On 6/14/2013 12:50 PM, Thomas Harold wrote: > On 6/14/2013 12:40 PM, Frerich Raabe wrote: >> Hi, >> >> One thing which came up repeatedly is that clients using the IMAP >> server I run (using Dovecot 2.1) wonder whether they broke their Sieve >> scripts, i.e. it often goes like "I don't know whether I just didn't >> receive any mail, or whether my filters broke. Can you check the logs?". >> >> I then usually just run the sieve-test binary (part of the Pigeonhole >> distribution) and send them the output. However, I was wondering - is >> there maybe a way for them to try it themselves? Like, maybe a tiny >> web server which just prints a form asking for a mail file and a sieve >> script, and then it runs sieve-script and prints the output of that? I >> wonder how other people do that. >> > > If you have Thunderbird, you may want to have them try out the Sieve > plug-in available at http://sieve.mozdev.org/ > > It auto-compiles and displays errors in the edit window. > > The other thing we do is use RoundCube webmail (which has a sieve > plugin) and have our users edit their sieve scripts through that > instead. It's a form-based rules editor, so a bit harder for them to > goof it up. >
One of the obvious limitations of using the Thunderbird plug-in, or the web-based tool as cited, is that neither one has any way to know which Sieve modules have been "require"d. Oftentimes fatal errors result from referencing a module that hasn't been required. It seems as though the only truly reliable method would be to validate the scripts in consideration of your own environment. As you suggested, a simple Web form (ideally, one that requires authentication) into which users can paste scripts and email bodies would do the job. The form inputs can then be passed to sieve-test. Needless to say, the form inputs should be escaped very carefully to prevent arbitrary code from being executed on your system. Also, I second the Roundcube suggestion If your system supports Roundcube, or if you already use it. The form-based rule editor is much harder to screw-up, as Thomas noted. Good luck! -Ben