It work for me.
I'm using
[SMTP]
SENDMAIL=/usr/sbin/sendmail
cat >> testmail << EOF
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: test
test
EOF
echo "insert into auto_replies (user_idnr,reply_body) values
(23,'some\nsilly\mtest\n')" | mysql dbmail
cat testmail | dbmail-smtp -u testuser
Et voila. It works.
If it doesn't work its because pipe.c is slightly bogus.
The popen call to the SENDMAIL program passes the From or Reply-To
values to the program as parameters without proper shell escaping !!!
This is an exploit waiting to happen (SECURITY ALERT :-).
Try the attached trivial patch.
Ilja, what is your take.
dbmail wrote:
Ok,
Thanks for that.
I will have a look through your thread... And if i find any more info i'll
pass it your way..
;)
cheers,
Dan.
----- Original Message -----
From: "Butch Evans" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Thursday, October 23, 2003 4:50 PM
Subject: Re: [Dbmail] auto_replies (please be kind)
On Thu, 23 Oct 2003, dbmail wrote:
I am using dbmail 1.2 and postfix. Everything is working great.
(except for auto_reply)
You just missed the thread I started with this exact same question.
It ended exactly like every other thread in the archives with this
question....no answer. I don't know if this feature is simply
broken, or it is incompatible with the postfix sendmail program.
Nobody answered the question I asked: Has ANYONE gotten this feature
to work with Postfix? Has anyone gotten this feature to work with
ANY MTA?
So, if you get an answer that works, and is done privately (does not
make it to the list), please, PLEASE send it to me as well. By the
way, I will be happy to forward you the thread I spoke about, if you
wish, or you can look in the archives (it was just 3 days ago, so I
don't think it is in the archives, yet).
--
Butch Evans
BPS Networks
Bernie, MO
573.293.2638
_______________________________________________
Dbmail mailing list
[email protected]
https://mailman.fastxs.nl/mailman/listinfo/dbmail
_______________________________________________
Dbmail mailing list
[email protected]
https://mailman.fastxs.nl/mailman/listinfo/dbmail
--
________________________________________________________________
Paul Stevens mailto:[EMAIL PROTECTED]
NET FACILITIES GROUP PGP: finger [EMAIL PROTECTED]
The Netherlands________________________________http://www.nfg.nl
--- dbmail-1.2/pipe.c.orig 2003-10-23 10:23:07.000000000 +0200
+++ dbmail-1.2/pipe.c 2003-10-23 10:26:11.000000000 +0200
@@ -663,7 +663,7 @@
}
trace(TRACE_DEBUG, "send_reply(): header fields scanned; opening pipe to
sendmail");
- snprintf(comm, MAX_COMM_SIZE, "%s %s", sendmail, replyto ? replyto : from);
+ snprintf(comm, MAX_COMM_SIZE, "%s '%s'", sendmail, replyto ? replyto : from);
if (! (mailpipe = popen(comm, "w")) )
{
