Hi,
I'm using qmail + dspam + dovecot-lda.
A typical .qmail file :
| /usr/bin/dspam --client --deliver=stdout --user "$EXT@$USER" | /usr/bin/preline -f /usr/lib/dovecot/dovecot-lda -d "$EXT@$USER" -a "$EXT@$USER" -m "$EXT2"
When dspam segfault or is killed, preline receive an empty content and only pass to dovecot-lda two headers ( Return-Path and Delivered-To ). Then dovecot-lda delivers successfully and the original message contents are lost.
Should dovecot-lda returns an error in such conditions ( invalid contents ) ? Qmail will keep it in the queue and retry delivery later.
Stéphane
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Fri, 23 Jan 2015, Stéphane Cottin wrote:
I'm using qmail + dspam + dovecot-lda.
A typical .qmail file :
| /usr/bin/dspam --client --deliver=stdout --user "$EXT@$USER" | /usr/bin/preline -f /usr/lib/dovecot/dovecot-lda -d "$EXT@$USER" -a "$EXT@$USER" -m "$EXT2"
When dspam segfault or is killed, preline receive an empty content and only pass to dovecot-lda two headers ( Return-Path and Delivered-To ).
Those two lines are generated by dovecot-lda or preline.
Then dovecot-lda delivers successfully and the original message contents are lost.
Should dovecot-lda returns an error in such conditions ( invalid contents ) ? Qmail will keep it in the queue and retry delivery later.
That's the problem of the used Unix pipe and broken by design. The right member of the pipe (preline) runs independendly of dspam and recieves no content via pipe. Why should preline or dovecot-lda believe there is an error?
If preline does not have no nifty option to prevent this, replace the pipe by a shell script:
| /usr/local/bin/dspam-lda-wrapper.sh "$EXT@$USER" "$EXT2"
===== /usr/local/bin/dspam-lda-wrapper.sh #!/bin/bash
tmpf="/tmp/wrapper.$$.log" trap 'rc=$?; rm -f $tmpf; exit $rc' EXIT
if /usr/bin/dspam --client --deliver=stdout --user "$1" >$tmpf; then
test -s $tmpf && /usr/bin/preline -f
/usr/lib/dovecot/dovecot-lda -d "$1" -a "$1" -m "$2" <$tmpf
fi
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEVAwUBVMJlQnz1H7kL/d9rAQK90Af9Fs+uZ6P0VxQL0r8PpR30hYt1MnExozpz QXbhKMCrXv5fZwAZ6paAbQQ999Emjj0fyBEBKodgYoi3rQm5claJwb1/NzSotgxx Kayc0WpPP2cPMR1QZBA1FmR6+XPyEQO1h8B6aYxNNVNELCMxzotQ5hBPsqrR8ajO 86TL7FYaz6EM5nqW7w/VwwqsPDiM3mlkgckQudMzxeupP/jGZiRAkWODznSRg4Wr yHx257i8jWj3mV2vcew16tyBuwmc3g1renPSwjaUZoLsb2A9vyJjnr0qmBdfrkDz LE6WICAJcZuxQtyy8naTExEGKyQUhBc0nOLVljZ6ZnVC15b8gHWYRw== =WdEr -----END PGP SIGNATURE-----
Hello,
Le 23 janv. 2015 à 16:14, Steffen Kaiser skdovecot@smail.inf.fh-brs.de a écrit :
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Fri, 23 Jan 2015, Stéphane Cottin wrote:
I'm using qmail + dspam + dovecot-lda.
A typical .qmail file :
| /usr/bin/dspam --client --deliver=stdout --user "$EXT@$USER" | /usr/bin/preline -f /usr/lib/dovecot/dovecot-lda -d "$EXT@$USER" -a "$EXT@$USER" -m "$EXT2"
When dspam segfault or is killed, preline receive an empty content and only pass to dovecot-lda two headers ( Return-Path and Delivered-To ).
Those two lines are generated by dovecot-lda or preline.
preline
Then dovecot-lda delivers successfully and the original message contents are lost.
Should dovecot-lda returns an error in such conditions ( invalid contents ) ? Qmail will keep it in the queue and retry delivery later.
That's the problem of the used Unix pipe and broken by design. The right member of the pipe (preline) runs independendly of dspam and recieves no content via pipe. Why should preline or dovecot-lda believe there is an error?
You're right about my mistake using pipes, but there may be some cases where validating input make sense.
Anyway, many thanks for your wrapper, I've improved it to fail safely on dspam errors.
==== #!/bin/sh
tmpf="/var/tmp/wrapper.$$.log" trap 'rc=$?; rm -f $tmpf; exit $rc' EXIT
/usr/bin/dspam --client --deliver=stdout --user "$1" >$tmpf
if [ $? -eq 0 ] ; then
test -s $tmpf && /usr/bin/preline -f
/usr/lib/dovecot/dovecot-lda -d "$1" -a "$1" -m "$2" <$tmpf
else
rm -f $tmpf
exit 75
fi
Stéphane
If preline does not have no nifty option to prevent this, replace the pipe by a shell script:
| /usr/local/bin/dspam-lda-wrapper.sh "$EXT@$USER" "$EXT2"
===== /usr/local/bin/dspam-lda-wrapper.sh #!/bin/bash
tmpf="/tmp/wrapper.$$.log" trap 'rc=$?; rm -f $tmpf; exit $rc' EXIT
if /usr/bin/dspam --client --deliver=stdout --user "$1" >$tmpf; then test -s $tmpf && /usr/bin/preline -f
/usr/lib/dovecot/dovecot-lda -d "$1" -a "$1" -m "$2" <$tmpf fi
- -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEVAwUBVMJlQnz1H7kL/d9rAQK90Af9Fs+uZ6P0VxQL0r8PpR30hYt1MnExozpz QXbhKMCrXv5fZwAZ6paAbQQ999Emjj0fyBEBKodgYoi3rQm5claJwb1/NzSotgxx Kayc0WpPP2cPMR1QZBA1FmR6+XPyEQO1h8B6aYxNNVNELCMxzotQ5hBPsqrR8ajO 86TL7FYaz6EM5nqW7w/VwwqsPDiM3mlkgckQudMzxeupP/jGZiRAkWODznSRg4Wr yHx257i8jWj3mV2vcew16tyBuwmc3g1renPSwjaUZoLsb2A9vyJjnr0qmBdfrkDz LE6WICAJcZuxQtyy8naTExEGKyQUhBc0nOLVljZ6ZnVC15b8gHWYRw== =WdEr -----END PGP SIGNATURE-----
participants (2)
-
Steffen Kaiser
-
Stéphane Cottin