• Home
  • History
  • Annotate
Name Date Size #Lines LOC

..03-May-2022-

doc/H03-May-2022-6,8685,711

examples/H27-Oct-2021-1,5871,358

m4/H27-Oct-2021-9,6868,755

src/H27-Oct-2021-145,365108,882

tests/H27-Oct-2021-24,00018,560

AUTHORSH A D27-Oct-2021214 95

COPYINGH A D27-Oct-2021163 53

COPYING.LGPLH A D27-Oct-202125.9 KiB503418

ChangeLogH A D27-Oct-20211.2 MiB38,60025,471

INSTALLH A D27-Oct-202140.5 KiB904711

Makefile.amH A D27-Oct-20217.6 KiB228202

Makefile.inH A D27-Oct-202140.8 KiB1,2261,101

NEWSH A D27-Oct-202195.9 KiB1,8001,610

READMEH A D27-Oct-202114.8 KiB333263

TODOH A D27-Oct-20214.3 KiB9887

aclocal.m4H A D27-Oct-202142.7 KiB1,1781,070

compileH A D27-Oct-20217.2 KiB349259

config.guessH A D27-Oct-202143.2 KiB1,4811,288

config.rpathH A D27-Oct-202118.1 KiB685588

config.subH A D27-Oct-202135.3 KiB1,8021,661

configureH A D27-Oct-2021472 KiB16,06713,310

configure.acH A D27-Oct-20217.1 KiB246217

depcompH A D27-Oct-202123 KiB792502

dovecot-pigeonhole.m4H A D27-Oct-20211.9 KiB6352

dummy-config.h.inH A D27-Oct-20212.9 KiB10771

install-shH A D27-Oct-202115 KiB519337

ltmain.shH A D27-Oct-2021319.4 KiB11,2508,044

missingH A D27-Oct-20216.7 KiB216143

pigeonhole-config.h.inH A D27-Oct-2021365 1610

pigeonhole-version.hH A D27-Oct-2021158 74

stamp.h.inH A D27-Oct-202114 21

update-version.shH A D27-Oct-20211.6 KiB6547

README

1Pigeonhole for Dovecot v2.4
2
3Introduction
4============
5
6This package is part of the Pigeonhole project (http://pigeonhole.dovecot.org).
7It adds support for the Sieve language (RFC 5228) and the ManageSieve protocol
8(RFC 5804) to the Dovecot Secure IMAP Server. In the literal sense, a pigeonhole
9is a a hole or recess inside a dovecot for pigeons to nest in. It is, however,
10also the name for one of a series of small, open compartments in a cabinet used
11for filing or sorting mail. As a verb, it describes the act of putting an item
12into one of those pigeonholes. The name `Pigeonhole' therefore well describes an
13important part of the functionality that this project adds to Dovecot: sorting
14and filing e-mail messages.
15
16The Sieve language is used to specify how e-mail needs to be processed. By
17writing Sieve scripts, users can customize how messages are delivered, e.g.
18whether they are forwarded or stored in special folders. Unwanted messages can
19be discarded or rejected, and, when the user is not available, the Sieve
20interpreter can send an automated reply. Above all, the Sieve language is meant
21to be simple, extensible and system independent. And, unlike most other mail
22filtering script languages, it does not allow users to execute arbitrary
23programs. This is particularly useful to prevent virtual users from having full
24access to the mail store. The intention of the language is to make it impossible
25for users to do anything more complex (and dangerous) than write simple mail
26filters.
27
28Using the ManageSieve protocol, users can upload their Sieve scripts remotely,
29without needing direct filesystem access through FTP or SCP. Additionally, a
30ManageSieve server always makes sure that uploaded scripts are valid, preventing
31compile failures at mail delivery.
32
33This package provides Sieve support as a plugin to Dovecot's Local Delivery
34Agent (LDA) and Dovecot's LMTP service. The ManageSieve protocol is provided is
35an additional service, next to Dovecot's own POP3 and IMAP services.
36
37Features
38========
39
40  * The Pigeonhole Sieve implementation aims to be admin- and user-friendly.
41    Much like Dovecot itself, common error messages are made as easily
42    understandable as possible. Any crash, no matter how it happened, is
43    considered a bug that will be fixed. The compiler does not bail on the first
44    error, but it looks for more script errors to make debugging more efficient.
45
46  * The Pigeonhole Sieve implementation is, much like the Sieve language itself,
47    highly extensible with new Sieve capabilities. This includes support for
48    third-party plugins. It should eventually provide the necessary
49    infrastructure for at least all currently known relevant (proposed) Sieve
50    extensions. The goal is to keep the extension interface provided by the
51    Sieve implementation as generic as possible, i.e. without explicit support
52    for specific extensions. New similar extensions can then use the same
53    interface methods without changes to the Sieve engine code. If an extension
54    is not loaded using the require command, the compiler truly does not know of
55    its existence.
56
57  * The Pigeonhole Sieve plugin is backwards compatible with the old CMUSieve
58    plugin, which provided Sieve support for older versions of Dovecot. All
59    Sieve extensions supported by the old plugin are also supported by the
60    Pigeonhole Sieve plugin, including those that are now considered to be
61    deprecated.
62
63  * The Pigeonhole Sieve implementation supports executing multiple Sieve
64    scripts sequentially. Using this feature it is possible to execute
65    administrator-controlled Sieve scripts before and after the user's personal
66    Sieve script, guaranteeing that responses and message deliveries are never
67    duplicated. This implementation is based on a draft specification
68    (http://tools.ietf.org/html/draft-degener-sieve-multiscript-00), which
69    defines the Sieve behavior when multiple scripts are executed sequentially
70    on the same message.
71
72  * The Pigeonhole Sieve implementation includes a test suite to automatically
73    assess whether the compiled Sieve engine works correctly. The test suite is
74    an extension to the Sieve language and is therefore easily extended with new
75    tests. Currently, the test suite is mostly limited to testing script
76    processing. The performed actions are not tested fully yet.
77
78  * The Pigeonhole Sieve implementation supports the new and very useful
79    variables extension, which allows maintaining state information throughout
80    a Sieve script across subsequent rules.
81
82  * The Pigeonhole Sieve plugin is distributed with a sieve-test tool that
83    simplifies testing Sieve scripts and provides additional debugging
84    facilities.
85
86Sieve Implementation Status
87===========================
88
89The core of the language (as specified in RFC 5228) is fully supported. In
90addition to that, this Sieve implementation features various extensions. The
91following list outlines the implementation status of each supported extension:
92
93  The language extensions defined in the base specification are fully supported:
94
95    encoded-character (RFC 5228; page 10)
96    fileinto (RFC 5228; page 23)
97    envelope (RFC 5228; page 27)
98
99  The following Sieve language extensions are also supported:
100
101    copy (RFC 3894): fully supported.
102    body (RFC 5173): fully supported.
103    environment (RFC 5183): fully supported (v0.4.0+).
104    variables (RFC 5229): fully supported.
105    vacation (RFC 5230): fully supported.
106      + vacation-seconds (RFC 6131): fully supported (v0.2.3+).
107    relational (RFC 5231): fully supported.
108    imap4flags (RFC 5232): fully supported.
109    subaddress (RFC 5233): fully supported, but with limited configurability.
110    spamtest and virustest (RFC 5235): fully supported (v0.1.16+).
111    date (RFC 5260; Section 4): fully supported (v0.1.12+).
112    index (RFC 5260; Section 6): fully supported (v0.4.7+).
113    editheader (RFC 5293): fully supported (v0.3.0+).
114    reject (RFC 5429; Section 2.2): fully supported.
115    enotify (RFC 5435): fully supported (v0.1.3+).
116        mailto method (RFC 5436): fully supported (v0.1.3+).
117        xmpp method (RFC 5437): is under development and will become available
118          as a plugin.
119    ihave (RFC 5463): fully supported (v0.2.4+).
120    mailbox (RFC 5490; Section 3): fully supported (v0.1.10+), but ACL
121        permissions are not verified for mailboxexists.
122    mboxmetadata and servermetadata (RFC 5490): fully supported (v0.4.7+)
123    foreverypart (RFC 5703; Section 3): fully supported (v0.4.10+).
124    mime (RFC 5703; Section 4): fully supported (v0.4.10+).
125    extracttext (RFC 5703; Section 7): fully supported (v0.4.12+).
126    include (RFC 6609): fully supported (v0.4.0+).
127    imapsieve (RFC 6785): fully supported (v0.4.14+).
128    duplicate (RFC 7352): fully supported (v0.4.3+).
129    regex (draft v08; not latest version): almost fully supported, but
130        UTF-8 is not supported.
131
132  The following deprecated extensions are supported for backwards
133  compatibility:
134
135    imapflags (obsolete draft): fully backwards compatible (v0.1.3+)
136    notify (obsolete draft): fully backwards compatible (v0.1.15+)
137
138    The availability of these deprecated extensions is disabled by default.
139
140  The following Dovecot-specific Sieve extensions are available:
141
142    vnd.dovecot.debug (v0.3.0+):
143        Allows logging debug messages.
144    vnd.dovecot.execute (v0.4.0+; sieve_extprograms plugin):
145        Implements executing a pre-defined set of external programs with the
146        option to process string data through the external program.
147    vnd.dovecot.filter (v0.4.0+; sieve_extprograms plugin):
148        Implements filtering messages through a pre-defined set of external
149        programs.
150    vnd.dovecot.pipe (v0.4.0+; sieve_extprograms plugin):
151        Implements piping messages to a pre-defined set of external programs.
152    vnd.dovecot.report (v0.4.14):
153        Implements sending MARF reports (RFC 5965).
154
155  The following extensions are under development:
156
157    ereject (RFC 5429; page 4): implemented, but currently equal to reject.
158
159  Many more extensions to the language exist. Not all of these extensions are
160  useful for Dovecot in particular, but many of them are. Currently, the
161  author has taken notice of the following extensions:
162
163    replace (RFC 5703; Section 5): planned.
164    enclose (RFC 5703; Section 6): planned.
165    envelope-dsn, envelope-deliverby, redirect-dsn and
166      redirect-deliverby (RFC 6009): planned; depends on lib-smtp changes in
167        Dovecot.
168    extlists (RFC 6134): planned.
169    convert (RFC 6558): under consideration.
170
171    These extensions will be added as soon as the necessary infrastructure is
172    available.
173
174Check the TODO file for an up-to-date list of open issues and current
175development.
176
177Compiling and Configuring
178=========================
179
180Refer to INSTALL file.
181
182Sieve Tools
183===========
184
185To test the sieve engine outside deliver, it is useful to try the commands that
186exist in the src/sieve-tools/ directory of this package. After installation,
187these are available at your $prefix/bin directory. The following commands are
188installed:
189
190sievec       - Compiles sieve scripts into a binary representation for later
191               execution. Refer to the next section on manually compiling Sieve
192               scripts.
193
194sieve-test   - This is a universal Sieve test tool for testing the effect of a
195               Sieve script on a particular message. It allows compiling,
196               running and testing Sieve scripts. It can either be used to
197               display the actions that would be performed on the provided test
198               message or it can be used to test the actual delivery of the
199               message and show the messages that would normally be sent through
200               SMTP.
201
202sieve-dump   - Dumps the content of a Sieve binary file for (development)
203               debugging purposes.
204
205sieve-filter - Allow running Sieve filters on messages already stored in a
206               mailbox.
207
208When installed, man pages are also available for these commands. In this package
209the man pages are present in doc/man and can be viewed before install using
210e.g.:
211
212man -l doc/man/sieve-test.1
213
214Various example scripts are bundled in the directory 'examples'. These scripts
215were downloaded from various locations. View the top comment in the scripts for
216url and author information.
217
218Compiling Sieve Scripts
219=======================
220
221When the LDA Sieve plugin executes a script for the first time (or after it has
222been changed), it is compiled into into a binary form. The Pigeonhole Sieve
223implementation uses the .svbin extension to store compiled Sieve scripts (e.g.
224.dovecot.svbin). To store the binary, the plugin needs write access in the
225directory in which the script is located.
226
227A problem occurs when a global script is encountered by the plugin. For security
228reasons, global script directories are not supposed to be writable by the user.
229Therefore, the plugin cannot store the binary when the script is first compiled.
230Note that this doesn't mean that the old compiled version of the script is used
231when the binary cannot be written: it compiles and uses the current script
232version. The only real problem is that the plugin will not be able to update
233the binary on disk, meaning that the global script needs to be recompiled each
234time it needs to be executed, i.e. for every incoming message, which is
235inefficient.
236
237To mitigate this problem, the administrator must manually pre-compile global
238scripts using the sievec command line tool. For example:
239
240sievec /var/lib/dovecot/sieve/global/
241
242This is often necessary for scripts listed in the sieve_default, sieve_before
243and sieve_after settings. For global scripts that are only included in other
244scripts using the include extension, this step is not necessary, since included
245scripts are incorporated into the binary produced for the main script located in
246a user directory.
247
248Compile and Runtime Logging
249===========================
250
251Log messages produced at runtime by the Sieve plugin are written to two
252locations:
253
254  * Messages are primarily logged to the user log. By default this log file is
255    located in the same directory as the user's main active personal script (as
256    specified by the sieve setting). This log file bears the name of that script
257    file appended with ".log", e.g. ".dovecot.sieve.log". The location of the
258    user log file can also be explicitly configured using the sieve_user_log
259    setting (e.g. for when Sieve scripts are not stored on the local file
260    system).
261
262    If there are errors or warnings in the script, the messages are appended to
263    that log file until it eventually grows too large. When that happens, the
264    old log file is rotated to a ".log.0" file and an empty log file is started.
265    Informational messages are not written to this log file and the log file is
266    not created until messages are actually logged, i.e. when an error or
267    warning is produced.
268
269  * Messages that could be of interest to the system administrator are also
270    written to the Dovecot LDA logging facility (usually syslog). This includes
271    informational messages that indicate what actions are executed on incoming
272    messages. Compile errors encountered in the user's private script are not
273    logged here.
274
275The ManageSieve service reports compile errors and warnings only back to the
276user. System and configuration-related messages are written to the Dovecot
277logging facility.
278
279Known issues
280============
281
282Sieve
283-----
284
285Most open issues are outlined in the TODO file. The more generic ones are (re-)
286listed here:
287
288* Compile errors are sometimes a bit obscure and long. This needs work.
289  Suggestions for improvement are welcome.
290
291* The documentation needs work.
292
293ManageSieve
294-----------
295
296* Although this ManageSieve server should comply with the draft specification of
297  the ManageSieve protocol, quite a few clients don't. This is particularly true
298  for the TLS support. However, now that Cyrus' Timsieved has changed its
299  behavior towards protocol compliance, all those clients will follow
300  eventually.
301
302  Clients known to have TLS issues:
303	- Thunderbird Sieve add-on: fixed as per version 0.1.5
304	- AvelSieve: patch on the wiki:	http://wiki.dovecot.org/ManageSieve
305	- KMail + kio_sieve: TLS broken for old versions. This issue is fixed at
306	  least in kmail 1.9.9 / kde 3.5.9.
307
308  Unfortunately, there is no reliable way to provide a workaround for this
309  problem. We will have to wait for the authors of these clients to make the
310  proper adjustments.
311
312* Other client issues:
313
314	- SmartSieve, WebSieve:
315	  These clients are specifically written for Cyrus timsieved and fail on
316	  multiple stages of the protocol when connected to Pigeonhole ManageSieve.
317
318Authors
319=======
320
321Refer to AUTHORS file.
322
323Contact Info
324============
325
326Stephan Bosch <stephan at rename-it dot nl>
327IRC: Freenode, #dovecot, S[r]us
328Web: http://pigeonhole.dovecot.org
329
330Please use the Dovecot mailing list <dovecot at dovecot.org> for questions about
331this package. You can post to the list without subscribing, the mail then waits
332in a moderator queue for a while. See http://dovecot.org/mailinglists.html
333