Re: Sendmail .forward problem.

Worapoj P. · ‎03-21-2002

Dear all expertise,

I got the problem with .forward for sendmail,
nornally when specify e-mail address in .forward on home directory. all mail mesg will forward to address that specify in .forward file.
But for user oracle that using C shell I could not do that , pls see below,
=========================
detdb2:/home/mis> /usr/sbin/sendmail -v orat20
orat20... forward: /oracle/T20/.forward.detdb2+: World writable directory
orat20... forward: /oracle/T20/.forward+: World writable directory
orat20... forward: /oracle/T20/.forward.detdb2: World writable directory
orat20... forward: /oracle/T20/.forward: World writable directory
TEST
.
orat20... Connecting to local...
orat20... Sent
=====================

entry of .forward that located on orat20's home dir
=====================
sysadm
=====================
Mail has been sent to user orat20 not user sysadm.

Actually I need to forward all orat20's messages to user sysadm.

Anyone helps
Worapoj

For LOVE For Honor For Mankind

Paula J Frazer-Campbell · ‎03-22-2002

Hi

Check the permission on the .fowrard file for your user - does it have permision to read it ??

HTH

Paula

If you can spell SysAdmin then you is one - anon

Worapoj P. · ‎03-22-2002

hi
plase find as below,

-rw-r--r-- 1 orat20 dba 7 Mar 22 14:17 /oracle/T20/.forward

Pls advise,
worapoj

For LOVE For Honor For Mankind

Paula J Frazer-Campbell · ‎03-22-2002

Hi
Try

sysadm@

in your .forward file.

Also what dors mailq tell you ? are there any mails to sysadm in the queue?

Paula

If you can spell SysAdmin then you is one - anon

Worapoj P. · ‎03-22-2002

Hi
I tried as your suggest add sysadn@ to /oracle/T20/.forward , but result still be the same, still coundn't.

not any mesg go to sysadm's queue

pls
advise
worapoj

For LOVE For Honor For Mankind

Clemens van Everdingen · ‎03-22-2002

Hi,

Do you get any messages in mail.log ?
did you check /etc/aliases ?
Is sysadm a user or a alias ?
try sendmail -bv sysadm, is the output like this:

sysadm... deliverable: mailer local, user sysadm

C.

The computer is a great invention, there are as many mistakes as ever, but they are nobody's fault !

Paula J Frazer-Campbell · ‎03-22-2002

Hi

If the user get mail and sysadm does not then:-

Is the .forward file in the users HOME dir?

Is sysadm a valid user?

If you manually mail to the "ora" users does sysadm get a copy.

Try putting root / or another valid mail user in the .forward file and test.

See man aliases it may help.

Paula

If you can spell SysAdmin then you is one - anon

Worapoj P. · ‎03-22-2002

dear all
Ok I tested as
I) add sysadm to t20adm's home dir as
==== /home/sysadm/.forward =======
sysadm
==================================
II) test sendmail as
detdb2:/home/mis> /usr/sbin/sendmail -bv t20adm
sysadm... deliverable: mailer local, user sysadm

III) verify orat20's home dir
======= /oracle/T20/.forward ======
sysadm
===================================
IV)
detdb2:/home/mis> /usr/sbin/sendmail -bv t20adm
sysadm... deliverable: mailer local, user sysadm
detdb2:/home/mis> /usr/sbin/sendmail -bv orat20
orat20... deliverable: mailer local, user orat20
But for orat20 , the mesg will not forward to system user.

Answer
==========
Q1:If the user get mail and sysadm does not then:-
A1: Yes , orat20 got mail but system not.

Q2:Is the .forward file in the users HOME dir?
A2: Yes pls obtain /etc/passwd,
orat20:fdfklsdkfldfk:3200:201:Standard SAP R/3 User:/oracle/T20:/usr/bin/csh

Q3:Is sysadm a valid user?
A3: Yes , pls see
#id sysadm
detdb2:/home/t20adm# id sysadm
uid=0(root) gid=20(users)

Q4:If you manually mail to the "ora" users does sysadm get a copy.
A4: No ,the mesg had only been sent to orat20.

Q5:Try putting root / or another valid mail user in the .forward file and test.
A4: Yes I tested to t20adm, it work fine as above memtion.

Pls advise,
worapoj

For LOVE For Honor For Mankind

Paula J Frazer-Campbell · ‎03-22-2002

Hi
Does a normal mail to sysadm work?

Paula

If you can spell SysAdmin then you is one - anon

Clemens van Everdingen · ‎03-22-2002

Hi,

could the problem be something like this:

If the owner of the .forward file lacks a valid shell as listed in /etc/shells file, the execution of such programs will be disallowed. The user can still execute such programs by placing the special string
/SENDMAIL/ANY/SHELL/ in the /etc/shells file.

Extracted from man aliases .

C.

The computer is a great invention, there are as many mistakes as ever, but they are nobody's fault !

Martha Mueller · ‎03-22-2002

We found that same error when we loaded patches that updated sendmail to a newer version. We had to add a line to the mail configuration file: /etc/mail/sendmail.cf

The line is:

O DontBlameSendmail=IncludeFileInUnsafeDirPath

Note that the first character is a capital "O" which stands for option. I think you need to restart mail after making this change.

Donna Powell · ‎03-22-2002

World Writeable means a permission problem. Check you /etc directory. It should probably be 555 not 777. Also, check your mail directory in /etc
this should also be 555 and not 777. Your mail is probably still going thru.

555 r-xr-xr-x
777 rwxrwxrwx

World writeable just means that evryone and anyone can write to this directory which is a no no for security reasons.

Worapoj P. · ‎03-25-2002

Dear all,

I already tested all you suggest, but still couldn't, even /etc and /etc/mail permission are 555.
I could send mail mesg to user system

Please suggest,
worapoj

For LOVE For Honor For Mankind

Michael Tully · ‎03-25-2002

Hi,

I wonder if the problem is represented by the usage of the C chell.... Would it be possible to change the shell temporarily to another shell like ksh and test it.

Michael

Anyone for a Mutiny ?

Worapoj P. · ‎03-25-2002

Dear all,
I cann't change current shell to C shell for user oracle ,because SAP still running, So I simulate on another machine , result it's work fine even C shell.
But I deleted .forward on home dir of orat10
then test sendmail by command #sendmail -v orat10 I wonder result is same as below

detdevl:t10adm 1> /usr/sbin/sendmail -v orat10
orat10... forward: /oracle/T10/.forward.detdevl+: World writable directory
orat10... forward: /oracle/T10/.forward+: World writable directory
orat10... forward: /oracle/T10/.forward.detdevl: World writable directory
orat10... forward: /oracle/T10/.forward: World writable directory

Please helps
worapoj

For LOVE For Honor For Mankind

Mark Fenton · ‎03-25-2002

Worapoj, I tried to send this the other day but couldn't because of UI ITRC problems, since fixed.

Could it be that sendmail is complaining that the directory where it is finding the .forward is world writable -- and hence the .forward is subject to hijacking, certainly a security issue. What are the permissions on /oracle/T20 ? If the directory permissions are ok (as in writeable only by user), what are the permissions on the .forward file itself?

If the permissions on the directory cannot be changed for whatever reason, consider using an alias instead. I use this mechanism to send myself notifications of various system events (to my pager, email, whatever).

Best regards
Mark

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: Sendmail .forward problem.

Sendmail .forward problem.