Re: How to use procmail
Adam Shostack writes:
Rule introductions of the form :# are depreciated. You should always use :0, which means any line starting with * is a rule. [...] And :0: means use a lockfile on the folder. [...] :0 *^Subject:.*unsub /dev/null
:0: *^TOcypherpunks cypherpunks
Thanks, Adam. I created my .procmailrc a long time ago, using the old 2.?? version, and now just cut and paste as required. New procmail users, listen to Adam! (And read the man page, even though it's a bit intimidating at first.) MJ
Martin Janzen wrote: | New procmail users, listen to Adam! (And read the man page, even | though it's a bit intimidating at first.) Yeah, Listen to me! Listen to me! (Its the new cypherpunks theme song!) More seriously, here's my .procmailrc. I'm fond of it, but the cpunks section could use some more work. Other parts may be useful basis for other people's hacking. Adam # $Id: .procmailrc,v 1.10 1996/08/05 04:54:46 adam Exp $ PATH=/bin:/usr/bin:/usr/local/bin:/usr/local/lib/mh MAILDIR=$HOME/Mail/= #you'd better make sure it exists DEFAULT=/var/spool/mail/adam LOGFILE=$MAILDIR/.procmail.log REALLF=$LOGFILE # So I only have one path to LF COMSAT=no # don't tell comsat; its obstelete. # VERBOSE=on # bad bad bad! #This first ruleset protets me from mailbombs from an automated service #that I often send incorrect commands to, generating 5mb of reply. # It also sorts based on sucsess of the command. :0c : .safe :0 * From bal@swissnet.ai.mit.edu { :0 h * >10000 /dev/null :0 h *^Subject:.*no keys match /dev/null :0: *Subject: Your command, ADD $DEFAULT :0E | pgp +batchmode -fka } # This is a backup. Don't forget to cycle safe boxes. # this is here because I don't want to hear about everything going in .safe. # prevent duplicate messages from showing up in several folders. LOGABSTRACT=all # doesn't work :0 Wh: msgid.lock | formail -D 65536 .msgid.cache # auto key retreival # # I have an elm alias, pgp, points to a keyserver # The logfile gets unset briefly to keep the elm lines out of my # logfile. :0BW * -----BEGIN PGP *!^FROM_DAEMON KEYID=|/home/adam/bin/sender_unknown LOGFILE= :0 ahc # added h 8 jan 95 * ! ^X-Loop: Adams autokey retreival. | formail -a"X-Loop: Adams akr" |elm -s"mget $KEYID" pgp LOGFILE=$REALLF :0 * (^TOCypherpunks|Sender:.*cypherpunks|^From owner-cypherpunks@toad.com) { :0: * From.*owner-cp-lite@comsec.com cp-lite :0 h * Subject:.*(Delete|u*n*Sub*| add |leave|help|Undeliverable Message) * < 1000 /dev/null :0 :rml.lock * ^From: Raph Levien * ^Subject: List of reliable remailers | cat /dev/null - > ~/sec/remailer-list :0: * 1^1 ^(From|To|Cc):.*david@sternlight.com * 1^1 ^Subject:.*CDA * 1^1 ^Subject:.*Assasination * 1^1 ^Subject:.*Reasons in support of crypto-anarchy * 1^1 ^Subject:.*Noise * 1^1 ^Subject:.*FV * 1^1 ^Subject:.*(PLEASE REPLY|test) cjunk :0B: * ^Alice de 'nonymous * an455120@anon.penet.fi * ^P.S. This post is in the public domain. | formail -a "Status: O" >> cjunk # I really ought to make this a wieghted rule. :0: * ^From:.*(aba@atlas|adam@lighthouse|blancw|cdodhner|cfrye|chen|cman|cme|colin@|daw@cs|ddt|ebrandt|eric@remail|futplex|frissell|gnu|gtoal|habs|hallam|hfinney|hugh|jis|karn|loewenste|loki|mab|froomki|mpj|nate|nsb|perry|pfarrel|rah|rjc|rsalz|sameer|sandfort|schneier|ses|smb|stewarts|szabo|tcmay|trei|unicorn|usura@berserk|warlord|weidai|whitaker|Zimmerman) * !^From.*(anonymous|perry@jpunix.com|jonathan@Memexis|perry@psii.persci.com|gertstein|Schartman|don@cs.byu.edu|senate.gov|doug@eng) cpunks :0: cpunks-noise } :0: * ^TOfirewalls firewalls :0: *^From owner-fwtk-users@tis.com fwtk :0 *^TOcyberia-l { # VERBOSE=on :0 HW FROM=|formail -x "From: " :0 f | formail -I"Reply-To: $FROM" :0 fw:cyberia.sed.lock * ^From: Timothy Arnold-Moore <tja@kbs.citri.edu.au> |sed 's/^ //g' :0: cyberia } :0: * ^From procmail-request@informatik.rwth-aachen.de procmail # Thats it for the high volume lists. Low volume lists I don't push # through formail. :0: * ^TOyucks@cs.purdue.edu * ^Subject: Yucks Digest | formail +1 -ds cat >> yucks :0: * ^TObugtraq bugtraq :0 * ^TO .*(ietf|rfc-dist) { :0h *^Subject:.*ON-SITE /dev/null :0: ietf } :0 * ^TOwww-buyinfo { :0 * ^From: rah@shipwright * ^Subject: .*(cpx) /dev/null :0: | formail -a "Status: O" >> wwwb } :0: *^TOspki spki :0 *^TOssl-talk { :0 *^Subject:.*remove * < 2000 /dev/null :0: ssl } :0: *^TOwww-security@ns2.rutgers.edu wwws :0: *^From owner-ssh ssh :0: *^TOremailer-operators@c2.org remailers :0: *From best-of-security bos :0: * ^TObblisa bblisa :0: *^TOcoderpunks coderpunks :0: *^TOmix-l mix-l :0: * ^TOphrack v/phrack :0: *^TOsdadmin sdadmin :0: * Precedence: (junk|bulk) junk :0: * To: postmaster postmaster # basic file server. Only sends whats in .outbound :0 * ^Subject: (SEND|get) [0-9a-z][-_/0-9a-z.]+$ * !^Subject:.*[ /.]\. * !^FROM_DAEMON { # FILE=`formail -x Subject: | sed 's/.* //'` FILE=`sed -n -e '/Subject:/s/.* //p' -e '/^$/q'` :0c | (formail -rt -A"Precedence: junk";\ cat $HOME/.outbound/$FILE) | $SENDMAIL -t :0: $MAILDIR/.log } # This handles vacation messages. Make sure .vacation.msg and # .vacationlist exist :0 hc:vaction.lock # untested * ? [ -r $MAILDIR/.vacationlist ] * !? [ -r $MAILDIR/.vacation.msg ] | rm -f $MAILDIR/.vacationlist :0 * ? [ -s $MAILDIR/.vacation.msg ] * !^Precedence:(junk|bulk) * !^FROM_DAEMON { FROM=`formail -rx To:` ALREADYSENT=$MAILDIR/.vacationlist :0 hc: * !? fgrep -e "$FROM" $ALREADYSENT | echo "$FROM" >> $ALREADYSENT;\ (formail -rA"Precedence: junk";\ cat $MAILDIR/.vacation.msg ;\ ) | $SENDMAIL -t } -- "It is seldom that liberty of any kind is lost all at once." -Hume
Adam Shostack wrote:
:0 * From bal@swissnet.ai.mit.edu { :0 h * >10000 /dev/null
:0 h *^Subject:.*no keys match /dev/null
:0: *Subject: Your command, ADD $DEFAULT
:0E | pgp +batchmode -fka
Isn't this vulnerable to "deadbeef" attacks? I can also see an attack when someone sends you an email with the spooofed "From " address and a user name that is the same (or almost the same) as that of your trusted parties. Suppose that you correspond with mrx@provider.com and you use encryption command pgp -eaf mrx Then I can send you a bogus email containing a key for mrx@bogus.com and next time you encrypt something for your friend nrx@provider.com, you will actually encrypt it with the wron key. If I intercept your email, your message to mrx can be compromised.
# basic file server. Only sends whats in .outbound :0 * ^Subject: (SEND|get) [0-9a-z][-_/0-9a-z.]+$ * !^Subject:.*[ /.]\. * !^FROM_DAEMON { # FILE=`formail -x Subject: | sed 's/.* //'` FILE=`sed -n -e '/Subject:/s/.* //p' -e '/^$/q'`
:0c | (formail -rt -A"Precedence: junk";\ cat $HOME/.outbound/$FILE) | $SENDMAIL -t
*If* .outbound has some subdirectories (say subdir), How about this email: From: dumbass@aol.com Subject: GET subdir/../../../../etc/passwd Reply-To: blin@algebra.com xxx - Igor.
Igor Chudov @ home wrote: | Adam Shostack wrote: | > :0 | > * From bal@swissnet.ai.mit.edu | > { | > :0E | > | pgp +batchmode -fka | | Isn't this vulnerable to "deadbeef" attacks? I can also see an attack when | someone sends you an email with the spooofed "From " address and a user | name that is the same (or almost the same) as that of your trusted parties. | Then I can send you a bogus email containing a key for mrx@bogus.com | and next time you encrypt something for your friend nrx@provider.com, | you will actually encrypt it with the wron key. If I intercept your | email, your message to mrx can be compromised. Yes its vulnerable. I might see it in the logs, but I've personally verified most of the keys I care about, and they carry my signature, at least on my local keyring. | > # basic file server. Only sends whats in .outbound | > :0 | > * ^Subject: (SEND|get) [0-9a-z][-_/0-9a-z.]+$ | > * !^Subject:.*[ /.]\. | > * !^FROM_DAEMON | > { | > # FILE=`formail -x Subject: | sed 's/.* //'` | > FILE=`sed -n -e '/Subject:/s/.* //p' -e '/^$/q'` | > | > :0c | > | (formail -rt -A"Precedence: junk";\ | > cat $HOME/.outbound/$FILE) | $SENDMAIL -t | | *If* .outbound has some subdirectories (say subdir), How about this email: | | From: dumbass@aol.com | Subject: GET subdir/../../../../etc/passwd | Reply-To: blin@algebra.com That will fail in the second subject line: * !^Subject:.*[ /.]\. Subject: does not match '/' or '.' followed by '.' The first Subject: line prevents absolute pathnames. * ^Subject: (SEND|get) [0-9a-z][-_/0-9a-z.]+$ So, AFAIK, you can't get anything but real subdirectories. Feel free to install it on localhost & experiment. I was pretty careful when I wrote it to make it safe. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume
participants (3)
-
Adam Shostack -
ichudov@algebra.com -
Martin Janzen