JMAP for Sieve ScriptsFastmail US LLC1429 Walnut Street - Suite 1201PhiladelphiaPA19102USAmurch@fastmailteam.com
ART
JMAPJMAPJSONSieveThis document specifies a data model for managing Sieve
scripts on a server using JMAP.
Do we need/want both "content" and "blobId" in the
SieveScript object? It may be simpler to have just one way
of specifying content and "blobId" is more versatile and
doesn't require JSON-encoding of the content.
Furthermore, use of the forthcoming(?) Blob/set method would
avoid the extra roundtrip of having to upload the blob
first.The strawman for SieveScript/test only uses blobIds.
Will this have to change once the issue regarding
content/blobId in SieveScript is resolved?Should ":fcc" and associated arguments (e.g., ":flags",
":create":, etc) reported in the /test response be in their
own "fcc" sub-object rather than listed inline with the rest
of the arguments for the action?JMAP ( – JSON Meta Application
Protocol) is a generic protocol for synchronizing data, such as
mail, calendars or contacts, between a client and a server.
It is optimized for mobile and web environments, and aims to
provide a consistent interface to different data types.
This specification defines a data model for managing Sieve
scripts on a server using JMAP.
The data model is designed to allow a server to provide
consistent access to the same scripts via ManageSieve
as well as JMAP, however the
functionality offered over the two protocols may differ.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL",
"SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT
RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be
interpreted as described in BCP 14 when, and only when, they appear in
all capitals, as shown here.
Type signatures, examples, and property descriptions in
this document follow the conventions established in Section
1.1 of . Data types defined in the
core specification are also used in this document.
The same terminology is used in this document as in the
core JMAP specification, see , Section
1.6.
The term SieveScript (with this specific capitalization) is
used to refer to the data type defined in this document and
instances of those data types.
The capabilities object is returned as part of the JMAP
Session object; see , Section 2. This
document defines one additional capability URI.
This represents support for the SieveScript data type and
associated API methods.
The value of this property in the JMAP Session
capabilities property is an empty object.
The value of this property in an account’s
accountCapabilities property is an object that MUST contain
the following information on server capabilities:
supportsTest:
Boolean
If true, the server supports the
SieveScript/test method.
maxNumberRedirects:
UnsignedInt|null
The maximum number of Sieve "redirect" actions a
script can perform during a single evaluation
(see , Section 1.7),
or null for no limit.
maxNumberScripts:
UnsignedInt|null
The maximum number of Sieve scripts the server is
willing to store for the user,
or null for no limit.
maxSizeScript:
UnsignedInt|null
The maximum size (in octets) of a Sieve script the
server is willing to store for the user,
or null for no limit.
sieveExtensions:
String[]
A list of case-sensitive Sieve capability strings (as
listed in Sieve "require" action , Section 3.2) indicating the
extensions supported by the Sieve engine.
notificationMethods:
String[]|null
A list of URI schema parts
for notification methods supported by the Sieve
"enotify" extension ,
or null if the extension
is not supported by the Sieve engine.
externalLists:
String[]|null
A list of URI schema parts
for externally stored list types supported by the
Sieve "extlists" extension ,
or null if the extension
is not supported by the Sieve engine.
A SieveScript object represents
a single Sieve script.
A user may have multiple SieveScripts on the server, yet only one
script may be used for filtering of incoming messages. This is the
active script. Users may have zero or one active script.
The SieveScript/set method described
below is used for changing the active script or disabling Sieve
processing.
A SieveScript object has the
following properties:
id:
Id
(immutable; server-set)
The id of the script.
name:
String
The unique user-visible name for the script, subject to the
requirements in , Section 1.6.
content:
String
The raw octets of the script.
Note that both Sieve and JSON require encoding of special
characters which MUST be done in the following order:
Escape any double quote (") or backslash (\)
characters appearing inside of quoted strings in the
Sieve code per Section 2.4.2 of .
E.g., A string containing the value \foo becomes
"\\foo".
Escape any double quote ("), backslash (\), tab,
carriage return, or line feed characters appearing in the
resultant Sieve code per Section 7 of .
E.g., The example string in step 1 becomes
\"\\\\foo\".
blobId:
Id
(immutable)
The id of the blob containing the raw octets of the
script.
isActive:
Boolean
(server-set; default: false)
Is this the user's active script?
This is a standard "/get" method as described in
, Section 5.1.
The ids argument may be
null to fetch all at once.
This method provides similar functionality to the GETSCRIPT
and LISTSCRIPTS commands in .
This is a standard "/set" method as described in
, Section 5.3 but with the following
additional request arguments, either of which may be omitted:
replaceOnCreate:
Boolean
(default: false)
If false, any attempt to create a SieveScript having the
same "name" property as an existing SieveScript MUST be
rejected with a "scriptNameExists" SetError.
If true, the existing SieveScript will be destroyed and
the new SieveScript created as a single atomic action.
The id of the replaced SieveScript MUST be reported in the
"destroyed" argument in the response.
onSuccessActivateScript:
Id|null
The id of the SieveScript to activate if the
create/update/destroy succeeds.
(For references to SieveScript creations, this is
equivalent to a creation-reference, so the id will be the
creation id prefixed with a "#".)
If null, the currently active
script (if any) will be deactivated.
If this argument is not present in the request, the
currently active script (if any) will remain as such.
The id of the activated acript MUST be reported in the
"created" or "updated" argument in the response as
appropriate.
The id of the deactivated script, if any, MUST be reported
in the "updated" argument in the response unless the
script was also destroyed.
This method provides similar functionality to the
PUTSCRIPT, DELETESCRIPT, RENAMESCRIPT, and SETACTIVE commands
in .
When creating or updating a script, a client MUST include
either a content or a
blobId property. A request that
includes neither or both properties MUST be rejected with an
"invalidProperties" SetError.
The server MUST check the script content for syntactic
validity, which includes checking that all Sieve extensions
mentioned in Sieve script "require" statement(s) are
supported by the Sieve interpreter.
(Note that if the Sieve interpreter supports the Sieve
"ihave" extension , any
unrecognized/unsupported extension mentioned in the "ihave"
test MUST NOT cause the syntactic validation failure.)
A script of zero length SHOULD be considered invalid.
If the script content is invalid the request MUST be rejected
with a "invalidScript" SetError.Note that simply activating or deactivating a script
without changing any script content is accomplished via a
request containing an "onSuccessActivateScript" argument and
null "create", "update", and
"delete" arguments.The following extra SetError types are defined:
For "create":
scriptNameExists:
A SieveScript already exists with the given
name property,
and the "replaceOnCreate" argument was false.
An existingId property of
type Id MUST be included on
the SetError object with the id of the existing
SieveScript.
tooManyScripts:
Creating the SieveScript would exceed the
maxNumberScripts limit
(see ).
For "create" and "update":
invalidScript:
The SieveScript violates the
Sieve grammar and/or one
or more extensions mentioned in the script's "require"
statement(s) are not supported by the Sieve interpreter.
The description property on
the SetError object SHOULD contain a specific error
message giving the line number of the first error.
For "destroy":
scriptIsActive:
The SieveScript is active and the
"onSuccessActivateScript" argument was not present.
This is a standard "/query" method as described in
, Section 5.5.
A FilterCondition object has the
following properties, any of which may be omitted:
name:
String
The SieveScript "name" property contains the given string.
isActive:
Boolean
The "isActive" property of the SieveScript must be
identical to the value given to match the condition.
The following SieveScript properties MUST be supported for
sorting:
nameisActiveThis method is used by the client to verify Sieve script
validity without storing the script on the server.
The method provides similar functionality to the
CHECKSCRIPT command in .
The SieveScript/validate method
takes the following arguments:
accountId:
Id
The id of the account to use.
content:
String
The raw octets of the script.
blobId:
Id
(immutable)
The id of the blob containing the raw octets of the
script.
A client MUST include
either a content or a
blobId property. A request that
includes neither or both properties MUST be rejected with an
"invalidProperties" SetError.
The content property, if used,
MUST be encoded following the same procedure as for the
content property in the
SieveScript object.
The server MUST check the script content for syntactic
validity, which includes checking that all Sieve extensions
mentioned in Sieve script "require" statement(s) are
supported by the Sieve interpreter.
(Note that if the Sieve interpreter supports the Sieve
"ihave" extension , any
unrecognized/unsupported extension mentioned in the "ihave"
test MUST NOT cause the syntactic validation failure.)The response has the following arguments:
accountId:
Id
The id of the account used for this call.
error:
SetError|null
A SetError object if the request or the script content
invalid, or null if the
script content is valid.
This method is used by the client to ask the Sieve
interpreter to evaluate a Sieve script against a set of emails
and report what actions would be performed for each.
The SieveScript/test method
takes the following arguments:
accountId:
Id
The id of the account to use.
scriptBlobId:
Id
The id of the blob containing the SieveScript to test against.
emailBlobIds:
Id[]
The ids of the blobs containing the Emails to test against.
envelope:
Envelope|null
Information that the Sieve interpreter should assume was
present in the SMTP transaction that delivered the
email when evaluating "envelope" tests.
If null, all "envelope"
tests MUST eveluate to false.
See Section 7 of Email for
the contents of the Envelope object.
lastVacationResponse:
Date|null
The date-time at which the Sieve interpreter should
assume that it last auto-replied to the sender of the
email, or null if the Sieve
interpreter should assume that it has not auto-replied
to the sender.
The response has the following arguments:
accountId:
Id
The id of the account used for this call.
completed:
Id[Action[]]|null
A map of the blob id to a set of
Action types for each Email
successfully processed by the script, or
null if none.
The Action data type is a
tuple, represented as a JSON array containing two elements:
A Stringname of the Sieve
action (e.g., "keep").
A String[*] object
containing named arguments
for that action (e.g., ":flags" or "mailbox").
notCompleted:
Id[SetError]|null
A map of the blob id to a SetError object for each Email
that was not successfully processed by the script, or
null if none.
A "serverFail" SetError (see Section 3.6.2 of
) MUST be used to indicate a
Sieve interpreter run-time error.
The following additional errors may be returned instead of
the "SieveScript/test" response:
"blobNotFound": The script referenced by the blob id could
not be found.
"invalidScript": The referenced script is invalid
(see ).
"serverFail": The referenced script failed preparation to
be executed for some other reason.
The name to use for each argument is a direct mapping of the
argument names as given in the specification of each action.
Tagged and optional arguments MUST use the name of the tag,
minus the leading ":".
Positional arguments MUST use the name of the
argument inside of the angle brackets ("<" and ">") in
the "Usage" line in the specification for the action.
The JSON data type to use for each argument value is a
direct mapping from its Sieve data type, per the following
table:
Sieve TypeJSON TypeNumberNumberStringStringString ListString[]no valueBoolean (true)
Recommendations for constructing the list of arguments are
as follows:
Tagged arguments SHOULD procede positional arguments.Optional arguments in which the value is supplied by
the Sieve interpreter SHOULD be included (e.g., ":from" and
":subject" arguments to the
"vacation" action).Optional arguments in which the value is supplied by
a Sieve variable SHOULD be included (e.g., "keep" or
"fileinto" actions without an explicit ":flags" argument,
but "imap4flags" have been
set on the internal variable).Optional arguments in which the value is the specfied
default MAY be omitted.Tagged arguments that are only used to determine
whether the action will be executed and have no impact on
the result of the action MAY be omitted (e.g., ":days" and
":addresses" arguments to the vacation action).All security considerations of JMAP
apply to this specification.
IANA will register the "sieve" JMAP Capability as follows:
Capability Name:
urn:ietf:params:jmap:sieveSpecification document: this document
Intended use: common
Change Controller: IETF
Security and privacy considerations: this document,
The following sub-section register several new error codes in the
JMAP Error Codes registry, as defined in .
JMAP Error Code: scriptNameExists Intended use: common Change controller: IETF Reference: This document, Description: The client tried to create a SieveScript
with the same "name" property as an existing SieveScript and
the "replaceOnCreate" argument was false.
present.JMAP Error Code: tooManyScripts Intended use: common Change controller: IETF Reference: This document, Description: Creating the SieveScript would exceed the
"maxNumberScripts" limit.JMAP Error Code: invalidScript Intended use: common Change controller: IETF Reference: This document, Description: The SieveScript violates the
Sieve grammar and/or one
or more extensions mentioned in the script's "require"
statement(s) are not supported by the Sieve interpreter.JMAP Error Code: scriptIsActive Intended use: common Change controller: IETF Reference: This document, Description: The client tried to destroy the active
SieveScript, but the "OnSuccessActivateScript" argument was
not present.The concepts in this document are based largely on those in
.
The author would like to thank the authors of that document for
providing both inspiration and some borrowed text for this
document.The author would also like to thank the following
individuals for contributing their ideas and support for
writing this specification: Bron Gondwana, Alexey Melnikov, and
Ricardo Signes.Changes since ietf-00:
Specified that changes made by onSuccessActivateScript MUST
be reported in the /set response as created and/or updated as
appropriate.Reworked and specified more of the /test response based on
implementation experience.Changes since murchison-01:
Explicitly stated that Sieve capability strings are
case-sensitive.errorDescription is now String|null.Added /query method.Added /test method.Changes since murchison-00:
Added IANA registration for "scriptIsActive" JMAP error code.Added open issue about /set{create} with an existing script name.