[Top] [All Lists]

Re: Advertising per-server limit on number of redirects in ManageSieve

2008-09-14 09:11:22

On Sun, Sep 14, 2008 at 12:02 PM, Ned Freed 
<ned(_dot_)freed(_at_)mrochek(_dot_)com> wrote:
On Sat, Sep 13, 2008 at 8:59 PM, Ned Freed 
<ned(_dot_)freed(_at_)mrochek(_dot_)com> wrote:
On Sat, Sep 13, 2008 at 5:27 PM, Ned Freed 
<ned(_dot_)freed(_at_)mrochek(_dot_)com> wrote:

I've recently added an option to my Sieve implementation to limit the
number of Sieve redirects in a script.

We have a similar option.

any particular reason for adding this restriction?

You mean aside from the fact that RFC 5228 flatly requires it?

from RFC5228:

10. Security Considerations
   (2) MUST provide the means for administrators to limit the ability of
       users to abuse redirect.  In particular, it MUST be possible to
       limit the number of redirects a script can perform.
       Additionally, if no use cases exist for using redirect to
       multiple destinations, this limit SHOULD be set to 1.  Additional
       limits, such as the ability to restrict redirect to local users,
       MAY also be implemented.

"flatly" seems to be a little of an overstatement.


the RFC seems to be
agnostic about the way this effect should be achieved. there is a
reasonable argument that this requirement may be better implemented by
a system assembler than in a script interpretor.

I have no idea what a "system assembler" is or how it relates to this.

it's a role. if you're doing COP then an application is composed by
assembling various components together. the system assembler is one
name given to individual responsible for assembly.

If  you're talking about implementing the limit exclusively in the script 
editor or
managesieve interface, the problem with that is it leeaves a hole should any
user be able to install a script through any other means.

no: that's not what i'm taking about

Email systems can be
very complicated with lots of different ways of doing things,


which means that responsibility for checking this should probably fall
to the application creator (if you prefer that term) rather than a
component creator

making it very hard to guarantee the effectiveness of anything other than a 
hard evaluation
time limit.

depends on what you mean by evalution time. i agree if you mean action
execution time.

I also cannot think of anything simplier than a counter and test in the Sieve

the downside of this separation of concerns is that the script
interpretor may not really know what actions an application is
actually going to perform upon redirect


BTW do any sophisticated editors actually exist yet?

I've seen editors that allow the construction of fairly complex rules. But I
don't think this makes them "sophisticated". "Sophisticated" in my book means
an editor that operatoes on the actual Sieve code rather than depending on 
kind rule metadata (usually embedde in script comments) to figure out what's
going on. A really sophisticsted one would handle nested conditionals and 
more complex coding structures.

And the answer is no, I haven't seen any editors I would regard as truly
sophisticated. I'd like to try and write one myself, but it's a really big
project and I simply do not have the time.

it might be possible to use the eclipse to generate an editor from the
xml version of sieve but sieve is not expressive enough ATM for my
mail filtering (i generate my scripts from higher level meta-data) so
creating a basic editor is of no interest to me

- robert