Mario Olimpio de Menezes [EMAIL PROTECTED] writes:
I have a .forward file with the following line:
|IFS=' ' p=/usr/bin/procmail test -f $p exec $p -Yf- || exit 75
#mario
This used to work under sendmail. Now, I just replaced sendmail
with smail and I can't get my email filtered trough procmail.
snip
Looking at /var/adm/smail/logfile, I found:
12/29/1997 16:00:01: [m0xmjTt-YCa] |IFS=' ' p=/usr/bin/procmail \
test -f $p exec $p -Yf- || exit 75 #mario ... director \
dotforward: child of mario insecure, access as 'nobody'
12/29/1997 16:00:01: [m0xmjTt-YCa] Delivered TO:IFS=' ' \
p=/usr/bin/procmail test -f $p exec $p -Yf- || exit 75 #mario \
ORIG-TO:mario DIRECTOR:dotforward TRANSPORT:pipe
Can somebody help to decipher this for me, please?
Short answer (probably): chmod go-w ~/.forward
Well, for some reason smail is saying that your .forward file is
insecure - the rules smail uses for determining this are explained in
the smaildrct manpage - search for the word unsecure and then go
back and forth from that.
My /etc/smail/directors file (which is as generated by smailconfig)
has the following:
dotforward:
driver=forwardfile, owner=postmaster, nobody, sender_okay;
file=~/.forward,
checkowner, modemask=022, owners=root,
unsecure=0-99:~ftp:~uucp:/tmp:/var/tmp,
This means that a .forward file will be considered secure iff:
1) It is owned by either the user associated with the file
(checkowner), or by root (owners=root)
2) It is not writeable by the group or by others (modemask=022)
3) It is not owned by anyone with a UID in the range 0-99
(unsecure=0-99), nor is it in the directories ~ftp, ~uucp, /tmp, or
/var/tmp. (unsecure=...:~ftp:~uucp:/tmp:/var/tmp)
My suspicion is that your .forward file is writeable by members of
your group - in the debian default way of doing UIDs this isn't really
a security hole, since each user is given her own group. However, if
one is using a different user/group scheme for some reason, this could
cause problems. If your user ID happens to be between 0 and 99 for
some reason, then you can just change the list of unsecure UIDs in
/etc/smail/directors.
The reason why mail is failing is that when smail passes mail to a
pipe it considers insecure, it runs the resulting child process as
user nobody, instead of your user ID. I suspect that procmail is
trying to then modify files that (rightly) it can only modify when
it's you, not when it's the user nobody, and hence failing. Somehow
this failure is not getting communicated to smail, which is
unfortunate, as that means that the mail isn't even accumulating in an
error directory somewhere.
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
