BSD DevCenter
oreilly.comSafari Books Online.Conferences.

advertisement


FreeBSD Basics

Procmail Basics

12/06/2001

If you receive more than a few email messages a day, you've probably discovered that it becomes increasingly difficult to sort and prioritize your email. Messages you want to read immediately can get lost in a sea of less-important messages. Worse, your inbox can become cluttered with spam, virus-infected messages, and other disagreeables. Fortunately, the procmail program has been designed to help you sort through this mess.

By creating your own customized "recipes," you can organize the messages you do want to receive and deal with the messages you don't want to receive.

In today's article, I'll build and configure procmail and get you started on a few basic recipes. In next week's article, I'll continue with some more complicated recipes and look at procmail's logging features.

To install procmail, become the superuser and build the port:

su
Password:
cd /usr/ports/mail/procmail
make install clean

When you build this port, it will give you some informative messages and require you to press enter to continue the build. The first message is regarding a locking test; I just pressed enter to accept the default directories:


=========================================================
In order for the kernel-locking tests to work as intended I have to be able to test-lock files on as many semantically different filesystems as possible (for more information about this, READ PARAGRAPH TWO in INSTALL). To suppress this prompt you can set the LOCKINGTEST variable in the Makefile.

Please add writable directories to the list. You should only add directories that reside on filesystems that have unique characteristics. E.g. if you have several remote NFS partitions, pick some unique client-server pairs, there is little use in picking the same server twice from the same client-machine. An excellent candidate would be a remotely mounted mail spool directory.

I will temporarily use a testdirectory named _locktest in the following directories:

/tmp .

If you would like to add any, please specify them below, press return to continue:
=========================================================

The build also reminds you that you can integrate procmail into your mail delivery system, such as "sendmail." Since I'm building procmail on a single-user system I won't bother. If you'd like to investigate this possiblility, read the file /usr/local/share/examples/procmail/advanced once you've finished your build.

=========================================================
If you are a system administrator you should consider integrating
procmail into the mail-delivery system -- for advanced functionality, speed AND SECURITY --.  For more information about this topic you should look in the examples/advanced file.
=========================================================

===>  SECURITY NOTE:
      This port has installed the following binaries which execute with
      increased privileges.
1142851  132 -rwsr-xr-x    1 root             wheel               66612
Nov 27 13:27 /usr/local/bin/procmail


If there are vulnerabilities in these programs there may be a
security risk to the system. FreeBSD makes no guarantee about
the security of ports included in the Ports Collection. Please
type 'make deinstall' to deinstall the port if this is a concern.

For more information, and contact details about the security
status of this software, see the following webpage:
http://www.procmail.org/

=========================================================

And finally, we receive a security note, as procmail is installed with setuid permissions. You'll be reminded of this when you read your security output tomorrow (see Understanding the Automatons Part 2). We should also check to see if there are any SAs on procmail due to the setuid, and there is one: FreeBSD-SA-01:60.procmail.asc. If you read that SA, you'll see that you shouldn't run a procmail version lower than 3.20, as that version addressed the vulnerability. I'll double-check what version of procmail I just built:

rehash
procmail -v
procmail v3.22 2001/09/10
    Copyright (c) 1990-2001, Stephen R. van den Berg    <srb@cuci.nl>
    Copyright (c) 1997-2001, Philip A. Guenther        
<guenther@sendmail.com>

So far, so good. Let's take a quick look at what we can expect out of this port we just built:

more /usr/local/share/doc/procmail/README

Can be used to create mail-servers, mailing lists, sort your incoming mail into separate folders/files (real convenient when subscribing to one or more mailing lists or for prioritising your mail), preprocess your mail, start any programs upon mail arrival (e.g. to generate different chimes on your workstation for different types of mail) or selectively forward certain incoming mail automatically to someone.

Procmail can be used:
   - and installed by an unprivileged user (for himself only).
   - as a drop in replacement for the local delivery agent /bin/mail (with biff/comsat support).
   - as a general mailfilter for whole groups of messages (e.g. when called from within sendmail.cf rules).

The accompanying formail program enables you to generate autoreplies, split up digests/mailboxes into the original messages, do some very simple header-munging/extraction, or force mail into mail-format (with leading From line).

----------------------

Let's start off simple and configure procmail for one user. Once you've finished building the actual port, you can leave the superuser account. I'll be working as the regular user "genisis" and will set up that user's procmail configuration. I'll start by entering my home directory and copying over the example configuration files:

cd
cp /usr/local/share/examples/procmail/forward ~/.forward
cp /usr/local/share/examples/procmail/1procmailrc ~/.procmailrc

I'll then reset the permissions on those files:

chmod 644 ~/.forward
chmod 644 ~/.procmailrc

Since I use the fetchmail program to regularly poll my ISP's mail server to check for new mail, I'll kill the fetchmail process until I'm finished configuring procmail:

killall fetchmail

The procmail utility reads a configuration file known as procmailrc. The superuser can create a global configuration file in /usr/local/etc/procmail that will affect all users on that system. However, it is recommended that each user instead create their own .procmailrc in their home directory. This way, users can create their own filtering recipes without affecting any other users.

Pages: 1, 2

Next Pagearrow





Sponsored by: