From: Victor Duchovni (no email)
Date: Wed Jul 02 2008 - 13:35:12 EDT
On Wed, Jul 02, 2008 at 07:20:53PM +0200, Benoit Giannangeli wrote:
> Well I'm just trying to get it worked once even with a "hello world"
> script ! I'm in a research phase of my work and I need to see it
> working before starting anything.
>
> I was planning to try advance filtering after in order to use SMTP
> protocol. For the moment I just send my mails and separate them by a
> tag (<--MAIL-->). It's only for testing purposes and sure won't be the
> final solution of course.
>
> 2008/7/2 Victor Duchovni <>:
> > On Wed, Jul 02, 2008 at 07:10:49PM +0200, Benoit Giannangeli wrote:
> >
> >> > Perhaps you could spell filter the way Postfix expects: ie. filter not
> >> > filtre?
> >>
> >> I don't think "filter" is a keyword and "filtre" refers to:
> >>
> >> filtre unix - n n - - pipe
> >> flags=Rq user=filter argv=/etc/postfix/socket_connect.pl 127.0.0.1 10027
THis program will run, provided the file permissions are right, the path
in '#! /path' is correct and your transport table routes appropriate
addresses to this transport.
If this is a toy design, go ahead, provided you understand that it is
a toy design. You should probably take the nexthop IP and port out of the
transport definition and set them in the transport table instead:
example.com filtre:127.0.0.1:10027
filtre unix - n n - - pipe
flags=Rq user=filter argv=/etc/postfix/socket_connect.pl
${nexthop} ${sender} ${recipient}
Failure to serialize the sender and recipients properly when handing
off to sendmail(1) in the Java code will lead to serious security issue
(shell command injection), you will undoubtedly fall into that trap :-)
Postfix uses execvp() to pass separate arguments directly to sendmail
without invoking a shell. Naive ways of doing that in Java will likely
involve the equivalent of system(3) and will be insecure. You also
need to the sendmail command-line just right:
sendmail -i -f sender -- rcpt1 ... rcptN
Good luck, and you have been warned, the pitfalls are many...
-- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the "Reply-To" header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: <mailto:?body=unsubscribe%20postfix-users> If my response solves your problem, the best way to thank me is to not send an "it worked, thanks" follow-up. If you must respond, please put "It worked, thanks" in the "Subject" so I can delete these quickly.
|
|
|