procmail
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: One more time - how to re-process messages without mangling From?

1999-02-03 00:13:08
from [Philip Guenther] [Permanent Link] 
PSE-L(_at_)mail(_dot_)professional(_dot_)org (Professional Software 
Engineering) writes:
...

I tracked down the cause of the second "From " line in man procmail:

(3.11pre7)
      When in explicit delivery mode, procmail will  generate  a leading
      `From  '  line if none is present.  If one is already present
      procmail will leave it intact.  If  procmail is  not invoked with one
      of the following user or group ids : root, daemon, uucp, mail, x400,
      network,  list,  slist, lists  or  news, but still has to generate or
      accept a new `From ' line, it will generate an additional `>From ' line
      to help distinguish fake mails.

Though I'm not sure on the wording of "but still has to generate or accept
a new..."  -- that seems to imply that it WILL ALWAYS do this.


When in deliverymode, procmail will only leave intact an existing
"From " line if it was invoked by a 'trusted user' from that list on
the manpage.


...

However, it seems if you're delivering mail to YOURSELF (recipient user =
invoking user), this regenerated From line stuff should really be bypassed
(IMO).


At the point in the code where procmail is handling the "From "
line(s), it doesn't yet know who the message is going to be delivered
to.  Adding such a check would be really ugly, especially when there
seems to be an easy way around the problem: instead of reprocessing
the messages with
        formail -s procmail -d $USER
why not just do so with
        formail -s procmail

Deliverymode has to allow for the delivery of a message to another
account.  As such a 'gateway' between users, deliverymode puts extra
restrictions on what it will let through so that users cannot
masquerade without a trace.  This is similar to sendmail's behavior:
if an untrusted user tries to get sendmail to change the envelope
sender with the -f flag then sendmail will add an
X-Authentication-Warning: header.  If you don't need the gateway
abilty, you should avoid dragging in that machinery.

The other difference between the above reprocessing commands is that
the former will run the message from the /etc/procmailrc.  However,
that's probably not a concern in this case, as the message had
previously been run through it when it was originally delivered.


Philip Guenther
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: One more time - how to re-process messages without, David W. Tamkin
Next by Date:  Re: One more time - how to re-process messages without mangling From?, Philip Guenther
Previous by Thread:  Re: One more time - how to re-process messages without, David W. Tamkin
Next by Thread:  Procmail goes crazy, Excalibur
Indexes:  [Date] [Thread] [Top] [All Lists]