[Esd-l] Totally Stumped - Sanitizer on an inbound relay
Chris Rothbauer
crothbauer at intagio.com
Thu Nov 14 13:02:01 PST 2002
OK, now I'm still stumped but check this out. As I stated earlier, this host
is a relay, so there should be no local deliveries. I went with the rules
below but changed $=w to $=R to read the relay-domains file instead. Now
check out the results of sendmail -bt. NOTE: bob.com is NOT in my relay
domains file. Really, I don't see why the rule isn't being invoked, unless
it is in the wrong location in the cf file? It's at the tail end of RuleSet
98.
Please keep the advice coming!
[root at myserver mail]# /usr/lib/sendmail -bt
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter <ruleset> <address>
> 3,0 bob at bob.com
canonify input: bob @ bob . com
Canonify2 input: bob < @ bob . com >
Canonify2 returns: bob < @ bob . com . >
canonify returns: bob < @ bob . com . >
parse input: bob < @ bob . com . >
Parse0 input: bob < @ bob . com . >
Parse0 returns: bob < @ bob . com . >
ParseLocal input: bob < @ bob . com . >
ParseLocal returns: bob < @ bob . com . >
Parse1 input: bob < @ bob . com . >
Mailertable input: < bob . com > bob < @ bob . com . >
Mailertable input: bob . < com > bob < @ bob . com . >
Mailertable returns: bob < @ bob . com . >
Mailertable returns: bob < @ bob . com . >
MailerToTriple input: < > bob < @ bob . com . >
MailerToTriple returns: bob < @ bob . com . >
Parse1 returns: $# esmtp $@ bob . com . $: bob < @ bob . com . >
parse returns: $# esmtp $@ bob . com . $: bob < @ bob . com . >
> 3,0 bob at domain.com
canonify input: bob @ domain . com
Canonify2 input: bob < @ domain . com >
Canonify2 returns: bob < @ domain . com . >
canonify returns: bob < @ domain . com . >
parse input: bob < @ domain . com . >
Parse0 input: bob < @ domain . com . >
Parse0 returns: bob < @ domain . com . >
ParseLocal input: bob < @ domain . com . >
ParseLocal returns: $# procmail $@ / etc / procmail / filt . rc $: bob
< @ domain . com . procmail . > domain . com
parse returns: $# procmail $@ / etc / procmail / filt . rc $: bob
< @ domain . com . procmail . > domain . com
> 3,0 bob at domain.com.procmail
canonify input: bob @ domain . com . procmail
Canonify2 input: bob < @ domain . com . procmail >
Canonify2 returns: bob < @ domain . com . procmail . >
canonify returns: bob < @ domain . com . procmail . >
parse input: bob < @ domain . com . procmail . >
Parse0 input: bob < @ domain . com . procmail . >
Parse0 returns: bob < @ domain . com . procmail . >
ParseLocal input: bob < @ domain . com . procmail . >
ParseLocal returns: bob < @ domain . com . >
Parse1 input: bob < @ domain . com . >
MailerToTriple input: < smtp : ch3-ex01 . na . tradaq . net > bob < @
domain . com . >
MailerToTriple returns: $# smtp $@ ch3-ex01 . na . tradaq . net $: bob < @
domain . com . >
Parse1 returns: $# smtp $@ ch3-ex01 . na . tradaq . net $: bob < @
domain . com . >
parse returns: $# smtp $@ ch3-ex01 . na . tradaq . net $: bob < @
domain . com . >
-----Original Message-----
From: Ian Castle [mailto:ian.castle at coldcomfortfarm.net]
Sent: Thursday, November 14, 2002 12:28 AM
To: Chris Rothbauer; esd-l at spconnect.com
Subject: Re: [Esd-l] Totally Stumped - Sanitizer on an inbound relay
My LOCAL_RULE_0 is
R$*<@$=w>$* $#procmail $@/etc/procmail.d/gateway-filter.procmail
$:$1<@$2.pr
ocmail.>$3
R$*<@$=w.>$* $#procmail $@/etc/procmail.d/gateway-filter.procmail
$:$1<@$2.pr
ocmail.>$3
R$*<@$*.procmail.>$* $1<@$2.>$3
Which is quire different - notice the $3 at the end of the lines.
It looks like it isn't rewriting the addresses correctly!
On Thursday 14 November 2002 00:09, Chris Rothbauer wrote:
> I have been all over this for a few days now and am completely stumped. I
> want to run procmail filters, including sanitizer, on an inbound relay.
> I've gone through the howto for installing sanitizer on an inbound relay,
> both directly editing the cf file and recreating it with the mc. I've also
> tried using the mailertable but this always gives me "too many hops." Here
> is what I have tried and the checks I've run.
>
> The results of putting LOCAL_RULE_0 in to the mc....
> ###################################################################
> ### Ruleset 98 -- local part of ruleset zero (can be null) ###
> ###################################################################
>
> SParseLocal=98
>
> # addresses sent to foo at host.REDIRECT will give a 551 error code
> R$* < @ $+ .REDIRECT. > $: $1 < @ $2 . REDIRECT . > < ${opMode} >
> R$* < @ $+ .REDIRECT. > <i> $: $1 < @ $2 . REDIRECT. >
> R$* < @ $+ .REDIRECT. > < $- > $#error $@ 5.1.1 $: "551 User has moved;
> please try " <$1@$2>
>
>
> R$*<@domain.com>$* $#procmail $@/etc/procmail/filt.rc
> $:$1<@domain.com.procmail.>$2
> R$*<@domain.com.>$* $#procmail $@/etc/procmail/filt.rc
> $:$1<@domain.com.procmail.>$2
> R$*<@$*.procmail.>$* $1<@$2.>$3
>
> (yes, those are TABs)
>
> I've also moved the 3 lines up to just above the "short circuit local
> delivery" stanza with the same results.
>
> I have the CPprocmail entry and here are the Mprocmail and Mlocal
> definitions.
> Mprocmail, P=/usr/bin/procmail, F=DFMmShun, S=11/31, R=21/31,
> T=DNS/RFC822/X-Unix,
> A=procmail -m $h $g $u
>
> Mlocal, P=/usr/bin/procmail, F=lsDFMAw5:/|@qSPfhn9,
> S=EnvFromL/HdrFromL, R=EnvToL/HdrToL,
> T=DNS/RFC822/X-Unix,
> A=procmail -t -Y -a $h -d $u
>
> Output of sendmail -bt checks......
>
> [root at myserver root]# /usr/lib/sendmail -bt
> ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
> Enter <ruleset> <address>
>
> > 3,0 bob at domain.com
>
> canonify input: bob @ domain . com
> Canonify2 input: bob < @ domain . com >
> Canonify2 returns: bob < @ domain . com . >
> canonify returns: bob < @ domain . com . >
> parse input: bob < @ domain . com . >
> Parse0 input: bob < @ domain . com . >
> Parse0 returns: bob < @ domain . com . >
> ParseLocal input: bob < @ domain . com . >
> ParseLocal returns: $# procmail $@ / etc / procmail / filt . rc $:
> bob < @ domain . com . procmail . >
> parse returns: $# procmail $@ / etc / procmail / filt . rc $:
> bob < @ domain . com . procmail . >
>
> > 3,0 bob at domain.com.procmail
>
> canonify input: bob @ domain . com . procmail
> Canonify2 input: bob < @ domain . com . procmail >
> Canonify2 returns: bob < @ domain . com . procmail . >
> canonify returns: bob < @ domain . com . procmail . >
> parse input: bob < @ domain . com . procmail . >
> Parse0 input: bob < @ domain . com . procmail . >
> Parse0 returns: bob < @ domain . com . procmail . >
> ParseLocal input: bob < @ domain . com . procmail . >
> ParseLocal returns: bob < @ domain . com . >
> Parse1 input: bob < @ domain . com . >
> Mailertable input: < domain . com > bob < @ domain . com . >
> Mailertable input: domain . < com > bob < @ domain . com . >
> Mailertable returns: bob < @ domain . com . >
> Mailertable returns: bob < @ domain . com . >
> MailerToTriple input: < > bob < @ domain . com . >
> MailerToTriple returns: bob < @ domain . com . >
> Parse1 returns: $# esmtp $@ domain . com . $: bob < @ domain .
> com . >
> parse returns: $# esmtp $@ domain . com . $: bob < @ domain .
> com . >
>
> The last line of filt.rc is ......
> # send the mail on to the next relay
>
> :0
>
> ! -oi -f "$@"
>
> Using this config, I have yet to see an inbound message actually pass
> through the sanitizer. I never get the extra "hop" from root at localhost and
> of course stripped files make it through.
>
> I'm running sendmail 8.12.5 on RedHat 8.
>
> HHHHEEEEEEELLLLLLP!
>
> Thanks much!
>
> C
> _______________________________________________
> Esd-l mailing list
> Esd-l at spconnect.com
> http://www.spconnect.com/mailman/listinfo/esd-l
More information about the esd-l
mailing list