How about maildrop? Nothing I know of (except procmail) will use existing .procmailrc files, but e.g. http://www.wonkity.com/~wblock/docs/html/maildrop.html <http://www.wonkity.com/~wblock/docs/html/maildrop.html> shows some examples of migrating (e.g. sendmail configuration, some .procmailrc to .mailfilter examples, etc). AFAIK, maildrop also plays nice with postfix (common on Macs, right?). And there's already a port for maildrop, that's standalone and not merely a plugin into an MTA; I'm not so sure there's a standalone sieve port.
> On Feb 2, 2019, at 20:59, Dave Horsfall <d...@horsfall.org> wrote: > > On Sun, 3 Feb 2019, Joshua Root wrote: > >> No official policy. My view is that the only clear-cut case is when a port >> doesn't build or work at all, anywhere, and there's no real chance of that >> ever changing. > > How about insecure ports such as Procmail? It's a scripting language, with > Shell access, that believes user data; I believe it's no longer maintained > by the author, and the coding style is unreadable, making it difficult to > spot vulnerabilities. > > http://www.cvedetails.com/vendor/225/Procmail.html makes interesting reading, > as does any search for "procmail CVE". Perhaps it's just me, but I don't > think insecure software belongs in MacPorts unless someone is willing to fix > it (and good luck with Procmail). > > There are alternatives; I cannot remember their names. but "sieve" (or > similar) springs to mind. > > -- Dave >