[Dovecot] Dovecot LMTP does not pass envelope recipient +detail to sieve

Steffen Kaiser skdovecot at smail.inf.fh-brs.de
Tue Jan 14 12:24:35 EET 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sun, 12 Jan 2014, Greg Rivers wrote:

> On Sat, 11 Jan 2014, Steffen wrote:
>
>> I have:
>> ... deliverable: mailer local, user uid+detail
>> instead of "deliverable: mailer local, host detail, user gcr"
>> 
>> Hmm, see 
>> http://etutorials.org/Server+Administration/Sendmail/Part+I+Build+and+Install/Chapter+4.+Configure+sendmail.cf+with+m4/FEATUREpreserve_local_plus_detail/
>> 
>> My mc-file has this setting commented out (prefixed by dnl). Ah, I see
>> where the processing differs. I had added this:
>> 
>> SLocal_localaddr
>> R< $* > $1      Remove <> from address
>> R$+ + $*                $: $1   Remove detail from address
>> R$+             $: <$(localuser $1 $: TEMPFAIL $)> $1   Query socket
>> map server, if that's a local user
>> R<OK> $*        $# ok   yes, this preserves detail
>> R<REJECT> $*    $# error $@ 5.7.1 $: 550 User unknown
>> R<TEMPFAIL> $*  $# error $@ TEMPFAIL $: $1 try again later      Does
>> it work????
>> 
>> See the R<OK> line. The map is to verify if the user is local or not.
>> In my system sendmail cannot do so on its own. Maybe the FEATURE above
>> works for the standard config.
>> 
>
> "FEATURE(`preserve_local_plus_detail')" is actually one of the first things I 
> tried when I started working on this problem, but it doesn't quite work with 
> the standard configuration:
>
> $ sendmail -bv -d21.12 gcr+XYZZY at badger.tharned.org
> -----rule matches: $@ $1
> rewritten as: gcr + xyzzy
> rewrite: ruleset localaddr        returns: gcr + xyzzy
> gcr+XYZZY at badger.tharned.org... User unknown

OK, that rings a bell:
the problem is the "w" flag. It checks that a valid system exists.

If you remove the "w" flag, you loose the system user validaty check and 
the .forward feature.

You have four ways, IMHO:

a) switch to LDA

b) add Local_localaddr to validate the user yourself and accept that the 
.forward feature is not working

c) I've patched sendmail's mailbox database code with a Dovecot stub, that 
queries the UserDB socket for validity of the users.
If you use system users, you could probably just patch libsm/mbdb.c: 
mbdb_pw_lookup(name, user) to cut the +detail, something like:

char *detailp;

if(detailp = strchr(name, '+'))
 	*detailp = '\0';
pw = getpwnam(name);
if(detailp)
 	*detailp = '+';

This code is untested and I don't know, if mbdb_pw_lookup() could get 
passed in a pointer to a constant, which would throw a SEGV or SIGBUS or 
whatever signal and dump core.

d) try a PAM module in pam.d/sendmail, that strips the +detail before 
processing the request

e) try to file a bug with sendmail.

- -- 
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEVAwUBUtUQY3D1/YhP6VMHAQI6aAf8D6Z+ba8G+PePQqyPmQY+D8ZBjFXm6dqj
fT/MvAazs8YZJTs/vvxzZ9IWwQPbnSzBTCUdChouzxtA1NPHUwvO23hkR8oFaLT2
8wtfQCJ4e1BXclfqgGO/COJ632IvE7ygvhMmwAtV5+WHil8Ea1hyjTAwpzXUL4Im
btkHvTkGiW/m2CZsaaIJ2keeMGK8ygWgU/7ZCtEi+2M4MF3WhGiGZznRAnAfkfr8
fk7ybicEpLD5VGpRc5+D47XT+KM6ViI/Wou3hVzGJ8MsbPxn6kIeRmZHY24xtPyW
5Q0YoD9nYUZorwN2LNAj15TRNztodwewZH3HUAoFYGAM3YVQWuRxTQ==
=ye9c
-----END PGP SIGNATURE-----

More information about the dovecot mailing list