Philip Guenther <guenther(_at_)gac(_dot_)edu> replied to me:
DROPPRIVS only has an effect inside the /etc/procmailrc used when
procmail is running in delivery mode (-d), not when it's running in
mailfilter mode (-m). USER and LOGNAME have no effect on the working
I suspected that.
of DROPPRIVS, as procmail is just going to change to the uid/gid of the
user specified on the command line after the -d. Your mailtable entry
In the absence of a -d I was grasping for other methods of convincing
it to work.
_should_ be specifying the procmail mailer, which runs procmail in
mailfilter mode.
:r! cat /etc/mailertable
qz.little-neck.ny.us procmail:/home/procmail/rc.qz
And I have the mailertable properly compiled.
If the following are true:
procmail is running in mailfilter mode
Mprocmail (...) A=procmail -Y -m $h $f $u
no assignments were given on the command line
the -p flag was _not_ specified
Yup.
the rcfile specified is located under /etc/procmailrcs/ without
backwards references ("/../"s)
Ugh. Would a symlink so that /etc/procmailrcs points to /home/procmail/
work or will I have to fix this at compile time? What security is
gained by that anyway? Any full path with no world writable directories,
symlinks, or backwards references should be as secure as
"/etc/procmailrcs/", no?
then procmail will assume the uid and gid of the owner of the rcfile.
If the rcfile is actually a symlink, the procmail will assume the uid
and gid of the link itself, not the underlying file.
Hmmm. Not an issue at the moment.
If your OS allows anyone to give away ownership of files with chown, the
Nope.
procmail 3.10 (off the CD default, I'll be upgrading later)
procmail 3.10 has a major bug in the mailfilter code that makes it lose
I know.
After all, you're
going to be ignoring the addresses in the header and routing the
messages based on the envelope recipients, right? (Nod your head up
and down here.)
:r! grep ^HX /etc/sendmail.cf
HX-QZ-To: $u
I know the multiple Bcc problems with that sort of thing. The mail is
all going to me though, and chances are anything Bcc'ed to more than
one of the addresses is something destined for the junk mail pile
anyway. So it fails into 'good enough for now'. (That is deliberately
in a form that ^TO and ^TO_ will not match.)
Elijah
------
will junk the duplicate if you cc your reply