Sieve Email Filtering: delivery by mailboxid

Introduction Sieve rules are sometimes created using graphical interfaces which allow users to select the mailbox to be used as a target for a rule. If that mailbox is renamed, the client may also update its internal representation of the rule and update the sieve script to match, however this is a multi-step process and subject to partial failures. Also, if the folder is renamed by a different mechanism (e.g. another IMAP client) the rules will get out of sync. By extending fileinto to reference an immutable mailboxid, sieve rules can continue to target the same mailbox, even if it gets renamed.

Conventions Used In This Document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.

Sieve capability string The server advertises the capability "mailboxid", and scripts which use the following extensions MUST explicitly request the capability "mailboxid". Example: require "mailboxid";

Argument ":mailboxid" to Command "fileinto" Normally, the "fileinto" command delivers the message in the mailbox specified using its positional mailbox argument. However, if the optional ":mailboxid" argument is also specified, the "fileinto" command first checks whether a mailbox exists in the user's personal namespace with the specified MAILBOXID. If a matching mailbox is found, that mailbox is used for delivery. If there is no such mailbox, the "fileinto" action proceeds as it would without the ":mailboxid" argument. The tagged argument :mailboxid to fileinto consumes one additional token, a string with the objectid of the mailbox to file into. Example: require "fileinto"; require "mailboxid"; if header :contains ["from"] "coyote" { fileinto :mailboxid "F6352ae03-b7f5-463c-896f-d8b48ee3" "INBOX.harassment"; }

Interaction with "mailbox" extension For servers which also support the mailbox extension, the ":create" modifier to fileinto does not create the mailbox with the specified mailboxid, however it may be specified and interacts as normal with all other extensions. Example: require "fileinto"; require "mailboxid"; require "mailbox"; fileinto :mailboxid "Fnosuch" :create "INBOX.no-such-folder"; # creates INBOX.no-such-folder, but it doesn't # get the "Fnosuch" mailboxid.

Interaction with "specialuse" extension For servers which also support delivery to special-use mailboxes, if a fileinto command has both ":mailboxid" and ":special-use" specified, then the mailboxid is resolved first. If a mailbox with the specified mailboxid does not exist, then the process specified in is followed - which includes processing of ":create" tags to add the special-use to the created mailbox. Example: require "fileinto"; require "mailboxid"; require "special-use"; if header :contains ["from"] "coyote" { fileinto :mailboxid "F6352ae03-b7f5-463c-896f-d8b48ee3" :specialuse "\\Junk" "INBOX.harassment"; } Example: require "fileinto"; require "mailboxid"; require "mailbox"; require "special-use"; fileinto :mailboxid "F1234567" :specialuse "\\Archive" :create "INBOX.Archive"; # creates INBOX.Archive with use \Archive but # with a different mailboxid.

Interaction with "fcc" extension This document extends the definition of the ":fcc" argument defined in so that it can optionally be used with the ":mailboxid" argument. FCC =/ [":mailboxid" <mailboxid: string>] If the optional ":mailboxid" argument is specified with ":fcc", it instructs the Sieve interpreter to check whether a mailbox exists with the specific mailboxid. If such a mailbox exists, the generated message is filed into that mailbox. Otherwise, the generated message is filed into the ":fcc" target mailbox. Example: require ["enotify", "fcc", "mailboxid"]; notify :fcc "INBOX.Sent" :mailboxid "F6352ae03-b7f5-463c-896f-d8b48ee3" :message "You got mail!" "mailto:ken@example.com";

Test ":mailboxidexists" The "mailboxidexists" test is true if all mailboxes listed in the "mailboxids" argument exist in the mailstore, and each allows the user in whose context the Sieve script runs to "deliver" messages into it. When the mailstore is an IMAP server, "delivery" of messages is possible if: a) the READ-WRITE response code is present for the mailbox (see Section 7.1 of ), if IMAP Access Control List (ACL) is not supported by the server, or b) the user has 'p' or 'i' rights for the mailbox (see Section 5.2 of ). Note that a successful "mailboxidexists" test for a mailbox doesn't necessarily mean that a "fileinto :mailboxid" action on this mailbox would succeed. For example, the "fileinto" action might put user over quota. The "mailboxidexists" test only verifies existence of the mailbox and whether the user in whose context the Sieve script runs has permissions to execute "fileinto" on it. Example: require "fileinto"; require "mailboxid"; if header :contains ["from"] "coyote" { if mailboxidexists "F6352ae03-b7f5-463c-896f-d8b48ee3" { fileinto :mailboxid "F6352ae03-b7f5-463c-896f-d8b48ee3" "INBOX.harassment"; } else { fileinto "INBOX.harassment"; } } Note to implementers: this test behaves identically to the mailboxexists test defined in but operates on mailboxids rather than mailbox names.

Interaction with variables extension There is no special interaction defined, however as an objectid is a string in this document, objectid values can contain variable expansions if is enabled.

Formal Syntax test /= "mailboxidexists" string-list tag /= ":mailboxid" string If is supported: FCC =/ [":mailboxid" <mailboxid: string>]

Security considerations Because mailboxid is always generated by the server, implementations MUST NOT allow sieve to make an endrun around this protection by creating mailboxes with the specified ID by using ":create" and ":mailboxid" in a fileinto rule for a non-existant mailbox. Implementers are referred to the security considerations sections of and .

IANA considerations IANA are requested to add a capability to the sieve-extensions registry: To: iana@iana.org Subject: Registration of new Sieve extension Capability name: mailboxid Description: adds a test for checking mailbox existence by objectid, and new optional arguments to fileinto and :fcc which allow selecting the destination mailbox by objectid. RFC number: this RFC Contact address: The EXTRA discussion list <extra@ietf.org>

Acknowledgements This document borrows heavily from for the matching mailboxexists test, and from for an example of modifying the fileinto command. Thanks to Ned Freed and Ken Murchison and Alexey Melnikov for feedback on the EXTRA mailing list.

Changes (EDITOR: remove this section before publication)

draft-ietf-sieve-mailboxid-00

Adopted into working group per adoption call on list
Updated references to old drafts which have since been published.
Fixed some typoes and simplified some language.
Removed stray leading colon on mailboxexists (thanks Alexey)
Added :fcc to the IANA registration description (thanks Alexey)
Mentioned that variables can be expanded (thanks Alexey)

draft-gondwana-sieve-mailboxid-02

Update document date by a couple of years! Ooops, it got forgotten after a WGLC which got not dissent.
Create xml2rfc v3 output.

draft-gondwana-sieve-mailboxid-01

Switch to :mailboxid tagged parameter value with fallback mailbox name.
Document interaction with "mailbox".
Document interaction with "special-use".
Document interaction with "fcc".
Document security considerations around :mailboxid and :create.

draft-gondwana-sieve-mailboxid-00

Initial version.