subject:"RFC\: Sieving mail delivered directly to shared\/public folders"

Re: RFC: Sieving mail delivered directly to shared/public folders

2001-11-10 Thread Ian Castle


Here is the 21.K patch.

Apologies if this makes for an unacceptably large email.

- It adds a new command "folder" which takes a folder as a parameter to
"timsieved" which allows a script to be associated with any folder or
heirarchy of folders in the imap store.

- It alters lmtpd to pick the appropriate sieve script for the folder
being delivered to - i.e. the folder described by the left hand side of
the email address.


The patch is against current CVS (well, CVS of Thursday). It is made
from "cvs diff -u /" - i.e. from the "cyrus-imapd" directory.


It is very much a proof of concept. It compiles and does something ;-) -
but I wouldn't rely on it to do any more than that.

Regards,

Ian


Index: imap/lmtpd.c
===
RCS file: /cvs/src/cyrus/imap/lmtpd.c,v
retrieving revision 1.75
diff -u -r1.75 lmtpd.c
--- lmtpd.c 2001/10/02 21:08:10 1.75
+++ lmtpd.c 2001/11/08 18:29:38
@@ -734,8 +734,14 @@
 int ret = 1;
 
 if (sd->mailboxname) {
-   strcpy(namebuf, lmtpd_namespace.prefix[NAMESPACE_INBOX]);
-   strcat(namebuf, sd->mailboxname);
+/* Sieving a public or user folder ? */
+if ( strcmp( sd->username, "anyone" ) ) {
+   strcpy(namebuf, lmtpd_namespace.prefix[NAMESPACE_INBOX]);
+   strcat(namebuf, sd->mailboxname);
+}
+else {
+strcpy(namebuf, sd->mailboxname);
+}
 
ret = deliver_mailbox(md->data, &mydata->stage, md->size,
  kc->imapflags->flag, kc->imapflags->nflags,
@@ -748,7 +754,13 @@
if (!sd->authstate)
return SIEVE_FAIL;
 
-   strcpy(namebuf, "INBOX");
+   /* sieving a public or user folder ? */
+if ( strcmp( sd->username, "anyone" ) ) {
+   strcpy(namebuf, "INBOX");
+}
+else {
+strcpy( namebuf, sd->mailboxname );
+}
 
ret = deliver_mailbox(md->data, &mydata->stage, md->size,
  kc->imapflags->flag, kc->imapflags->nflags,
@@ -1018,10 +1030,30 @@
 }
 }
 
+static int mailbox_parent( char *mailboxname )
+{
+char *p;
+int r = 1;
+p = strrchr ( mailboxname, '.' );
+if ( p ) {
+   *p = '\0';
+   r = 0;
+}
+return r;
+}
+
+
 /* returns true if user has a sieve file */
-static FILE *sieve_find_script(const char *user)
+static FILE *sieve_find_script(const char *user, char *mailboxname)
 {
 char buf[1024];
+char namebuf[MAX_MAILBOX_NAME];
+char namebuf2[MAX_MAILBOX_NAME];
+char script_path[MAX_MAILBOX_PATH];
+const char *sievesystemscripts = config_getstring( "sievedir", "/usr/sieve" );
+int r;
+char *path, *acl;
+FILE *sfp;
 
 if (strlen(user) > 900) {
return NULL;
@@ -1031,28 +1063,83 @@
/* duplicate delivery suppression is needed for sieve */
return NULL;
 }
-
-if (sieve_usehomedir) { /* look in homedir */
-   struct passwd *pent = getpwnam(user);
 
-   if (pent == NULL) {
-   return NULL;
+if ( strcmp( user, "anyone" ) ) {
+if ( mailboxname ) {
+   strcpy(namebuf, lmtpd_namespace.prefix[NAMESPACE_INBOX]);
+   strcat(namebuf, mailboxname);
}
+   else {
+   strcpy( namebuf, "INBOX" );
+}
+   
+}
+else {
+strcpy(namebuf, lmtpd_namespace.prefix[NAMESPACE_SHARED]);
+strcat(namebuf, mailboxname);
+}
+
+mboxname_hiersep_toexternal(&lmtpd_namespace, namebuf);
+
+r = (*lmtpd_namespace.mboxname_tointernal)(&lmtpd_namespace, namebuf,
+   user, namebuf2);
+
+if ( mboxlist_lookup( namebuf2, &path, &acl, NULL ) == 0 ) {
+   syslog( LOG_INFO, "1 The folder exists" );
+
+mailbox_hash_mbox( script_path, sievesystemscripts, namebuf2 );
+
+   syslog( LOG_INFO, "4 script is %s", script_path );
+}
+else {
+return NULL;
+}
+
+snprintf(buf, sizeof(buf), "%s/default", script_path );
+
+r = 0;
+while (!r && ( syslog(LOG_INFO, "5 file is %s", buf ), sfp = fopen(buf, "r")) == 
+NULL) {
+ r = mailbox_parent( namebuf2 );
+ mailbox_hash_mbox( script_path, sievesystemscripts, namebuf2 );
+ snprintf(buf, sizeof(buf), "%s/default", script_path );
+}
+
+return sfp;
 
-   /* check ~USERNAME/.sieve */
-   snprintf(buf, sizeof(buf), "%s/%s", pent->pw_dir, ".sieve");
-} else { /* look in sieve_dir */
-   char hash;
+#if 0
+if ( !strcmp( user, "anyone" ) ) {
+const char *sievesystemscripts = config_getstring( "sievedir", "/usr/sieve" );
 
-   hash = (char) dir_hash_c(user);
+if ( sievesystemscripts == (const char *) 0 ) {
+return NULL; /* Must have a script dir for this to work */
+}
 
-   snprintf(buf, sizeof(buf), "%s/%c/%s/default", sieve_dir, hash, user);
+snprintf(buf, sizeof(buf), "%s/default", sie

Re: RFC: Sieving mail delivered directly to shared/public folders

2001-11-10 Thread Ian Castle

On Sat, 2001-11-10 at 00:36, Nick Sayer wrote:
> 
> > The big problem is that you can only have one script for the entire set
> > of public folders.
> >
> 
> Unless you create multiple such users.
> 
> 
> 

I'm sure that will work... but I think a more natural fit is "scripts go
with folders" - because it is the mail being sieved - not the user.
Think this way - Currently a folder has a set of ACLs - if you like,
some properties that belong to the folder. By binding a sieve script to
the folder we are extending the set of "properties" to also include a
set of "methods". Only at the time when an action is to be taken, is the
user taking that action tested against the folder - to see if the action
that they want to take is allowable within the context of the security
framework.

Re: RFC: Sieving mail delivered directly to shared/public folders

2001-11-09 Thread Michael Bacon


I think trying to patch in little solutions to how sieve currently works 
are going to meet with problems that the current model wasn't designed with 
this kind of broad functionality in mind.  Going to a slightly different 
model would not only solve this problem, but others as well.

Here's what I would propose:

--* In addition to the user sieve directories, add an additional directory 
tree for system scripts.  However, rather than make the directory structure 
tied to mailbox names, have it be a separately organized general repository 
for scripts.  If you want to get fancy, maintain ACLs on the scripts as to 
who can read them, activate them, write them, and administrate the rights 
on them.  (rewa?)  Munge the namespace on the sieve scripts such that all 
system scripts start with system: and use colons to demarcate directories, 
so that $systemscriptdir/spamcontrol/rejectrelays is available in the 
script namespace as system:spamcontrol:rejectrelays .

--* Change the way the scripts are invoked so that a single mailbox may 
have multiple scripts attached to it.  Store this list of attached 
(activated) scripts in the cyrus.header file of the mailbox.  Have lmtpd 
execute the scripts in the order in which they are listed.

--* Allow users to manipulate the scripts in their own private user space, 
but additionally allow them to activate system scripts.  For example, if 
the user specified the following list: "default myforwards 
system:spamstopper", mail delivered would execute "default" and 
"myforwards" in their own personal space, then execute "spamstopper" as 
stored in the system directory.

--* Execute all scripts as the user whose mailbox is being delivered to, or 
in the case of shared mailboxes, er, refer to earlier discussion... :)



This is an awful lot of coding and patching, I realize.  I'll be happy to 
give it a shot, but I unfortunately can't get into it for another month or 
so (other stuff on the plate).  I know this sort of model would work better 
for us; I'd be interested to hear if this would work for other people.

Michael

Re: RFC: Sieving mail delivered directly to shared/public folders

2001-11-09 Thread Ian Castle

I *was* referring to the action "redirect" in sieve... for some reason I
thought it was an extension that hadn't been implemented in cyrus
But sure enough it exists in CVS and 2.0.16. Strange. I must have made a
mistake somewhere in one of my scripts...

This is what I got after trying to use it:

/var/log/messages:Nov  7 15:27:54 penguin lmtpd[2384]: sieve parse error
for anyone: line 1: unsupported feature

line one was "require ["redirect"];"

So I just assumed that redirect hadn't been implemented

Anyway, for the moment I suggest that as a solution for those that want
to invoke a subseqent sieve.

On Fri, 2001-11-09 at 17:11, Amos Gouaux wrote:
> 
> It's already there.  See RFC3028:
> 
> 4.3. Action redirect
>

Re: RFC: Sieving mail delivered directly to shared/public folders

2001-11-09 Thread Ian Castle

That was how my inital implementation worked. In this case the pseudo
user was "anyone".

It is working quite nicely for me.

The big problem is that you can only have one script for the entire set
of public folders.

On Fri, 2001-11-09 at 17:35, Nick Sayer wrote:
> It seems to me that this could be far more easily done by creating a pseudo-
> user. Have this user be the target of the alias and his sieve script will
> be run. That sieve script can have nothing but fileinto directives to
> populate the public folders. This pseudo-user does not even have to have an
> INBOX, I don't think. Or if it does, then it will be perpetually empty if
> your sieve script is written correctly. :-)
> 
> 
>

Re: RFC: Sieving mail delivered directly to shared/public folders

2001-11-09 Thread Amos Gouaux

> On Fri, 9 Nov 2001 09:35:29 -0800 (PST),
> Nick Sayer <[EMAIL PROTECTED]> (ns) writes:

ns> It seems to me that this could be far more easily done by creating a pseudo-
ns> user. Have this user be the target of the alias and his sieve script will
ns> be run. That sieve script can have nothing but fileinto directives to
ns> populate the public folders. This pseudo-user does not even have to have an
ns> INBOX, I don't think. Or if it does, then it will be perpetually empty if
ns> your sieve script is written correctly. :-)

And that's the catch, or at least one of them.  Locally, we've
kicked this idea around somewhat.  If there is a problem with the
script, as per the RFC the mail will drop into the inbox.  This
means we pretty much have to give that folder admin access to both
areas.  Well, if you do that, what's the point of the shared folder?
Of course if you move all the non-user shared folders under "user.",
then you've pretty much lost the advantages of having different
namespaces.

On one hand I can see an argument for having a "user." corresponding
folder to represent the admin or moderator of the shared folder
area.  However, this would be pretty convoluted and complicated to
explain to folks, I suspect.

If at the beginning of the script you could define the "inbox", then
perhaps this might be more feasible.  Though, that would break the
RFC.  What if this define had a typo in it.  Mail bounces?  Perhaps
as a last resort it would drop back to the real default.

Oh, my head hurts.

-- 
Amos

Re: RFC: Sieving mail delivered directly to shared/public folders

2001-11-09 Thread Nick Sayer


It seems to me that this could be far more easily done by creating a pseudo-
user. Have this user be the target of the alias and his sieve script will
be run. That sieve script can have nothing but fileinto directives to
populate the public folders. This pseudo-user does not even have to have an
INBOX, I don't think. Or if it does, then it will be perpetually empty if
your sieve script is written correctly. :-)

Re: RFC: Sieving mail delivered directly to shared/public folders

2001-11-09 Thread Amos Gouaux

> On 09 Nov 2001 16:48:43 +,
> Ian Castle <[EMAIL PROTECTED]> (ic) writes:

ic> ... An alternative approach might be to implement the "redirect" feature
ic> in sieve. So that 'fileinto "some.folder"' wouldn't do any extra

It's already there.  See RFC3028:

4.3. Action redirect

   Syntax:   redirect 

   The "redirect" action is used to send the message to another user at
   a supplied address, as a mail forwarding feature does.  The
   "redirect" action makes no changes to the message body or existing
   headers, but it may add new headers.  The "redirect" modifies the
   envelope recipient.

[...]

   Example:  redirect "[EMAIL PROTECTED]";

Seems like that should cover it, right?

-- 
Amos

Re: RFC: Sieving mail delivered directly to shared/public folders

2001-11-09 Thread Ken Murchison




Ian Castle wrote:
> 
> On Fri, 2001-11-09 at 14:52, Dave McCracken wrote:
> >
> > I have a question, though.  If a sieve script does a 'fileinto' to redirect
> > mail to another folder, does the sieve script for that folder get run?
> > Intuitively I think it should, but what are the implications?
> 
> Interesting. That would probably require quite a big change to the
> "deliver" mechanism - as the message would have to be reintroduced into
> the process flow... Currently, it is a single "arrives + sieved + stored
> in mailbox"
> 
> ... An alternative approach might be to implement the "redirect" feature
> in sieve. So that 'fileinto "some.folder"' wouldn't do any extra
> processing, but 'redirect "bb+some.folder@localhost"' would cause the
> mail to be reintroduced to lmtpd, where it would be processed by the
> script for the folder. Potentially, there is more processing overhead -
> but the script writer gets to have explicit control of the processing
> behaviour, and it would probably be easier to implement - and a bit
> easier to understand any "side effects" of the message processing flow.

CMU Sieve already has the 'redirect' action as described in RFC3028. 
The message will go back out to your mail relayer which will in turn
will spawn lmtpd   So the capabilties that you describe above
already exist.

Ken
-- 
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26  Orchard Park, NY 14127
--PGP Public Key--http://www.oceana.com/~ken/ksm.pgp

RE: RFC: Sieving mail delivered directly to shared/public folders

2001-11-09 Thread Ian Castle

On Fri, 2001-11-09 at 14:52, Dave McCracken wrote:
> 
> I have a question, though.  If a sieve script does a 'fileinto' to redirect
> mail to another folder, does the sieve script for that folder get run?
> Intuitively I think it should, but what are the implications?

Interesting. That would probably require quite a big change to the
"deliver" mechanism - as the message would have to be reintroduced into
the process flow... Currently, it is a single "arrives + sieved + stored
in mailbox"

... An alternative approach might be to implement the "redirect" feature
in sieve. So that 'fileinto "some.folder"' wouldn't do any extra
processing, but 'redirect "bb+some.folder@localhost"' would cause the
mail to be reintroduced to lmtpd, where it would be processed by the
script for the folder. Potentially, there is more processing overhead -
but the script writer gets to have explicit control of the processing
behaviour, and it would probably be easier to implement - and a bit
easier to understand any "side effects" of the message processing flow.

Ian.

RE: RFC: Sieving mail delivered directly to shared/public folders

2001-11-09 Thread Ian Castle


OK, here is the code I knocked up yesterday which implements the
"scripts use the same namespace as folders" concept. i.e. allows a
script to be set on a per folder basis, rather then a per user basis.

Note that there is a bit of functionality missing from what I described
yesterday - esp. in timesieved where there is 1) no checking that the
folder actually exists 2) no checking of access rights to the folder.
[This is basically only one function call +some calls to set up the
"mbox" gobal data structures.

Anway, it compiles and demonstrates the concept... Of course, it is
rought, ready, untested and probably breaks easily - so I would
recommend even compiling it - let alone running it ;-).

I've got the functionality I need at the moment - so I don't have a
pressing need to do any more development at the moment. However, if
people are interested in this approach - or some modification of it
(basically something which delivers filtering on public folders) I would
far rather use the common code base rather than my own private patch, so
would be willing to go a bit further...

So... here it is (lots of cvs diff -u )...

[hang on! is it OK to send a 21.5K patch to the list. or is
there some other address/place they I should send it to! - Let me know,
and I'll follow up with the patch to whereever is appropriate].


Regards,

Ian.

Re: RFC: Sieving mail delivered directly to shared/public folders

2001-11-09 Thread Amos Gouaux

> On Fri, 9 Nov 2001 08:10:35 -,
> Ian Castle <[EMAIL PROTECTED]> (ic) writes:

ic> Well, the mechanism/interface is there. Allow "activate" to apply to more
ic> than one script.

ic> One way would be to have a subdirectory called "default" with symlinks to
ic> all the active scripts in the directory.

ic> The symlinks could be prefixed with a number "0001_myscript.script"
ic> "0002_mysecondscript" to allow ordering. You could introduce "up down"
ic> commands, or just let activate remove things from the list and append to the
ic> bottom. A bit clumsy without a gui. Or simply let the file names determine
ic> the order.

Okay, this is getting a little scary.  ;-)

ic> A second way would mean be to extend sieve with an "include" statement. So
ic> you would have "default" being include "[script1,script2,script3]";

But include from where?

If we had a script in 'user.billybob.lists.info-cyrus', then maybe
have:

 include ["user.billybob/default"]

???

Ugh, this is scary too.

ic> Anyway, this is perhaps orthogonal to the problem I am particularly
ic> interested in which is apply scripts to different folders - i.e. mapping
ic> scripts to the folder name space rather than the username space.

I'd agree with that.  Just being able to bind a script to a folder
would be a *huge* win, IMHO.

ic> So rather than thinking that "this script applies to this user" I am
ic> suggesting that we think "this script applies to this folder". Obviously, if
ic> the folder is "user.fred" then the statements are synonymous. However, we
ic> can use the second way to, obviously, refer to more than just folders of the
ic> category "user.something".

If you can set 'anyone p' to a folder, seems like you should be able
to bind a script to that folder

-- 
Amos

RE: RFC: Sieving mail delivered directly to shared/public folders

2001-11-09 Thread Dave McCracken

--On Friday, November 09, 2001 08:10:35 + Ian Castle
<[EMAIL PROTECTED]> wrote:

> So rather than thinking that "this script applies to this user" I am
> suggesting that we think "this script applies to this folder". Obviously,
> if the folder is "user.fred" then the statements are synonymous. However,
> we can use the second way to, obviously, refer to more than just folders
> of the category "user.something".

I think this is a great idea.

I have a question, though.  If a sieve script does a 'fileinto' to redirect
mail to another folder, does the sieve script for that folder get run?
Intuitively I think it should, but what are the implications?

Dave McCracken

==
Dave McCracken  IBM Linux Base Kernel Team  1-512-838-3059
[EMAIL PROTECTED]T/L   678-3059

RE: RFC: Sieving mail delivered directly to shared/public folders

2001-11-09 Thread Ian Castle



> From: Lawrence Greenfield [mailto:[EMAIL PROTECTED]]
>
> I think that you addressed my concerns in your second proposal.  I'm
> not sure I love the idea of the "folder" command in timsieved, but
> I'll have to contemplate.
>
> I think there's also a question about whether at most one sieve script
> should apply to any folder or whether multiple Sieve scripts might
> apply to incoming messages to one folder, and how they should be
> concatenated if so.

Well, the mechanism/interface is there. Allow "activate" to apply to more
than one script.

One way would be to have a subdirectory called "default" with symlinks to
all the active scripts in the directory.

The symlinks could be prefixed with a number "0001_myscript.script"
"0002_mysecondscript" to allow ordering. You could introduce "up down"
commands, or just let activate remove things from the list and append to the
bottom. A bit clumsy without a gui. Or simply let the file names determine
the order.

A second way would mean be to extend sieve with an "include" statement. So
you would have "default" being include "[script1,script2,script3]";

Anyway, this is perhaps orthogonal to the problem I am particularly
interested in which is apply scripts to different folders - i.e. mapping
scripts to the folder name space rather than the username space.

>
>
> Yes, what I was emphasizing is that there has to be a coherent
> image of what's going on seperate from how we represent things on the
> filesystem, since really the filesystem is just a database.

Yes. I understand this and agree fully.

>
> We want the world from outside the server to be a logical system; you
> shouldn't need to know how things are implemented behind the scenes.

Absolutely!
>
> Likewise, things like "sieveusehomedirs" are only there for making
> things easy for some people; in general, it's not how Cyrus is meant
> to be used.

Will, my second proposal won't even work with "sieveusehomedirs" ;-). I.e.
you either have a script in your home dir or you have scripts associated
with folders managed through timsieved.

>
> Larry
>
>
>
>

Anyway, to carry on banging my drum, currently scripts have a name space
associated with "users". The "users" name space is but a subset of the full
folder namespace - i.e. there aren't really users but only "INBOXes" - users
are implicitly derived from this. This should be changed so that scripts are
set in the same namespace as folders.

So rather than thinking that "this script applies to this user" I am
suggesting that we think "this script applies to this folder". Obviously, if
the folder is "user.fred" then the statements are synonymous. However, we
can use the second way to, obviously, refer to more than just folders of the
category "user.something".

This seems to me to be both an obvious and more comfortable way of thinking
about the relationship of scripts to the rest of the system.


Ian.

Re: RFC: Sieving mail delivered directly to shared/public folders

2001-11-08 Thread Lawrence Greenfield

   From: Ian Castle <[EMAIL PROTECTED]>
   Date: 08 Nov 2001 06:44:20 +

   On Wed, 2001-11-07 at 22:22, Lawrence Greenfield wrote:
   > The other thing to consider is how to keep the Cyrus black-box
   > approach.  Non-administrators should be able to modify these Sieve
   > scripts and name them appropriately.
   > 

   I'm not sure I understand what you mean. By "non-administrators" do you
   mean "people who need to administer cyrus but don't have any other
   access to the box than via pop3/imap or sieve ports"?

I think that you addressed my concerns in your second proposal.  I'm
not sure I love the idea of the "folder" command in timsieved, but
I'll have to contemplate.

I think there's also a question about whether at most one sieve script
should apply to any folder or whether multiple Sieve scripts might
apply to incoming messages to one folder, and how they should be
concatenated if so.

   Currently, a script can be applied to messages delivered to a single
   folder, for example, the user "fred". So, fred can create a script
   "myscript.script". "fred" then wants to apply this script to messages
   delivered to the folder "user.fred". How does he do this? "Magic
   directories" are used, say /var/lib/sieve/f/fred/default. I don't really
   see anything suggested that does more "magic" beyond this concept.

Yes, what I was emphasizing is that there has to be a coherent
image of what's going on seperate from how we represent things on the
filesystem, since really the filesystem is just a database.

We want the world from outside the server to be a logical system; you
shouldn't need to know how things are implemented behind the scenes.

Likewise, things like "sieveusehomedirs" are only there for making
things easy for some people; in general, it's not how Cyrus is meant
to be used.

Larry

Re: RFC: Sieving mail delivered directly to shared/public folders

2001-11-08 Thread Ian Castle


On Thu, 2001-11-08 at 06:44, Ian Castle wrote:
> 
> And I have a question - why is the existing name space magic cluttered
> up with the hash on the user name? Not saying it is unneeded - but if it
> is needed, then why isn't a similar hash needed in the folder directory?
> 

Sorry, I was being ignorant. I've now noticed "hashimapspool" in
imapd.conf. Deep Deep magic.

Re: RFC: Sieving mail delivered directly to shared/public folders

2001-11-07 Thread Ian Castle

On Wed, 2001-11-07 at 22:22, Lawrence Greenfield wrote:
> The other thing to consider is how to keep the Cyrus black-box
> approach.  Non-administrators should be able to modify these Sieve
> scripts and name them appropriately.
> 

I'm not sure I understand what you mean. By "non-administrators" do you
mean "people who need to administer cyrus but don't have any other
access to the box than via pop3/imap or sieve ports"?

Who wants to write a script for a public folder? Just the cyrus
administrator - or some other concept such as the "owner of a particular
folder"? At the moment I am under the impression that public folders are
created by someone using "cyradm" who creates the folder and then grants
rights on that folder to other users.

At the moment I am thinking that only the user of cyradm (i.e."admins:"
in imapd.conf) should be able to create scripts for public folders. But
are you suggesting that anyone with a certain access or combination of
access should be able to edit scripts for folders?

> Magic directories just don't cut it.

Currently, a script can be applied to messages delivered to a single
folder, for example, the user "fred". So, fred can create a script
"myscript.script". "fred" then wants to apply this script to messages
delivered to the folder "user.fred". How does he do this? "Magic
directories" are used, say /var/lib/sieve/f/fred/default. I don't really
see anything suggested that does more "magic" beyond this concept.

We have a folder name space "user.fred", "user.tom", "user.harry" and
somehow the scripts that apply to this particular name space are mapped
to an alternative, filesystem based namespace.

Surely the issue is that in addition to the script itself, there is some
additional information that says which folder (or rather the act of
deliver to which folder) that script applies to.

The alternative to the "magic directories" that we already have would be
to extend the Sieve language itself, so as well as the "requires"
statement you would have an "appliesto" statement, or "scope" e.g.

[scope "user.fred"]
[requires "fileinto" ]

if address :all :is "From" "[EMAIL PROTECTED]" ]
{
   fileinto "user.fred.someone";
}

Now, I am sure you don't want to do that - although it has some appeal!

However, the magic is already pretty deep...

Fred thinks of his folder as "INBOX". This is "magicked" to the imap
folder "user.fred", which is "magicked" to the file system name 
$partition_default/user/fred. The scripts that apply to this directory
are "magicked" to either $sievedir/hash($user)/$user or
homedir($user)/.sieve.

This mapping could be brought closer still to the imap namespace. So the
imap folder

"user.fred" maps to the system name "$partition_default/user/fred"

So the sieve script could be

"$sievedir/user/fred"

[I'm not really sure why it is necessary to have a hash for the user
folder for sieve scripts, but not for the imap system public folders - I
don't see that deliver has to do any more operations on the sieve
directory than the user directory - or perhaps it is a hangover from
when the sieve user directory was a flat file?]

Apply the _same_ concept to an arbitrary folder name, we have the imap
folder some.interesting.public.folder mapping to the filesystem name

$partition_default/some/interesting/public/folder

and the sieve scripts that apply to that folder would be

$sievedir/some/interesting/public/folder

The magic might still be there - but it is the same magic.

How can we tell? Look at what would be required to extend sieveshell...
all we would need is an extra command, say "folder" which takes as its
parameters an imap folder name. If the folder command (aka "cd") is not
issued, then the script applies to the default folder for the
authenticated user - i.e. INBOX (or user.fred if it was fred logging
in).

sieveshell imap-server
> folder some.interesting.public.folder
> put myscript.script
> list
myscript
> activate myscript
> quit

Because the concept is the same (no extra magic) you don't have to
change the mechanism in an way - if you don't try to change your
"current working folder" then nothing is changed in the behaviour at
all. The folder command can also test some the acl.

sieveshell -u fred imap-server
> folder user.bill
ERR: You can't do this, folder still user.fred
> quit

Anyway. I think I understand that you are saying:

1. It should be possible for non-admins to install scripts on folders
given some undefined set of access rights.
2. New magic is being introduced to map imap folders to file system
directories.

My response is

1. Interesting idea. Can be done given a suitable definition of the
access rights.
2. No new magic. I'm simply *explicitly* defining the magic that is
already there and stating that it *already* applies to *any* imap
folder. The alternative would be to extend the sieve language itself,
which probably isn't a good thing.

And I have a question - why is the existing name space magic cluttered
up with the hash on the

Re: RFC: Sieving mail delivered directly to shared/public folders

2001-11-07 Thread Amos Gouaux

> On Wed, 7 Nov 2001 17:22:08 -0500,
> Lawrence Greenfield <[EMAIL PROTECTED]> (lg) writes:

lg> The other thing to consider is how to keep the Cyrus black-box
lg> approach.  Non-administrators should be able to modify these Sieve
lg> scripts and name them appropriately.

lg> Magic directories just don't cut it.

This was a puzzle to me too.  Along the tangent of placing the
script within the folder itself, I wondered if maybe those with the
'a' ACL might be allowed to modify the script.  Though, who knows
how they would even get to it.

-- 
Amos

Re: RFC: Sieving mail delivered directly to shared/public folders

2001-11-07 Thread Lawrence Greenfield


The other thing to consider is how to keep the Cyrus black-box
approach.  Non-administrators should be able to modify these Sieve
scripts and name them appropriately.

Magic directories just don't cut it.

Larry

Re: RFC: Sieving mail delivered directly to shared/public folders

2001-11-07 Thread Amos Gouaux

> On Wed, 7 Nov 2001 21:12:48 -,
> Ian Castle <[EMAIL PROTECTED]> (ic) writes:

ic> Oh dear. I can see a whole new imap function coming on - ". SIEVE folder
ic> script"...

Actually, in one of my more perverse moments I actually wondered
about storing the sieve scripts in the same directory as the
intended IMAP folder.  It's got to stat that directory anyway

ic> Given that sievesystemscripts == /var/lib/sieve/system
ic> So.. call sieve_find_script( anyone, "some.interesting.folder" )

ic> if the directory /var/lib/sieve/some exists then look for the directory
ic> /var/lib/sieve/some/interesting, if that exists look for the directory
ic> /var/lib/some/interesting/folder.

ic> so it would try /var/lib/sieve/some/interesting/folder/default, then
ic> /var/lib/sieve/some/interesting/default, then /var/lib/sieve/some/default
ic> and finally
ic> /var/lib/sieve/default.

ic> A handy side effect of simply checking the directory, rather than for the
ic> presence of the file "default" would be that if default did not exist then
ic> no script would be run... so you could have a script applying only to some
ic> folders in the middle of the hierarchy... not above, and not below.

Interesting

ic> I'll code that up if you like an you can try it ;-).

That's why we've got a prototype box.  ;-)

Though, it is running a CVS pull (2.1pre).

-- 
Amos

RE: RFC: Sieving mail delivered directly to shared/public folders

2001-11-07 Thread Ian Castle



> So maybe for a post to "[EMAIL PROTECTED]",
> the script would be in /var/lib/sieve/system/public/interestingmessages/ ?
> Or would this be tooo bizarre?
>
> I'd love to have the ability of running Sieve for some of our shared
> folders, but must admit to being a tad concerned about running *all*
> our shared folder mail through one script.  I don't know about
> y'all, but we've got at least a hundred or so shared folders.  At
> the very least this might make for a somewhat unwieldy script.  Some
> of these folders also see a lot of traffic, so for these I'd be
> inclined to not have them go through a script at all.
>


M... That seems to be a reasonable thing to want to do

The concept of "scope" in sieve is a bit lacking.. It could be argued that
there is a similar limitation in the processing of an individuals folders...
Again, you could concievably want different, complex scripts for different
subfolders... At the moment, sieve just applies to "INBOX".

Of course, it would be nice to invoke sieve at arbitrary times - not just at
delivery either...

Oh dear. I can see a whole new imap function coming on - ". SIEVE folder
script"...

Anyway, deliver is doing:

sieve( username, "user.username", default ),

and you want to be able to do

  sieve( "anyone", some.arbitrary.folder, default )

ie. sieve( security_context, folder_to_sieve, script_to_sieve_with ).

So... the function sieve_find_script (returns handle to script file) needs
some extra parameters - in addition to the user, it wants the name of a
folder ("INBOX" being the default for a user), then it wants to look in
subdirectories until it finds the best match.

FUNC sieve_find_script(  string user, string folder_spec ) {
  /* folder_spec might be some.interesting.folder */

  directory is firstpart of folderspec

  if directory exists then
   directory is concat( directory + next element of folderspec )
   repeat that bit until it no longer exists
  endif

  then open the file "default" in the last directory found...

}

Does that make sense?

Given that sievesystemscripts == /var/lib/sieve/system
So.. call sieve_find_script( anyone, "some.interesting.folder" )

if the directory /var/lib/sieve/some exists then look for the directory
/var/lib/sieve/some/interesting, if that exists look for the directory
/var/lib/some/interesting/folder.

so it would try /var/lib/sieve/some/interesting/folder/default, then
/var/lib/sieve/some/interesting/default, then /var/lib/sieve/some/default
and finally
/var/lib/sieve/default.

A handy side effect of simply checking the directory, rather than for the
presence of the file "default" would be that if default did not exist then
no script would be run... so you could have a script applying only to some
folders in the middle of the hierarchy... not above, and not below.

I'll code that up if you like an you can try it ;-).

RFC: Sieving mail delivered directly to shared/public folders

2001-11-07 Thread Ian Castle


Introduction

The following is an implementation of the facility to allow mail
delivered directly to a shared/public folder to be filtered with sieve.

For example, you might have a shared folder "public.interestingmessages"
and deliver mail to it using an address of
"[EMAIL PROTECTED]".

The facility is enabled using a new option in /etc/imapd.conf -
"sievesystemscripts". If this option is not set then public folder
filtering will not be enabled - ie. if you don't change anything, the
behaviour of the system is unchanged.

"sievesystemscripts" should be set to a directory accessible by the
deliver process - but not accessible by ordinary users! Deliver will
then look for a sieve script in this directory. If one exists then it
will be used to filter the email sent to the public folders. The script
should be sent up in the usual way - called something sensible such as
"public.script" then linked to with the symlink "default". Note that
timsieved will not be able to access this directory. This is probably a
good thing - but you will need to have access to your cyrus server host
in order to set things up.

Public folder filtering is performed with the security context of
"anyone". So for example, your script will only be able to "fileinto" a
folder with an appropriate ACL for "anyone". This is probably the most
contentious point - but I can't see anything wrong in practice - public
folders by there nature are accessible to anyone, and I'm only really
interested in fileto and reject actions (setting flags might be an
issue?). As the concept of "anyone" already exists, there is no need to
mess about creating new "dummy" users etc. And using "anyone" seems to
work quite neatly.

Applications


The obvious application is to do some kind of spam filtering on your
public folders. In addition, I have various automatically generated
reports from customer systems. The systems are configured with to send
to a single well know email address - which maps to a public folder on
our mail store. This has become rather cluttered over time and was being
manually filtered.. which was somewhat time consuming. The sieve script
is set to filter on the basis of the sender address, allow mail to be
automatically organised by customer and/or function. An additional
benefit is that the "well known" email address does not have to be
changed.

Example
---

imapd.conf
..
configdirectory: /var/imap
partition-default: /home/imap
admins: root cyrus
allowanonymouslogin: no

# To use the PAM for authentication (but not /etc/passwd or shadow),
change
# the following line to specify "pam" instead of "sasldb".
# sasl_pwcheck_method: sasldb
sasl_pwcheck_method: pam

# Sieve can send email
sendmail: /usr/sbin/sendmail
sieveusehomedir: false
sievedir: /var/lib/sieve
sievesystemscripts: /var/lib/sieve/system


They key thing here is the addition of sievesystemscripts

...
$ ls -l /var/lib/sieve/system
total 4
lrwxrwxrwx1 cyrusmail 11 Nov  5 12:55 default -> spam.script
-rw---1 cyrusmail499 Nov  7 15:28 spam.script
...

cat spam.script
.
require ["fileinto","reject"];

if address :all :is ["From"] ["[EMAIL PROTECTED]"]
{
fileinto "public.help.customer1.fax";
}

if address :all :is ["From"] ["[EMAIL PROTECTED]"]
{
fileinto "public.help.customer2.fax";
}

if address :all :is ["From"] ["[EMAIL PROTECTED]"]
{
fileinto "public.help.customer1.amanda";
}

if address :localpart :contains ["To"] ["bb+public.test"]
{
reject "This folder has been disabled";
}

if header :is "X-SPAM" "yes"
{
fileinto "public.spam";
}

...

[Note, in case you are wondering - spam *really* does have the header
"X-SPAM" set to yes. Spam detection happens on the way in to our
network, and mail deemed to be spam is labeled. This is a way to
separate mechanism from policy. Individual users can do what they want
with spam - either discard it or file it. And I can set an appropriate
policy for the public folders.]

Implementation
--

My example implementation is against cyrus 2.0.16, not against CVS head.
This is because I am running 2.0.16, so I've been able to test it. I
will redo the diff against CVS if the basic idea seems OK... but I won't
be able to test it so well.

The patch is not very invasive - only imap/lmptd.c is touched (plus the
documentation). It probably ought to be applied to the lmtpproxyd.c -
but again, I won't bother to test that as I won't be using it.

I've tried to follow the same coding conventions that already exist in
the source, so hopefully it should be fairly easy to understand.

.

diff -Naur cyrus-imapd-2.0.16-orig/doc/install-sieve.html 
cyrus-imapd-2.0.16/doc/install-sieve.html
--- cyrus-imapd-2.0.16-orig/doc/install-sieve.html  Fri Jan  5 01:59:03 2001
+++ cyrus-imapd-2.0.

Re: RFC: Sieving mail delivered directly to shared/public folders

Re: RFC: Sieving mail delivered directly to shared/public folders

Re: RFC: Sieving mail delivered directly to shared/public folders

Re: RFC: Sieving mail delivered directly to shared/public folders

Re: RFC: Sieving mail delivered directly to shared/public folders

Re: RFC: Sieving mail delivered directly to shared/public folders

Re: RFC: Sieving mail delivered directly to shared/public folders

Re: RFC: Sieving mail delivered directly to shared/public folders

Re: RFC: Sieving mail delivered directly to shared/public folders

RE: RFC: Sieving mail delivered directly to shared/public folders

RE: RFC: Sieving mail delivered directly to shared/public folders

Re: RFC: Sieving mail delivered directly to shared/public folders

RE: RFC: Sieving mail delivered directly to shared/public folders

RE: RFC: Sieving mail delivered directly to shared/public folders

Re: RFC: Sieving mail delivered directly to shared/public folders

Re: RFC: Sieving mail delivered directly to shared/public folders

Re: RFC: Sieving mail delivered directly to shared/public folders

Re: RFC: Sieving mail delivered directly to shared/public folders

Re: RFC: Sieving mail delivered directly to shared/public folders

Re: RFC: Sieving mail delivered directly to shared/public folders

RE: RFC: Sieving mail delivered directly to shared/public folders

RFC: Sieving mail delivered directly to shared/public folders

22 matches

Site Navigation

Mail list logo

Footer information