Ok, now it's starting to be much clear.
Really appreciate your help and time!
Thanks,
Pawel
2016-10-14 11:45 GMT+01:00 Wietse Venema :
> Pawe? Grzesik:
> > It's of course not a production code. I'm only trying to
> > learn and understand how exactly it works.
> >
> > I
Pawe? Grzesik:
> It's of course not a production code. I'm only trying to
> learn and understand how exactly it works.
>
> I cannot find anything about "--" in the postfix documentation
> (or I'm looking on the wrong page?). There is any explanation
> somewhere? (instead of at the source code).
It's of course not a production code. I'm only trying to
learn and understand how exactly it works.
I cannot find anything about "--" in the postfix documentation
(or I'm looking on the wrong page?). There is any explanation
somewhere? (instead of at the source code).
Thanks for your help!
Pawe? Grzesik:
> I think I can do the same in Ruby using IO.popen like:
>
> IO.popen(["/usr/sbin/sendmail", "-G", "-i", my_str], "w") do |pipe|
>
> as I see in this case I don't even need to use my_str with \" \".
>
> But I'm still confused about -f option in master.cf, and characters "--"
>
I think I can do the same in Ruby using IO.popen like:
IO.popen(["/usr/sbin/sendmail", "-G", "-i", my_str], "w") do |pipe|
as I see in this case I don't even need to use my_str with \" \".
But I'm still confused about -f option in master.cf, and characters "--"
between ${sender} and
Pawe? Grzesik:
> Good point. I changed it to:
>
> IO.popen("/usr/sbin/sendmail -G -i \"#{my_str}\"", "w") do |pipe|
>
> So now it should be secure (same as using $@ instead of $*).
> Am I right? or I'm still missing something?
Sorry, that is still a shell command line. You need an API that
Good point. I changed it to:
IO.popen("/usr/sbin/sendmail -G -i \"#{my_str}\"", "w") do |pipe|
So now it should be secure (same as using $@ instead of $*).
Am I right? or I'm still missing something?
Thanks,
Pawel
2016-10-13 11:50 GMT+01:00 Wietse Venema :
> Pawe?
Pawe? Grzesik:
> IO.popen("/usr/sbin/sendmail -G -i #{my_str}", "w") do |pipe|
And there you have a giant security hole. What happens if an email
address contains shell special characters? You specify flags=Rq in
the pipe daemon command, but that quotes email addresses according
to RFC822, not to
Hi All,
I'm trying to understand how content_filter works. According to the
documentation I can create a simple script and use content_filter to send
an e-mail to it.
That's my config of master.cf:
proxyunix - n n - 10 pipe
flags=Rq user=filter null_sender=