Re: [courier-users] mailbot and -T forward / forwardatt
On 15.01.2011 03:40, Sam Varshavchik wrote: # cat testmail.txt | /usr/lib/courier/bin/mailbot -T forward -c UTF-8 -t reply.txt -A 'From: u...@example.org' -s 'Test' 511 Headers specify no receipients. sendmail: Unable to submit message. But without -T parameters it works # cat testmail.txt | /usr/lib/courier/bin/mailbot -c UTF-8 -t reply.txt -A 'From: u...@example.org' -s 'Test' A forward is not a reply. -T controls not just how the content of the generated message is formatted, but also the headers. When you hit the Forward menu item or button in your mail client, the new message comes up without any listed recipients. Same thing here. Ok, then I would need to add -A 'To: $VARIABLE' to mailbot line in mailfilter. After reading documentation there is FROM but This information may or may not be available to maildrop on your system. /etc/courier/courierd: DEFAULTDELIVERY=|| /usr/lib/courier/bin/dotforward | /usr/lib/courier/bin/maildrop -w 90 And documentation also says If the -f option is not given, maildrop looks for the From_ line in the message.. And when doing `set /tmp/variables.txt` in .mailfilter I don't see FROM. So if I would like to use -T forward or -T forwardatt in mailfilter to send auto replies what is needed? -- Yhteistyöterveisin, Jani Ollikainen @ Pronetko Networks Oy -- Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier 20110101 build
On 02.01.11 11:33, Sam Varshavchik wrote: Download: http://www.courier-mta.org/download.php A few minor fixes. Changes: • Suppress logging the contents of a failed AUTH command in syslog, in case it includes encoded passwords. can this differentiate between incvalid usernames and invalid passwords? If not, can this be turned off? I know about potential security problems about revealed passwords, but I would like to know when an attack is done against users' passwords -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I feel like I'm diagonally parked in a parallel universe. -- Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] mailbot and -T forward / forwardatt
Jani Ollikainen writes: On 15.01.2011 03:40, Sam Varshavchik wrote: # cat testmail.txt | /usr/lib/courier/bin/mailbot -T forward -c UTF-8 -t reply.txt -A 'From: u...@example.org' -s 'Test' 511 Headers specify no receipients. sendmail: Unable to submit message. But without -T parameters it works # cat testmail.txt | /usr/lib/courier/bin/mailbot -c UTF-8 -t reply.txt -A 'From: u...@example.org' -s 'Test' A forward is not a reply. -T controls not just how the content of the generated message is formatted, but also the headers. When you hit the Forward menu item or button in your mail client, the new message comes up without any listed recipients. Same thing here. Ok, then I would need to add -A 'To: $VARIABLE' to mailbot line in mailfilter. After reading documentation there is FROM but This information may or may not be available to maildrop on your system. /etc/courier/courierd: DEFAULTDELIVERY=|| /usr/lib/courier/bin/dotforward | /usr/lib/courier/bin/maildrop -w 90 And documentation also says If the -f option is not given, maildrop looks for the From_ line in the message.. And when doing `set /tmp/variables.txt` in .mailfilter I don't see FROM. So if I would like to use -T forward or -T forwardatt in mailfilter to send auto replies what is needed? You should have $SENDER available. And, once again, make sure that you fully understand how all your manufactured shell scripting needs to quote its variables. Otherwise, you'll have an exploitable security hole on your hands. pgpWDbvWPP1r7.pgp Description: PGP signature -- Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier 20110101 build
Matus UHLAR - fantomas writes: On 02.01.11 11:33, Sam Varshavchik wrote: Download: http://www.courier-mta.org/download.php A few minor fixes. Changes: • Suppress logging the contents of a failed AUTH command in syslog, in case it includes encoded passwords. can this differentiate between incvalid usernames and invalid passwords? If not, can this be turned off? Explain how you were able to tell the difference previously. You couldn't. I know about potential security problems about revealed passwords, but I would like to know when an attack is done against users' passwords No. Previously, only some opaque encoded blob was logged, whatever its contents were. Furthermore, there is no substantial difference. Look for failed AUTH errors. I see no difference between whether there's userid guessing or password guessing going on. Both the requested userid and password is collected at the same time. Either they are accepted, or they're not. pgpfSo74Tyifh.pgp Description: PGP signature -- Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
