procmail
[Top] [All Lists]

Re: help with a procmailrc recipe

2014-11-29 05:01:38
Zhiliang,

* Zhiliang Hu schrieb am Sa, 29. Nov 2014, um 00:19 (-0600):

For this "small" portion of mails, I wrote a recipe to send
automated inquery mails to verify if a suspecious mail is from
a human-being: if it gets a human reply to confirm, the saved
mail gets further delivered; if the inquery mail gets bounced,
the saved mail gets deleted.  So far everything works fine
except this last
recipe to process bounce/delete:

:0
* ^FROM_DAEMON|^FROM_MAILER

you only need ^FROM_DAEMON because ^FROM_MAILER covers a subset
of ^FROM_DAEMON.  See procmailrc(5) for details.  So:

* ^FROM_DAEMON

{
   :0 w:bb.lock
   * B ?? Subject: verify mail you sent: ([0-9\.]{15}[A-Z]{9})
   THEMATCH = $MATCH

     :0 a
     | rm -f /var/mail/QUARRENTEEN/$THEMATCH

First, there is no \/ in the condition line.  So, nothing will be
found and MATCH is empty, or even worse, it contains some value
set previously.

Second, you are right: {<number>} does not work in procmail
regexps.  See procmailrc(5) for details.  You have to specify it
explicitly: [0-9][0-9][0-9][0-9][0-9]....

Third, you can combine things this way (example with a simple
token regexp):

:0 w:bb.lock
* B ?? ^Subject: verify mail you sent: \/[0-9]+$
|echo "rm -f /var/mail/QUARRENTEEN/$MATCH" >>$HOME/somefile

But, do you *really* want to do this automatic deletion?  This
will become very dangerous: What will happen if MATCH contains
something like "../../../home/you/somefile"?

You have to take care about your tokens and filter them very
strictly.  I cannot emphasize this enough: the more you allow for
your tokens, the more dangerous and fragile your solution will
become.  Please note that your solution is widely open for all
kinds of (shell) attacks!

Your suggested token regexp ([0-9\.]{15}[A-Z]{9}) resembles much
like some Message-ID value.  If it is, do not use them!  You
cannot control it.

You see, things get complicated very fast :-)

Kind regards,
Mathias

-- 
CAcert Assurer - See http://www.CAcert.org for details or ask me
GnuPG/OpenPGP: B100 5DC4 9686 BE64 87E9 0E22 44C3 983F A762 9DE8

Attachment: pgpR9tmjCE0ug.pgp
Description: PGP signature

____________________________________________________________
procmail mailing list   Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)de
http://mailman.rwth-aachen.de/mailman/listinfo/procmail
<Prev in Thread] Current Thread [Next in Thread>