procmail
[Top] [All Lists]

Re: PROCMAIL: From uucp must be accepted

1996-06-27 04:17:44
Alex Schroeder <alex(_at_)zool(_dot_)unizh(_dot_)ch> wrote:
From uucp(_at_)news1(_dot_)gtn(_dot_)com Sat Jun 22 01:15:15 1996
Return-Path: <uucp(_at_)news1(_dot_)gtn(_dot_)com>
Received: from news1.gtn.com by rzusuntk.unizh.ch (4.1/SMI-4.1.9)
      id AA17396; Sat, 22 Jun 96 01:15:06 +0200
Received: (from uucp(_at_)localhost) by news1.gtn.com (8.7.2/8.7.2) id 
BAA22505 for alex(_at_)zool(_dot_)unizh(_dot_)ch; Sat, 22 Jun 1996 01:02:31 
+0200 (MET DST)
Received: by gismo.gun.de (DUUCP vom 27.05.1996)
      with ZConnect; 21 Jun 1996 11:49:00 +0200
From: herm(_at_)world(_dot_)gun(_dot_)de (Thorsten Hermes)

The postmaster(_at_)news1(_dot_)gtn(_dot_)com told me, that my software 
(procmail) was
evaluating the wrong From line, and that it should be changed (to look
at the From: line). He cannot change the From uucp line, since he uses
that to trace mail back to the gateways (as far as I understood him).

To put it bluntly, that postmaster is mistaken.  If he configures his
UUCP gateway software correctly, then this won't happen.
The fact that procmail evaluates the From_ line, is correct.  Procmail
evaluates both the From_ and the From: line.  The From_ line must point
to the error return address (the address that should receive the error
report if the mail bounces).

This error return address, if it's a regular mail from a regular person,
*must* always point back to the person that sent the mail (even across
a UUCP gateway).  In the case of your user above, the From_ line should
have read like any of the following:

 From herm(_at_)world(_dot_)gun(_dot_)de Sat Jun 22 01:15:15 1996
 From @news1.gtn.com:herm(_at_)world(_dot_)gun(_dot_)de Sat Jun 22 01:15:15 1996
 From herm%world(_dot_)gun(_dot_)de(_at_)news1(_dot_)gtn(_dot_)com Sat Jun 22 
01:15:15 1996
 From herm%world%gismo(_at_)news1(_dot_)gtn(_dot_)com Sat Jun 22 01:15:15 1996
 From news1.gtn.com!gismo.gun.de!world.gun.de!herm Sat Jun 22 01:15:15 1996

Any one of these would have done, just not the one that's on the
message now.  Browsing through the Received fields, one can note that:

Received: (from uucp(_at_)localhost) by news1.gtn.com (8.7.2/8.7.2)
            ^^^^^^^^^^^^^^^^^^^
The configuration problem is on news1.gtn.com, somehow the envelope sender
information is lost.

at the From: line). He cannot change the From uucp line, since he uses
that to trace mail back to the gateways (as far as I understood him).

As far as tracing is concerned, one would either use the Received fields,
or >From_ extension lines, or bangpath addresses in the From_ line.
There is no need to overwrite the envelope sender address.

So what should I do - copy the entire regexp FROM_DAEMON into my
.procmailrc file, editing out the uucp string? Would that pose a
security risk? Or is there something else I can do?

No security risk, just the fact that if the definition in procmail
is refined (with an upgrade), you won't see any improvement.
You could employ some trickery using weighted recipes.
-- 
Sincerely,                                                          
srb(_at_)cuci(_dot_)nl
           Stephen R. van den Berg (AKA BuGless).

To boldly program, where *no* man has programmed before!

<Prev in Thread] Current Thread [Next in Thread>