Majordomo people
The following patch changes resend to close a security hole
in closed lists. Using resend like this:
| /usr/local/majordomo/wrapper resend -l list outgoing-list
meant that outgoing-list was a valid alias that the outside world
could mail to. Worse, the alias appeared in mail headers.
Spam programs could eat this and then infiltrate closed lists.
The following patch assumes that the outgoing list is a symlink to the
username file for the list itself. It uses the LISTDIR directory in
the majordomo.cf file.
It then invokes a seperate sendmail request for each member in
the list. It's real fast with QMAIL. Dunno about other mailers.
To use this version of resend, patch the 1.94.4 version of
wrapper with the file below and invoke the following in your
list alias:
| /usr/local/majordomo/wrapper resend -l list
where the actual user list is in $listdir/list, and $listdir
is defined in majordomo.cf.
Email me if you have more questions.
Michael
------Cut here------
*** majordomo-1.94.4/resend Wed Aug 27 10:59:24 1997
--- resend Thu Apr 16 17:04:26 1998
***************
*** 1,5 ****
! #!/bin/perl
# $Modified: Wed Apr 2 14:16:55 1997 by cwilson $
# Copyright 1992, D. Brent Chapman. All Rights Reserved. For use by
# permission only.
--- 1,5 ----
! #!/usr/local/bin/perl
# $Modified: Wed Apr 2 14:16:55 1997 by cwilson $
# Copyright 1992, D. Brent Chapman. All Rights Reserved. For use by
# permission only.
***************
*** 139,151 ****
$MAX_TOTAL_HEADER_LENGTH = $MAX_TOTAL_HEADER_LENGTH || 1024;
print STDERR "$0 [$$]: starting.\n" if $DEBUG;
! if ( ! @ARGV) {
! die("resend: must specify outgoing list as last arg(s)");
! # this doesn't have to be this way. It could slurp it
! # from the alias it was invoked as...?
! }
# A classic case of feeping creaturism. While there are possibly good reasons
# why all these things can be classified on the command line, there's
# *NO* good reason why everything is "opt_X". YATTF.
--- 139,155 ----
$MAX_TOTAL_HEADER_LENGTH = $MAX_TOTAL_HEADER_LENGTH || 1024;
print STDERR "$0 [$$]: starting.\n" if $DEBUG;
! # April, 1998, Michael Slavitch. Remove parameter as the outgoing list
! # is obtained from the listdir and the list name
! #
! #if ( ! @ARGV) {
! # die("resend: must specify outgoing list as last arg(s)");
! # # this doesn't have to be this way. It could slurp it
! # # from the alias it was invoked as...?
! #}
!
# A classic case of feeping creaturism. While there are possibly good reasons
# why all these things can be classified on the command line, there's
# *NO* good reason why everything is "opt_X". YATTF.
***************
*** 462,530 ****
# Finished munging the message and decided it's valid, now send it out.
#
close OUT;
! # The following eval expands embedded variables like $sender
! $sendmail_cmd = eval qq/"$mailer"/;
! $sendmail_cmd .= " " . join(" ", @ARGV);
!
! # check for the dreaded -t option to sendmail, which will cause
! # mail to loop 26 times...
! #
! if ($sendmail_cmd =~ /sendmail/ && $sendmail_cmd =~ /\s-t/) {
! $sendmail_cmd =~ s/-t//;
! &bitch("resend: \$sendmail_cmd (aka \$mailer in majordomo.cf\n" .
! "had a -t option. This will cause mail to loop 26 times.\n" .
! "Since this probably isn't what you want to have happen,\n".
! "resend has not passed that option to sendmail.\n");
! }
! print STDERR "$0: \$sendmail_cmd is $sendmail_cmd\n" if $DEBUG;
# To debug or not debug, that is the question.
#
! if (defined($opt_d)) {
! $| = 1;
! $, = ' ';
! print STDERR "Command: $sendmail_cmd\n";
! open (IN, "$TMPDIR/resend.$$.out");
! while (<IN>) {
! print STDERR $_;
}
! unlink(&fileglob("$TMPDIR", "^resend\.$$\."));
! exit(0);
! }
!
# open the mailer
#
! local(*MAILOUT, *MAILIN);
! if (defined($isParent = open(MAILOUT, "|-"))) {
! &do_exec_sendmail(split(' ', $sendmail_cmd))
! unless $isParent; # only if we're in the child
! } else {
! &abort("Failed to fork prior to mailer exec");
! }
!
# open our tmp file
#
! open(MAILIN, "$TMPDIR/resend.$$.out");
!
# spit it out!
#
! while (<MAILIN>) {
! print MAILOUT $_;
! }
!
# cleanup
#
! close(MAILIN);
! unlink(&fileglob("$TMPDIR", "^resend\.$$\.")) || &abort("Error unlinking temp files: $!");
! close(MAILOUT) || do {
! $? >>= 8;
! &abort("Mailer $sendmail_cmd exited unexpectedly with error $?")
! unless ($sendmail_cmd =~ /sendmail/ && $? == $EX_NOUSER);
! };
# Seeya.
#
exit(0);
--- 466,539 ----
# Finished munging the message and decided it's valid, now send it out.
#
close OUT;
! # This sucks the list from {LISTDIR/LIST} and opens seperate sendmails
! # for them, sequentially. Faster on QMAIL than the alternative.
! $lf = $listdir . "/";
! $lf .= $opt_l;
!
! print STDERR "\n$lf\n";
!
! open(LISTFILE, "$lf") || die "$0: cannot open $file";
!
! while (<LISTFILE>)
! {
! # The following eval expands embedded variables like $sender
! $sendmail_cmd = eval qq/"$mailer"/;
! $sendmail_cmd .= " " . join(" ", $_);
! print STDERR "\n$_\n";
! print STDERR "$0: \$sendmail_cmd is $sendmail_cmd\n" if $DEBUG;
# To debug or not debug, that is the question.
#
! if (defined($opt_d)) {
! $| = 1;
! $, = ' ';
! print STDERR "Command: $sendmail_cmd\n";
! open (IN, "$TMPDIR/resend.$$.out");
! while (<IN>) {
! print STDERR $_;
! }
! # unlink(&fileglob("$TMPDIR", "^resend\.$$\."));
! exit(0);
}
!
# open the mailer
#
! local(*MAILOUT, *MAILIN);
! if (defined($isParent = open(MAILOUT, "|-"))) {
! &do_exec_sendmail(split(' ', $sendmail_cmd))
! unless $isParent; # only if we're in the child
! } else {
! &abort("Failed to fork prior to mailer exec");
! }
!
# open our tmp file
#
! open(MAILIN, "$TMPDIR/resend.$$.out");
!
# spit it out!
#
! while (<MAILIN>) {
! print MAILOUT $_;
! }
!
# cleanup
#
! close(MAILIN);
!
! close(MAILOUT) || do {
! $? >>= 8;
! &abort("Mailer $sendmail_cmd exited unexpectedly with error $?")
! unless ($sendmail_cmd =~ /sendmail/ && $? == $EX_NOUSER);
! };
!
! }
+ unlink(&fileglob("$TMPDIR", "^resend\.$$\.")) || &abort("Error unlinking temp files: $!");
+
# Seeya.
#
exit(0);
--
Michael Slavitch <slavitch@loran.com> http://www.loran.com/~slavitch
"Being Canadian is like living next door to the Simpsons" - Molly Ivins
Follow-Ups:
|
|
