Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
Apple tops the $100B+ tech club
How to get the IRS' attention: Forge nearly $8 million in tax returns, steal identities
Microsoft details Windows 8 for ARM devices
Blogger exposes major Google Wallet security flaw
Web app lets enterprise set security, sharing for Google Apps users
Cloudscaling to offer OpenStack private cloud platform
Valentine's Day Patch Tuesday: Microsoft to issue 9 patches, 4 critical
Mobile World Congress sneak peek: Quad-core smartphones, Ice Cream Sandwich & more
Microsoft details 'Windows on ARM' program
March debut of 'iPad 3' a sure bet, says analyst
Resume Makeover: How an Information Security Professional Can Target CSO Jobs
FBI unbolts Steve Jobs 1991 investigation file
Cisco boosted profit, sales in Q2 while cutting costs
Macs take on the enterprise
/

Full-kilter filter

Related linksToday's breaking news
Send to a friendFeedback

Gearhead archive By Mark Gibbs

Network World, 07/29/02

Avid readers of Network World that you are, we are certain you saw in a recent issue an interesting item titled "Standard may bring order to e-mail chaos".

The standard in question (which is technically a "proposed Internet standard") is the Internet Engineering Task Force's RFC 3028: Sieve: A Mail-Filtering Language.

According to the Sieve home page: "Sieve is a language that can be used to create filters for electronic mail. It is not tied to any particular operating system or mail architecture. It requires the use of RFC 822-compliant messages, but otherwise should generalize to other systems that meet these criteria".

Sieve is a descendent of an earlier attempt at a mail-filtering system called Flame, an extension to the Andrew Mail System from Carnegie Mellon University. As Flame scripts were written in Lisp, this was not something that system administrators could get excited about, and in 1994 work on Sieve began.

The potential power of Sieve is that when implementations become commonplace we'll have a basic filtering system that is independent of any vendor's bizarre ideas of rules (or whatever they choose to call their filtering system) that fails to work reliably and is only barely manageable (and we all know what product we're talking about here, don't we?).

Moreover, Sieve scripts will be portable so it's conceivable that your e-mail client will routinely download updated filters from Internet and intranet sources so common spam messages and anything else undesirable can be efficiently detected and dealt with appropriately.

Again, from the Sieve home page: "The language is powerful enough to be useful, but limited in power in order to allow for a safe server-side filtering system. The intention is to make it impossible for users to do anything more complex (and dangerous) than write simple mail filters, along with facilitating [graphical user interface]-based editors. The language is not Turing-complete, and provides no way to write a loop or a function. Variables are not provided."

So what we have in the RFC is a specification of a basic scripting system and here's a sample script:

if header ["From"] contains ["coyote"] {
forward "acm@frobnitzm.edu";
} else if header "Subject" contains "$$$" {
forward "postmaster@frobnitzm.edu";
} else {
forward "field@frobnitzm.edu";
}

If the header contains the string "coyote" the message is forwarded to an address. Otherwise, if the subject contains "$$$" (a common string found in spam message subjects) then it goes to a different address. Failing either of those tests, the message is forwarded to yet another address. Click here for a much more ambitious example.

The RFC is quite easy to understand and we recommend you read it. It makes the architecture of Sieve quite clear.

But it will take some time for Sieve to become commonplace because there are lots of issues that are yet to be ironed out. For example, how can you prevent scripts from doing bad things? Even though the language doesn't support loops there is still the possibility for all sorts of hacks that could cause problems (for example, multiple message rejections by a script could result in the creation of a mail bomb).

While Sieve is obviously a potentially powerful tool on the client side it is really interesting as an adjunct to an IMAP or SMTP server. Sieve scripts common to all users can automatically examine and manage user mailboxes, reducing workstation overhead, making large-scale distribution of scripts unnecessary and ensuring that corporate standards are maintained in a timely fashion.

There are only a few Sieve implementations available but we suspect that others will appear as add-ons to existing mail servers in short order.

A client-side implementation (claimed to be the first to market) we have yet to try can be found in the Mulberry mail client from Cyrusoft International.

If you are desperate to try a server-side version, check out the Cyrus mail server from Carnegie Mellon University's Computing Services Department. This server, which runs under Unix, supports IMAP, POP3 and KPOP along with a Sieve implementation.

Unfiltered messages to gearhead@gibbs.com.

Comments and suggestions to gh@gibbs.com.

Gibbs Forum
The place to discuss Gibbs's columns.

Check out this week's edition of

Backspin for more musings from Gibbs.

RELATED LINKS


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.