procmail
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: /etc/procmailrc sets sets root ownership?

2004-10-20 14:36:26
from [Dallman Ross] [Permanent Link] 
On Wed, Oct 20, 2004 at 08:53:16AM -0700, Jeffrey Cunningham wrote:


On Wed Oct 20, 2004 at 12:01:40PM +0200,
procmail-request(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE wrote:



From: Michael J Wise <mjwise(_at_)kapu(_dot_)net>

Generally a bad idea to let it deliver the mail.

Either:

1) DROPPRIVS, as already mentioned,
2) Set $DEFAULT and drop thru to the user's .procmailrc
3) Find some other way to hint to the user's .procmailrc about
    where *IT* should do with the email.



If it is a bad idea to let the global procmailrc deliver the spam and
viruses, what is the preferred way to do this? I can't believe that
every users procmailrc has to be redundantly set up. Maybe I'm going
about this all wrong. I want users to be able to see the spam they're
receiving, but already sorted out from their regular mail. They need
to be able to see it so they can triage it and refilter mistakes to
train the filters. And they need to see the virus collection incase
someone legitimate sends them an executable attachment. But I don't
want to have to hack this into their procmailrc's each time I create a
user, and leave it there for them to potentially muck with. 


You don't have to edit users' individual .procmailrc files.  You use
DROPPRIVS, as the man pages suggest and Michael stated.  At that point
in the /etc/procmailrc, filewrites are owned by the user (assuming
he has an account on the system).  Then, an instruction in /etc/procmailrc
such as this:


  DROPPRIVS

  MAILDIR = /userdirs/$LOGNAME/Mail

  :0:
  * ^X-Spam: yes
  spamfile


  :0:
  * ^X-Virus: yes
  virusfile




ought to work fine.  (Obviously, the conditions would be different based
on your situation.)

Note that I do not have elevated privs on a Unix system at present and
have no way to test this.  I am speaking from my understanding of how it
works, but someone who sysadmins a system should ideally vet what I've said.

-- 
dman

____________________________________________________________
procmail mailing list   Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: /etc/procmailrc sets sets root ownership?, Ruud H.G. van Tol
Next by Date:  Re: /etc/procmailrc sets sets root ownership?, David W. Tamkin
Previous by Thread:  Re: /etc/procmailrc sets sets root ownership?, Ruud H.G. van Tol
Next by Thread:  Re: /etc/procmailrc sets sets root ownership?, David W. Tamkin
Indexes:  [Date] [Thread] [Top] [All Lists]