1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
|
Pigeonhole for Dovecot v2.4
Introduction
============
This package is part of the Pigeonhole project (http://pigeonhole.dovecot.org).
It adds support for the Sieve language (RFC 5228) and the ManageSieve protocol
(RFC 5804) to the Dovecot Secure IMAP Server. In the literal sense, a pigeonhole
is a a hole or recess inside a dovecot for pigeons to nest in. It is, however,
also the name for one of a series of small, open compartments in a cabinet used
for filing or sorting mail. As a verb, it describes the act of putting an item
into one of those pigeonholes. The name `Pigeonhole' therefore well describes an
important part of the functionality that this project adds to Dovecot: sorting
and filing e-mail messages.
The Sieve language is used to specify how e-mail needs to be processed. By
writing Sieve scripts, users can customize how messages are delivered, e.g.
whether they are forwarded or stored in special folders. Unwanted messages can
be discarded or rejected, and, when the user is not available, the Sieve
interpreter can send an automated reply. Above all, the Sieve language is meant
to be simple, extensible and system independent. And, unlike most other mail
filtering script languages, it does not allow users to execute arbitrary
programs. This is particularly useful to prevent virtual users from having full
access to the mail store. The intention of the language is to make it impossible
for users to do anything more complex (and dangerous) than write simple mail
filters.
Using the ManageSieve protocol, users can upload their Sieve scripts remotely,
without needing direct filesystem access through FTP or SCP. Additionally, a
ManageSieve server always makes sure that uploaded scripts are valid, preventing
compile failures at mail delivery.
This package provides Sieve support as a plugin to Dovecot's Local Delivery
Agent (LDA) and Dovecot's LMTP service. The ManageSieve protocol is provided is
an additional service, next to Dovecot's own POP3 and IMAP services.
Features
========
* The Pigeonhole Sieve implementation aims to be admin- and user-friendly.
Much like Dovecot itself, common error messages are made as easily
understandable as possible. Any crash, no matter how it happened, is
considered a bug that will be fixed. The compiler does not bail on the first
error, but it looks for more script errors to make debugging more efficient.
* The Pigeonhole Sieve implementation is, much like the Sieve language itself,
highly extensible with new Sieve capabilities. This includes support for
third-party plugins. It should eventually provide the necessary
infrastructure for at least all currently known relevant (proposed) Sieve
extensions. The goal is to keep the extension interface provided by the
Sieve implementation as generic as possible, i.e. without explicit support
for specific extensions. New similar extensions can then use the same
interface methods without changes to the Sieve engine code. If an extension
is not loaded using the require command, the compiler truly does not know of
its existence.
* The Pigeonhole Sieve plugin is backwards compatible with the old CMUSieve
plugin, which provided Sieve support for older versions of Dovecot. All
Sieve extensions supported by the old plugin are also supported by the
Pigeonhole Sieve plugin, including those that are now considered to be
deprecated.
* The Pigeonhole Sieve implementation supports executing multiple Sieve
scripts sequentially. Using this feature it is possible to execute
administrator-controlled Sieve scripts before and after the user's personal
Sieve script, guaranteeing that responses and message deliveries are never
duplicated. This implementation is based on a draft specification
(http://tools.ietf.org/html/draft-degener-sieve-multiscript-00), which
defines the Sieve behavior when multiple scripts are executed sequentially
on the same message.
* The Pigeonhole Sieve implementation includes a test suite to automatically
assess whether the compiled Sieve engine works correctly. The test suite is
an extension to the Sieve language and is therefore easily extended with new
tests. Currently, the test suite is mostly limited to testing script
processing. The performed actions are not tested fully yet.
* The Pigeonhole Sieve implementation supports the new and very useful
variables extension, which allows maintaining state information throughout
a Sieve script across subsequent rules.
* The Pigeonhole Sieve plugin is distributed with a sieve-test tool that
simplifies testing Sieve scripts and provides additional debugging
facilities.
Sieve Implementation Status
===========================
The core of the language (as specified in RFC 5228) is fully supported. In
addition to that, this Sieve implementation features various extensions. The
following list outlines the implementation status of each supported extension:
The language extensions defined in the base specification are fully supported:
encoded-character (RFC 5228; page 10)
fileinto (RFC 5228; page 23)
envelope (RFC 5228; page 27)
The following Sieve language extensions are also supported:
copy (RFC 3894): fully supported.
body (RFC 5173): fully supported.
environment (RFC 5183): fully supported (v0.4.0+).
variables (RFC 5229): fully supported.
vacation (RFC 5230): fully supported.
+ vacation-seconds (RFC 6131): fully supported (v0.2.3+).
relational (RFC 5231): fully supported.
imap4flags (RFC 5232): fully supported.
subaddress (RFC 5233): fully supported, but with limited configurability.
spamtest and virustest (RFC 5235): fully supported (v0.1.16+).
date (RFC 5260; Section 4): fully supported (v0.1.12+).
index (RFC 5260; Section 6): fully supported (v0.4.7+).
editheader (RFC 5293): fully supported (v0.3.0+).
reject (RFC 5429; Section 2.2): fully supported.
enotify (RFC 5435): fully supported (v0.1.3+).
mailto method (RFC 5436): fully supported (v0.1.3+).
xmpp method (RFC 5437): is under development and will become available
as a plugin.
ihave (RFC 5463): fully supported (v0.2.4+).
mailbox (RFC 5490; Section 3): fully supported (v0.1.10+), but ACL
permissions are not verified for mailboxexists.
mboxmetadata and servermetadata (RFC 5490): fully supported (v0.4.7+)
foreverypart (RFC 5703; Section 3): fully supported (v0.4.10+).
mime (RFC 5703; Section 4): fully supported (v0.4.10+).
extracttext (RFC 5703; Section 7): fully supported (v0.4.12+).
include (RFC 6609): fully supported (v0.4.0+).
imapsieve (RFC 6785): fully supported (v0.4.14+).
duplicate (RFC 7352): fully supported (v0.4.3+).
regex (draft v08; not latest version): almost fully supported, but
UTF-8 is not supported.
The following deprecated extensions are supported for backwards
compatibility:
imapflags (obsolete draft): fully backwards compatible (v0.1.3+)
notify (obsolete draft): fully backwards compatible (v0.1.15+)
The availability of these deprecated extensions is disabled by default.
The following Dovecot-specific Sieve extensions are available:
vnd.dovecot.debug (v0.3.0+):
Allows logging debug messages.
vnd.dovecot.execute (v0.4.0+; sieve_extprograms plugin):
Implements executing a pre-defined set of external programs with the
option to process string data through the external program.
vnd.dovecot.filter (v0.4.0+; sieve_extprograms plugin):
Implements filtering messages through a pre-defined set of external
programs.
vnd.dovecot.pipe (v0.4.0+; sieve_extprograms plugin):
Implements piping messages to a pre-defined set of external programs.
vnd.dovecot.report (v0.4.14):
Implements sending MARF reports (RFC 5965).
The following extensions are under development:
ereject (RFC 5429; page 4): implemented, but currently equal to reject.
Many more extensions to the language exist. Not all of these extensions are
useful for Dovecot in particular, but many of them are. Currently, the
author has taken notice of the following extensions:
replace (RFC 5703; Section 5): planned.
enclose (RFC 5703; Section 6): planned.
envelope-dsn, envelope-deliverby, redirect-dsn and
redirect-deliverby (RFC 6009): planned; depends on lib-smtp changes in
Dovecot.
extlists (RFC 6134): planned.
convert (RFC 6558): under consideration.
These extensions will be added as soon as the necessary infrastructure is
available.
Check the TODO file for an up-to-date list of open issues and current
development.
Compiling and Configuring
=========================
Refer to INSTALL file.
Sieve Tools
===========
To test the sieve engine outside deliver, it is useful to try the commands that
exist in the src/sieve-tools/ directory of this package. After installation,
these are available at your $prefix/bin directory. The following commands are
installed:
sievec - Compiles sieve scripts into a binary representation for later
execution. Refer to the next section on manually compiling Sieve
scripts.
sieve-test - This is a universal Sieve test tool for testing the effect of a
Sieve script on a particular message. It allows compiling,
running and testing Sieve scripts. It can either be used to
display the actions that would be performed on the provided test
message or it can be used to test the actual delivery of the
message and show the messages that would normally be sent through
SMTP.
sieve-dump - Dumps the content of a Sieve binary file for (development)
debugging purposes.
sieve-filter - Allow running Sieve filters on messages already stored in a
mailbox.
When installed, man pages are also available for these commands. In this package
the man pages are present in doc/man and can be viewed before install using
e.g.:
man -l doc/man/sieve-test.1
Various example scripts are bundled in the directory 'examples'. These scripts
were downloaded from various locations. View the top comment in the scripts for
url and author information.
Compiling Sieve Scripts
=======================
When the LDA Sieve plugin executes a script for the first time (or after it has
been changed), it is compiled into into a binary form. The Pigeonhole Sieve
implementation uses the .svbin extension to store compiled Sieve scripts (e.g.
.dovecot.svbin). To store the binary, the plugin needs write access in the
directory in which the script is located.
A problem occurs when a global script is encountered by the plugin. For security
reasons, global script directories are not supposed to be writable by the user.
Therefore, the plugin cannot store the binary when the script is first compiled.
Note that this doesn't mean that the old compiled version of the script is used
when the binary cannot be written: it compiles and uses the current script
version. The only real problem is that the plugin will not be able to update
the binary on disk, meaning that the global script needs to be recompiled each
time it needs to be executed, i.e. for every incoming message, which is
inefficient.
To mitigate this problem, the administrator must manually pre-compile global
scripts using the sievec command line tool. For example:
sievec /var/lib/dovecot/sieve/global/
This is often necessary for scripts listed in the sieve_default, sieve_before
and sieve_after settings. For global scripts that are only included in other
scripts using the include extension, this step is not necessary, since included
scripts are incorporated into the binary produced for the main script located in
a user directory.
Compile and Runtime Logging
===========================
Log messages produced at runtime by the Sieve plugin are written to two
locations:
* Messages are primarily logged to the user log. By default this log file is
located in the same directory as the user's main active personal script (as
specified by the sieve setting). This log file bears the name of that script
file appended with ".log", e.g. ".dovecot.sieve.log". The location of the
user log file can also be explicitly configured using the sieve_user_log
setting (e.g. for when Sieve scripts are not stored on the local file
system).
If there are errors or warnings in the script, the messages are appended to
that log file until it eventually grows too large. When that happens, the
old log file is rotated to a ".log.0" file and an empty log file is started.
Informational messages are not written to this log file and the log file is
not created until messages are actually logged, i.e. when an error or
warning is produced.
* Messages that could be of interest to the system administrator are also
written to the Dovecot LDA logging facility (usually syslog). This includes
informational messages that indicate what actions are executed on incoming
messages. Compile errors encountered in the user's private script are not
logged here.
The ManageSieve service reports compile errors and warnings only back to the
user. System and configuration-related messages are written to the Dovecot
logging facility.
Known issues
============
Sieve
-----
Most open issues are outlined in the TODO file. The more generic ones are (re-)
listed here:
* Compile errors are sometimes a bit obscure and long. This needs work.
Suggestions for improvement are welcome.
* The documentation needs work.
ManageSieve
-----------
* Although this ManageSieve server should comply with the draft specification of
the ManageSieve protocol, quite a few clients don't. This is particularly true
for the TLS support. However, now that Cyrus' Timsieved has changed its
behavior towards protocol compliance, all those clients will follow
eventually.
Clients known to have TLS issues:
- Thunderbird Sieve add-on: fixed as per version 0.1.5
- AvelSieve: patch on the wiki: http://wiki.dovecot.org/ManageSieve
- KMail + kio_sieve: TLS broken for old versions. This issue is fixed at
least in kmail 1.9.9 / kde 3.5.9.
Unfortunately, there is no reliable way to provide a workaround for this
problem. We will have to wait for the authors of these clients to make the
proper adjustments.
* Other client issues:
- SmartSieve, WebSieve:
These clients are specifically written for Cyrus timsieved and fail on
multiple stages of the protocol when connected to Pigeonhole ManageSieve.
Authors
=======
Refer to AUTHORS file.
Contact Info
============
Stephan Bosch <stephan at rename-it dot nl>
IRC: Freenode, #dovecot, S[r]us
Web: http://pigeonhole.dovecot.org
Please use the Dovecot mailing list <dovecot at dovecot.org> for questions about
this package. You can post to the list without subscribing, the mail then waits
in a moderator queue for a while. See http://dovecot.org/mailinglists.html
|