Hi,
I cut down my procmailrc file so that it wasn't such a big post. FYI here
is my complete procmailrc and sendmail m4.
Procmailrc:- (I've got rid of comment lines)
DROPPRIVS=yes
MAILDIR=/var/spool/mail
VERBOSE=yes
LOGABSTRACT=all
LOGFILE=/var/log/procmail.log
:0fw: spamassassin.lock
* < 256000
| spamc
:0:
* ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*
/dev/null
:0:
* ^X-Spam-Status: Yes
probably-spam
:0:
* ^X-Spam-Status: Yes
/dev/null
:0
* ^^rom[ ]
{
LOG="*** Dropped F off From_ header! Fixing up. "
:0 fhw
| sed -e '1s/^/F/'
}
As you can see I've added /dev/null after passsing to probably-spam which
has stop the mail from also going to the user box.
Sendmail m4 (i've got rid of all the dnl lines to make it smaller.)
divert(-1)dnl
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`setup for Red Hat Linux')dnl
OSTYPE(`linux')dnl
define(`confDEF_USER_ID',``8:12'')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LIST',true)dnl
define(`confDONT_PROBE_INTERFACES',true)dnl
define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`STATUS_FILE', `/var/log/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confAUTH_OPTIONS', `A')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN
PLAIN')dnl
define(`confTO_QUEUERETURN', `2d')dnl
define(`confTO_IDENT', `0')dnl
FEATURE(`no_default_msa',`dnl')dnl
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
FEATURE(`accept_unresolvable_domains')dnl
LOCAL_DOMAIN(`localhost.localdomain')dnl
define(`confMAX_DAEMON_CHILDREN', `12')dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
Lyle
------------------------------------------------------------
Lyle Hopkins - CosmicPerl.com CGI Scripts -
Internet software solutions for the professional webmaster
Email: webmaster(_at_)cosmicperl(_dot_)com
Web site: http://www.cosmicperl.com
Specializing in Affiliate Software solutions
------------------------------------------------------------
----- Original Message -----
From: "Professional Software Engineering"
<PSE-L(_at_)mail(_dot_)professional(_dot_)org>
To: <procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE>
Sent: Thursday, November 30, 2006 10:47 PM
Subject: Re: Procmail - Sendmail - SpamAssassin - Webmin -
problemsgettingthem to work smoothly
At 19:49 2006-11-30 +0000, CosmicPerl.com Support wrote:
Yes, I've already been logging with
VERBOSE=yes
# For debugging uncomment this line
LOGABSTRACT=all
# Tell procmail where to put the log file
LOGFILE=/var/log/procmail.log
didn't see these in the content you posted earlier. Is there more to the
rcfile?
Like I said before, the message IS being written to almost-certainly-spam
and probably-spam. It's just ALSO being written to the users mailbox as
well.
which implies there's something fubar about your LDA setup.
The only wierd thing I noticed in the log was that it never showed any
user apart from root.
(which is significant as it relates to root being _able_ to write to the
other files)
So it would have lines of either:-
procmail: Opening "/var/mail/root"
procmail: Opening "probably-spam"
or
procmail: Opening "/dev/null"
Never any other users. Does that indicate the problem? I just guessed
that
SendMails virtusertable was handling the usernames and final mailbox
delivery.
These final deliveries are _LOCAL_ users, right? If you have some VPOP
config or remote mail, procmail shouldn't be part of the picture.
Set pwd? I added the line for MAILDIR as before it was making a
probably-spam file in /var/spool/mqueue
uh, er, uhm....
How are you invoking procmail? From within a sendmail rule, in an alias,
or as the LDA?
I can't see why procmail would fire up with mqueue as the cwd (typo on my
part above).
Owner for probably-spam is user and group probably-spam. It's till being
written to without errors.
world writeable? What users are writing?
I'm guessing from this that as the probably spam file is being written to
procmail must be running as root. Is this a security hole, if so how big
and
what can I do to stop it???
well, if it's delivering _for_ root at the time, it's running as root.
in the global, /etc/procmailrc file, the DROPPRIVS=YES is there to shed
root privledges and assume the user identity the mail is being delivered
for. USERS shouldn't be able to manipulate the /etc/procmailrc. having
elevated privleges during mail processing is a useful thing - it allows
you
to write to files and do things that perhaps the individual user
can't. When procmail transitions to the user procmailrc,
$HOME/.procmailrc, it automatically sheds the elevated privleges and
assumes the user identity, so contents of THAT procmailrc file are not a
security risk.
---
Sean B. Straw / Professional Software Engineering
Procmail disclaimer:
<http://www.professional.org/procmail/disclaimer.html>
Please DO NOT carbon me on list replies. I'll get my copy from the
list.
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail