Recipe 2.9 Delivering Mail to a Program
ProblemYou want sendmail to pass mail messages to another program. SolutionAddress the mail to the program using the pathname of the program preceded by a pipe character. DiscussionA recipient email address can contain a pipe character and the name of a program. For example: /usr/local/bin/rtmproc sendmail uses the prog mailer to deliver mail to a recipient address that begins with the pipe character. The P parameter of the prog mailer definition defines the path to the prog mailer program and the A parameter defines the command used to run the mailer. With the generic sendmail configuration described in Recipe 1.8, the P parameter is P=/bin/sh and the A parameter is A=sh -c $u . $u is a sendmail macro that contains the email address of the user to which the mail is being delivered. Using the sample email address shown above, the command executed for the prog mailer would be: /bin/sh -c "/usr/local/bin/rtmproc" When the -c option is used with /bin/sh , shell commands are read from the string that follows -c . In this case, sendmail causes the shell to execute a program named rtmproc . sendmail attaches its output to the standard input of the shell and prints out the mail message, which, in the example, sends the mail message to the rtmproc program. sendmail also attaches the standard output and standard error of the shell to its input. The shell executes any command passed to it. The potential security risks of executing any command that follows the pipe character in a recipient address are obvious, and the fact that users are in control of defining such addresses in their .forward files adds to the risk. To reduce these risks, use the Sendmail Restricted Shell ( smrsh ) for the prog mailer instead of /bin/sh . smrsh enhances security by limiting the commands that can be executed, and it is discussed in Chapter 10. Email addresses that begin with pipe characters can be used in the aliases database or in .forward files. For example, the system administrator might create the following alias if rtmproc is some program created to process mail addressed to root : root: "/usr/local/bin/rtmproc" In another example, Rebecca might create the following .forward file to filter her mail through the slocal program: "/usr/lib/nmh/slocal -user reba" Aliases that forward to a program are more commonly used in the .forward file than in any other manner. System administrators create the aliases database, but users create their own .forward files. The structure of the .forward file is similar to that of an :include : file. Each entry in a .forward file defines one or more recipient addresses to which mail addressed to the user is delivered. Anything that can appear in the recipient field of an entry in the aliases database can also appear in a .forward entry. For example, Jill can forward her mail to an external host: jill@ms.foo.edu. Julie can deliver the mail to her local mailbox and make a backup copy in an archive file: \julie /mnt/nsf1/sara/mail.archive Kathy can define the following .forward file when she goes on vacation: \kathy, "/usr/local/bin/vacation kathy" Notice Kathy's entry. Kathy wants to put a copy of the mail in her mailbox before running the vacation program. Her .forward file starts with \kathy . The \ causes sendmail to deliver mail to the kathy account without further aliasing. The \ is necessary; without it, placing the address kathy in Kathy's .forward file would cause a loop. See AlsoThe sendmail book covers the aliases database in Chapter 12. |
