procmail
[Top] [All Lists]

Re: Setup problem

2001-12-17 12:14:05
At 11:34 2001-12-17 +0000, Mark Lucas did say:

What is the Mlocal config file (forgive my ignorance I'm quite new to this)?
My sendmail.cf file is located in the /etc directory (copy attached)

1. We don't need a copy of your sendmail.cf - the bulk of that *LARGE* file has *NOTHING* to do with procmail - just the Mlocal line.

2. If you examined the output of the script I suggested you run instead of just forwarding it along, you might have discovered the answer to your Mlocal question - it's a line in the sendmail.cf file that defines the "LDA". The purpose of that script is to extract only the information we care about - so we don't get attached or embedded configuration files sent to this list.

PATH=/usr/bin:/bin:/usr/local/bin:/usr/X11R6/bin
MAILDIR=$HOME/
DEFAULT=$MAILDIR/mbox

You realize this dumps your mail into a file: $HOME/mbox ? While certainly valid for file storage, is this really where you want your mailbox files, rather than say, in a MAILDIR such as $HOME/mail (or $HOME/Mail) ?

Also, just to make something clear to yourself, manually expand $MAILDIR in $DEFAULT - do you see something like:

$HOME//mbox

Does nothing look _wrong_ with that? Perhaps the MAILDIR definition shouldn't have a trailing '/' ?

:0

*LOCK* your deliveries to files.  Every one of 'em:

:0:

* ^TO_*julie@

Lose the * - it isn't appropriate after a macro regexp such as ^TO_, nor is is appropriate in this case even is you used .*, since the ^TO_ macro is designed to facilitate that logic internally. See 'man procmail'

Oh, and I probably don't need to point out that if these users actually HAVE mail accounts on the local host, that they should be receiving mail which is addressed to them anyway (and if not, you should deal with sendmail aliases or virtusertable config to make it so). If you get a message which is:

To: ben(_at_)example(_dot_)com, julie(_at_)example(_dot_)com
Cc: mark(_at_)example(_dot_)com

Who's going to get the message (or perhaps, THREE copies of it)?

Procmail isn't an MTA - you should leave account routing to the MTA.

* ^TO_*ben@
/var/spool/mail/ben

Does the _user_ you're running this .procmailrc as really have write perms to _OTHER_ users' mailboxes? Ick.

Thanks for pointing me to the log file. /var/log/mail/errors contains the
following line:
Dec 17 11:02:48 calvin procmail[24139]: Suspicious rcfile
"/home/mark/.procmailrc"

Security permissions are not set properly on it. The script I suggested that you run tells you much the same thing -- *AND* what you might try changing it to to fix it (after you fix the various errors in the .procmailrc itself).

# Determining Mlocal in sendmail.cf
In /etc/sendmail.cf:
DMlocalhost.localdomain

# my name for error messages
--
Mlocal,         P=/usr/bin/procmail, F=lsDFMAw5:/|@qSPfhn9,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

S=EnvFromL/HdrFromL, R=EnvToL/HdrToL,
                T=DNS/RFC822/X-Unix,
                A=procmail -Y -a $h -d $u
Mlocal,         P=/usr/bin/procmail, F=lsDFMAw5:/|@qSPfhn9,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

There is something evil going on here - Mlocal is defined *TWICE* in your /etc/sendmail.cf file. Who know what else is FUBAR there. You should examine it and take it up with your sysadm (sendmail config isn't what this forum is about -- we're just interested in knowing wether procmail appears to be configured as the LDA or not).

S=EnvFromL/HdrFromL, R=EnvToL/HdrToL,
NOTE: procmail appears to be the LDA
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

# file permissions and ownership:
0730 70 mark     mark        4096 Mon Dec 17 11:21:20 2001 /home/mark/
CAUTION: /home/mark perms exceed 0755: curb back to 0710
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Group mark has write perms. Okay, in this case, you're probably running with a user_as_group type config, but I'm going to bet that the procmail RPM you used wasn't compiled with that option, so it doesn't see this as "safe". There's really no need to have group write perms if the only member of the group is YOU, and YOU are USER mark, which should have perms. *THIS* file (dir) isn't the thing which procmail took issue with though.

0644 1 mark     mark           4 Sun Dec 16 17:53:10 2001
/home/mark/.forward

These are more reasonable perms here, though group and world really don't need read perms. However, the fact that a .forward exists, when procmail is already the LDA, makes me wonder if you're just trying the shotgun approach to getting it to work. Also, the fact that this file is only FOUR BYTES (probably 'mark'), says that it isn't invoking procmail via the .forward. I suggest you DELETE this file entirely, because it is quite obviously not set up properly.

(note to others: procdiag changed to emit the contents of ~/.forward)

0770  1 mark     mark         389 Sat Dec 15 16:43:41 2001
/home/mark/.procmailrc
CAUTION: /home/mark/.procmailrc perms exceed 0755: curb back to 0750

Again, the perms here allow the _group_ to _WRITE_ to the file, and procmail doesn't like that (this here is the specific file which procmail complained about in the log).

[snip - kewl, the entire text of my previous post. Please refrain from sending it along for the ride next time.]

---
 Sean B. Straw / Professional Software Engineering

 Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
 Please DO NOT carbon me on list replies.  I'll get my copy from the list.

_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail

<Prev in Thread] Current Thread [Next in Thread>