Tris <tris(_at_)semireal(_dot_)net(_dot_)dhis(_dot_)org> writes:
Philip suggested to Dan,
| > # Extract the first Received: header field and then look for
| > # a "for" clause in it.
| > :0 w
| > * ^Received:\/.*
| > * MATCH ?? [ ]for[ ]+\/<[^>]+>
| > ! $MATCH
Would there be a problem here if the email address had spaces,
which are allowed I believe, and are used by some MS people.
Would
! "$MATCH"
be safer, or would that work just the same?
You are correct: $MATCH should be quoted here. I missed that.
As a side-note re: the inclusion of the <>'s around the address: if we
_didn't_ include them, then we would need to deal with the possibility
that an address started with "-": we would need to prevent sendmail from
interpreting the address as a option and its argument. The solution
to that problem is to put a "--" option before the 'untrusted' address;
that tells sendmail that there are no more options on the command line.
:0 w
* conditions that set MATCH
! -- "$MATCH"
(Of course, in the actual situation above, we're extracting 'local'
addresses. I presume no one actually has a username of "-tfroot" or
"-C/tmp/evil.cf". That's at risk from intentional malicious behavior
only.)
Philip Guenther
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail