summaryrefslogtreecommitdiffstats
path: root/pigeonhole/README
diff options
context:
space:
mode:
Diffstat (limited to 'pigeonhole/README')
-rw-r--r--pigeonhole/README332
1 files changed, 332 insertions, 0 deletions
diff --git a/pigeonhole/README b/pigeonhole/README
new file mode 100644
index 0000000..ad2ab02
--- /dev/null
+++ b/pigeonhole/README
@@ -0,0 +1,332 @@
+Pigeonhole for Dovecot v2.4
+
+Introduction
+============
+
+This package is part of the Pigeonhole project (http://pigeonhole.dovecot.org).
+It adds support for the Sieve language (RFC 5228) and the ManageSieve protocol
+(RFC 5804) to the Dovecot Secure IMAP Server. In the literal sense, a pigeonhole
+is a a hole or recess inside a dovecot for pigeons to nest in. It is, however,
+also the name for one of a series of small, open compartments in a cabinet used
+for filing or sorting mail. As a verb, it describes the act of putting an item
+into one of those pigeonholes. The name `Pigeonhole' therefore well describes an
+important part of the functionality that this project adds to Dovecot: sorting
+and filing e-mail messages.
+
+The Sieve language is used to specify how e-mail needs to be processed. By
+writing Sieve scripts, users can customize how messages are delivered, e.g.
+whether they are forwarded or stored in special folders. Unwanted messages can
+be discarded or rejected, and, when the user is not available, the Sieve
+interpreter can send an automated reply. Above all, the Sieve language is meant
+to be simple, extensible and system independent. And, unlike most other mail
+filtering script languages, it does not allow users to execute arbitrary
+programs. This is particularly useful to prevent virtual users from having full
+access to the mail store. The intention of the language is to make it impossible
+for users to do anything more complex (and dangerous) than write simple mail
+filters.
+
+Using the ManageSieve protocol, users can upload their Sieve scripts remotely,
+without needing direct filesystem access through FTP or SCP. Additionally, a
+ManageSieve server always makes sure that uploaded scripts are valid, preventing
+compile failures at mail delivery.
+
+This package provides Sieve support as a plugin to Dovecot's Local Delivery
+Agent (LDA) and Dovecot's LMTP service. The ManageSieve protocol is provided is
+an additional service, next to Dovecot's own POP3 and IMAP services.
+
+Features
+========
+
+ * The Pigeonhole Sieve implementation aims to be admin- and user-friendly.
+ Much like Dovecot itself, common error messages are made as easily
+ understandable as possible. Any crash, no matter how it happened, is
+ considered a bug that will be fixed. The compiler does not bail on the first
+ error, but it looks for more script errors to make debugging more efficient.
+
+ * The Pigeonhole Sieve implementation is, much like the Sieve language itself,
+ highly extensible with new Sieve capabilities. This includes support for
+ third-party plugins. It should eventually provide the necessary
+ infrastructure for at least all currently known relevant (proposed) Sieve
+ extensions. The goal is to keep the extension interface provided by the
+ Sieve implementation as generic as possible, i.e. without explicit support
+ for specific extensions. New similar extensions can then use the same
+ interface methods without changes to the Sieve engine code. If an extension
+ is not loaded using the require command, the compiler truly does not know of
+ its existence.
+
+ * The Pigeonhole Sieve plugin is backwards compatible with the old CMUSieve
+ plugin, which provided Sieve support for older versions of Dovecot. All
+ Sieve extensions supported by the old plugin are also supported by the
+ Pigeonhole Sieve plugin, including those that are now considered to be
+ deprecated.
+
+ * The Pigeonhole Sieve implementation supports executing multiple Sieve
+ scripts sequentially. Using this feature it is possible to execute
+ administrator-controlled Sieve scripts before and after the user's personal
+ Sieve script, guaranteeing that responses and message deliveries are never
+ duplicated. This implementation is based on a draft specification
+ (http://tools.ietf.org/html/draft-degener-sieve-multiscript-00), which
+ defines the Sieve behavior when multiple scripts are executed sequentially
+ on the same message.
+
+ * The Pigeonhole Sieve implementation includes a test suite to automatically
+ assess whether the compiled Sieve engine works correctly. The test suite is
+ an extension to the Sieve language and is therefore easily extended with new
+ tests. Currently, the test suite is mostly limited to testing script
+ processing. The performed actions are not tested fully yet.
+
+ * The Pigeonhole Sieve implementation supports the new and very useful
+ variables extension, which allows maintaining state information throughout
+ a Sieve script across subsequent rules.
+
+ * The Pigeonhole Sieve plugin is distributed with a sieve-test tool that
+ simplifies testing Sieve scripts and provides additional debugging
+ facilities.
+
+Sieve Implementation Status
+===========================
+
+The core of the language (as specified in RFC 5228) is fully supported. In
+addition to that, this Sieve implementation features various extensions. The
+following list outlines the implementation status of each supported extension:
+
+ The language extensions defined in the base specification are fully supported:
+
+ encoded-character (RFC 5228; page 10)
+ fileinto (RFC 5228; page 23)
+ envelope (RFC 5228; page 27)
+
+ The following Sieve language extensions are also supported:
+
+ copy (RFC 3894): fully supported.
+ body (RFC 5173): fully supported.
+ environment (RFC 5183): fully supported (v0.4.0+).
+ variables (RFC 5229): fully supported.
+ vacation (RFC 5230): fully supported.
+ + vacation-seconds (RFC 6131): fully supported (v0.2.3+).
+ relational (RFC 5231): fully supported.
+ imap4flags (RFC 5232): fully supported.
+ subaddress (RFC 5233): fully supported, but with limited configurability.
+ spamtest and virustest (RFC 5235): fully supported (v0.1.16+).
+ date (RFC 5260; Section 4): fully supported (v0.1.12+).
+ index (RFC 5260; Section 6): fully supported (v0.4.7+).
+ editheader (RFC 5293): fully supported (v0.3.0+).
+ reject (RFC 5429; Section 2.2): fully supported.
+ enotify (RFC 5435): fully supported (v0.1.3+).
+ mailto method (RFC 5436): fully supported (v0.1.3+).
+ xmpp method (RFC 5437): is under development and will become available
+ as a plugin.
+ ihave (RFC 5463): fully supported (v0.2.4+).
+ mailbox (RFC 5490; Section 3): fully supported (v0.1.10+), but ACL
+ permissions are not verified for mailboxexists.
+ mboxmetadata and servermetadata (RFC 5490): fully supported (v0.4.7+)
+ foreverypart (RFC 5703; Section 3): fully supported (v0.4.10+).
+ mime (RFC 5703; Section 4): fully supported (v0.4.10+).
+ extracttext (RFC 5703; Section 7): fully supported (v0.4.12+).
+ include (RFC 6609): fully supported (v0.4.0+).
+ imapsieve (RFC 6785): fully supported (v0.4.14+).
+ duplicate (RFC 7352): fully supported (v0.4.3+).
+ regex (draft v08; not latest version): almost fully supported, but
+ UTF-8 is not supported.
+
+ The following deprecated extensions are supported for backwards
+ compatibility:
+
+ imapflags (obsolete draft): fully backwards compatible (v0.1.3+)
+ notify (obsolete draft): fully backwards compatible (v0.1.15+)
+
+ The availability of these deprecated extensions is disabled by default.
+
+ The following Dovecot-specific Sieve extensions are available:
+
+ vnd.dovecot.debug (v0.3.0+):
+ Allows logging debug messages.
+ vnd.dovecot.execute (v0.4.0+; sieve_extprograms plugin):
+ Implements executing a pre-defined set of external programs with the
+ option to process string data through the external program.
+ vnd.dovecot.filter (v0.4.0+; sieve_extprograms plugin):
+ Implements filtering messages through a pre-defined set of external
+ programs.
+ vnd.dovecot.pipe (v0.4.0+; sieve_extprograms plugin):
+ Implements piping messages to a pre-defined set of external programs.
+ vnd.dovecot.report (v0.4.14):
+ Implements sending MARF reports (RFC 5965).
+
+ The following extensions are under development:
+
+ ereject (RFC 5429; page 4): implemented, but currently equal to reject.
+
+ Many more extensions to the language exist. Not all of these extensions are
+ useful for Dovecot in particular, but many of them are. Currently, the
+ author has taken notice of the following extensions:
+
+ replace (RFC 5703; Section 5): planned.
+ enclose (RFC 5703; Section 6): planned.
+ envelope-dsn, envelope-deliverby, redirect-dsn and
+ redirect-deliverby (RFC 6009): planned; depends on lib-smtp changes in
+ Dovecot.
+ extlists (RFC 6134): planned.
+ convert (RFC 6558): under consideration.
+
+ These extensions will be added as soon as the necessary infrastructure is
+ available.
+
+Check the TODO file for an up-to-date list of open issues and current
+development.
+
+Compiling and Configuring
+=========================
+
+Refer to INSTALL file.
+
+Sieve Tools
+===========
+
+To test the sieve engine outside deliver, it is useful to try the commands that
+exist in the src/sieve-tools/ directory of this package. After installation,
+these are available at your $prefix/bin directory. The following commands are
+installed:
+
+sievec - Compiles sieve scripts into a binary representation for later
+ execution. Refer to the next section on manually compiling Sieve
+ scripts.
+
+sieve-test - This is a universal Sieve test tool for testing the effect of a
+ Sieve script on a particular message. It allows compiling,
+ running and testing Sieve scripts. It can either be used to
+ display the actions that would be performed on the provided test
+ message or it can be used to test the actual delivery of the
+ message and show the messages that would normally be sent through
+ SMTP.
+
+sieve-dump - Dumps the content of a Sieve binary file for (development)
+ debugging purposes.
+
+sieve-filter - Allow running Sieve filters on messages already stored in a
+ mailbox.
+
+When installed, man pages are also available for these commands. In this package
+the man pages are present in doc/man and can be viewed before install using
+e.g.:
+
+man -l doc/man/sieve-test.1
+
+Various example scripts are bundled in the directory 'examples'. These scripts
+were downloaded from various locations. View the top comment in the scripts for
+url and author information.
+
+Compiling Sieve Scripts
+=======================
+
+When the LDA Sieve plugin executes a script for the first time (or after it has
+been changed), it is compiled into into a binary form. The Pigeonhole Sieve
+implementation uses the .svbin extension to store compiled Sieve scripts (e.g.
+.dovecot.svbin). To store the binary, the plugin needs write access in the
+directory in which the script is located.
+
+A problem occurs when a global script is encountered by the plugin. For security
+reasons, global script directories are not supposed to be writable by the user.
+Therefore, the plugin cannot store the binary when the script is first compiled.
+Note that this doesn't mean that the old compiled version of the script is used
+when the binary cannot be written: it compiles and uses the current script
+version. The only real problem is that the plugin will not be able to update
+the binary on disk, meaning that the global script needs to be recompiled each
+time it needs to be executed, i.e. for every incoming message, which is
+inefficient.
+
+To mitigate this problem, the administrator must manually pre-compile global
+scripts using the sievec command line tool. For example:
+
+sievec /var/lib/dovecot/sieve/global/
+
+This is often necessary for scripts listed in the sieve_default, sieve_before
+and sieve_after settings. For global scripts that are only included in other
+scripts using the include extension, this step is not necessary, since included
+scripts are incorporated into the binary produced for the main script located in
+a user directory.
+
+Compile and Runtime Logging
+===========================
+
+Log messages produced at runtime by the Sieve plugin are written to two
+locations:
+
+ * Messages are primarily logged to the user log. By default this log file is
+ located in the same directory as the user's main active personal script (as
+ specified by the sieve setting). This log file bears the name of that script
+ file appended with ".log", e.g. ".dovecot.sieve.log". The location of the
+ user log file can also be explicitly configured using the sieve_user_log
+ setting (e.g. for when Sieve scripts are not stored on the local file
+ system).
+
+ If there are errors or warnings in the script, the messages are appended to
+ that log file until it eventually grows too large. When that happens, the
+ old log file is rotated to a ".log.0" file and an empty log file is started.
+ Informational messages are not written to this log file and the log file is
+ not created until messages are actually logged, i.e. when an error or
+ warning is produced.
+
+ * Messages that could be of interest to the system administrator are also
+ written to the Dovecot LDA logging facility (usually syslog). This includes
+ informational messages that indicate what actions are executed on incoming
+ messages. Compile errors encountered in the user's private script are not
+ logged here.
+
+The ManageSieve service reports compile errors and warnings only back to the
+user. System and configuration-related messages are written to the Dovecot
+logging facility.
+
+Known issues
+============
+
+Sieve
+-----
+
+Most open issues are outlined in the TODO file. The more generic ones are (re-)
+listed here:
+
+* Compile errors are sometimes a bit obscure and long. This needs work.
+ Suggestions for improvement are welcome.
+
+* The documentation needs work.
+
+ManageSieve
+-----------
+
+* Although this ManageSieve server should comply with the draft specification of
+ the ManageSieve protocol, quite a few clients don't. This is particularly true
+ for the TLS support. However, now that Cyrus' Timsieved has changed its
+ behavior towards protocol compliance, all those clients will follow
+ eventually.
+
+ Clients known to have TLS issues:
+ - Thunderbird Sieve add-on: fixed as per version 0.1.5
+ - AvelSieve: patch on the wiki: http://wiki.dovecot.org/ManageSieve
+ - KMail + kio_sieve: TLS broken for old versions. This issue is fixed at
+ least in kmail 1.9.9 / kde 3.5.9.
+
+ Unfortunately, there is no reliable way to provide a workaround for this
+ problem. We will have to wait for the authors of these clients to make the
+ proper adjustments.
+
+* Other client issues:
+
+ - SmartSieve, WebSieve:
+ These clients are specifically written for Cyrus timsieved and fail on
+ multiple stages of the protocol when connected to Pigeonhole ManageSieve.
+
+Authors
+=======
+
+Refer to AUTHORS file.
+
+Contact Info
+============
+
+Stephan Bosch <stephan at rename-it dot nl>
+IRC: Freenode, #dovecot, S[r]us
+Web: http://pigeonhole.dovecot.org
+
+Please use the Dovecot mailing list <dovecot at dovecot.org> for questions about
+this package. You can post to the list without subscribing, the mail then waits
+in a moderator queue for a while. See http://dovecot.org/mailinglists.html