Re: [Exim] Exim + Procmail + Cyrus IMAP = quota headaches. …

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: F.F. Jacot-Guillarmod
Dátum:  
Címzett: kaih
CC: exim-users
Tárgy: Re: [Exim] Exim + Procmail + Cyrus IMAP = quota headaches. Ideas?
> > message... instead I've got exim talking to a system wide procmail
> > filter, mainly in order to deal with vacation type processing on a semi
> > "sealed" server. The last rule in this procmail filter then invokes
> > final delivery to Cyrus, and into the somewhat unorthodox "mailbox"
> > structures used by it.
>
> Is there any particular reason not to do this with an Exim filter? The
> stuff procmail can do that an Exim filter can't tends to be *really*
> esotheric ...


I'm not actually sure. The main reason for using procmail was to allow
a user to upload into their otherwise inaccesible unix home directory
(via ftp or web interface) a file that could be used as the text of
a vacation message. Because of the way exim interacts with cyrus, you
can't use the traditional .forward mechanism to invoke a personal filter.
It'd have to be a system wide filter of some sort, and it seemed the
interaction necessary could only be achieved with procmail. An
additional requirement is the desirability of allowing users
knowledgable enough to install their own personal .procmailrc in order
to allow delivery or re-routing of their mail to other mailboxes.

I'm less and less sold on the idea of procmail in this role. It was
initially convenient, and worked, but there are issues - as several
replies to my original query have pointed out, and a recent flurry
of postings about the security implications in comp.mail.{misc|imap}
have reinforced. In addition to dodgy quota processing, the idea of
"knowledgable users" trashing my system in the blink of an eye is enough
to drive me to drink. The question, then, would be how to achieve similar
functionality from within an exim system filter? Or is the general idea
I'm trying to implement over ambitious?

For purposes of argument, here are the relevant bits of how I've currently
got things functioning:

#=================================================================
Email addresses on the server are entirely alias driven. For example,
my personal email addresses (jacot@??? and the "official" but
somewhat unwieldy F.Jacot-Guillarmod@???) are set up as:

Jacot:            ccfjg+imap@???
f.jacot-guillarmod:    ccfjg+imap@???
#=================================================================
Exim transport:


local_delivery_cyrus:
  driver = pipe
  command = "/usr/local/bin/procmail \
             -p /usr/local/cyrus/procmail.system CYUSER=${local_part}"
  user = cyrus
  group = cyrus
  return_output
  log_output
  prefix =
  suffix =
#=================================================================
Exim router:


local_user_cyrus:
driver = localuser
suffix = +imap
transport = local_delivery_cyrus

#==============================================================
# /usr/local/cyrus/procmail.system
#
...
DELIVERMAIL=/usr/local/cyrus/bin/deliver
...
# Permit user defined private procmail recipes in the users
# .procmailrc file - for those who know and care about what
# they're doing.
#
INCLUDERC=/home/$CYUSER/.procmailrc

# Perform vacation processing on behalf of users who have an
# appropriate "vacation.msg" file in their home directory.
#
INCLUDERC=/usr/local/cyrus/vacation.rc

# All the mail that falls through the above recipes will be put into
# the user's inbox. This is always the LAST recipe to appear in the
#file.
#
# note the -q option - required until we can work out what to do about
# mailboxes that are over quota.
#
:0:$CYUSER.lock
| $DELIVERMAIL -q -e -a $CYUSER -m user.$CYUSER


# End of procmail.system file
#
#==============================================================
# /usr/local/cyrus/vacation.rc
#
# Perform system wide vacation processing for users on a system running
# Cyrus IMAP.
#
# Checks for the presence of a file "vacation.msg" in the users home
# directory.  If it exists, the contents are used as the body of a
# "vacation" type message.
#
# A cache file is used to store the email addresses of people to
# which a copy of the message has been sent so that only one notification
# per user is generated.
#
# F.F. Jacot Guillarmod, Rhodes University, 1999/03/23
#
# Version 1.1 1999/03/23
#       Delete cache file if vacation message does not exist


# SHELL=/bin/sh

# Remove cache file if vacation.msg does not exist
:0 ic
* ? test ! -f /home/$CYUSER/vacation.msg
| /bin/rm -f /tmp/$CYUSER.vacation.cache


:0 Whc: $CYUSER.vacation.lock
    # Don't reply to daemons and mailinglists
* !^FROM_DAEMON
    # Mail loops are evil
* !^X-Loop: $CYUSER@???
* !^X-Loop: $CYUSER@???
* ? test -f /home/$CYUSER/vacation.msg

| formail -rD 8192 /tmp/$CYUSER.vacation.cache


# If the name was not in the cache, autoreply with provided message
:0 ehc
* ? test -f /home/$CYUSER/vacation.msg
| (formail -rI"Precedence: junk" \

    -I"From: $CYUSER@???" \
    -A"X-Loop: $CYUSER@???" ; \
    cat /home/$CYUSER/vacation.msg; \
    echo "-- "; \
    echo "Generated by the VACATION server @ imap.ru.ac.za" \
) | $SENDMAIL -oi -t
#
#==============================================================


Jacot
-- 
F.F. Jacot Guillarmod - Information Technology - Rhodes University - Grahamstown
    Internet: Jacot@???  Phone: +27 46 603 8284  Fax: +27 46 622 7764
   The views expressed above are not necessarily those of Rhodes University