From 029c3999de11af8027b464c1f5fbbf9cb4a4b04d Mon Sep 17 00:00:00 2001 From: "Eric S. Raymond" Date: Thu, 8 Mar 2001 01:48:39 +0000 Subject: Notes about safe MDAs. svn path=/trunk/; revision=3225 --- configure.in | 7 +++++++ fetchmail.man | 29 +++++++++++++++-------------- 2 files changed, 22 insertions(+), 14 deletions(-) diff --git a/configure.in b/configure.in index db7b899f..c1cbe481 100644 --- a/configure.in +++ b/configure.in @@ -212,6 +212,13 @@ AC_DEFINE_UNQUOTED(PID_DIR, "$dir") # it won't try delivering through local SMTP and cause a mail loop. # Sendmail without the -t option to use the message headers will work too, # not just for sendmail itself but for workalikes like exim. +# +# Note: it would be a very bad idea to use any MDA that doesn't return +# a refuse-to-deliver status on disk- or process-table-full +# conditions; mail could get lost that way. Both procmail and +# sendmail (and all of the MDAs like exim that might be lurking under +# a sendmail alias) do the right thing in this circumstance. +# AC_PATH_PROG(procmail, procmail, "", $PATH:/usr/sbin) if test "$procmail" then diff --git a/fetchmail.man b/fetchmail.man index 921fc754..f1856dda 100644 --- a/fetchmail.man +++ b/fetchmail.man @@ -350,20 +350,21 @@ be comma-separated. .B \-m , \--mda (Keyword: mda) You can force mail to be passed to an MDA directly (rather than -forwarded to port 25) with the -mda or -m option. Be aware that this -disables some valuable resource-exhaustion checks and error handling -provided by SMTP listeners; it's not a good idea unless running an -SMTP listener is impossible. If \fIfetchmail\fR is running as root, -it sets its userid to that of the target user while delivering mail -through an MDA. Some possible MDAs are "/usr/sbin/sendmail -oem -f %F -%T", "/usr/bin/deliver" and "/usr/bin/procmail -d %T" (but the latter -is usually redundant as it's what SMTP listeners usually forward -to). Local delivery addresses will be inserted into the MDA command -wherever you place a %T; the mail message's From address will be -inserted where you place an %F. Do \fInot\fR use an MDA invocation -like "sendmail -oem -t" that dispatches on the contents of To/Cc/Bcc, -it will create mail loops and bring the just wrath of many postmasters -down upon your head. +forwarded to port 25) with the -mda or -m option. To avoid losing +mail, use this option only with MDAs like procmail or sendmail that +return a nonzero status on disk-full and other resource-exhaustion +errors; the nonzero status tells fetchmail that delivery failed and +prevents the message from being deleted off the server. If +\fIfetchmail\fR is running as root, it sets its userid to that of the +target user while delivering mail through an MDA. Some possible MDAs +are "/usr/sbin/sendmail -oem -f %F %T", "/usr/bin/deliver" and +"/usr/bin/procmail -d %T" (but the latter is usually redundant as it's +what SMTP listeners usually forward to). Local delivery addresses +will be inserted into the MDA command wherever you place a %T; the +mail message's From address will be inserted where you place an %F. +Do \fInot\fR use an MDA invocation like "sendmail -oem -t" that +dispatches on the contents of To/Cc/Bcc, it will create mail loops and +bring the just wrath of many postmasters down upon your head. .TP .B \--lmtp (Keyword: lmtp) -- cgit v1.2.3