Great Circle Associates List-Managers
(August 1999)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: Majordomo and Postfix and Approvals, Oh, My!
From: wietse @ porcupine . org (Wietse Venema)
Date: Mon, 30 Aug 1999 13:38:58 -0400 (EDT)
To: njs @ scifi . squawk . com (Nick Simicich)
Cc: list-managers @ GreatCircle . COM, postfix-users @ cloud9 . net
In-reply-to: <Pine . LNX . 3 . 96 . 990830110024 . 28754A-100000 @ scifi . squawk . com> from Nick Simicich at "Aug 30, 99 11:31:30 am"

Nick Simicich:
> Problem:  Postfix, by default, uses a special mechanism to quickly catch
> and thwart mail loops.  It places a "delivered-to" header into the mail
> when it delivers it.  If mail is pushed back into postfix, and it is about
> to deliver it to a place it has already delivered it to, it bounces it
> instead.  This is very effective.  It is so effective that it catches even
> mail loops where the Received lines are stripped.  It also catches
> attempts to approve messages, because the mail will be inserted into the
> mail queue with a target destination that is already named in a
> Delivered-To:.  This is the problem.

Yes, delivered-to is ugly.

Thanks for the resend patch. This is better than forcing moderators
everywhere to patch their mailing list approval scripts.

Would it help if the patch was more specific so that it only drops
/^Delivered-To: .*majordomo@/ and leaves other headers intact?

There's one other solution, suggested long ago on this list, and
that is to count Delivered-To: headers and to allow mail to loop
exactly once.  However, that would affect all mail, and not just
mail that being approved.

	Wietse

> Solution 1:  Configure postfix to not apply the Delivered-to headers. 
> This is bad, as it completely ditches the mechanism. 
> 
> Solution 2:  Change all of the approval tools and procedures to delete the
> delivered-to headers.  This is bad since I have multiple moderators who
> have their own procedures, written in the scripting language of their
> choice on different platforms.
> 
> Solution 3: Ditch Postfix.  No.  The list users love postfix because they
> are getting their messages up to 1/2 hour earlier, even though I was using
> bulk-mailer with sendmail.  (They didn't say, "Postfix is great", they
> said, "Gosh, everything is working a lot quicker now.  What did you do?") 
> Postfix delivered 110,000 messages last week. It rarely uses more than a
> few percent of the CPU (An ancient Pentium 100 running Redhat 6 with 32
> Meg). I have tried to dump a big load of stuff on it all at once, it sorts
> it out real fast, without bouncing messages because of overload.  It
> configures more quickly and sanely than sendmail. It is arguably more
> secure than sendmail can be, since it is a bunch of small pieces that do
> not run with more privs than they need, and was written by a security guru
> with security in mind from the start. I have years of experience with
> sendmail and I like it.  Postfix is just better, especially for this. 
> 
> Solution 4: Have majordomo strip Delivered-to headers in all cases.  Same
> problems as solution 1 - you want this mechanism to work, most of the
> time, even on majordomo.
> 
> Solution 5:  Change resend to remove Delivered-To: headers from any
> message that came in as a message body to be Approved after a bounce. 
> Here is a patch.  I have a lot of other patches, so expect a bit of offset
> if you apply it. 
> 
> 
> --- /usr/lib/majordomo/resend	Sun Aug  9 16:33:59 1998
> +++ resend	Mon Aug 30 10:49:32 1999
> @@ -40,6 +40,16 @@
>  
>  #$DEBUG = 1;
>  
> +#postfix uses "delivered-to" to shortcut detection of loops.
> +#This is a good thing, unless this is an approved message.
> +#postfix will see this and bounce the message.
> +#Approval is one of cases that we want to remove 'Delivered-to'
> +#We set this later if we see an "approved" header.  Then,
> +#when we drop the message back into postfix, it can be redelivered
> +#to the same address.
> +
> +$kill_delivered_to = 0;
> +
>  # set our path explicitly
>  # PATH it is set in the wrapper, so there is no need to set it here.
>  #$ENV{'PATH'} = "/bin:/usr/bin:/usr/ucb";
> @@ -400,6 +417,10 @@
>  	}
>  	
>  	# Parse the following as a completely new message.
> +
> +	# This is a postfix hack.  See above.
> +	$kill_delivered_to = 1;
> +
>  	$result .= &parse_header; # The return value won't matter; we're
>  	# approved.
>  	
> @@ -597,6 +648,15 @@
>  	    if $DEBUG;
>  	# check for taboo_headers or approved header
>  	#
> +
> +	# Kill delivered-to headers in approved messages for
> +	# postfix.
> +	if ($kill_delivered_to && /^Delivered\-To\:/i) {
> +	    $kept_last = 0;
> +	    print STDERR "$0:    skipped-delivered-to\n" if $DEBUG;
> +	    next;
> +	}
> +
>  	if ($#taboo_headers >= $[ && !$approved &&
>  	    eval $is_taboo_header) {
>  	    $gonna_bounce .= "taboo header: $taboo ";
> ------CUT HERE--------
> 
> Of course my password is the same as my pet's name.  
> My macaw's name was Q47pY!3, but I change it every 90 days.
> Nick Simicich mailto:njs @
 scifi .
 squawk .
 com or (last choice) mailto:njs @
 us .
 ibm .
 com
> http://scifi.squawk.com/njs.html -- Stop by and Light Up The World!
> 
> 
> 
> 




Follow-Ups:
References:
Indexed By Date Previous: Where did the List of Lists go?
From: Stephanie da Silva <arielle @ Taronga . COM>
Next: Re: Majordomo and Postfix and Approvals, Oh, My!
From: Carsten Hoeger <choeger @ suse . de>
Indexed By Thread Previous: Majordomo and Postfix and Approvals, Oh, My!
From: Nick Simicich <njs @ scifi . squawk . com>
Next: Re: Majordomo and Postfix and Approvals, Oh, My!
From: Nick Simicich <njs @ scifi . squawk . com>

Google
 
Search Internet Search www.greatcircle.com