spf-discuss
[Top] [All Lists]

Re: [spf-discuss] SRS and RCPT TO: question

2004-03-11 23:27:40
----- Original Message -----
From: "Jeremy T. Bouse" <jeremy+spf(_at_)undergrid(_dot_)net>
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Friday, March 12, 2004 6:34 AM
Subject: [spf-discuss] SRS and RCPT TO: question

I'm asking over here on spf-discuss as srs-discuss seems to be
rather dead and the issue seems to tie back with threads over here.

I've recently tried to put SRS into work for all forwarded
return-paths from my MX servers and have ran into the problem that if I
try to do a CBV it fails with "550 5.1.1 User unknown". I know the SRS
is valid as I'd just generated it it from the command line using the
same script used by Sendmail and verified with the same script user by
Sendmail to verify. Wierd thing is if I run it through 'sendmail -bt'
ruleset 0 it checks out and is properly translated back to it's original
address that it was forwarded from.

Any thoughts? I figured this may come into play with the recent discussion
concerning CBV going on.

Are you by any chance referring to my SRS implementation of SRS for
sendmail, linked to on Shevek's site? If so, your error should not occur. I
just tried it again (without Milter):

MAIL From:<>
<<< 250 2.1.0 <>... Sender ok
RCPT 
To:<SRS0=HiHQUElH=GJ=asarian-host(_dot_)net=admin(_at_)asarian-host(_dot_)net>
<<< 250 2.1.5 
<SRS0=HiHQUElH=GJ=asarian-host(_dot_)net=admin(_at_)asarian-host(_dot_)net>
... Recipient ok

Make sure the path to your prog is sendmail-safe! Check your maillog, and
see if you see something like this:

Feb 20 05:35:21 asarian-host sendmail[4824]: i1K4ZLcV004821: Warning:
prog_open: program /etc/scripts/srs2envtol.pl unsafe: World writable
directory

Sendmail is pretty strict about safe paths. Also ensure that sendmail has
sufficient privileges to execute the script.

If you made the 'incisions' in sendmail.cf at the proper locations, RCPT TO:
with an SRS recipient should not fail. I have been running this successfully
for several weeks now.

If it still does not work, get back to me. ;)

- Mark

        System Administrator Asarian-host.org

---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx


<Prev in Thread] Current Thread [Next in Thread>