As discussed in Maastricht, the document should contain some text about
use of include with ManageSieve.
3.1. General Considerations
Sieve implementations must track the use of actions in included
s/must/MUST ?
scripts so that implicit "keep" behavior can be properly determined
based on whether any actions have executed in any script.
Sieve implementations MUST ensure that recursive includes are not
possible. For example, if script "A" includes script "B", and script
"B" includes script "A" an error MUST be generated either when the
script is uploaded to the Sieve repository,
I wonder if this is too strong and if this should be replaced with
"activated". I am thinking about a script A that includes B is being
uploaded, while the older version of B already includes A.
or when the script is
executed. If such an error is detected whilst processing a Sieve
script, an implicit "keep" action MUST be executed to prevent loss of
any messages.
3.2. Control Structure include
Personal script "spam_tests"
This script does some user-specific spam tests to catch spam
messages not caught by the site-wide spam tests.
require ["reject"];
This needs an informative reference to Sieve reject.
if header :contains "Subject" "XXXX"
{
reject;
The human readable string is not optional for "reject" action, so this
doesn't look like a valid Sieve script.
}
elsif header :is "From" "money(_at_)example(_dot_)com"
{
reject;
As above.
}
Also the same issue is present in:
Site script "spam_tests"
4. Security Considerations
Sieve implementations MUST ensure adequate security for the global
script repository to prevent unauthorized changes to global scripts.
This sounds a bit handwavy. Can you add an example on how can this be
achieved?
_______________________________________________
sieve mailing list
sieve(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/sieve