View Source: procmail(1) - Waikato Linux Users Group

Edit PageHistory Diff Info LikePages
PROCMAIL
!!!PROCMAIL
NAME
SYNOPSIS
DESCRIPTION
OPTIONS
EXAMPLES
FILES
SEE ALSO
DIAGNOSTICS
EXTENDED DIAGNOSTICS
WARNINGS
BUGS
MISCELLANEOUS
NOTES
SOURCE
MAILINGLIST
AUTHORS
----
!!NAME


procmail - autonomous mail processor
!!SYNOPSIS


__procmail__ [[__-ptoY__] [[__-f__ ''fromwhom'']
[[''parameter''__=__''value'' | ''rcfile'']
...__
procmail__ [[__-toY__] [[__-f__ ''fromwhom'']
[[__-a__ ''argument''] ... __-d__ ''recipient''
...__
procmail__ [[__-ptY__] __-m__
[[''parameter''__=__''value''] ... ''rcfile''
[[''argument''] ...__
procmail -v__
!!DESCRIPTION


For a quick start, see __NOTES__ at the end.


__Procmail__ should be invoked automatically over the
__.forward__ file mechanism as soon as mail arrives.
Alternatively, when installed by a system administrator, it
can be invoked from within the mailer immediately. When
invoked, it first sets some environment variables to default
values, reads the mail message from stdin until an EOF,
separates the body from the header, and then, if no command
line arguments are present, it starts to look for a file
named __$HOME/.procmailrc__. According to the processing
recipes in this file, the mail message that just arrived
gets distributed into the right folder (and more). If no
rcfile is found, or processing of the rcfile falls off the
end, procmail will store the mail in the default system
mailbox.


If no rcfiles and no __-p__ have been specified on the
command line, procmail will, prior to reading
$HOME/.procmailrc, interpret commands from
__/etc/procmailrc__ (if present). Care must be taken when
creating /etc/procmailrc, because, if circumstances permit,
it will be executed with root privileges (contrary to the
$HOME/.procmailrc file of course).


If running suid root or with root privileges, procmail will
be able to perform as a functionally enhanced, backwards
compatible mail delivery agent.


Procmail can also be used as a general purpose mail filter,
i.e., provisions have been made to enable procmail to be
invoked in a special sendmail rule.


The rcfile format is described in detail in the
procmailrc(5) man page.


The weighted scoring technique is described in detail in the
procmailsc(5) man page.


Examples for rcfile recipes can be looked up in the
procmailex(5) man page.


__Signals__


__TERMINATE__


Terminate prematurely and requeue the mail.


__HANGUP__


Terminate prematurely and bounce the mail.


__INTERRUPT__


Terminate prematurely and bounce the mail.


__QUIT__ Terminate prematurely and silently lose the
mail.


__ALARM__


Force a timeout (see __TIMEOUT).__


__USR1__ Equivalent to a __VERBOSE__=off.


__USR2__ Equivalent to a __VERBOSE__=on.
!!OPTIONS


__-v__


Procmail will print its version number, display its compile
time configuration and exit.


__-p__


Preserve any old environment. Normally procmail clears the
environment upon startup, except for the value of TZ.
However, in any case: any default values will override any
preexisting environment variables, i.e., procmail will not
pay any attention to any predefined environment variables,
it will happily overwrite them with its own defaults. For
the list of environment variables that procmail will preset
see the procmailrc(5) man page. If both -p and -m are
specified, the list of preset environment variables shrinks
to just: LOGNAME, HOME, SHELL, ORGMAIL and
MAILDIR.


__-t__


Make procmail fail softly, i.e., if procmail cannot deliver
the mail to any of the destinations you gave, the mail will
not bounce, but will return to the mailqueue. Another
delivery-attempt will be made at some time in the
future.


__-f__ ''fromwhom''


Causes procmail to regenerate the leading `From ' line with
''fromwhom'' as the sender (instead of -f one could use
the alternate and obsolete -r). If ''fromwhom'' consists
merely of a single `-', then procmail will only update the
timestamp on the `From ' line (if present, if not, it will
generate a new one).


__-o__


Instead of allowing anyone to generate `From ' lines, simply
override the fakes.


__-Y__


Assume traditional Berkeley mailbox format, ignore any
__Content-Length:__ fields.


__-a__ ''argument''


This will set $1 to be equal to ''argument''. Each
succeeding __-a__ ''argument'' will set the next
number variable ($2, $3, etc). It can be used to pass meta
information along to procmail. This is typically done by
passing along the $@x information from the sendmail mailer
rule.


__-d__ ''recipient ...''


This turns on explicit delivery mode, delivery will be to
the local user ''recipient''. This, of course, only is
possible if procmail has root privileges (or if procmail is
already running with the recipient's euid and egid).
Procmail will setuid to the intended recipients and delivers
the mail as if it were invoked by the recipient with no
arguments (i.e., if no rcfile is found, delivery is like
ordinary mail). This option is incompatible with
__-p__.


__-m__


Turns procmail into a general purpose mail filter. In this
mode one rcfile must be specified on the command line. After
the rcfile, procmail will accept an unlimited number of
arguments. If the rcfile is an absolute path starting with
__/etc/procmailrcs/__ without backward references (i.e.
the parent directory cannot be mentioned) procmail will,
only if no security violations are found, take on the
identity of the owner of the rcfile (or symbolic link). For
some advanced usage of this option you should look in the
__EXAMPLES__ section below..SH ARGUMENTS Any arguments
containing an '=' are considered to be environment variable
assignments, they will ''all'' be evaluated after the
default values have been assigned and before the first
rcfile is opened.


Any other arguments are presumed to be rcfile paths (either
absolute, or if they start with `./' relative to the current
directory; __any other relative__ path is relative to
$HOME, unless the __-m__ option has been given, in which
case all relative paths are relative to the current
directory); procmail will start with the first one it finds
on the command line. The following ones will only be parsed
if the preceding ones have a not matching HOST-directive
entry, or in case they should not exist.


If no rcfiles are specified, it looks for
__$HOME/.procmailrc__. If not even that can be found,
processing will continue according to the default settings
of the environment variables and the ones specified on the
command line.
!!EXAMPLES


Examples for rcfile recipes can be looked up in the
procmailex(5) man page. A small sample rcfile can be
found in the __NOTES__ section below.


Skip the rest of this EXAMPLES section unless you are a
system administrator who is vaguely familiar with
sendmail.cf syntax.


The __-m__ option is typically used when procmail is
called from within a rule in the sendmail.cf file. In order
to be able to do this it is convenient to create an extra
`procmail' mailer in your sendmail.cf file (in addition to
the perhaps already present `local' mailer that starts up
procmail). To create such a `procmail' mailer I'd suggest
something like:


       Mprocmail, P=/usr/bin/procmail, F=mSDFMhun, S=11, R=21,
A=procmail -m $h $g $u
This enables you to use rules like the following (most likely in ruleset 0) to filter mail through the procmail mailer (please note the leading tab to continue the rule, and the tab to separate the comments):


       R$*
And /etc/procmailrcs/some.rc could be as simple as:


       SENDER =
Do watch out when sending mail from within the /etc/procmailrcs/some.rc file, if you send mail to addresses which match the first rule again, you could be creating an endless mail loop.
!!FILES


__/etc/passwd__ to set the recipient's LOGNAME, HOME and
SHELL variable defaults


__/var/mail/$LOGNAME__


system mailbox; both the system mailbox and the immediate
directory it is in will be created every time procmail
starts and either one is not present


__/etc/procmailrc__ initial global rcfile


__/etc/procmailrcs/__


special privileges path for rcfiles


__$HOME/.procmailrc__


default rcfile


__/var/mail/$LOGNAME.lock__


lockfile for the system mailbox (not automatically used by
procmail, unless $DEFAULT equals /var/mail/$LOGNAME and
procmail is delivering to $DEFAULT)


__/usr/sbin/sendmail__


default mail forwarder


___????`hostname`__ temporary `unique' zero-length files
created by procmail
!!SEE ALSO


procmailrc(5), procmailsc(5),
procmailex(5), sh(1), csh(1),
mail(1), mailx(1), binmail(1),
uucp(1), aliases(5), sendmail(8),
egrep(1), grep(1), biff(1),
comsat(8), lockfile(1), formail(1),
cron(1)
!!DIAGNOSTICS


Autoforwarding mailbox found


The system mailbox had its suid or sgid bit set, procmail
terminates with EX_NOUSER assuming that this mailbox must
not be delivered to.


Bad substitution of


Not a valid environment variable name
specified.


Closing brace unexpected


There was no corresponding opening brace (nesting
block).


Conflicting options


Not all option combinations are useful


Conflicting x suppressed


Flag x is not compatible with some other flag on this
recipe.


Couldn't create


The system mailbox was missing and could not/will not be
created.


Couldn't create maildir part


The maildir folder


Couldn't create or rename temp file


An error occurred in the mechanics of delivering to the
directory folder


Couldn't determine implicit lockfile from


There were no `


Couldn't read


Procmail was unable to open an rc- file or it was not a
regular file, or procmail couldn't open an MH di- rectory to
find the highest num- bered file.


Couldn't unlock


Lockfile was already gone, or write permission to the
directory where the lockfile is has been
denied.


Deadlock attempted on


The locallockfile specified on this recipe is equal to a
still active $LOCKFILE.


Denying special privileges for


Procmail will not take on the iden- tity that comes with the
rcfile be- cause a security violation was found (e.g.
__-p__ or variable assign- ments on the command line) or
proc- mail had insufficient privileges to do
so.


Descriptor


As procmail was started, stdin, stdout or stderr was not
connected (possibly an attempt to subvert se-
curity)


Enforcing stricter permissions on


The system mailbox of the recipient was found to be
unsecured, procmail secured it.


Error while writing to


Nonexistent subdirectory, no write permission, pipe died or
disk full.


Exceeded LINEBUF


Buffer overflow detected, LINEBUF was too small,
PROCMAIL_OVERFLOW has been set.


MAILDIR is not an absolute path


MAILDIR path too long


ORGMAIL is not an absolute path


ORGMAIL path too long


default rcfile is not an absolute path


default rcfile path too long


The specified item's full path, when expanded, was longer
than LINEBUF or didn't start with a file
separator.


Excessive output quenched from


The program or filter


Extraneous x ignored


The action line or other flags on this recipe makes flag x
meaning- less.


Failed forking


Process table is full (and NORES- RETRY has been
exhausted).


Failed to execute


Program not in path, or not exe- cutable.


Forced unlock denied on


No write permission in the directo- ry where __lockfile__
__


Forcing lock on


__Lockfile__
__LOCKTIMEOUT__).


Incomplete recipe


The start of a recipe was found, but it stranded in an
EOF.


Insufficient privileges


Procmail either needs root privi- leges, or must have the
right (e)uid __and__ (e)gid to run in deliv- ery mode.
The mail will bounce.


Invalid regexp


The regular expression


Kernel-lock failed


While trying to use the kernel-sup- ported locking calls,
one of them failed (usually indicates an OS er- ror),
procmail ignores this error and proceeds.


Kernel-unlock failed


See above.


Lock failure on


Can only occur if you specify some real weird (and illegal)
lockfile- names or if the __lockfile__ could not be
created because of insufficient permissions or nonexistent
subdi- rectories.


Lost


Missing action The current recipe was found to be
incomplete.


Missing closing brace


A nesting block was started, but never
finished.


Missing name The -f option needs an extra
argument.


Missing argument


You specified the -a option but forgot the
argument.


Missing rcfile You speci- fied the -m option, procmail ex-
pects the name of an rcfile as ar- gument.


Missing recipient


You specified the -d option or called procmail under a
different name, it expects one or more recip- ients as
arguments.


No space left to finish writing


The filesystem containing


Out of memory The system is out of swap space (and NORES-
RETRY has been exhausted).


Processing continued


The unrecognised options on the command line are ignored,
proceed- ing as usual.


Program failure (nnn) of


Program that was started by proc- mail returned nnn instead
of EX- IT_SUCCESS (=0); if nnn is nega- tive, then this is
the signal the program died on.


Quota exceeded while writing


The filesize quota for the recipi- ent on the filesystem
containing


Renaming bogus


The system mailbox of the recipient was found to be bogus,
procmail performed evasive actions.


Rescue of unfiltered data succeeded/failed


A filter returned unsuccessfully, procmail tried to get back
the original text.


Skipped:


Suspicious rcfile


The owner of the rcfile was not the recipient or root, the
file was world writable, or the directory that contained it
was world writable, or this was the default rcfile
($HOME/.procmailrc) and ei- ther it was group writable or
the directory that contained it was group writable (the
rcfile was not used).


Terminating prematurely whilst waiting for ...


Procmail received a signal while it was waiting for
...


Timeout, terminating


Timeout has occurred on program or filter


Timeout, was waiting for


Timeout has occurred on program, filter or file


Truncated file to former size


The file could not be delivered to successfully, so the file
was trun- cated to its former size.


Truncating




Unable to treat as directory


Either the suffix on


Unexpected EOL Missing closing quote, or trying to escape
EOF.


Unknown user


The specified recipient does not have a corresponding
uid.
!!EXTENDED DIAGNOSTICS


Extended diagnostics can be turned on and off through set-
ting the VERBOSE variable.


[[pid] time


Procmail's pid and a timestamp. Generated whenever procmail
logs a diagnostic and at least a second has elapsed since
the last times- tamp.


Acquiring kernel-lock


Procmail now tries to kernel-lock the most recently opened
file (de- scriptor).


Assigning


Assuming identity of the recipient, VERBOSE=off


Dropping all privileges (if any), implicitly turns off
extended diag- nostics.


Bypassed locking


The mail spool directory was not accessible to procmail, it
relied solely on kernel locks.


Executing


HOST mismatched


This host was called


Locking


Linking to


Match on


Matched
MATCH__.


No match on


Non-zero exitcode (nnn) by


Program that was started by proc- mail as a condition or as
the ac- tion of a recipe with the `W' flag returned nnn
instead of EXIT_SUC- CESS (=0); the usage indicates that
this is not an entirely unexpected condition.


Notified comsat:


Sent comsat/biff a notice that mail arrived for user
$LOGNAME at `off- set' in `file'.


Opening


Rcfile:


Reiterating kernel-lock


While attempting several locking methods, one of these
failed. Procmail will reiterate until they all succeed in
rapid succession.


Score: added newtotal


This condition scored `added' points, which resulted in a
`newto- tal' score.


Unlocking
!!WARNINGS


You should create a shell script that uses
lockfile(1) be- fore invoking your mail shell on any
mailbox file other than the system mailbox (unless of
course, your mail shell uses the same lockfiles (local or
global) you specified in your rcfile).


In the unlikely event that you absolutely need to kill
procmail before it has finished, first try and use the
regular kill command (i.e., ''not'' kill -9, see the
subsec- tion ''Signals'' for suggestions), otherwise some
''lockfiles'' might not get removed.


Beware when using the __-t__ option, if procmail
repeatedly is unable to deliver the mail (e.g., due to an
incorrect rc- file), the system mailqueue could fill up.
This could ag- gravate both the local postmaster and other
users.


The __/etc/procmailrc__ file might be executed with root
priv- ileges, so be very careful of what you put in it.
__SHELL__ will be equal to that of the current recipient,
so if procmail has to invoke the shell, you'd better set it
to some safe value first. See also:
__DROPPRIVS__.


Keep in mind that if chown(1) is permitted on files
in __/etc/procmailrcs/__, that they can be chowned to
root (or anyone else) by their current owners. For maximum
securi- ty, make sure this directory is ''executable'' to
root only.


Procmail is not the proper tool for sharing one mailbox
among many users, such as when you have one POP account for
all mail to your domain. It can be done if you manage to
configure your MTA to add some headers with the enve- lope
recipient data in order to tell Procmail who a mes- sage is
for, but this is usually not the right thing to do. Perhaps
you want to investigate if your MTA offers `virtual user
tables', or check out the `multidrop' facil- ity of
Fetchmail.
!!BUGS


After removing a lockfile by force, procmail waits $SUS-
PEND seconds before creating a new lockfile so that anoth-
er process that decides to remove the stale lockfile will
not remove the newly created lock by mistake.


Procmail uses the regular TERMINATE signal to terminate any
runaway filter, but it does not check if the filter responds
to that signal and it only sends it to the filter itself,
not to any of the filter's children.


A continued __Content-Length:__ field is not handled
correct- ly.


The embedded newlines in a continued header should be
skipped when matching instead of being treated as a single
space as they are now.
!!MISCELLANEOUS


If there is an existing __Content-Length:__ field in the
head- er of the mail and the __-Y__ option is not
specified, proc- mail will trim the field to report the
correct size. Procmail does not change the
fieldwidth.


If there is no __Content-Length:__ field or the __-Y__
option has been specified and procmail appends to regular
mailfold- ers, any lines in the body of the message that
look like postmarks are prepended with `
__


       `nFrom '
If the destination name used in explicit delivery mode is not in /etc/passwd, procmail will proceed as if explicit delivery mode was not in effect. If not in explicit de- livery mode and should the uid procmail is running under, have no corresponding /etc/passwd entry, then HOME will default to /, LOGNAME will default to #uid, SHELL will de- fault to /bin/sh, and ORGMAIL will default to /tmp/dead.letter.


When in explicit delivery mode, procmail will generate a
leading `From ' line if none is present. If one is al- ready
present procmail will leave it intact. If procmail is not
invoked with one of the following user or group ids : root,
daemon, uucp, mail, x400, network, list, slist, lists or
news, but still has to generate or accept a new `From '
line, it will generate an additional `


For security reasons procmail will only use an absolute or
$HOME-relative rcfile if it is owned by the recipient or
root, not world writable, and the directory it is con-
tained in is not world writable. The $HOME/.procmailrc file
has the additional constraint of not being group-writable or
in a group-writable directory.


If /var/mail/$LOGNAME is a bogus mailbox (i.e., does not
belong to the recipient, is unwritable, is a symbolic link
or is a hard link), procmail will upon startup try to re-
name it into a file starting with `BOGUS.$LOGNAME.' and
ending in an inode-sequence-code. If this turns out to be
impossible, __ORGMAIL__ will have ''no'' initial
value, and hence will inhibit delivery without a proper
rcfile.


If /var/mail/$LOGNAME already is a valid mailbox, but has
got too loose permissions on it, procmail will correct this.
To prevent procmail from doing this make sure the u+x bit is
set.


When delivering to directories, MH folders, or maildir
folders, you __don't__ need to use lockfiles to prevent
sever- al concurrently running procmail programs from
messing up.


Delivering to MH folders is slightly more time consuming
than delivering to normal directories or mailboxes, be-
cause procmail has to search for the next available number
(instead of having the filename immediately
available).


On general failure procmail will return EX_CANTCREAT, un-
less option __-t__ is specified, in which case it will
return EX_TEMPFAIL.


To make `egrepping' of headers more consistent, procmail
concatenates all continued header fields; but only inter-
nally. When delivering the mail, line breaks will appear as
before.


If procmail is called under a name not starting with
`procmail' (e.g., if it is linked to another name and in-
voked as such), it comes up in explicit delivery mode, and
expects the recipients' names as command line arguments (as
if -d had been specified).


Comsat/biff notifications are done using udp. They are sent
off once when procmail generates the regular logfile entry.
The notification messages have the following ex- tended
format (or as close as you can get when final de- livery was
not to a file):


       $LOGNAME@offset_of_message_in_mailbox:absolute_path_to_mailbox
Whenever procmail itself opens a file to deliver to, it consistently uses the following kernel locking strategies: fcntl(2).


Procmail is NFS-resistant and eight-bit clean.
!!NOTES


Calling up procmail with the -h or -? options will cause it
to display a command-line help and recipe flag
quick-reference page.


There exists an excellent newbie FAQ about mailfilters (and
procmail in particular); it is maintained by Nancy !McGough


       send usenet/news.answers/mail/filtering-faq
If procmail is ''not'' installed globally as the default mail delivery agent (ask your system administrator), you have to make sure it is invoked when your mail arrives. In this case your $HOME/.forward (beware, it __has__ to be world readable) file should contain the line below. Be sure to include the single and double quotes, and unless you know your site to be running smrsh (the !SendMail Restricted SHell), it must be an ''absolute'' path.


Some mailers (notably exim) do not currently accept the above syntax. In such case use this instead:


|/usr/bin/procmail
Procmail can also be invoked to postprocess an already filled system mailbox. This can be useful if you don't want to or can't use a $HOME/.forward file (in which case the following script could periodically be called from within cron(1), or whenever you start reading mail):


       #!/bin/sh
ORGMAIL=/var/mail/$LOGNAME
if cd $HOME


__A sample small $HOME/.procmailrc:__


PATH=/usr/local/bin:/usr/bin:/bin
MAILDIR=$HOME/Mail      #you'd better make sure it exists
DEFAULT=$MAILDIR/mbox   #completely optional
LOGFILE=$MAILDIR/from   #recommended
:0:
* ^From.*berg
from_me
:0
* ^Subject:.*Flame
/dev/null
Other examples for rcfile recipes can be looked up in the procmailex(5) man page.
!!SOURCE


This program is part of the ''procmail
mail-processing-pack- age'' (v3.22) available at
http://www.procmail.org/ or ftp.procmail.org in
__pub/procmail/__.
!!MAILINGLIST


There exists a mailinglist for questions relating to any
program in the procmail package:





              for subscription requests.


If you would like to stay informed about new versions and
official patches send a subscription request to


       procmail-announce-request@procmail.org
(this is a readonly list).
!!AUTHORS


Stephen R. van den Berg



Philip A. Guenther



----
14 pages link to procmail(1):
This page is a man page (or other imported legacy content). We are unable to automatically determine the license status of this page.
Last edited on Tuesday, June 4, 2002 12:22:47 am by "perry"
Edit PageHistory Diff Info LikePages