fetchmail-friends
[Top] [All Lists]

Re: [fetchmail] Deleting after N days (IMAP)

2003-10-10 03:42:58
"Eric S. Raymond" <esr(_at_)thyrsus(_dot_)com> writes:

Matthias Andree <ma(_at_)dt(_dot_)e-technik(_dot_)uni-dortmund(_dot_)de>:
1. when fetchmail injects into an MDA, it will not send bounces (bounces
   are tied to SMTP forwarding)

I would accept a patch to fix this so that MTA and MDA delivery have
uniform behavior.  But I'm not at all sure it's possible.

Bouncing will always require an MTA. If we cannot bounce (no MTA
available), we must leave the mail on the POP3/IMAP/... server.

We CAN try to deliver a warning mail describing the reason why a
previous mail was undelivered, but if that isn't working either, there
isn't much fetchmail can do.

OTOH, I find "bouncing" after POP3 retrieval pretty ugly, if a user
receives mail at john(_dot_)doe(_at_)hotmail(_dot_)com and has fetchmail 
forward to
jonathan(_dot_)clueless(_at_)local(_dot_)invalid, possibly with transparent 
mode, the
sender mail receive a bounce that mentions the later address, while the
sender used the former -- particularly bad if the bounce is from a
mailing list, with no chance of removing the offending address unless
the list uses VERP.

2. fetchmail assumes the MDA can handle multiple local addresses.
   The problem arises that in the past, there has not been a clear
   distinction between using the MDA option to inject into real MDAs
   (procmail, maildrop) -- these handle exactly ONE recipient, no more,
   no less -- and abusing the MDA option to inject into a
   /usr/sbin/sendmail compatible command that handles multiple
   recipients.

The right answer to this problem is not to add code to fetchmail, rather
it is to write a wrapper script that behaves like sendmail (taking multiple
addresses) and calls the real MDA repeatedly to do delivery.

That's OK if such a thing ships with fetchmail.

With the advent of alternatives to sendmail, the -oem option no longer
works to send mail.

It is neither present in the code nor recommended on the man page.

Not any longer, it has been for a long time.

I have never thought that --mda was a good idea to begin with, so I am
reluctant to add complexity to the code to "fix" it.  As I said above,
the right solution is to have fetchail call a suitable wrapper script.

As the wrapper needs elevated privileges to be resistant to MDA bugs (so
it can fork, drop privileges with setuid() or some other no-return
privilege dropping, then exec the MDA with the user id of the
recipient), I wonder if "script" is the right thing. Most "scripts" are
very sloppy and careless about security.

-- 
Matthias Andree

Encrypt your mail: my GnuPG key ID is 0x052E7D95

<Prev in Thread] Current Thread [Next in Thread>