[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How to change the From: field in bug reports



On Fri, Oct 23, 1998 at 08:36:25AM +0200, Andreas Tille wrote:
> On Fri, 23 Oct 1998, Russell Coker wrote:
> 
> > It used /etc/mailname last time I did an strace on it...
> But this is only a half of the truth, because /etc/mailname
> contains only the hostname and will be prepended by the
> username and `@`.  It wouldn't help in my case because my
> correct E-mail address is a symbolic address in every case
> different from the login name.

I fix this in my MTA...

# host whose IP address is blacklisted in the RBL at maps.vix.com.

######################################################################
#                      REWRITE CONFIGURATION                         #
######################################################################


# There are no rewriting specifications in this default configuration file.


# This is an example of a useful rewriting rule---it looks up the real
# address of all local users in a file

# *@icarus2.localnet    ${lookup{$1}lsearch{/etc/email-addresses}\
#						{$value}fail} bcfrF
knghtbrd@icarus2.localnet  knghtbrd@debian.org  Fh

# End of Exim configuration file


> Global settings can't work for this purpose, because several
> users use several addresses.

In this case, you could just add a line as above for each user, or you could
use a lookup for users you wanna translate for..  Doesn't require much that
way for maintenance and you don't have to restart exim after each change.

Sendmail does similar.  I'm almost certain even smail can.  Qmail however
cannot.


> And, to the other problems of this topic:  I'm really sure
> that the user is able to change the "From:" field, because
> I'm able to configure this in my .pinerc.  No suid things
> should be necessary.

Nope, you could even write a sgid script to allow a user to set their email
address and rehash the thing.  Course like any priveleged script it should
be written to verify the email address is safe, but it would be trivial in
perl (I'm almost certain I could write the script!)

Point being that in exim (and sendmail for certain) you can do this and it
can be as simple or as complex as you desire it to be depending on how well
you trust your users of course.

-- 
Show me the code or get out of my way.

Attachment: pgpVQvsVjuRcb.pgp
Description: PGP signature


Reply to: