and descriptions MAY be specified in a single registration request. Both standardized and vendor-defined items use this form.

The environment extension may be used to obtain information about the system the Sieve implementation is running on. This information in turn may reveal details about service provider or enterprise infrastructure. An implementation can use any technique to determine the remote-host environment item defined in this specification, and the trustworthiness of the result will vary. One common method will be to perform a PTR DNS lookup on the client IP address. This information may come from an untrusted source. For example, the test:

is not a good way to test whether the message came from "outside" because anyone who can create a PTR record can create one that refers to whatever domain they choose. All of the security considerations given in the base Sieve specification also apply to this extension.

The following template specifies the IANA registration of the Sieve extension specified in this document: To: iana@iana.org Subject: Registration of new Sieve extension Capability name: environment Description: The "environment" extension provides a new environment test that can be used to implement scripts that behave differently when moved from one system to another or otherwise operated in different contexts. RFC number: RFC &rfc.number; Contact address: Sieve discussion list <ietf-mta-filters@imc.org>

This specification also defines a new IANA registry for Sieve environment item names. The specifics of this registry are given in . The initial contents of the registry are given in the following section.

The following template specifies the initial IANA registrations for the environment items defined in this document: To: iana@iana.org Subject: Registration of new Sieve environment items Capability name: domain Description: The primary DNS domain associated with the Sieve execution context, usually but not always a proper suffix of the host name. Capability name: host Description: The fully-qualified domain name of the host where the Sieve script is executing. Capability name: location Description: Type of service executing the Sieve script. Capability name: name Description: The product name associated with the Sieve interpreter. Capability name: phase Descrption: Point relative to final delivery at which the Sieve script is being evaluated. Capability name: remote-host Description: Host name of remote SMTP client, if applicable and available. Capability name: remote-ip Description: IP address of remote SMTP client, if applicable and available. Capability name: version Description: The product version associated with the Sieve interpreter. RFC number: RFC &rfc.number; Contact address: Sieve discussion list <ietf-mta-filters@imc.org>

Brandenburg InternetWorking

Brian Carpenter, Dave Crocker, Cyrus Daboo, Philip Guenther, Kjetil Torgrim Homme, John Klensin, Mark Mallett, Alexey Melnikov, and Dilyan Palauzo provided helpful suggestions and corrections.