Internet Engineering Task Force T. Hansen Internet-Draft AT&T Laboratories Expires: January 10, 2005 July 12, 2004 Sieve Extension: Bodypart Loops draft-hansen-sieve-loop-00.txt Status of this Memo This document is an Internet-Draft and is subject to all provisions of section 3 of RFC 3667. By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she become aware will be disclosed, in accordance with RFC 3668. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http:// www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on January 10, 2005. Copyright Notice Copyright (C) The Internet Society (2004). All Rights Reserved. Abstract The current Sieve language has no looping mechanism, a way to look at individual parts, or any way to manipulate those individual parts. This document defines extensions for each of these needs. Note This document can be discussed in the MTA-FILTERS mailing lists, ietf-mta-filters@imc.org. Hansen Expires January 10, 2005 [Page 1] Internet-Draft Sieve Loops July 2004 1. Introduction Sieve scripts are used to make decisions about the disposition of a mail message. The original Sieve spec, RFC 3028, [1], defined operators for looking at the message headers, such as addresses and the subject. Other extensions provide access to the body of the message, or allow you to manipulate the header of the message. But none of these extensions take into acount that MIME messages are often complex objects, consisting of many parts and sub-parts. This extension defines mechanisms for looping through the body parts, changing the contents of a body part, and enclosing the message with a wrapper. 2. Sieve Loops The current Sieve language has no looping mechanism. Given that messages may contain multiple attachments, in order to support filters that apply to any and all attachments, we introduce a new control command: "for.every.part", which is an iterator that walks though every mime part of a message, including nested parts, and applies the specified filter to each of them. The iterator will start with the first mime part (as its current context) and will execute a command block (Sieve commands enclosed by { ...}). Upon completion of this command block, the iterator advances to the next mime part (as it current context) and will execute the same command block again. The iterator can be terminated prematurely by a new sieve command, "break". 3. Sieve Parts For Sieve tests on mime parts, a new Sieve test (part) is defined. The "part" will examine the current mime part context (as set by the "for.every.part" iterator). Similar in concept to the Sieve "address" test, it will parse the mime header lines so that tests can be performed on specific elements. The part test has these options available: :filename examines the "Content-Disposition:" header field for its "filename" parameter. If there is no "Content-Disposition:" header field, then it will look at the "Content-Type:" header field for the "name" parameter. :type examines the "Content-Type:" header field type parameter. :subtype examines the "Content-Type:" header field subtype parameter. Hansen Expires January 10, 2005 [Page 2] Internet-Draft Sieve Loops July 2004 4. Sieve Part Replacement A new sieve action command is defined to allow the mine part to be replaced by a text message. The "replace" command causes the current mime part to be removed and replaced with a text/plain part with the text supplied by the command. (Replacing a MIME part will not alter the overall message structure, whereas defining an action to delete a MIME part WOULD affect the overall message structure.) 5. Sieve Enclose Message The "enclose" action will enclose the original message as an attachment with the text specified. This enclose action takes precedance over all other message modifications, such as "replace". If multiple "enclose" actions are executed by a script, only the text specified on the last one is used when creating the enclosed message. This action does not affect messages that are forwarded via "redirect" action. 6. Sieve Identifiers A Sieve implementation that defines the "for.every.part", "break" and "part" actions has an identifier "for.every.part" for use with the capability mechanism. A Sieve implementation that defines the "replace" action has an identifier "replace" for use with the capability mechanism. A Sieve implementation that defines the "enclose" action has an identifier "enclose" for use with the capability mechanism. 7. Examples 7.1 Example 1 A Sieve script to replace all the JPEG attachments in a message would be: require [ "for.every.part", "replace" ]; for.every.part { if ( anyof ( part :subtype :is "jpeg", part :filename :matches "*.jpg" ) { replace "Attachment removed by user filter"; } } Hansen Expires January 10, 2005 [Page 3] Internet-Draft Sieve Loops July 2004 7.2 Example 2 A Sieve script to warn the user about executable attachment types would be: require [ "for.every.part", "enclose" ]; for.every.part { if part :filename :matches ["*.com", "*.exe", "*.vbs", "*.scr", "*.pif", "*.hta", "*.bat", "*.zip" ] { # these attachment type are executable enclose " WARNING! The enclosed message contains executable attachments. These attachments types may contain a computer virus program that can infect your computer and potentently damage your data Before clicking on these message attachments, you should verify with the sender that this message was sent by them and not a computer virus. "; break; } } 8. Security Considerations To be provided 9. IANA Considerations To be provided 10 Normative References [1] Showalter, T., "Sieve: A Mail Filtering Language", RFC 3028, January 2001. Author's Address Tony Hansen AT&T Laboratories 200 Laurel Ave. Middletown, NJ 07748 USA EMail: tony+sieveloop@maillennium.att.com Hansen Expires January 10, 2005 [Page 4] Internet-Draft Sieve Loops July 2004 Intellectual Property Statement The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Disclaimer of Validity This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Copyright Statement Copyright (C) The Internet Society (2004). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. Acknowledgment Funding for the RFC Editor function is currently provided by the Internet Society. Hansen Expires January 10, 2005 [Page 5]