Hi, I have just subscribed to the list because I feel a total jerk,
trying to make something apparently simple work!
Actually the scenario is the following:
In the company I work, they inform that there is a virus that once
in an infected machine, it mails some account the details of the
infected machine (the account, by the way is hacker117(_at_)163(_dot_)com).
So, what they want is that I forward, from the mail relays (sendmail+procmail)
all mail to that account to a local mail account, so they know which machines
are actually infected.
I am no sendmail guru, so I cannot simply write a rule for sendmail to rewrite
the headers in such way (I understand, that it is not trivial).
Now, what I did, was to m4 the sendmail.cf with mailer(`procmail') and then
add the following line to /etc/mailertable
163.com procmail:/some/file
In /some/file I put:
0:
* ^To.*hacker117
! -oi -f $1 some(_at_)address(_dot_)com
This works like charm for a mail sent to hacker117, but if the mail goes to
any other innocent user of the 163.com domain, it will fail with the following
error:
Can't create output.
Of course this is normal, because I do not know and have not found a way to
send the message normally if rules do not match.
I am thinking it is not possible to re-deliver this mail back to sendmail,
because
the I would create a handsome loop. But, how about if I send this message to
some
other mail relay? Can this be done?
Please help
Best Regards
Bad Grass
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail