[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[draft-melnikov-sieve-external-lists] 3. Security Considerations, Paragraph 2

To: MTA filtering mailing list <ietf-mta-filters@xxxxxxx>
Subject: [draft-melnikov-sieve-external-lists] 3. Security Considerations, Paragraph 2
From: Robert Burrell Donkin <robertburrelldonkin@xxxxxxxxx>
Date: Thu, 30 Jul 2009 13:52:57 +0100
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type:content-transfer-encoding; bh=ivy35eFu9dLK2Gz9h/csdnapV3hj0pMSIx3AW+XLot8=; b=hQCcjIGKgcObJy0hrlCB+nr7CcEaiIkvEsyqKIn6qxKa7+uAXTBx6URuhuEYiv9Y8C +DvQXatVtOeRv+HB9Bt68J+pFbCanEuYj1/L6aDuf/FLGB0Ds4S6cncfo5733OR/FqA+ YNfz4znsltp3o4w/NSRNK/+iSZy/ODe53+Q6I=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=NLXijBr28e5YWHkQWGg+XGvynZYfYG0/CgwdSXBH0nNNUiJ1yq/ph3VCatE99MFBMJ ilp2sTruCPTUnhxHRKaMGwW+Bx04+ZWhi+w8rG/qeGVzXXoCtQpXOxi0WBmRPH/hyxmQ LE9r+v8UM5xcnsZ7SQx8JGZHlV0ZLVERj6bRs=
List-archive: <http://www.imc.org/ietf-mta-filters/mail-archive/>
List-id: <ietf-mta-filters.imc.org>
List-unsubscribe: <mailto:ietf-mta-filters-request@imc.org?body=unsubscribe>
Sender: owner-ietf-mta-filters@xxxxxxxxxxxx

<blockquote cite='http://www.ietf.org/id/draft-ietf-sieve-external-lists-00.txt'>
   A failure to retrieve data due to the server storing the external
   list membership being down or otherwise inaccessible may alter the
   result of Sieve processing.  So implementations SHOULD treat a
   temporary failure to retrieve or verify external list membership in
   the same manner as a temporary failure to retrieve a Sieve script.
   For example, if the Sieve script is stored in the Lightweight
   Directory Access Protocol (LDAP) and the script can't be retrieved
   when a message is processed, then the agent performing Sieve
   processing can, for example, assume that the script doesn't exist or
   delay message delivery until the script can be retrieved
   successfully.  External list memberships should be treated as if they
   are a part of the script itself, so a temporary failure to retrieve
   them should be handled in the same way as a temporary failure to
   retrieve the Sieve script itself.
</blockquote>

how does this error handling behaviour improve security?

what are the advantages of this new error handling language to that
already established in RFC 5228?

- robert

Prev by Date: [draft-melnikov-sieve-external-lists] 3. Security Considerations, Paragraph 3
Next by Date: Working Group Last Call for draft-freed-sieve-notary-05
Previous by thread: [draft-melnikov-sieve-external-lists] 3. Security Considerations, Paragraph 3
Next by thread: Working Group Last Call for draft-freed-sieve-notary-05
Index(es):
- Date
- Thread