hello tobias, I'm in a hurry thus top posting. Last time I tried direct aliasing to commands did not work, as you have noticed (same error messages). To make mlmmj work I created users for each list, aliased to these users, gave each user a .forward (forward(5)) with the appropriate mlmmj commands. Sidenote: this way you can have mlmmj-maintd run as the user of the mailing list.
bye, marcus [email protected] (Tobias Sarnowski), 2012.04.09 (Mon) 11:07 (CEST): > Hello there, > > I am trying to set up a mailinglist with my OpenSMTP daemon and found an > unexpected behaviour in OpenBSD-current. I think this is a bug and hopefully > I didn't miss anything in the documentation. > > The problem is the user selection when receiving mails for a command. I tried > to read the code and found out, that when using a command, the user string is > empty. > > Entry in my /etc/mail/aliases: > mlmmj-test: |"/usr/local/bin/mlmmj-recieve -L /var/spool/mlmmj/mlmmj-test/" > > Entry in my /var/log/maillog after sending a mail to the list: > 11993303259ac8a2: to=<[email protected]>, delay=1645, stat=Error > (getpwnam: no such user) > > Starting "smtpd -dv" reveals the empty user string: > forkmda: to "/usr/local/bin/mlmmj-recieve -L /var/spool/mlmmj/mlmmj-test/" as > c9a2d37f69cfc58c: to=<[email protected]>, delay=0, stat=Error > (getpwnam: no such user) > > I added some more log statements to the code and can confirm, that the > "deliver->user" in smtpd.c:768 is an empty string which will be used to get > the users informations which obviously fails. > > > To resolve the problem, the daemon has to choose a correct user for executing > the external command. I think there are three options: > 1. Use "root" hardcoded for commands > 2. Use the local user, corresponding to the alias name > 3. Use the daemon's user > > 2. requires to have a local user with the same name which is realy ugly since > I don't need that user on my system. > 3. may be too restrited for the command so that you have to give the smtp > daemon more rights what does not make sense for this user. > 1. may be insecure but only if the sysadmin uses it wrong. There is no > default alias rule in the base system with command execution, so the daemon > remains secure by default. > > I don't know sendmail, but the most obvious solution is to use the same rules > as sendmail did for backward compatibility. > > > Thanks for reading, > Tobias Sarnowski > > > p.s. for testing, I created a local mlmmj-test user to verify that no other > code branch will be triggered if the same user exists. > > > !DSPAM:4f82a81496401090411289!
