[Top] [All Lists]

Re: Sieve include, 'global scripts' and managesieve

2006-11-28 09:29:08

On Mon, 2006-11-27 at 19:02 +0000, Nigel Swinson wrote:
The system script would have some other set of mailboxes -- owned by the
system user. As Nigel mentions, he uses the filesystem for his system
scripts. The system script runs as the postmaster user. So this also
raises a question about how to do envelope matching, for example, with
Relational which prohibits matching against other people's envelopes to
discover who else has received the message.

Most of the sieve specs so far are very targetted at the end user scripts.  
For server administrator scripts, I see no reason why they shouldn't have 
access to the complete envelope.

So yes, it is an important point to note, that the "envelope" needs to be 
refined as the message progresses through the system.  So in our 
implementation, the server script has the full SMTP envelope to this 
server, but the end user only sees an envelope with a single recipient, as 
the envelope has at that stage been broken down into lots of smaller 
envelopes, one per recipient.

This seems like the right approach. Ned, have you done the same thing?

For user scripts yes, for system scripts no. The issue is how to handle
a system sieve that does an envelope recipient test - in this case
evaluation has to allow for the system sieve to return different results
for different recipients. We handle this by evaluating system sieves that
perform envelope tests once per recipient. In each of those evaluation it
appears that there's a single recipient address.

The alternative is to have a single result for system sieves that applies to
all recipients. If you did this it would make sense to expose the entire
recipient list to the script at once, with the result that :count on  envelope
"to" becomes meaningful and so on. But when we looked at how customers used
envelope tests in system sieves, they clearly wanted per-recipient results more
than the ability to look at the entire envelope at once, so that's how we
implemented it.