procmail
[Top] [All Lists]

Re: the mail are delivered with wrong permission

2007-06-15 09:02:43
At 15:19 2007-06-15 +0200, Laurent david wrote:
I want to use procmail + fetchmail + imapd

Suggestion: if you have domain hosting (versus just a single email address 
mailbox), check into "dsmtp" (which your ISP host needs to support).  Then 
you can use fetchmail to issue an ETRN and deliver mail directly into the 
MTA on your local host (seeing as procmail isn't an MTA).  If you're taking 
the remote mailbox and trying to split it among multiple local users, 
you'll have issues.

If however, you're retrieving mail for only one user, and have no domain, 
then carry on...
LOGFILE=/var/log/procmail.log

So, just any old user should be able to create files in the /var/log/ dir?

If this is for a specific user, that logfile really should be under their 
homedir or other userspace.
#detection SPAM
:0:
* ^Subject.*SPAM
$SPAM

Uh.... really?  Someone sends a message here on procmail talking about spam 
filtering, and poof, off to your spam file it goes?  I hope this is just an 
oversimplification for example purposes.
The problem ?
When procmail see a mail with SPAM in the subject, it move it in the 
mailbox (imap) of the user SPAM but with the permission of root so I can't 
read it with the SPAM user

Why ?

When invoked with -d, procmail will run as superuser to perform mail 
delivery - unless you're already running as the user which it is supposed 
to deliver for.  Thus, the procmail invocation is running as root, not a 
user (what user is invoking the fetchmail?).  Which would explain why 
you're logging to /var/log/ without failure (though I'd expect that to be 
hit and miss).

If you want to deliver on behalf of a user with perms for that user (at 
least, when you have to first create the file), you need to use DROPPRIVS.

Better, if you're planning on splitting your mailbox for multiple users, 
check into dsmtp.  That allows your ISP to queue up mail for SMTP delivery 
to your host, but it doesn't attempt to deliver directly to you at all 
times - it queues it up until you issue an ETRN command (which fetchmail 
can do), at which time, your host is presumed to be on the net (and if 
you're using dynamic DNS, you're registered, etc).  The intent of dsmtp is 
to avoid this kludge you're doing now.

---
  Sean B. Straw / Professional Software Engineering

  Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
  Please DO NOT carbon me on list replies.  I'll get my copy from the list.
____________________________________________________________
procmail mailing list   Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail

<Prev in Thread] Current Thread [Next in Thread>