Skip to main content


This section contains the reference documentation for the functions available from Sieve expressions in the trusted interpreter. Currently not all functions are documented, but the list will be expanded over time.

Directory queries

The query function is used to execute an SQL or LDAP query on the directory. It expects as the first argument the directory name, followed by the query string and as third argument an array with the query values.

For example:

require ["variables", "vnd.stalwart.expressions", "envelope", "reject"];

set "triplet" "${env.remote_ip}.${envelope.from}.${}";

if eval "!query('sql', 'SELECT 1 FROM greylist WHERE addr=? LIMIT 1', [triplet])" {
eval "query('sql', 'INSERT INTO greylist (addr) VALUES (?)', [triplet])";
reject "422 4.2.2 Greylisted, please try again in a few moments.";

Or, to set the result of the query in a variable:

require ["variables", "include", "vnd.stalwart.expressions", "reject"];

global "score";
set "awl_factor" "0.5";

let "result" "query('sql', 'SELECT score, count FROM awl WHERE sender = ? AND ip = ?', [env.from, env.remote_ip])";

let "awl_score" "result[0]";
let "awl_count" "result[1]";

if eval "awl_count > 0" {
if eval "!query('sql', 'UPDATE awl SET score = score + ?, count = count + 1 WHERE sender = ? AND ip = ?', [score, env.from, env.remote_ip])" {
reject "update query failed";
let "score" "score + ((awl_score / awl_count) - score) * awl_factor";
} elsif eval "!query('sql', 'INSERT INTO awl (score, count, sender, ip) VALUES (?, 1, ?, ?)', [score, env.from, env.remote_ip])" {
reject "insert query failed";

External programs

The exec function is used to execute external binaries, for example:

require "vnd.stalwart.expressions";

if eval "!exec('/opt/stalwart/bin/', [env.remote_ip, envelope.from])" {
reject "You are not allowed to send e-mails.";