procmail
[Top] [All Lists]

Re: procmail/sendmail general filter question

1998-04-29 15:45:36
abeck(_at_)falcon(_dot_)org writes:
...
anyways:
the man page mentions filtering all mail through procmail (in examples(1))
Im trying to accopmlish that, using the following ruleset:

R$*<@$+>$* <tab> $#procmail $@/etc/procmailrcs/system.rc $:$1(_at_)$2procmail$3
R$*<@$*.procmail>$* <tab> $1@<$2>$3

while that does filter the mail through procmail nicely, if i use a

:0 c

for the definition (i.e. regard the c) in the procmailrc, i get the
following error (generated in syslog)

The last thing the procmailrc needs to do is resend the message.  As
far as sendmail is concerned, once it hits that mailer invocation, the
message is taken care of.  sendmail doesn't treat procmail as a filter,
but rather just feeds it in, checks the exit code, and runs with it.
If you want the message to be delivered (not filtered out), you need
to resend it with something like:

        # If you haven't extracted the envelope sender from $@ already:
        SENDER = $1
        SHIFT  = 1

        # Resend the message, with the original envelope sender address,
        # to the original recipients.  The recipient addresses will have
        # been munged by the sendmail rules so that this won't loop.  The
        # "--" in the action is so that someone can't send a message to
        # "-C/some/file/name" and have sendmail use a different
        # configuration file, which would be an easy way to break root
        # for any local user, and possibly remote users as well!
        :0
        ! -f "$SENDER" -- "$@"


From the error message being logged, I am almost certain that your
current procmailrc doesn't do that?


...
my Mprocmail definition reads as follows:

Mprocmail,      P=/usr/local/bin/procmail, F=mSDFMhun, S=11, R=21,
               A=procmail -m $h $g $u

Though it's not causing your problem, the above mailer definition is
either wrong, or your sendmail is insecure.  With any recent version
of sendmail, you should put

        MAILER(procmail)

in your m4 config file for sendmail (the .mc file) and let it generate
the proper mailer definition.  The above is missing several flags, has
one that you probably don't want (or aren't handling correctly), has
the wrong ruleset numbers, is missing the T= directive, and is missing
the -Y from the procmail argument list.

(The flag you probably don't want is the 'm' flag: as it stands above,
when a message comes in for two different addresses, procmail is only
invoked once with both recipients (and the envelope sender) on the
command line.  Many filters and redirection recipes would have to be
made smarter to deal with this fact, and it's not easy.  Typically,
correct processing requires at least one recursive INCLUDERC.)


Philip Guenther