procmail
[Top] [All Lists]

FROM_DAEMON doesn't check "Reply-To:"

1996-04-09 12:06:18
Okay.  

I just found out that my .procmailrc recipe, which includes "ackmail.rc"
auto-responded to a piece of mail which was addressed directly to me,
and CC'd to the SmartList list, but the response when to the list, not
to the user.

Normally, my .procmailrc handles this situation correctly--it responds
to the user, and ignores the list of course.  

However, if you examine the mail below, you'll see that this user, with
my help, caused the problem by setting his "Reply-To:" to the list
address, causing any response to go the list, rather than to himself.

The same kind of problem would have occurred if any of you had read his
mail and quickly replied with a personal message without checking the
headers.

If the mail had been from the list rather than a user, my autoresponder
would have stopped right away.  It uses the "^FROM_DAEMON" macro, but
that macro doesn't include "Reply-To:" as one of the headers which is
tested for a mailer or service address.  Here is the macro as documented
in procmailrc(1):

          If the regular expression contains `^FROM_DAEMON' it will be
          substituted by `(^(Precedence:.*(junk|bulk|list)|(((Resent-
          )?(From|Sender)|X-Envelope-From):|>?From )(.*[^((_dot_)%(_at_)a-z0-
          9])?(Post(ma?(st(e?r)?|n)|office)|(send)?Mail(er)?|daemon
          |mmdf|root|n?uucp|smtp|response|LISTSERV|owner|request|bounce
          |serv(ices?|er )|Admin(istrator)?)([^).!:a-z0-
          9].*)?$[^>]))', which should catch mails coming from most
          daemons (how's that for a regular expression :-).

Notice that "Reply-To" is not checked.

So, you can use "FROM_DAEMON" to avoid mail from a daemon, but you
cannot use it to detect when to avoid sending mail _to_ a daemon or
list.

Sigh.

I'll add another condition to the "ackmail.rc" recipes which attempts to
avoid sending mail _to_ a daemon or list.  Here's the new set of
conditions:

  # Get the best return address without names & comments.
  # This will be the same address we respond to.
  SENDER=`formail -rtzx To:`

  # Define a list of well-known list mailer addresses
  LIST_MAILERS='((Mail(er)?-?)?daemon|root|LISTSERV|ListProc|\
  [a-zA-Z0-9-]+-(list|request|owner)|(owner-)?list-[a-zA-Z0-9-]+|\
  Majordomo|Mailagent|Postmaster|mmdf|news|n?uucp)'

  # This is the major condition by which we decide to respond
  # or not.

  :0ch
  * $^TO($USER|$MY_ADDR|$MY_NAMES)
  * ? test -f $ACKMSG -o -f $VACAMSG
  * !^FROM_DAEMON
  * $! SENDER ?? $LIST_MAILERS
  * $! $FROMHDR(Majordomo|Listserv)
  * !^Subject: .*(\[(ack(nowledge?ment)?|on vacation)\]|\

I hope that this explanation helps others learn -- to either avoid
autoresponders :^) or write their recipes carefully.

Alan

To get the latest version of my "procmail library", either send me an
email with the subject of "send procmail library", or fetch it via

 http://www.engineering.ucsb.edu/~aks/mail/procmail-lib.shar

 ------- Forwarded Message

 From corrigan(_at_)weber(_dot_)ucsd(_dot_)edu  Mon Apr  8 17:01:34 1996
 Received: from weber.ucsd.edu
         by eci1.ucsb.edu (1.38.193.5/UCSB-v3)
         id AA20309; Mon, 8 Apr 1996 17:01:34 -0700
 Received: (corrigan(_at_)localhost [127.0.0.1]) by weber.ucsd.edu 
(8.7.5/8.7.3) with ESMTP id RAA08300; Mon, 8 Apr 1996 17:01:35 -0700 (PDT)
 Message-Id: <199604090001(_dot_)RAA08300(_at_)weber(_dot_)ucsd(_dot_)edu>
 To: Alan Stebbens <aks(_at_)dokoka(_dot_)ucsb(_dot_)edu>
 Cc: SmartList(_at_)Informatik(_dot_)RWTH-Aachen(_dot_)DE
 Reply-To: SmartList(_at_)Informatik(_dot_)RWTH-Aachen(_dot_)DE
 Subject: Re: Using SmartList with sendmail.8.7.5 smrsh 
 In-Reply-To: Your message of "Mon, 08 Apr 1996 13:48:23 -0700."
              <199604082048(_dot_)NAA02098(_at_)dokoka> 
 Date: Mon, 08 Apr 1996 17:01:34 -0700
 From: "Michael J. Corrigan" <corrigan(_at_)ucsd(_dot_)edu>



Actually, with 'smrsh', as long as you have the symlink above, you don't
even need the path, just the program name; ie:

    "|flist maillist"
 True, since smrsh throws out all but the last path component and then prepends
 the path of the sm.bin directory this works. But if I ever change back to
 /bin/sh for Mproc - which since smrsh is not necessary anymore to plug any
 sendmail security hole in recent versions of sendmail I may end up doing -
 then I won't have to count on remembering this fact at that point - if I leave
 the full paths in.


 ------- End of Forwarded Message

<Prev in Thread] Current Thread [Next in Thread>
  • FROM_DAEMON doesn't check "Reply-To:", Alan Stebbens <=