Colleagues,

I need to reference an environment variable from sendmail.cf. Is there
a way to do this?

Or pehaps there is a better solution for my problem. Hosting users
(both PHP and CGI in namebased virtual hosts) use /usr/sbin/sendmail
to send mail from web forms etc. I would like to stamp each outgoing
message with something that could identify the originating virthost.
I thought a reference to $SERVER_NAME in some special header would be
good, but how do I do that?

Thanks for any input.


--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
2:5005/49 [at] fidonet http://vas.tomsk.ru/

Sendmail does not make use of environment variable with a few
exceptions such
as time zone. One way to get the virtual host name in the message
would
be to pass it in the command line in the sender address:
sendmail -f sender [at] $SERVER_NAME recipient [at] address

Or you could use the -M flag to define the variable:
sendmail -M{SERVER_NAME}=foo.com rest.of.args

You can test this with
echo '${SERVER_NAME}' | sendmail -bt -M'{SERVER_NAME}'=foo.com
This should return:
> foo.com

Please note that if you want this variable to be available in the next
queue run if the message is temporarly un-deliverable then you will
have
to add the macro name to the class $={persistentMacros}:
C{persistentMacros}={SERVER_NAME}
This will store the macro in the message's qf file.

Hope this helps

RLH

> For info about our "Managing Internet Mail, Setting Up and Trouble <
> Shooting sendmail and DNS" and a schedule of dates and locations, <
> please send email to info [at] harker.com, or visit www.harker.com <

Robert Harker Harker Systems
Sendmail and TCP/IP Network Training 4182 Plesant Hill Rd.
Sendmail, Network, and Sysadmin Consulting Lincoln, CA 95648
harker [at] harker.com 530-887-9990

Robert Harker wrote:
> Sendmail does not make use of environment variable with a few
> exceptions such
> as time zone. One way to get the virtual host name in the message
> would
> be to pass it in the command line in the sender address:
> sendmail -f sender [at] $SERVER_NAME recipient [at] address

The problem with this solution is that the marking of a message
should be done without the "-f" switch, because

1) some of the hosting users already set this switch in their scripts
and have right to do so;

2) outgoing mail should be marked without any cooperation from the
hosting users. This is a security measure against web forms abuse;

3) some server-names could turn out unresolvable etc, so the
envelope-from is not a good place for this. A separate header would be
much better.

>
> Or you could use the -M flag to define the variable:
> sendmail -M{SERVER_NAME}=foo.com rest.of.args

Where is this flag documented? The man page for sendmail 8.13 says
nothing about it. I would have considered using it if I had known
about it. However, how is httpd going to pass this flag to a
sendmail running from a cgi script?

--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
2:5005/49 [at] fidonet http://vas.tomsk.ru/

Victor Sudakov wrote:

> However, how is httpd going to pass this flag to a
> sendmail running from a cgi script?

Rename your sendmail binary to "sendmail.real" and write a wrapper
"sendmail" script that supplies the required flag if and when appropriate.

That could be a bit tricky, because you don't want to add the flag when
you start the daemon, for example, but it should work.

Regards,

David.

Victor Sudakov wrote:

> > Or you could use the -M flag to define the variable:
> > sendmail -M{SERVER_NAME}=foo.com rest.of.args

> Where is this flag documented? The man page for sendmail 8.13 says

doc/op/op.*

APPENDIX A

COMMAND LINE FLAGS
.....
-Mxvalue Set macro x to the specified value.

--
Note: please read the netiquette before posting. I will almost never
reply to top-postings which include a full copy of the previous
article(s) at the end because it's annoying, shows that the poster
is too lazy to trim his article, and it's wasting the time of all readers.

Claus A?mann wrote:
>
>> > Or you could use the -M flag to define the variable:
>> > sendmail -M{SERVER_NAME}=foo.com rest.of.args
>
>> Where is this flag documented? The man page for sendmail 8.13 says
>
> doc/op/op.*

This is the old -oMr, right?


--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
2:5005/49 [at] fidonet http://vas.tomsk.ru/

David F. Skoll wrote:
>
>> However, how is httpd going to pass this flag to a
>> sendmail running from a cgi script?
>
> Rename your sendmail binary to "sendmail.real" and write a wrapper

Actually, I don't even have to rename the sendmail binary, because
FreeBSD has a nice mailwrapper(8) utility:
http://www.freebsd.org/cgi/man.cgi?query=mailwrapper
However, it is the last thing I want to do: writing a sed/awk/whatever
wrapper with its own logic.

I wonder if exim, postfix or other sendmail alternatives can directly
reference environment variables in their rulesets.


--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
2:5005/49 [at] fidonet http://vas.tomsk.ru/

On 2005-09-13, Victor Sudakov <vas [at] mpeks.no-spam-here.tomsk.su> wrote:
> I need to reference an environment variable from sendmail.cf. Is there
> a way to do this?
>
> Or pehaps there is a better solution for my problem. Hosting users
> (both PHP and CGI in namebased virtual hosts) use /usr/sbin/sendmail
> to send mail from web forms etc. I would like to stamp each outgoing
> message with something that could identify the originating virthost.
> I thought a reference to $SERVER_NAME in some special header would be
> good, but how do I do that?

Put something along these lines in /etc/mail/submit.mc. It uses an
extra process, but so would a wrapper.

LOCAL_CONFIG
Kprintenv program -a$|OK /usr/bin/printenv
Kstorage macro

# Users to be replaced with "webmaster [at] SERVER_NAME" in $_.
C{CGIUser}www-data [at] localhost

# Propagate SERVER_NAME from the parent process (undocumented, whee!).
ESERVER_NAME

LOCAL_RULE_0
# Put SERVER_NAME in $_, where it will be visible in the Received header.
# check_mail would be a better place to do this, but submission mode (-bm)
# doesn't invoke it.
R$* $: $1 $| $&_
R$* $| $={CGIUser} $: $1 $| $2 $| $(printenv SERVER_NAME $)
R$* $| $={CGIUser} $| $+ $| OK $: $1 $(storage _ $ [at] webmaster [at] $3 $)
R$* $| $* $: $1

Victor Sudakov wrote:

> However, it is the last thing I want to do: writing a sed/awk/whatever
> wrapper with its own logic.

Well, then you're stuck.

Realize that whatever solution you pick will be incomplete, because
(presumably) there's nothing to stop your customers from uploading and
using their own Sendmail executable, or even talking SMTP directly from
their CGI scripts. (If you control their CGI scripts, then obviously
you wouldn't be asking this question. :-))

> I wonder if exim, postfix or other sendmail alternatives can directly
> reference environment variables in their rulesets.

I doubt it. Sendmail is the most flexible MTA when it comes to
configuration.

--
David.

David F. Skoll wrote:
>
>> However, it is the last thing I want to do: writing a sed/awk/whatever
>> wrapper with its own logic.
>
> Well, then you're stuck.

Only because of the inability of sendmail to reference an environment
variable from within sendmail.cf (without calling an external program).

>
> Realize that whatever solution you pick will be incomplete, because
> (presumably) there's nothing to stop your customers from uploading and
> using their own Sendmail executable, or even talking SMTP directly from
> their CGI scripts.

These two scenarios are more or less prevented by ipfw rules.

But of course the customers can change the environment within their
CGI scripts and export the changed environment to the wrapper.

However, my primary objective is not to track abusive users, but to
track possible abuse of users' web forms due to the epidemic of spam
via web forms.

> (If you control their CGI scripts, then obviously
> you wouldn't be asking this question. :-))

We don't have the necessary human resources to do that.

>
>> I wonder if exim, postfix or other sendmail alternatives can directly
>> reference environment variables in their rulesets.
>
> I doubt it. Sendmail is the most flexible MTA when it comes to
> configuration.

It seems to me that writing your own custom lookup or rewriting rules
is easier with exim, but of course YMMV.

--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
2:5005/49 [at] fidonet http://vas.tomsk.ru/

Matej Vela wrote:
>> I need to reference an environment variable from sendmail.cf. Is there
>> a way to do this?
>>
>> Or pehaps there is a better solution for my problem. Hosting users
>> (both PHP and CGI in namebased virtual hosts) use /usr/sbin/sendmail
>> to send mail from web forms etc. I would like to stamp each outgoing
>> message with something that could identify the originating virthost.
>> I thought a reference to $SERVER_NAME in some special header would be
>> good, but how do I do that?
>
> Put something along these lines in /etc/mail/submit.mc. It uses an
> extra process, but so would a wrapper.
>
> LOCAL_CONFIG
> Kprintenv program -a$|OK /usr/bin/printenv

Yes, a program map is better than a wrapper (if starting an extra
process is unavoidable). Thank you for the hint.

--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
2:5005/49 [at] fidonet http://vas.tomsk.ru/