LDA input validation
Stéphane Cottin
stephane.cottin at vixns.com
Sat Jan 24 11:27:47 UTC 2015
> Le 23 janv. 2015 à 23:52, Joseph Tam <jtam.home at gmail.com> a écrit :
>
> St?phane Cottin writes:
>
>> A typical .qmail file :
>>
>> | /usr/bin/dspam --client --deliver=stdout --user "$EXT@$USER" | /usr/bin/preline -f /usr/lib/dovecot/dovecot-lda -d "$EXT@$USER" -a "$EXT@$USER" -m "$EXT2"
>>
>> When dspam segfault or is killed, preline receive an empty content and
>> only pass to dovecot-lda two headers ( Return-Path and Delivered-To ).
>> Then dovecot-lda delivers successfully and the original message
>> contents are lost.
>
> Steffen Kaiser rightly points out:
>
>> That's the problem of the used Unix pipe and broken by design. The right
>> member of the pipe (preline) runs independendly of dspam and recieves no
>> content via pipe. Why should preline or dovecot-lda believe there is an
>> error? [... and suggests a wrapper script that aborts delivery on empty
>> dspam output.]
>
> I'm not sure if it's appropriate under your circumstances, but you can also
> pass stderr to stdout as well, and the recipient will get some diagnostic
> message, which may or may not be helpful.
>
> | /usr/bin/dspam --client --deliver=stdout --user "$EXT@$USER" 2>&1 | ...
>
> Joseph Tam <jtam.home at gmail.com>
dspam already send errors to syslog, the point here is to never loose email contents.
This was a wrong design, i'm now use a wrapper instead ( see my previous post for details ).
Stéphane
More information about the dovecot
mailing list