I am having trouble setting up procmail to deliver to virtual users from
sendmail. What I am trying to accomplish is this:
Sendmail hands off virtual users mail to procmail that filters it, and
eventually delivers the bulk to Maildir /vhome/<domain>/<user>/.
The problem is due to sendmail creating the procmail process as root, and
anything created in the /vhome/<domain>/<user>/ is owned by root, and set 0600.
This means my pop/imap server needs to be root to read the mail. What I would
like is to have those files owned by a different user, so that the pop/imap
servers do not need to run as root.
This is running on OpenBSD 3.4, with the included sendmail 8.12.9 and procmail
3.22 that I installed from the OpenBSD ports.
What I am currently trying but it fails to work is this:
--- sendmail.mc
VIRTUSER_DOMAIN_FILE(`-o /etc/mail/virtuserdomains')
FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable')
define(`PROCMAIL_MAILER_PATH', `/usr/local/bin/procmail, U=vmail:vmail')
MAILER(procmail)
LOCAL_RULE_0
R $* < @ $* . virtuser > $* $#procmail $@ /etc/mail/virtuserprocmailrc $:
$1 < @ $2 > $3
--- virtusertable
andrew(_at_)somedomain(_dot_)net
andrew(_at_)somedomain(_dot_)net(_dot_)virtuser
--- virtuserprocmailrc
SENDER = "<$1>" # fix for empty sender addresses
SHIFT = 1 # remove it from $@
RECIPIENT = "<$1>"
SHIFT = 1
:0
* RECIPIENT ?? ()\/[^<]*@
* MATCH ?? ()\/(_dot_)*[^(_at_)]
{
USER = $MATCH # the username
}
:0
* RECIPIENT ?? ()\/@[^>]*
* MATCH ?? ()\/[^(_at_)](_dot_)*
{
DOMAIN = $MATCH # The domain
}
:0
*$ ! ? $IS_EXIST /vhome/${DOMAIN}/${USER}
{
EXITCODE = $EX_CANTCREAT
HOST = "_stopped_by_external_request_"
}
:0:
/vhome/${DOMAIN}/${USER}/
--- END SAMPLES
This works great without the U=vmail:vmail. vmail is a real user, UID=1001,
GID=1001. When I use the U= it gives these errors:
Feb 23 19:11:28 rrlhcmal1003 procmail[8889]: setgid(0) failed with ruid/euid =
0/1001
Feb 23 19:11:28 rrlhcmal1003 procmail[8889]: setgid(0) failed with ruid/euid =
0/1001
What appears to me to be happening is that sendmail changes the euid properly,
but for some reason, procmail is trying to change the UID again, but now it is
not running as root and so does not have permission.
What I am trying to find out, is how do I keep procmail from trying to setgid?
or
How do I get mail delivered to the virtual users Maildir owned by someone other
than root?
--
andrew
/---------------------------------------------------------------------\
| ICQ# | Proud Member of Mad-Techies.org |
| 253198 | http://www.mad-techies.org |
|---------------------------------------------------------------------|
| Life's unfair - but root password helps! |
\---------------------------------------------------------------------/
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail