[Top] [All Lists]

Questions and remarks on draft-ietf-sieve-include-01.txt

2009-04-10 19:53:27


First of all, I am very glad that the work on the specification is being continued now. This week I quickly updated my implementation to match the new specification. Merging import and export into a single global command is a good choice. The use of a global variable namespace is also a good idea (but I did not implement that yet).

During implementation I collected some remarks and questions:

- Where the ManageSieve protocol specifies what characters are allowed for a script name, the include extension for the Sieve language does not. Would it be useful to adopt the same limitations? Especially things like '/' can cause problems.

- For the global command I would expect text stating that the variables extension is required when it is used.

- The global command is required to follow 'require' or another global command. I am worried what happens when other extensions have commands with similar requirements. Shouldn't we account for this eventuality?

- Are there any special security implications for using variables in the value argument in the include command, i.e. to include a script specified by a variable? Is that even (intended to be) allowed?

- The scope of the :once modifier could be a bit confusing. I am assuming it holds for the whole Sieve execution and not only for the identical include commands within the current script.

- Take a good look at the examples: they have small typos and syntax problems:
  * page 6; spam_tests: reject command has mandatory message argument
  * page 7; spam_tests: reject command has mandatory message argument
  * page 8; active script: test-mailbox is not a valid variable name
  * page 8; active script: missing require for relational extension
  * page 9; active scropt: :count match type needs an argument, e.g.
  * page 9; active script: "spam-${test}; <- missing "

Please let me know what you think.


Stephan Bosch

<Prev in Thread] Current Thread [Next in Thread>