Hi - I've been using a combination of qmail/vpopmail/procmail and John Hardin's email security procmail recipes (see http://www.impsec.org/email-tools/procmail-security.html) recently with what seems to be good success. However, vpopmail in its vanilla form gets in the way of the procmail recipes due to the piping of procmail before the vdelivermail executable in a domains .qmail-default like: | preline procmail -m /path/to/rcfile | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox (Note this should all be one line and requires your procmail recipe to deliver to stdout by default - see http://mailman.rwth-aachen.de/pipermail/procmail/2000-May/000074.html) The upshot of this is that if a procmail recipe quarantines an email with a non-delivering recipe (or at least one that delivers a security message to the domains postmaster and not one to the intended recipient), procmail pipes an empty message to vpopmail (of no length), but then vdelivermail tags the empty message with the Delivered-To and Return-Path headers (taken from the qmail process environment variables?) and delivers this to the users maildir. The following patch to vdelivermail.c checks to see if the incoming mail is of length>0 and only delivers if this is true, thus allowing the procmail pipe. You may well be able to do this check earlier in the code (before the delivery goes as far as the tmp/ directory) but I couldnt get any other place to work reliably. <caveat> I'm not sure how useful this is for anyone else, but I haven't found any other way of using John's recipes with vpopmail so I thought I'd post it. I haven't lost any mail because of it but that doesn't mean you wont! If anyone has a better way of doing this, email me because I'd be interested how they did it. </caveat> Hope its of use, Marcus -- Marcus Williams - http://www.onq2.com Quintic Ltd, 39 Newnham Rd, Cambridge, CB3 9EY diff -NabBur vpopmail-4.9.9.orig/vdelivermail.c vpopmail-4.9.9/vdelivermail.c --- vpopmail-4.9.9.orig/vdelivermail.c Fri Mar 16 17:51:22 2001 +++ vpopmail-4.9.9/vdelivermail.c Thu Mar 29 18:03:11 2001 @@ -671,6 +672,7 @@ int pid,i; int mailfile; size_t bytes; + size_t fbytes; #ifdef HARD_QUOTA FILE *fs; #endif @@ -748,7 +750,8 @@ failtemp ("Failed to write RP & DT (#4.3.2)\n"); } - bytes=read(0,msgbuf,sizeof(msgbuf)); + fbytes=bytes=read(0,msgbuf,sizeof(msgbuf)); + while (bytes > 0) { msg_size += bytes; if (write(mailfile,msgbuf,bytes) != bytes) { @@ -769,7 +772,10 @@ delete_tmp(); failtemp("Unable to close() tmp file (#4.3.6)\n"); } - if (safe_rename(tmp_file,mailname) == -1) { + + if (fbytes==0) { + unlink(tmp_file); // throw away the file + } else if ((safe_rename(tmp_file,mailname) == -1)) { unlink(tmp_file); failtemp("Unable to rename tmp to new (#4.3.7)\n"); }
