'Re: deliver-to header processing'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       getmail
Subject:    Re: deliver-to header processing
From:       "Charles Cazabon" <search-web-for-address () pyropus ! ca>
Date:       2013-04-26 16:47:18
Message-ID: 20130426164718.GA10694 () pyropus ! ca
[Download RAW message or body]

Please don't top-post to mailing lists; quote correctly and trim unnecessary
text.

Massimo Zambelli <massimo.zambelli@gmail.com> wrote:
> > > type = MDA_external
> > > allow_root_commands=1
> > > path = /usr/sbin/sendmail
> > > arguments = ( "-f", "%(sender)", "%(recipient)" )
> >
> > As I said in my other message, this is a *very* bad idea.  Do not do this.
> > If you absolutely have to re-inject (which is generally a bad idea, and not
> > necessary either), set the sender address to a fixed address on the machine
> > you're injecting on.
>
> Ok, i have read the faq and i'll try to configure spamassassin and 
> clamav with filter sections (and then deliver mail to maildirs) rather 
> than re-inject mail to postfix.

That's not quite what I said.  There are cases where doing the filtering in
getmail or via a filtering MDA is burdensome (such as trying to replicate the
filtering regime of another machine where you can't won't run getmail, like
perhaps on your Msexchange box.  In these cases, re-injection of retrieved
messages into an MTA may be the best solution.

But under no circumstances should you ever re-inject and set the envelope
sender address to something pulled out of the message headers.

i.e., if you absolutely had to re-inject, this would be the safer way:

    type = MDA_external
    path = /usr/sbin/sendmail
    arguments = ( "-f", "postmaster@localhost", "%(recipient)" )

Note you have another serious problem in your shown config: you're running
the sendmail as root!  Holy shit, is that ever a bad idea.  You're passing
arbitrary input from a potential attacker to a root process, just *begging* to
have your machine rooted.  Presumably you did this because you're running
getmail as root -- which is also unnecessary with your configuration.

You said you're new to Unix.  I'll give you a free tip: don't run anything as
root unless it's absolutely, 100% necessary.

> Dumb question: can sendmail deliver mail direcly to another smtp host?

Yes; you're talking about sending all mail to another system which then
delivers to its actual destination, a so-called relay-host.

> what is the correct syntax?

sendmail questions don't belong on this mailing list.  If you're using
Postfix, consult the Postfix docs or a Postfix mailing list; same for qmail,
sendmail, exim, or whatever other MTA you might be using.

Charles
-- 
-----------------------------------------------------------------------
Charles Cazabon
GPL'ed software available at:               http://pyropus.ca/software/
-----------------------------------------------------------------------

---------------------------------------------------------------------
To unsubscribe, e-mail: getmail-unsubscribe@lists.pyropus.ca
For additional commands, e-mail: getmail-help@lists.pyropus.ca

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic