Hello there, I am trying to set up a mailinglist with my OpenSMTP daemon and found an unexpected behaviour in OpenBSD-current. I think this is a bug and hopefully I didn't miss anything in the documentation.
The problem is the user selection when receiving mails for a command. I tried to read the code and found out, that when using a command, the user string is empty. Entry in my /etc/mail/aliases: mlmmj-test: |"/usr/local/bin/mlmmj-recieve -L /var/spool/mlmmj/mlmmj-test/" Entry in my /var/log/maillog after sending a mail to the list: 11993303259ac8a2: to=<mlmmj-t...@trustedco.de>, delay=1645, stat=Error (getpwnam: no such user) Starting "smtpd -dv" reveals the empty user string: forkmda: to "/usr/local/bin/mlmmj-recieve -L /var/spool/mlmmj/mlmmj-test/" as c9a2d37f69cfc58c: to=<mlmmj-t...@trustedco.de>, delay=0, stat=Error (getpwnam: no such user) I added some more log statements to the code and can confirm, that the "deliver->user" in smtpd.c:768 is an empty string which will be used to get the users informations which obviously fails. To resolve the problem, the daemon has to choose a correct user for executing the external command. I think there are three options: 1. Use "root" hardcoded for commands 2. Use the local user, corresponding to the alias name 3. Use the daemon's user 2. requires to have a local user with the same name which is realy ugly since I don't need that user on my system. 3. may be too restrited for the command so that you have to give the smtp daemon more rights what does not make sense for this user. 1. may be insecure but only if the sysadmin uses it wrong. There is no default alias rule in the base system with command execution, so the daemon remains secure by default. I don't know sendmail, but the most obvious solution is to use the same rules as sendmail did for backward compatibility. Thanks for reading, Tobias Sarnowski p.s. for testing, I created a local mlmmj-test user to verify that no other code branch will be triggered if the same user exists.
