[Esd-l] Totally Stumped - Sanitizer on an inbound relay - I
THINK I GOT IT, PLEASE DOUBLE CHECK THIS
Chris Rothbauer
crothbauer at intagio.com
Thu Nov 14 14:35:01 PST 2002
Ok, here is what I did...... I finally was able to get sendmail to actually
RUN the rules (yes it was the cheese, I was restarting, rather than killing
ALL and starting so other daemons must have transferred their settings).
But when I did, I ended up with addresses like
bob at domain.com.procmail.domain.com.
It's a relay so I chose to use the $=R instead of $=w. Here is what they
look like......
R$*<@$=R>$* $#procmail $@/etc/procmail/filt.rc $:$1<@$2.procmail.>
R$*<@$=R.>$* $#procmail $@/etc/procmail/filt.rc $:$1<@$2.procmail.>
R$*<@$*.procmail.>$* $1<@$2.>$3
Notice, I took out the $2 from the end.
Does anyone see a problem with this?
Thanks again for everyone's insight.
-----Original Message-----
From: Ian Castle [mailto:ian.castle at coldcomfortfarm.net]
Sent: Thursday, November 14, 2002 12:28 AM
To: Chris Rothbauer; esd-l at spconnect.com
Subject: Re: [Esd-l] Totally Stumped - Sanitizer on an inbound relay
My LOCAL_RULE_0 is
R$*<@$=w>$* $#procmail $@/etc/procmail.d/gateway-filter.procmail
$:$1<@$2.pr
ocmail.>$3
R$*<@$=w.>$* $#procmail $@/etc/procmail.d/gateway-filter.procmail
$:$1<@$2.pr
ocmail.>$3
R$*<@$*.procmail.>$* $1<@$2.>$3
Which is quire different - notice the $3 at the end of the lines.
It looks like it isn't rewriting the addresses correctly!
On Thursday 14 November 2002 00:09, Chris Rothbauer wrote:
> I have been all over this for a few days now and am completely stumped. I
> want to run procmail filters, including sanitizer, on an inbound relay.
> I've gone through the howto for installing sanitizer on an inbound relay,
> both directly editing the cf file and recreating it with the mc. I've also
> tried using the mailertable but this always gives me "too many hops." Here
> is what I have tried and the checks I've run.
>
> The results of putting LOCAL_RULE_0 in to the mc....
> ###################################################################
> ### Ruleset 98 -- local part of ruleset zero (can be null) ###
> ###################################################################
>
> SParseLocal=98
>
> # addresses sent to foo at host.REDIRECT will give a 551 error code
> R$* < @ $+ .REDIRECT. > $: $1 < @ $2 . REDIRECT . > < ${opMode} >
> R$* < @ $+ .REDIRECT. > <i> $: $1 < @ $2 . REDIRECT. >
> R$* < @ $+ .REDIRECT. > < $- > $#error $@ 5.1.1 $: "551 User has moved;
> please try " <$1@$2>
>
>
> R$*<@domain.com>$* $#procmail $@/etc/procmail/filt.rc
> $:$1<@domain.com.procmail.>$2
> R$*<@domain.com.>$* $#procmail $@/etc/procmail/filt.rc
> $:$1<@domain.com.procmail.>$2
> R$*<@$*.procmail.>$* $1<@$2.>$3
>
> (yes, those are TABs)
>
> I've also moved the 3 lines up to just above the "short circuit local
> delivery" stanza with the same results.
>
> I have the CPprocmail entry and here are the Mprocmail and Mlocal
> definitions.
> Mprocmail, P=/usr/bin/procmail, F=DFMmShun, S=11/31, R=21/31,
> T=DNS/RFC822/X-Unix,
> A=procmail -m $h $g $u
>
> Mlocal, P=/usr/bin/procmail, F=lsDFMAw5:/|@qSPfhn9,
> S=EnvFromL/HdrFromL, R=EnvToL/HdrToL,
> T=DNS/RFC822/X-Unix,
> A=procmail -t -Y -a $h -d $u
>
> Output of sendmail -bt checks......
>
> [root at myserver root]# /usr/lib/sendmail -bt
> ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
> Enter <ruleset> <address>
>
> > 3,0 bob at domain.com
>
> canonify input: bob @ domain . com
> Canonify2 input: bob < @ domain . com >
> Canonify2 returns: bob < @ domain . com . >
> canonify returns: bob < @ domain . com . >
> parse input: bob < @ domain . com . >
> Parse0 input: bob < @ domain . com . >
> Parse0 returns: bob < @ domain . com . >
> ParseLocal input: bob < @ domain . com . >
> ParseLocal returns: $# procmail $@ / etc / procmail / filt . rc $:
> bob < @ domain . com . procmail . >
> parse returns: $# procmail $@ / etc / procmail / filt . rc $:
> bob < @ domain . com . procmail . >
>
> > 3,0 bob at domain.com.procmail
>
> canonify input: bob @ domain . com . procmail
> Canonify2 input: bob < @ domain . com . procmail >
> Canonify2 returns: bob < @ domain . com . procmail . >
> canonify returns: bob < @ domain . com . procmail . >
> parse input: bob < @ domain . com . procmail . >
> Parse0 input: bob < @ domain . com . procmail . >
> Parse0 returns: bob < @ domain . com . procmail . >
> ParseLocal input: bob < @ domain . com . procmail . >
> ParseLocal returns: bob < @ domain . com . >
> Parse1 input: bob < @ domain . com . >
> Mailertable input: < domain . com > bob < @ domain . com . >
> Mailertable input: domain . < com > bob < @ domain . com . >
> Mailertable returns: bob < @ domain . com . >
> Mailertable returns: bob < @ domain . com . >
> MailerToTriple input: < > bob < @ domain . com . >
> MailerToTriple returns: bob < @ domain . com . >
> Parse1 returns: $# esmtp $@ domain . com . $: bob < @ domain .
> com . >
> parse returns: $# esmtp $@ domain . com . $: bob < @ domain .
> com . >
>
> The last line of filt.rc is ......
> # send the mail on to the next relay
>
> :0
>
> ! -oi -f "$@"
>
> Using this config, I have yet to see an inbound message actually pass
> through the sanitizer. I never get the extra "hop" from root at localhost and
> of course stripped files make it through.
>
> I'm running sendmail 8.12.5 on RedHat 8.
>
> HHHHEEEEEEELLLLLLP!
>
> Thanks much!
>
> C
> _______________________________________________
> Esd-l mailing list
> Esd-l at spconnect.com
> http://www.spconnect.com/mailman/listinfo/esd-l
More information about the esd-l
mailing list