[pfx] Re: Postfix "sendmail -bv" command: Trouble with spamassassin and virtual_aliases

Thu, 29 Jun 2023 09:03:25 -0700 

On Thu, Jun 29, 2023 at 05:21:32PM +0200, Robert Senger via Postfix-users wrote:

> Of course, I could write my own "sendmail" script which takes the
> virtual_alias,

This is possible with care, but not ideal, better would be to find
some way to get the milter to make the relevant queries directly
(without command invocation per lookup, and risk of shell command
injection attacks, ...).


> calls mysql,

This is not a good idea, if using commands, let postmap(1) do that.

> returns sendmail compatible output to spamass-milter,

This could be a little tricky if an alias expands to multiple
users.  What does the milter do in that case?

Also note that virtual alias expansion is recursive, your script might
need to care of that too.

> So, my question is, is there another possibility to expand virtual
> aliases to real virtual user names prior to running milters?

You could define an SQL query that performs the lookup recursively, and
use it from a Python or Perl SQL API in which SQL-injection is easier to
avoid.

> This is my "sendmail -bv" substitute:
> 
> #!/bin/bash
> user=`echo "$2" | sed 's/[<>]//g'`

Modern shells provide a semantically more sound "$( command )" rather
than "`command`" syntax.  Use that instead, and also the printf built-in
(if supported by your shell), is less fragile than "echo":

    user=$(printf "%s\n" "$2" | sed 's/^<//; s/>$//')

> ret=`echo "select destination from virtual_aliases where source=\"$user\";" | 
> /usr/bin/mysql -upostfix -psecretpassword mailserver | tail -n 1`

This reeks of SQL-injection: https://xkcd.com/327/

Closer would be:

    u64=$(printf "%s\n" "$user" | openssl base64 -A)
    ret=$(printf '
        select destination
        from virtual_aliases
        where source=FROM_BASE64("%s")
        limit 1;
        ' "$u64") | /usr/bin/mysql -upostfix -psecretpassword mailserver`

But instead use "postmap":

    ret=$(printf "%s\n" "$user" | postmap -q $(postconf -xh virtual_alias_maps))

> if [ -z "$ret" ]; then
>     echo "nobody... deliverable: mailer local, user $user"
> else
>     echo "nobody... deliverable: mailer local, user $ret"
> fi

But really, none of the above.  The milter should do the lookups
directly in its native programming language, and do something
sensible with multi-valued aliases (lists), ...

-- 
    Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

Reply via email to