ietf-mta-filters
[Top] [All Lists]

Re: 3028bis open issue #2: unknown envelope-part names

2005-07-04 11:21:37

On Wed, 2005-06-29 at 18:16 -0400, Mark E. Mallett wrote: 
On Wed, Jun 29, 2005 at 02:01:31PM -0700, Philip Guenther wrote:

B) require implementations to reject parts other than "from" and "to"
   unless declared via some new extension

I'd go with this one.  I've silently ignored others up until this
point but have had a long-standing private implementation note that
it needs to be resolved, vis:

TODO    /* Not really clear if this is an error- but for now we'll
           just treat it as a non-match or a zero count.
        */


   CONS: makes Cyrus implementation non-conforming; breaks scripts that
         haven't been updated to require the new extension

There are other dimensions to the question, of course.  One is whether a
prohibition under (B) will be a "SHOULD NOT" or a "MUST NOT" (MUST NOT
seems better to me, but SHOULD NOT will work better as a retroactive
recommendation); another is whether the spec should have an opinion on
whether the error should be detected at parse/compile time or at
execution time (I'd either go with either the latter or unspecified).


Based on the above comments, with which I wholeheartedly agree, I would
like to propose actually adding the envelope-auth capability in the base
spec. It is only a matter of one more paragraph clarifying the "auth"
value to the envelope argument.

I would like your comments on the following amendments:

5.4.
(......existing paragraphs:)
   If one of the envelope-part strings is (case insensitive) "from",
   then matching occurs against the FROM address used in the SMTP MAIL
   command.

   If one of the envelope-part strings is (case insensitive) "to", then
   matching occurs against the TO address used in the SMTP RCPT command
   that resulted in this message getting delivered to this user.  Note
   that only the most recent TO is available, and only the one relevant
   to this user.

----------------------------
(....add this one:)

   If one of the envelope-part strings is (case insensitive) "auth",
then
   matching occurs against the value of the AUTH argument to the
   SMTP MAIL FROM command, as described in [SMTP-AUTH], section 5.
   Only implementations that advertise the capability "envelope-auth"
   should accept "auth" in the envelope-part string lists.

----------------------------
(....and this one probably?)

  Any other strings other than "from" or "to", as well as "auth" 
  envelope-auth is supported by the implementation, SHOULD
  result in an error.

(Probably someone can elaborate and describe better than me how this
error could be handled).

----------------------------
(...and this capability registration, but I'm not sure if a more formal
procedure for this is needed:)

   Capability name:        envelope-auth
   Capability keyword:     envelope-auth
   Capability arguments:  as in "envelope"
   Standards Track/IESG-approved experimental RFC number:
           This RFC (Sieve base spec, first revised edition)
   Person and email address to contact for further information:
           The Sieve discussion list <ietf-mta-filters(_at_)imc(_dot_)org>


----------------------------
...and, LTBNL, probably add this informative reference as well:

[SMTP-AUTH]  J. Myers,  SMTP Service Extension for Authentication, March
1999


Alexandros