Sieve Import options
Hello Folks,
I am looking for some specifics regarding importing of sieve rules into DS accounts ( user sieve rules) using a cli method eg ldapmodify and using txt files with sieve scripts. This is referred to below on #7 in this nice list of notes I found in an older forum post regarding user-level Sieve rules.
What is the syntax of ldapmodfy to import a simple sieve script in a flat file for example referred to in #7 ?
-john
So, thanks for all the suggestions. Here's a sort of a SUMMARY post to conclude the matter of my questions/research in this and other threads on the subject of user-level Sieve rules.
Some notes on Sieve rules in Sun Messaging Server and its UWC/CE web-interface:
1) Sieve (and its extensions in general) as a language can provide for quite complex rules.
2) As implemented in Sun MTA, only(?) the original RFC 3028 Sieve rules are supported which allow filtering by headers. In particular, the RFC 5173 extension for body matching needs a sponsor for Sun RFE #4763788.
3) As implemented in UWC/CE web-interface for filter management, there are many limitations imposed on filter-definition texts:
3a) Rules have Sun keywords hidden in comments (Name, Order, etc).
3b) Since the comment goes on till the end of line, UWC/CE generated rules are always multiline.
3c) Being multiline values, UWC/CE rules are saved in LDAP as Base64/UTF8 encoded texts, in mailSieveRuleSource attributes.
3d) UWC ignores users' rules that are not in its syntax. From my experiments it seems that UWC overwrites unrecognized rules upon saving its own.
3e) UWC rules always contain the "stop;" action, so processing of a message ends with the first matching rule.
4) Sieve rules can also be used by "imexpire" command to act upon the stored mailboxes, but due to a known bug#6687201, they work unreliably at best (didn't work at all in my tests). Also limited to header matching.
5) Sieve rules have an implicit "keep;" action, so if no rule matched the message, it is kept in the default folder (Inbox).
6) Sieve RFC requests that rule processing should not make duplicates of a message in a single folder. It is however possible (even in UWC/CE) to make rules that copy a message to a folder and keep a copy in Inbox. While perhaps inconvenient, it doesn't waste much disk space due to use of hardlinks to store message-clones.
7) Due to a known bug#6723208 multiline Sieve rules can not be edited in DSCC web-interface. Manual modification of UWC/CE rules can be
done with command-line, "ldapsearch -T -B" to find and decode the rules, and "ldapmodify -b" to save them back with an LDIF file pointing to a text file with the rule.
See example from Shane Hjorth in this thread: [http://forum.java.sun.com/thread.jspa?threadID=5295255].
With all these limitations, there are tricks to effectively use the rules maintained by UWC web-interface:
1) The filtering rule scripts can result in several actions at once, i.e. moving a message to a folder AND redirecting a copy to another destination
e-mail address (or a lost of addresses).
2) If a rule is defined in UWC/CE with only two checkmarks, "Move message to the folder" and "Forward to email address" (without setting the checkmark
"Don't deliver the message to Inbox"), it creates an action with both "fileinto;" and "keep;", which causes a duplicate message in the Inbox, like this:
# ldapsearch -b "ou=people,o=domain.ru,dc=domain,dc=ru" -D "cn=Directory Manager" -j /.ds6pass -T -B 'uid=jim' mailsieverulesource 2>&1 | less
...
mailsieverulesource=#RULE: $Name="test.ru" $Order=43 $Type="DEFAULT_TYPE"
require "fileinto";
#BEGINFILTER
if anyof(header :contains ["From","Sender","Resent-from","Resent-sender","Return-path"] "@test.ru"){
fileinto "UNSORTED-GOOD";
keep;
redirect "my-sms@domain.ru";
stop;
}
#ENDFILTER
If duplicates are not wanted, one should also set the "Don't deliver the message to Inbox" in such rules; this removes the "keep;" action. Copies in the other folder (fileinto) are nonetheless saved.
3) Note however, that if only the e-mail redirection is specified (without filing into a folder), then setting the "Don't deliver the message to Inbox" checkmark would remove the matching messages from this mailbox after sending the copy.
4) If all of the messages coming to a mailbox need to be copied to other address(es), it is convenient to define forwarding addresses instead of a filter. Especially true if local copies of the passing messages are also to be filed in folders of the mailbox (otherwise you'd need to redirect messages in every rule, and maintaining the recipient list may become a hassle).
5) If you need to configure sending copies of a message to a complex e-mail address (i.e. my mail2sms address is a semi-random string generated by the cellular provider), or to a fixed list of addresses, consider making a user account (without a local mailbox, perhaps) with forwarding addresses. Alternatively, you could "hardcode" an address or a list of addresses in the "aliases" file (/opt/SUNWmsgsr/config/aliases) and keep such an address relatively invisible from other administrators (but also from other servers, if you have a group of MTAs).
6) The UWC/CE web-interface limits the number of recipients of a redirected message, by default to two. This is configurable using the mailfiltermaxmailcount option in uwcconfig.properties as per the documentation: [http://docs.sun.com/app/docs/doc/819-4440/6n6jfgcjo?a=view]