James McGill <james(_dot_)mcgill(_at_)mindspring(_dot_)net> writes:
On Fri, 4 Jun 1999, Casey Zacek, Perlfectionist <cz(_at_)mindspring(_dot_)net>
reports:
Ok, the box is uhh "box.com".
It has 2 users: mark and juan.
box.com's .procmailrc: (all users are in one .procmailrc)
# Mark's procmailrc
:0 Hhb
* <whatever give a positive match>
* !^X-Loop: mark(_at_)box(_dot_)com
|formail -A"X-Loop: mark(_at_)box(_dot_)com" -R "Cc:" "X-Cc:" -i"To:
juan(_at_)box(_dot_)com" |sendm
ail -oi -t
# cut here
thus, mark forwards his mail to juan.
Spam C. Evil telnets to box.com port 25 and does something akin to this:
# start telnet session
EHLO evil.spam.com
MAIL From:<spam(_dot_)c(_dot_)evil(_at_)evil(_dot_)spam(_dot_)com>
RCPT To:<mark(_at_)box(_dot_)com>
DATA
Subject: This is evil spam
Apparently-To: <you(_at_)yournicedomain(_dot_)com>
Apparently-To: <me(_at_)mynicedomain(_dot_)com>
Apparently-To: <bob(_at_)bobsnicedomain(_dot_)com>
Apparently-To: <lala(_at_)lalasnicedomain(_dot_)com>
Apparently-To: <etc(_at_)etc(_dot_)com>
This is the body of my evil spam.
.
QUIT
# end telnet session
mark's .procmailrc picks it up, and for some reason, formail goes ahead and
sends to all these Apparently-To: people via sendmail -oi -t.
This can be avoided by changing mark's "formail" commandline to this:
|formail -A"X-Loop: mark(_at_)box(_dot_)com" -R "Cc:" "X-Cc:"
-I"Apparently-To:" -i"To: j
uan(_at_)box(_dot_)com" |sendmail -oi -t
Or better yet, don't tell sendmail to scan the header for receipients.
Instead, put the one recipient on the sendmail command line. That way
the only change to make to the header is the addition of the X-Loop:
line:
|formail -A"X-Loop: mark(_at_)box(_dot_)com" | \
$SENDMAIL $SENDMAILFLAGS juan(_at_)box(_dot_)com
Philip Guenther