OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: matching return-path domain with virtual hosts

From: R.A. Imhoff (listsflashgenie.net)
Date: Sun Dec 12 2010 - 11:45:30 CST


This is interesting: in testing this on the server in question, the "-f" does nothing (with a lowercase -f).

In an older sendmail man page I just came across it says "... -f can only be used by trusted users (normally root, daemon, and network) or if the person you are trying to become is the same as the person you are."
So I guess my php code doesn't get permission to use it. (The current man page doesn't have that ...)

"-r" sets the Return-Path and the From if there is no From in the $headers set in the php code, otherwise the -r sets only the Return-Path.

So what works for my setup is:

$headers = 'Reply-To: ri <reply-memydomain.net >' . PHP_EOL . 'From: ri <from-memydomain.net >' ;
$subject ="some subject";
$message = 'some text';
$to = "some one <someonesome.com>";

$done = mail($to, $subject, $message, $headers, '-r return-memydomain.net');

The message then arrives with the different addresses as expected:

Return-Path: <return-memydomain.net>
To: some one <someonesome.com>
Subject: some subject
Reply-To: ri <reply-memydomain.net>
From: ri <from-memydomain.net>

And it does go via Postfix, from the Log:

Dec 12 18:24:34 machine-domain postfix/qmgr[2578]: CF99E10119: from=<return-memydomain.net>, size=427, nrcpt=1 (queue active)
Dec 12 18:24:36 machine-domain postfix/smtp[12071]: CF99E10119: to=<someonesome.com>, ...

On 12 déc. 2010, at 18:20, Wietse Venema wrote:

> R.A. Imhoff:
>> In fact what finally does set the Return-path is to use the "-r" parameter in the 5th place:
>>
>> $result = mail($to, $subject, $message, $headers, "-r meexample.com")
>>
>> the "-f" sets the "From:", but that was already working by setting it in the $headers or in the php.ini
>
> No, that is incorrect.
>
> With POSTFIX, the -f and -r options do exactly the same thing:
>
> case 'f':
> sender = optarg;
> break;
> ...
> case 'r': /* obsoleted by -f */
> sender = optarg;
> break;
>
> If you look in your logging, you may find that you are handing the
> mail to something other than POSTFIX.
>
> POSTFIX submissions looks like:
>
> pickup[xx]: yyy: uid=1001 from=<wietse>
> cleanup[zz] yyy: message-id=<20101212060507.979E51F3EA6spike.porcupine.org>
>
> Wietse