I wanted to improve the security of my outbound mail. As well as using an
@file for resend, and changing the name of my outbound alias, I found it
useful to add `nobody' (or whatever bitbucket works for you) as an extra
recipient to the sendmail invocations in both resend and digest/digest.
The effect of this is to stop sendmail 8.* adding `for
listname-secret-outgoing-alias' to the relevant Received: header.
Note that I also use a variable for sendmail, rather than the (incorrect
for me) constant.
(Abbreviated) unidiffs from 1.93 follow:
diff -u -r1.28.2.2.2.3 resend
--- 1.28.2.2.2.3 1995/01/07 17:31:43
+++ resend 1995/05/18 02:09:25
@@ -348,7 +348,7 @@
&bounce("Approval required");
}
-$sendmail_cmd = "/usr/lib/sendmail $opt_m -f$sendmail_sender " .
+$sendmail_cmd = "$sendmail -odq $opt_m -f$sendmail_sender nobody " .
join(" ", @ARGV);
if (defined($opt_d)) {
@@ -464,9 +464,9 @@
if (defined($opt_d)) {
# debugging, so just say it, don't do it
open(MAIL, ">-");
- print MAIL ">>> /usr/lib/sendmail -f$sendmail_sender -t\n";
+ print MAIL ">>> $sendmail -odq -f$sendmail_sender -t\n";
} else {
- local(@mailer) = split(' ',"/usr/lib/sendmail -f$sendmail_sender -t");
+ local(@mailer) = split(' ',"$sendmail -odq -f$sendmail_sender -t");
open(MAIL, "|-") || &do_exec_sendmail(@mailer);
}
diff -u -r1.7.4.4 digest
--- 1.7.4.4 1995/01/04 20:04:05
+++ digest 1995/05/18 01:17:29
@@ -214,7 +214,7 @@
close(DIGEST);
- system("/usr/lib/sendmail -f$V{'ERRORS-TO'} $V{'REALLY-TO'} <
$DIGEST");
+ system("$sendmail -f$V{'ERRORS-TO'} $V{'REALLY-TO'} nobody <
$DIGEST");
if ( ! defined($opt_C) ) {
open(NUM_FILE, ">$V{'NUM_FILE'}") ||
-- Christopher
|
|
