Summary: No problems found with this document   Summary of document: This document specifies an extension to an existing file format. That file format is defined in RFC5228 and specifies a format for incoming mail filtering and sorting rules (e.g. if subject field contains “Viagra” delete the message). This extension defines an ‘include’ command, which allows someone to hierarchically organize mail filtering rules into separate files. The goal (among others) is so that there can be some common filters that lots of users might want to use, users can reference them with ‘include’ commands rather than copying their bodies into their own filtering rules, and the common filters can then be updated by a central authority and changes will automatically be reflected in each user’s rules. This extension only introduces one interesting new security concern, and it is covered well in the security considerations. That concern is that a user might be able to trick the mail sorting utility into opening files that the user would not have permission to open. Depending on the OS, this might or might not be easy for the mail sorting utility to avoid, but the security considerations points out several variations, like making sure that file names really are file names (and not something that could escape itself into a shell script) and checking the access rules on the files to make sure that there is no privilege elevation.   Radia