[Esd-l] Totally Stumped - Sanitizer on an inbound relay - I THINK I GOT IT, PLEASE DOUBLE CHECK THIS

Chris Rothbauer crothbauer at intagio.com
Thu Nov 14 14:35:01 PST 2002


Ok, here is what I did...... I finally was able to get sendmail to actually
RUN the rules (yes it was the cheese, I was restarting, rather than killing
ALL and starting so other daemons must have transferred their settings).
But when I did, I ended up with addresses like
bob at domain.com.procmail.domain.com.


It's a relay so I chose to use the $=R instead of $=w. Here is what they
look like......

R$*<@$=R>$*     $#procmail $@/etc/procmail/filt.rc $:$1<@$2.procmail.>
R$*<@$=R.>$*    $#procmail $@/etc/procmail/filt.rc $:$1<@$2.procmail.>
R$*<@$*.procmail.>$*            $1<@$2.>$3

Notice, I took out the $2 from the end.

Does anyone see a problem with this?

Thanks again for everyone's insight.

-----Original Message-----
From: Ian Castle [mailto:ian.castle at coldcomfortfarm.net]
Sent: Thursday, November 14, 2002 12:28 AM
To: Chris Rothbauer; esd-l at spconnect.com
Subject: Re: [Esd-l] Totally Stumped - Sanitizer on an inbound relay


My LOCAL_RULE_0 is


R$*<@$=w>$*     $#procmail $@/etc/procmail.d/gateway-filter.procmail
$:$1<@$2.pr
ocmail.>$3
R$*<@$=w.>$*    $#procmail $@/etc/procmail.d/gateway-filter.procmail
$:$1<@$2.pr
ocmail.>$3
R$*<@$*.procmail.>$*    $1<@$2.>$3

Which is quire different - notice the $3 at the end of the lines.

It looks like it isn't rewriting the addresses correctly!


On Thursday 14 November 2002 00:09, Chris Rothbauer wrote:
> I have been all over this for a few days now and am completely stumped. I
> want to run procmail filters, including sanitizer, on an inbound relay.
> I've gone through the howto for installing sanitizer on an inbound relay,
> both directly editing the cf file and recreating it with the mc. I've also
> tried using the mailertable but this always gives me "too many hops." Here
> is what I have tried and the checks I've run.
>
> The results of putting LOCAL_RULE_0 in to the mc....
> ###################################################################
> ###  Ruleset 98 -- local part of ruleset zero (can be null)     ###
> ###################################################################
>
> SParseLocal=98
>
> # addresses sent to foo at host.REDIRECT will give a 551 error code
> R$* < @ $+ .REDIRECT. >         $: $1 < @ $2 . REDIRECT . > < ${opMode} >
> R$* < @ $+ .REDIRECT. > <i>     $: $1 < @ $2 . REDIRECT. >
> R$* < @ $+ .REDIRECT. > < $- >  $#error $@ 5.1.1 $: "551 User has moved;
> please try " <$1@$2>
>
>
> R$*<@domain.com>$*      $#procmail $@/etc/procmail/filt.rc
> $:$1<@domain.com.procmail.>$2
> R$*<@domain.com.>$*     $#procmail $@/etc/procmail/filt.rc
> $:$1<@domain.com.procmail.>$2
> R$*<@$*.procmail.>$*            $1<@$2.>$3
>
> (yes, those are TABs)
>
> I've also moved the 3 lines up to just above the "short circuit local
> delivery" stanza with the same results.
>
> I have the CPprocmail entry and here are the Mprocmail and Mlocal
> definitions.
> Mprocmail,      P=/usr/bin/procmail, F=DFMmShun, S=11/31, R=21/31,
>                 T=DNS/RFC822/X-Unix,
>                 A=procmail -m $h $g $u
>
> Mlocal,         P=/usr/bin/procmail, F=lsDFMAw5:/|@qSPfhn9,
> S=EnvFromL/HdrFromL, R=EnvToL/HdrToL,
>                 T=DNS/RFC822/X-Unix,
>                 A=procmail -t -Y -a $h -d $u
>
> Output of sendmail -bt checks......
>
> [root at myserver root]# /usr/lib/sendmail -bt
> ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
> Enter <ruleset> <address>
>
> > 3,0 bob at domain.com
>
> canonify           input: bob @ domain . com
> Canonify2          input: bob < @ domain . com >
> Canonify2        returns: bob < @ domain . com . >
> canonify         returns: bob < @ domain . com . >
> parse              input: bob < @ domain . com . >
> Parse0             input: bob < @ domain . com . >
> Parse0           returns: bob < @ domain . com . >
> ParseLocal         input: bob < @ domain . com . >
> ParseLocal       returns: $# procmail $@ / etc / procmail / filt . rc $:
> bob < @ domain . com . procmail . >
> parse            returns: $# procmail $@ / etc / procmail / filt . rc $:
> bob < @ domain . com . procmail . >
>
> > 3,0 bob at domain.com.procmail
>
> canonify           input: bob @ domain . com . procmail
> Canonify2          input: bob < @ domain . com . procmail >
> Canonify2        returns: bob < @ domain . com . procmail . >
> canonify         returns: bob < @ domain . com . procmail . >
> parse              input: bob < @ domain . com . procmail . >
> Parse0             input: bob < @ domain . com . procmail . >
> Parse0           returns: bob < @ domain . com . procmail . >
> ParseLocal         input: bob < @ domain . com . procmail . >
> ParseLocal       returns: bob < @ domain . com . >
> Parse1             input: bob < @ domain . com . >
> Mailertable        input: < domain . com > bob < @ domain . com . >
> Mailertable        input: domain . < com > bob < @ domain . com . >
> Mailertable      returns: bob < @ domain . com . >
> Mailertable      returns: bob < @ domain . com . >
> MailerToTriple     input: < > bob < @ domain . com . >
> MailerToTriple   returns: bob < @ domain . com . >
> Parse1           returns: $# esmtp $@ domain . com . $: bob < @ domain .
> com . >
> parse            returns: $# esmtp $@ domain . com . $: bob < @ domain .
> com . >
>
> The last line of filt.rc is ......
> # send the mail on to the next relay
>
> :0
>
> ! -oi -f "$@"
>
> Using this config, I have yet to see an inbound message actually pass
> through the sanitizer. I never get the extra "hop" from root at localhost and
> of course stripped files make it through.
>
> I'm running sendmail 8.12.5 on RedHat 8.
>
> HHHHEEEEEEELLLLLLP!
>
> Thanks much!
>
> C
> _______________________________________________
> Esd-l mailing list
> Esd-l at spconnect.com
> http://www.spconnect.com/mailman/listinfo/esd-l



More information about the esd-l mailing list