LOCAL_RULE_0 and prog mailer problem
in [Sendmail]
|
Prev: White list
Next: Sendmail dequeue process just stops...
From: Vesa-Matti Kari on 19 Nov 2009 09:22 Hello, I am trying to create a virtusertable-like database that would differ in allowing the RHS to be a pipe to a program. At the end of my sendmail.mc I have: LOCAL_CONFIG F{listdoms}/etc/mail/list-domains Klistmap hash /etc/mail/listmap LOCAL_RULE_0 R$+ < @ $={listdoms} . > $: $>ListExists $1@$2 SListExists R$* $: $(listmap $1 $: @NOLIST $) R(a)NOLIST $#error $@ 5.1.1 $: "550 Sorry no such address here" R$* $#local $: $1 /etc/mail/list-domains contains: lists.helsinki.fi /etc/mail/listmap contains: koe2-koe(a)lists.helsinki.fi "| /usr/lib/mailman/mail/mailman post koe2-koe" The listmap.db has been built. I have also disabled smrsh. I keep getting "Cannot mail directly to programs" error. Here is the debug output: sendmail -d21.2 -bv koe2-koe(a)lists.helsinki.fi rewrite: ruleset canonify input: root rewrite: ruleset Canonify2 input: root rewrite: ruleset Canonify2 returns: root rewrite: ruleset canonify returns: root rewrite: ruleset parse input: root rewrite: ruleset Parse0 input: root rewrite: ruleset Parse0 returns: root rewrite: ruleset ParseLocal input: root rewrite: ruleset ParseLocal returns: root rewrite: ruleset Parse1 input: root rewrite: ruleset Parse1 returns: $# local $: root rewrite: ruleset parse returns: $# local $: root rewrite: ruleset 2 input: root rewrite: ruleset 2 returns: root rewrite: ruleset EnvToL input: root rewrite: ruleset EnvToL returns: root rewrite: ruleset final input: root rewrite: ruleset final returns: root rewrite: ruleset canonify input: root rewrite: ruleset Canonify2 input: root rewrite: ruleset Canonify2 returns: root rewrite: ruleset canonify returns: root rewrite: ruleset 1 input: root rewrite: ruleset 1 returns: root rewrite: ruleset final input: root rewrite: ruleset final returns: root rewrite: ruleset canonify input: koe2-koe @ lists . helsinki . fi rewrite: ruleset Canonify2 input: koe2-koe < @ lists . helsinki . fi > rewrite: RHS $&{daemon_flags} => "(NULL)" rewrite: ruleset Canonify2 returns: koe2-koe < @ lists . helsinki . fi . > rewrite: ruleset canonify returns: koe2-koe < @ lists . helsinki . fi . > rewrite: ruleset parse input: koe2-koe < @ lists . helsinki . fi . > rewrite: ruleset Parse0 input: koe2-koe < @ lists . helsinki . fi . > rewrite: ruleset Parse0 returns: koe2-koe < @ lists . helsinki . fi . > rewrite: ruleset ParseLocal input: koe2-koe < @ lists . helsinki . fi . > rewrite: ruleset ListExists input: koe2-koe @ lists . helsinki . fi rewrite: ruleset ListExists returns: $# local $: "| /usr/lib/mailman/mail/mailman post koe2-koe" rewrite: ruleset ParseLocal returns: $# local $: "| /usr/lib/mailman/mail/mailman post koe2-koe" rewrite: ruleset parse returns: $# local $: "| /usr/lib/mailman/mail/mailman post koe2-koe" rewrite: ruleset 2 input: "| /usr/lib/mailman/mail/mailman post koe2-koe" rewrite: ruleset 2 returns: "| /usr/lib/mailman/mail/mailman post koe2-koe" rewrite: ruleset EnvToL input: "| /usr/lib/mailman/mail/mailman post koe2-koe" rewrite: ruleset EnvToL returns: "| /usr/lib/mailman/mail/mailman post koe2-koe" rewrite: ruleset final input: "| /usr/lib/mailman/mail/mailman post koe2-koe" rewrite: ruleset final returns: "| /usr/lib/mailman/mail/mailman post koe2-koe" koe2-koe(a)lists.helsinki.fi... Cannot mail directly to programs Contrast that with a successful prog-mailer selection. /etc/mail/aliases contains: aliased: "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar" And the debug output shows success: sendmail -d21.2 -bv aliased rewrite: ruleset canonify input: root rewrite: ruleset Canonify2 input: root rewrite: ruleset Canonify2 returns: root rewrite: ruleset canonify returns: root rewrite: ruleset parse input: root rewrite: ruleset Parse0 input: root rewrite: ruleset Parse0 returns: root rewrite: ruleset ParseLocal input: root rewrite: ruleset ParseLocal returns: root rewrite: ruleset Parse1 input: root rewrite: ruleset Parse1 returns: $# local $: root rewrite: ruleset parse returns: $# local $: root rewrite: ruleset 2 input: root rewrite: ruleset 2 returns: root rewrite: ruleset EnvToL input: root rewrite: ruleset EnvToL returns: root rewrite: ruleset final input: root rewrite: ruleset final returns: root rewrite: ruleset canonify input: root rewrite: ruleset Canonify2 input: root rewrite: ruleset Canonify2 returns: root rewrite: ruleset canonify returns: root rewrite: ruleset 1 input: root rewrite: ruleset 1 returns: root rewrite: ruleset final input: root rewrite: ruleset final returns: root rewrite: ruleset canonify input: aliased rewrite: ruleset Canonify2 input: aliased rewrite: ruleset Canonify2 returns: aliased rewrite: ruleset canonify returns: aliased rewrite: ruleset parse input: aliased rewrite: ruleset Parse0 input: aliased rewrite: ruleset Parse0 returns: aliased rewrite: ruleset ParseLocal input: aliased rewrite: ruleset ParseLocal returns: aliased rewrite: ruleset Parse1 input: aliased rewrite: ruleset Parse1 returns: $# local $: aliased rewrite: ruleset parse returns: $# local $: aliased rewrite: ruleset 2 input: aliased rewrite: ruleset 2 returns: aliased rewrite: ruleset EnvToL input: aliased rewrite: ruleset EnvToL returns: aliased rewrite: ruleset final input: aliased rewrite: ruleset final returns: aliased rewrite: ruleset canonify input: "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar" rewrite: ruleset Canonify2 input: "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar" rewrite: ruleset Canonify2 returns: "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar" rewrite: ruleset canonify returns: "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar" rewrite: ruleset parse input: "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar" rewrite: ruleset Parse0 input: "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar" rewrite: ruleset Parse0 returns: "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar" rewrite: ruleset ParseLocal input: "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar" rewrite: ruleset ParseLocal returns: "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar" rewrite: ruleset Parse1 input: "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar" rewrite: ruleset Parse1 returns: $# local $: "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar" rewrite: ruleset parse returns: $# local $: "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar" rewrite: ruleset 2 input: "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar" rewrite: ruleset 2 returns: "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar" rewrite: ruleset EnvToL input: "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar" rewrite: ruleset EnvToL returns: "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar" rewrite: ruleset final input: "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar" rewrite: ruleset final returns: "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar" "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar"... deliverable: mailer prog, user "| /usr/lib/mailman/mail/mailman unsubscribe foo-bar" In both cases, the "ruleset final" retuns a very similar result, so I am wondering what is wrong my own ruleset. Does anyone know, and perhaps how to fix it? Digging into the source code, sendmail/recipient.c is where the error message originates from: /* check for direct mailing to restricted mailers */ if (m == ProgMailer) { if (new->q_alias == NULL || UseMSP || bitset(EF_UNSAFE, e->e_flags)) { new->q_state = QS_BADADDR; new->q_status = "5.7.1"; usrerrenh(new->q_status, "550 Cannot mail directly to programs"); } I could add a flag to prevent the error, but this is probably not the way to solve the issue, right? Thanks. Regards, vmk -- ************************************************************************ Tietotekniikkaosasto / Helsingin yliopisto IT Department / University of Helsinki ************************************************************************
From: Andrzej Adam Filip on 19 Nov 2009 15:32 vmkari(a)cc.helsinki.fi (Vesa-Matti Kari) wrote: > I am trying to create a virtusertable-like database that would > differ in allowing the RHS to be a pipe to a program. > > At the end of my sendmail.mc I have: > > LOCAL_CONFIG > F{listdoms}/etc/mail/list-domains > Klistmap hash /etc/mail/listmap > LOCAL_RULE_0 > R$+ < @ $={listdoms} . > $: $>ListExists $1@$2 > SListExists > R$* $: $(listmap $1 $: @NOLIST $) > R(a)NOLIST $#error $@ 5.1.1 $: "550 Sorry no such address here" > R$* $#local $: $1 > > > /etc/mail/list-domains contains: > lists.helsinki.fi > > /etc/mail/listmap contains: > koe2-koe(a)lists.helsinki.fi "| /usr/lib/mailman/mail/mailman post koe2-koe" > [...] Have you considered using mailman mailer based in mm-handler program? http://wiki.list.org/display/DOC/Integrating+Mailman+with+Sendmail+-+Method+1 /etc/mail/listmap : koe2-koe(a)lists.helsinki.fi OK sendmail.mc #v+ LOCAL_CONFIG F{listdoms}/etc/mail/list-domains Klistmap hash -m /etc/mail/listmap LOCAL_RULE_0 R$+ < @ $={listdoms} . > $: $>ListExists $1@$2 LOCAL_RULESETS SListExists R$+@$+ $: $(listmap $1@$2 $: $) R$+@$+ $#mailman2 $@ $2 $: $1 R$* $#error $@ 5.1.1 $: "550 Sorry no such address here" MAILER_DEFINITIONS Mmailman2, P=/etc/mail/mm-handler, F=rDFMhlqSu, S=EnvFromL, R=EnvToL/HdrToL, T=DNS/RFC822/X-Unix, U=mailman:mail, A=mm-handler -j $h -d $u undivert(-1) #v- WARNING: do not forget about TABS (\t) in lines starting with R. -- [pl>en Andrew] Andrzej Adam Filip : anfi(a)onet.eu : Andrzej.Filip(a)gmail.com I don't kill flies, but I like to mess with their minds. I hold them above globes. They freak out and yell "Whooa, I'm *way* too high." -- Bruce Baum
From: Vesa-Matti Kari on 20 Nov 2009 05:05 Andrzej Adam Filip <anfi(a)onet.eu> wrote: > Have you considered using mailman mailer based in mm-handler program? > http://wiki.list.org/display/DOC/Integrating+Mailman+with+Sendmail+-+Method+1 No, I was not aware of it. Many thanks for the tip. In fact I'm considering Sympa instead of Mailman for the following reasons: 1) If I understood correctly, the virtual domain support in Mailman 2.x does not prevent list name collisions, i.e. the LHS sides of the virtual domain addresses exist in the same namespace. This, of course, means that all LHSs must be unique across all virtual domains, which is not a good thing. 2) Again, if I understood correctly, Mailman 3 will implement per-virtual-domain namespaces, but unfortunately the 3.x branch is still in the alpha development stage, and thus unsuitable for production use. > /etc/mail/listmap : > koe2-koe(a)lists.helsinki.fi OK > sendmail.mc > #v+ > LOCAL_CONFIG > F{listdoms}/etc/mail/list-domains > Klistmap hash -m /etc/mail/listmap > LOCAL_RULE_0 > R$+ < @ $={listdoms} . > $: $>ListExists $1@$2 > LOCAL_RULESETS > SListExists > R$+@$+ $: $(listmap $1@$2 $: $) > R$+@$+ $#mailman2 $@ $2 $: $1 > R$* $#error $@ 5.1.1 $: "550 Sorry no such address here" > MAILER_DEFINITIONS > Mmailman2, P=/etc/mail/mm-handler, F=rDFMhlqSu, S=EnvFromL, R=EnvToL/HdrToL, > T=DNS/RFC822/X-Unix, U=mailman:mail, > A=mm-handler -j $h -d $u > undivert(-1) > #v- Yes. Out of academic interest, I would still be very interested to hear why my original rule set did not work. Well, I see why when I look at the recipient.c, but I do not understand the rationale behind it. I don't see why the mailers (i.e. local/prog vs self-defined) are treated differently. I browsed the Batbook (3rd ed.) yesterday and could not find a reason there. I *have* previously used a LOCAL_RULE_0 with success but I selected a self-defined mailer at that time, just like you did in your example above. Regards, vmk -- ************************************************************************ Tietotekniikkaosasto / Helsingin yliopisto IT Department / University of Helsinki ************************************************************************
From: Andrzej Adam Filip on 20 Nov 2009 05:35 vmkari(a)cc.helsinki.fi (Vesa-Matti Kari) wrote: > [...] > Out of academic interest, I would still be very interested to hear > why my original rule set did not work. Well, I see why when > I look at the recipient.c, but I do not understand the rationale > behind it. > > I don't see why the mailers (i.e. local/prog vs self-defined) > are treated differently. I browsed the Batbook (3rd ed.) > yesterday and could not find a reason there. > > I *have* previously used a LOCAL_RULE_0 with success but > I selected a self-defined mailer at that time, just like you > did in your example above. I think I can see indirect explanation in description of F=| mailer flag. Specifying "| ..." must be prohibited in SMTP session and via command line (for security reasons) => it lead to implementation that allows it *ONLY* in aliases and ~/.foward -- [pl>en Andrew] Andrzej Adam Filip : anfi(a)onet.eu : Andrzej.Filip(a)gmail.com "Conversion, fastidious Goddess, loves blood better than brick, and feasts most subtly on the human will." -- Virginia Woolf, "Mrs. Dalloway"
|
Pages: 1 Prev: White list Next: Sendmail dequeue process just stops... |