On 24 Jan 2000, Geraint A Edwards wrote:
> I run a couple of e-mail lists, using /etc/aliases and a bit
> of my own software (no, really). The submission address is
> test@???
> which pipes to a script that does some work, then sends to
> test-listreal@???
> which appears in /etc/aliases as
> test-listreal: :include:/usr/mail/test
>
> It works, but I don't want to advertise the "-listreal" address
> (for security), either as "Envelope-To:" or in the
> "Received: ... for test-listreal@..."
> header. How do I hide "test-listreal" from the world?
Envelope-To: is added to local deliveries only, at the time of delivery,
provided you have the option set in your local delivery transports. It
should never be present in messages that are being transported. So it is
only a problem to you if there are local mailboxes in your list.
> I think I need a director(?) for "*-listreal" addresses, like:
>
> lists_listreal:
> driver = forwardfile
> suffix = -listreal
> headers_remove = "envelope-to"
> received_header_text = "...without the for..."
> file = /usr/mail/${local_part}
> no_check_local_user
>
> but that doesn't seem to work.
No, it won't. Attempting to remove "envelope-to" is useless, because it
isn't there. You can remove "envelope_to_add" from your local_delivery
transport, but of course that removes it for all messages, not just the
mailing list ones. If you really want to do this only for messages to
the mailing list, you could, I suppose, detect them specially and use a
different transport for them.
Received_header_text is a global option that applies to all messages,
not an option for a specific director. The Received: header is added
when a message is received. You could remove the "for" for all messages
of course, if that is good enough for you.
Personally, I would do this a different way. Use some marker that the
message has been through your script (e.g. an X-Header added by the
script) to determine whether to pipe to the script or to expand the
list. Then you don't need a fancy -listreal address. An X-Header is
forgeable, of course. Maybe better to check for $sender_address and
unset $sender_host_address - i.e. that it has come from the user that
you run your script as. Or some variant on this kind of thing.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.