[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Procmail again :-(

> Hi,
> I've previously asked about the use of procmail to deliver messages and have
> tried following the instructions given with procmail for setting up zmailer
> to be happy with it, also a few suggestions sent directly to me from others
> who (I think) have procmail working with zmailer on their system ok.
> I have tried:
>    and in scheduler.conf;
>    local/*
>         command="sm -8c $channel local"
>    but zmailer tries to deliver to files and pipes using procmail.
>    It has been suggested I setup files and pipes to deliver using mailbox
>    (as before), I'm not entirely sure how to do this, I tried adding
>    defintions in scheduler.conf for 'local/file' and 'local/pipe' but these
>    made no difference as procmail still received the to file and to pipe
>    messages.

	The ORDER of things in the scheduler.conf is very important!

		command="mailbox ..."
		command="sm -8c $channel local"

>  * Putting "|/usr/bin/procmail" in .forward, with .forward being owned
>    by the user and mode 600.  I get the following message sent to the
>    postmaster.
>    ----------------- MSG HERE --------------------
>    A copy of your message is being returned to you due to difficulties
>    encountered while attempting to deliver your mail.
>    Very often people attempt to send mail to USERIDs, which are not
>    known to this particular system.
>    The following errors occurred during message delivery processing:
>    <local ggi-robot "|/usr/bin/procmail" 65535>: mail to program disallowed
>    SNIP
>    Final-Recipient: X-LOCAL; ?program?
>    Action: failed
>    Status: 5.2.1 (Mail to program disallowed w/o proper privileges)
>    Diagnostic-Code: 550 (Mail to program disallowed w/o proper privileges)
>    ----------------- MSG HERE --------------------
>    What privileges might these be?  The mode of the .forward or
>    /usr/bin/procmail file?  Authorisation by the mail adminstrator
>    that this program maybe executed by anyone, or some people from
>    their .forward files?  Authorisation that any or some users may
>    execute programs (all all) from their .forward files?

	User home directory protection must be 755 or stricter,
	and .forward file protection must be 644 or stricter.

	Otherwise the file owner is not trusted to allow program
	execution on a pipe.

>    I shutdown and restarted zmailer between config changes.
>    My versions are:
>       ZMailer router (2.99.38 #1: Sun Sep 22 18:20:44 BST 1996)
>       procmail v3.11pre4 1995/10/29 written and created by Stephen R. vanden

  I am not sure, if that version (..38) had already differentiated
  paths for local/file* and local/pipe* processing in the router cf
  files.  It might not produce different paths needed for the procmail
  to work properly.

> -- 
> Darryl Miles

	/Matti Aarnio