On Wed, 5 Mar 2003, John D. Hardin wrote:
# Attempt to trap sendmail header exploit (signature as of 03/05/3003)
#
:0
* ^(From|To|CC|Reply-To|Resent-From): .*<>.*<>.*<>.*<>.*<>.*\(.*\)
| formail -A "X-Content-Security: [$HOST] NOTIFY" \
-A "X-Content-Security: [$HOST] QUARANTINE" \
-A "X-Content-Security: [$HOST] REPORT: Trapped possible
sendmail header exploit"
D'oh! Dammit. This is, of course, wrong. Blame it on cut-and-paste and
too little caffiene.
Use:
:0 fi
(pipe the message through formail) instead of just
:0
If it's not a filter recipe, e.g. if you deliver to a file instead of
formail, omit the "fi" flags.
--
John Hardin KA7OHZ ICQ#15735746 http://www.impsec.org/~jhardin/
jhardin(_at_)impsec(_dot_)org pgpk -a
jhardin(_at_)impsec(_dot_)org
key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
...voice or no voice, the people can always be brought to the bidding
of the leaders. That is easy. All you have to do is tell them they
are being attacked and denounce the pacifists for lack of patriotism
and exposing the country to danger. It works the same way in any
country.
-- Hermann Goering
-----------------------------------------------------------------------
78 days until The Matrix Reloaded
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail