Directing mail to a programThis article documents how I captured incoming mail with a script.
Sometimes you want mail to be received and fed into a program rather than be stored in a mailbox. This is how I did that.
/etc/mail/virtusertableMy first attempt involved adding something like this to /etc/mail/virtusertable (for more information on this file, please see virtual hosting with sendmail):
Then I did this from within /etc/mail:
makemap hash virtusertable < virtusertable
But mail sent to the address resulted in this error:
Apr 18 17:22:12 ducky sendmail: RAA10898: <email@example.com>... Cannot mail directly to programs
using aliases to do itOK. I’ll now try duplicating what majordomo does, which is where I got the idea to try the above. In this attempt, we will modify the entry in /etc/mail/virtusertable to point to an alias.
First, I modified the entry from the previous section to be:
In this case, all mail for the above address will be handled by the alias test-yourdomain-org. Then I did a makemap again as per above. Now we will create the alias.
Next, I modified one of my majordomo alias files to contain this (you could try /etc/aliases):
Then I ran newaliases to invoke the above definition. Check your logs for any errors (perhaps /var/log/messages or /var/log/maillog).
Then I tried sending another test message. Yet another error message:
/usr/local/etc/freshports/mail-catcher/mail-catcher.pl: not found 554 "|/usr/local/etc/freshports/mail-catcher/mail-catcher.pl"... unknown mailer error 127
This was pretty easy to solve. The script wasn’t in the expected location.
So I moved the file to
/usr/local/etc/freshports/mail-catcher and tried again. This time, I encountered this error:
/usr/local/etc/freshports/mail-catcher.pl: permission denied 554 "|/usr/local/etc/freshports/mail-catcher.pl"... unknown mailer error 126
…which is almost, but not quite, the same error as I had above.
The long and the short of it is: I spent about 90 minutes trying to get this going. Please see the next section for the details.
Setting it all upMost of the above problems where permissions. Here’s the main points::
- sendmail will execute the script as the user daemon. I figured this out by temporarily making the directory chmod 777 and seeing what user created the directory, then I changed the permissions.
- permissions on /usr/local/etc/freshports/ must allow daemon to read and execute the script. I chose chmod 750 and chown dan:daemon
- I set the permissions on the script to be chmod 640 and chown dan:daemon
Here is what the directory looks like:
drwxr-x--- 3 dan daemon 512 Apr 18 20:12 freshports
And the script:
-rwxr-x--- 1 dan daemon 830 Apr 18 20:10 mail-catcher.pl
The script outputs data to a subdirectory msgs. I chose this option for security reasons. The goal was to restrict the directories to which daemon had write access. I didn’t want it to have write access to the directory in which the script existed, just in case. Here are the attributes of the msgs directory:
drwxrwx--- 2 dan daemon 512 Apr 18 20:21 msgs
Files in the above directory which were created by the script look like this:
-rw-r--r-- 1 daemon daemon 935 Apr 18 20:12 956045563.12488 -rw-r--r-- 1 daemon daemon 935 Apr 18 20:15 956045746.12546 -rw-r--r-- 1 daemon daemon 935 Apr 18 20:21 956046115.12604
Other considerationsI am not aware of the security implications surrounding the daemon user. Is it a security risk allowing the script to run as this user? Would it be better to create a separate user, say freshports, and run the scripts as that user? Help in this area would be appreciated. Please add your comments.
Someone also mentioned creating a user, sending the mail to their normal mailbox, then use .forward to redirect the mail to the program.
I was tweaking around with this problem since weeks.
Your hint to figure out the user which executes these
scripts made my day :))
(It is ‘mailnull’ with sendmail 8.12 on RedHat 7.2. on my box)
I would be interested in any security considerations as well.