How smrsh Works
Once smrsh is installed and sendmail is configured to use it, and after its approved program directory is populated, smrsh can begin to do its job. Thereafter, whenever smrsh is called to run a program, smrsh strips the leading path from the program name and looks for that program in its special /usr/adm/sm.bin directory. If the program is not found in that directory, the message bounces. Thus, with the ~/.forward line:
|"/tmp/x.sh"
and if x.sh is not in the /usr/adm/sm.bin directory, smrsh causes the email message to bounce with the following error:
smrsh: /usr/adm/sm.bin/x.sh: not available for sendmail programs
The smrsh program also screens out program lines that contain suspicious characters. Consider:
|"cp /bin/sh /home/george/.x; chmod u+s /home/george/.x"
In this instance, smrsh would reject the command line (and thus bounce the message) because it contained a semicolon character:
smrsh: cannot use ; in command
The smrsh program will reject any
command line that contains any of the following
special characters as well as the newline (\n) and carriage-return
(\r)
characters:
`<>;$( )
Beginning with V8.10, smrsh
allows the && and || expressions so that
~/.forward file entries such
as the following will work:
|"exec /usr/local/bin/archivemail /usr/local/mailarchive/user || exit 75"
Here, || means that
if the archivemail program
fails, the shell command will exit with a 75 value.
This tells sendmail to defer
the message back to its queue, instead of bouncing
it.
Note that ...
Get sendmail, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
