Sorry, I should know better than to leave out version, distro, etc.....
It's sendmail-8.9.3 running on Debian potato. All of the online sendmail
docs that I read said that symlinks go in /etc/smrsh, but the man page
says /usr/lib/sm.bin. I think it's a debian thing, since it already
existed and had stuff in it. I tried making an /etc/smrsh, but it didn't
work. Just to make sure I made the perl script chmod 777, and the full
path is world readible (/usr, /usr/local, and usr/local/bin). The man
page for smrsh says:
" Briefly, smrsh limits programs to be in the directory
/usr/lib/sm.bin, allowing the system administrator to
choose the set of acceptable commands. It also rejects
any commands with the characters ``', `<', `>', `|', `;',
`&', `$', `(', `)', `\r' (carriage return), or `\n' (new�
line) on the command line to prevent ``end run'' attacks.
"
which confused me, because it says that it rejects commands that include
a `|`. So, in my .forward, I have tried "|hldfilter",
"|/usr/lib/sm.bin/hldfilter", "|/usr/local/bin/hldfilter", as well as
all three without the "|". I'm at a bit of a loss, here. The easy thing
would be to not use smrsh, but I'm not about to change that ;-)
TIA,
Kenny
Bruce Dawson wrote:
>
> Uhhh. This is strange. What version of sendmail and which distro?
>
> Usually, the symlinks have to go in /etc/smrsh. And does your perl
> script have execute permission? And do its parent directories have
> world-read permissions?
>
> --Bruce
>
> "Kenneth E. Lussier" wrote:
> >
> > All,
> >
> > I am having a weird issue with Sendmail. I set up a filtering system,
> > and I set up my .forward to pipe my mail through the perl script. I'm
> > using smrsh, so I made a symlink to /usr/local/bin/hldfilter in
> > /usr/lib/sm.bin. /home is owned/grouped root, and set to 775. If I set
> > it to 755, I don't get any mail for some reason. Because of this, I get
> > these errors in /var/log/mail.log:
> >
> > Apr 6 19:02:20 marvin sendmail[29919]: TAA29919:
> > from=<[EMAIL PROTECTED]>, size=4255, class=-60, pri=142255, nrcpts=1,
> > msgid=<[EMAIL PROTECTED]>, proto=ESMTP,
> > relay=ztxmail04.ztx.compaq.com [161.114.1.208]
> > Apr 6 19:02:20 marvin sendmail[29920]: TAA29919: forward
> > /home/kenny/.forward.marvin: Group writable directory
> > Apr 6 19:02:20 marvin sendmail[29920]: TAA29919: forward
> > /home/kenny/.forward: Group writable directory
> >
> > If I use the "DontBlameSendmail" option in sendmail.cf and set it to
> > "ForwardFileInUnsafeDirPathSafe, GroupWritableForwardFileSafe,
> > ForwardFileInUnsafeDirPath", smrsh complains with these messages:
> >
> > Apr 6 18:34:01 marvin smrsh: uid 1000: attempt to use hldfilter
> > Apr 6 18:34:01 marvin sendmail[29854]: SAA29853: to="|hldfilter",
> > ctladdr=<[EMAIL PROTECTED]> (1000/1000), delay=00:00:00,
> > xdelay=00:00:00, mailer=prog, stat=Service unavailable
> > Apr 6 18:34:01 marvin sendmail[29854]: SAA29853: SAA29854: DSN: Service
> > unavailable
> > Apr 6 18:34:01 marvin smrsh: uid 1000: attempt to use hldfilter
> > Apr 6 18:34:01 marvin sendmail[29854]: SAA29854: to="|hldfilter",
> > ctladdr=<[EMAIL PROTECTED]> (1000/1000), delay=00:00:00,
> > xdelay=00:00:00, mailer=prog, stat=Service unavailable
> > Apr 6 18:34:01 marvin sendmail[29854]: SAA29854: SAB29854: return to
> > sender: Service unavailable
> > Apr 6 18:34:01 marvin smrsh: uid 1000: attempt to use hldfilter
> > Apr 6 18:34:01 marvin sendmail[29854]: SAB29854: to="|hldfilter",
> > ctladdr=kenny
> > (1000/1000), delay=00:00:00, xdelay=00:00:00, mailer=prog, stat=Service
> > unavailable
> > Apr 6 18:34:01 marvin sendmail[29854]: SAA29854: Saved message in
> > /var/lib/sendmail/dead.letter
> >
> > Can someone point me in the right direction here?
> >
> > TIA,
> > Kenny
> >
> > **********************************************************
> > To unsubscribe from this list, send mail to
> > [EMAIL PROTECTED] with the following text in the
> > *body* (*not* the subject line) of the letter:
> > unsubscribe gnhlug
> > **********************************************************
>
> **********************************************************
> To unsubscribe from this list, send mail to
> [EMAIL PROTECTED] with the following text in the
> *body* (*not* the subject line) of the letter:
> unsubscribe gnhlug
> **********************************************************
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
