[Esd-l] Still can't get Procmail-security to work - I am
stumped
Brad
procmail at capstone.net.au
Fri Jan 4 07:55:01 PST 2002
Hi John. Thanks for your reply.
> > My /etc/sendmail.cf file:
> >
> > Mlocal, P=/usr/bin/procmail, F=lsDFMAw5:/|@qSPfhn9,
> > S=EnvFromL/HdrFromL, R=EnvToL/HdrToL,
> > T=DNS/RFC822/X-Unix,
> > A=procmail -Y -a $h -d $u
>
> Did you change this? The default sendmail install should properly call
> procmail without you having to do anything.
No. This is the default setting. I have compared it with my work mail server
which has the sanitizer installed, and it is the same.
>
> > I have created an /etc/procmailrc:
> >
> > DROPPRIVS=YES
> > LOGFILE=/var/log/procmail.log
>
> Is that file rw--w--w-?
Yes.
>
> >
MANGLE_EXTENSIONS='exe|com|cmd|bat|pif|sc[rt]|lnk|dll|ocx|xl[wt]|p[po]t|rtf|
> >
vb[se]?|hta|p[lm]|sh[bs]|hlp|chm|eml|ws[cfh]|ad[ep]|jse?|md[aew]|ms[ip]|reg|
> > asd|
> > cil|pps|asx|wm[szd]'
>
> For now, don't override $MANGLE_EXTENSIONS. Once the sanitizer is
> known to work, you can tweak it.
I have just taken a copy of my work server one and used it, because I know
that it works.
> > The /etc/procmail directory permissions:
> >
> > 4 drwxr-xr-x 3 root root 4096 Oct 24 03:51 procmail
>
> OK
>
> > /etc/procmail contents:
> >
> > 44 -rwxr-xr-x 1 root root 41552 Oct 24 02:46
> > html-trap.procmail
> > 4 -rwxr-xr-x 1 root root 181 Oct 24 03:51 poisoned
>
> Neither need to be executable. 644 rw-r--r-- is sufficient.
>
OK. I have changed them.
> > The /var/log/procmail.log file contains nothing of any note, although it
> > does mention "Defanging active HTML content", relating to an incorrectly
set
> > up cron job that runs at 19:05 every day and that sends an error report
to
> > root.
>
> Try adding "DEBUG_VERBOSE=YES" and "VERBOSE=YES" to your
> /etc/procmailrc and then see what gets logged for your test message.
I have done this, but there is no more information in the log file.
Regards,
Brad
More information about the esd-l
mailing list