procmail-related selinux messages
Tom Mitchell
mitch48 at sbcglobal.net
Tue Apr 13 00:44:07 UTC 2004
On Mon, Apr 12, 2004 at 06:47:52PM +1000, Russell Coker wrote:
> On Mon, 12 Apr 2004 02:23, Thomas Molina <tmolina at cablespeed.com> wrote:
....
> > On this system I run fetchmail as a daemon. Mail is delivered using
> > sendmail with procmail recipes.
....
> Why would procmail want to access /var/spool/mqueue?
There is a situation where sendmail is bypassed by fetchmail and 'procmail'
or another MDA is used to deliver mail into the spool.
It should be visible with fetchmail -v (it was for me when something
was broken a year or so ago).
I believe, there is a common degenerate case where sendmail is not
active or broken and procmail is invoked. (ensures that there is no
open relay ... ).
I tried but cannot quickly duplicate this... Perhaps this needs a
multidrop multi user situation to cause issues since I can read and
write my own spool file.
>From the fetchmail man page.
If no port 25 listener is available, but your fetchmail configuration
was told about a reliable local MDA, it will use that MDA for local
delivery instead. At build time, fetchmail normally looks for exe-
cutable procmail(1) and sendmail(1) binaries.
I suspect lots of folks with limited ISP services will see this.
i.e. no personal domain, DHCP, external mail drop and delivery.
--
T o m M i t c h e l l
/dev/null the ultimate in secure storage.
More information about the fedora-test-list
mailing list