1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.DIST

  • Bug#405584: closed by Soren Stoutner (maildrop's sec

    From Reuben Thomas@21:1/5 to [email protected] on Fri Jul 11 13:40:01 2025
    On Fri, 11 Jul 2025 at 00:35, Debian Bug Tracking System < [email protected]> wrote:

    Subject: maildrop's security model different from procmail's, problematic with esmtp
    I am going to close this bug report as it doesn’t appear that there are
    any
    changes that should be made in maildrop.


    It might be useful to document that maildrop cannot replace procmail in
    this situation.

    --
    https://rrt.sc3d.org

    <div dir="ltr"><div class="gmail_quote gmail_quote_container"><div dir="ltr" class="gmail_attr">On Fri, 11 Jul 2025 at 00:35, Debian Bug Tracking System &lt;<a href="mailto:[email protected]">[email protected]</a>&gt; wrote:<br></div><blockquote
    class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Subject: maildrop&#39;s security model different from procmail&#39;s, problematic with esmtp<br>I am going to close this bug report as it doesn�
    �t appear that there are any <br>
    changes that should be made in maildrop.<br></blockquote><div><br></div><div style="font-family:arial,helvetica,sans-serif;font-size:small" class="gmail_default">It might be useful to document that maildrop cannot replace procmail in this situation.<br></
    </div><br><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><a href="https://rrt.sc3d.org" target="_blank">http
  • From Soren Stoutner@21:1/5 to All on Fri Jul 11 10:12:17 2025
    To: [email protected] (Reuben Thomas)

    On Friday, July 11, 2025 4:33:30 AM Mountain Standard Time Reuben Thomas wrote:
    On Fri, 11 Jul 2025 at 00:35, Debian Bug Tracking System <

    [email protected]> wrote:
    Subject: maildrop's security model different from procmail's, problematic with esmtp
    I am going to close this bug report as it doesn’t appear that there are any
    changes that should be made in maildrop.

    It might be useful to document that maildrop cannot replace procmail in
    this situation.

    I think it would be important to document this behavior if users had reason to believe Maildrop would work in this situation. But, as far as I can tell, Maildrop never advertises that it could be used this way.

    Given that in the 18 years this bug report has been open, no other user besides yourself has commented on it with the expectation that this configuration should work, my guess is that either this is a use case that nobody else has ever tried or that the current documentation is sufficient for users to not expect that this would work.

    --
    Soren Stoutner
    [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQIzBAABCgAdFiEEJKVN2yNUZnlcqOI+wufLJ66wtgMFAmhxRfEACgkQwufLJ66w tgNe2BAAuZ3TDce/BI4odfsBRKDn8OfJHky8Yq6SV3J4po3soKq0E72TNZzSh4sg 5ORg1S1Qokl/uD4XDrDTB9iZX55wCQ+goccxoV0qSF2Jjne0T4nBsKRlPqFKrUR+ esWZXTpThugpw3k9ijvro8O8DJdLUs1dl8C7vISdvYpH6SY4aYMd/nWUo3iQ44iT PV52PDrZ6zgh+tU9Hpw/IFgLX+nFPo9h5DFzrCS/Q9fb33OJnxQ0rj2GQ5H9xwEF xbf+G1Wzh4zD5xZgl/kyuAbdo0vVC0urAKwWQlz8NcDyHM++As39/4mU0pFBayQG aBzlQrVZ1y7dTsNPTWPd/S+iedyGdihbSJOVfwD6XeJu8+2zXslj8Kjh7R3zyqi5 VexIcJvadjVIS/1hO2DkaZ7LzbwOXkz8/wcF1YQHm8CvQEWp/oyh9gTcGk26Oy3B wxokIctOcMFimdArqUeZ+o7zhzlKSbCFNNxcgI6vLfGbTJSDImn8XabH+UkNTPm7 ku9Ort5HzaWMGQMY79H5eGA29GVLBh9IoNM3/ioiqv+Xgvc6Vv41J5rezzNXA5hN LqO3JHauA2LQV+KNyL3+sAkDdxVaelFVciJ+769xceKar7YnHdK/fNdrkJ3NVSEY 8B+Tsiarolga8R+2OsCJvPxRDoSNEibb0ycwOYfGXZVQbJssgZQ=
    =0Z74
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Reuben Thomas@21:1/5 to Soren Stoutner on Fri Jul 11 23:00:01 2025
    On Fri, 11 Jul 2025 at 18:12, Soren Stoutner <[email protected]> wrote:

    I think it would be important to document this behavior if users had
    reason to
    believe Maildrop would work in this situation. But, as far as I can tell, Maildrop never advertises that it could be used this way.


    Maildrop is often mentioned as a replacement for procmail.

    Given that in the 18 years this bug report has been open, no other user
    besides yourself has commented on it with the expectation that this configuration should work, my guess is that either this is a use case that nobody else has ever tried or that the current documentation is sufficient for
    users to not expect that this would work.


    I think that's optimistic. Few users bother to report paper-cut bugs like
    this one, not least because they often get no response (not the fault of
    the overworked package maintainers of course!), and especially not when
    there is a workaround (in this case, to use procmail instead of maildrop). Nevertheless, it is likely that other users have faced the same problem,
    and will again.

    --
    https://rrt.sc3d.org

    <div dir="ltr"><div dir="ltr"><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small">On Fri, 11 Jul 2025 at 18:12, Soren Stoutner &lt;<a href="mailto:[email protected]">[email protected]</a>&gt; wrote:</div></div><div
    class="gmail_quote gmail_quote_container"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">I think it would be important to document this behavior if users had reason to <br>
    believe Maildrop would work in this situation.  But, as far as I can tell, <br>
    Maildrop never advertises that it could be used this way.<br></blockquote><div><br></div><div><div style="font-family:arial,helvetica,sans-serif;font-size:small" class="gmail_default">Maildrop is often mentioned as a replacement for procmail.<br></div><
    </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">

    Given that in the 18 years this bug report has been open, no other user <br> besides yourself has commented on it with the expectation that this <br> configuration should work, my guess is that either this is a use case that <br> nobody else has ever tried or that the current documentation is sufficient for <br>
    users to not expect that this would work.<br></blockquote><div><br></div><div><div style="font-family:arial,helvetica,sans-serif;font-size:small" class="gmail_default">I think that&#39;s optimistic. Few users bother to report paper-cut bugs like this one,
    not least because they often get no response (not the fault of the overworked package maintainers of course!), and especially not when there is a workaround (in this case, to use procmail instead of maildrop). Nevertheless, it is likely that other users
    have faced the same problem, and will again.<br></div><div style="font-family:arial,helvetica,sans-serif;font-size:small" class="gmail_default"><br></div></div></div><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature"
    <div dir="ltr"><div><div dir="ltr"><a href="https://rrt.sc3d.org" target="_blank">https://rrt.sc3d.org</a></div></div></div></div></div>

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Soren Stoutner@21:1/5 to Reuben Thomas on Fri Jul 11 14:18:22 2025
    Copy: [email protected]

    On Friday, July 11, 2025 1:52:17 PM Mountain Standard Time Reuben Thomas wrote:
    On Fri, 11 Jul 2025 at 18:12, Soren Stoutner <[email protected]> wrote:
    I think it would be important to document this behavior if users had
    reason to
    believe Maildrop would work in this situation. But, as far as I can tell, Maildrop never advertises that it could be used this way.

    Maildrop is often mentioned as a replacement for procmail.

    Given that in the 18 years this bug report has been open, no other user

    besides yourself has commented on it with the expectation that this configuration should work, my guess is that either this is a use case that nobody else has ever tried or that the current documentation is sufficient for
    users to not expect that this would work.

    I think that's optimistic. Few users bother to report paper-cut bugs like this one, not least because they often get no response (not the fault of
    the overworked package maintainers of course!), and especially not when
    there is a workaround (in this case, to use procmail instead of maildrop). Nevertheless, it is likely that other users have faced the same problem,
    and will again.

    If a lot of users comment on this bug expressing that they had the same confusion, then I will consider adding some sort of documentation.

    The problem isn’t that people don’t consider Maildrop a replacement for procmail, the problem is that esmtp is not able to use Maildrop in the way that Maildrop is intended to be used, which is that the program communicating with Maildrop needs to be run as one of the following users: root mail daemon.
    As far as I know, Maildrop has never advertised that it can be used in this manner by programs not running as one of these three. If there is any documentation that needs to be added, it is probably on esmtp’s side.

    --
    Soren Stoutner
    [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQIzBAABCgAdFiEEJKVN2yNUZnlcqOI+wufLJ66wtgMFAmhxf54ACgkQwufLJ66w tgN9lA//UrVzJt+VwuwHFzBcpsk+UwoeA2AC6MpTAwR7dLWV0VtXuny+X0jz/80f iUzhNI3wPmGBXrLpBYz1/WVemjtjcRSSTdERMNfiS6XsrfparcWMRadN4dyutkOV saSD300XENX5ltxscse3BxvaGqh3dI8DTABekrCILuVOyvNn4TZGJIuzOBIzSwJe kCcraEoB1ehZG9jyfI4jghKXmHX+zopgaEP9zxos5vnb+PgVe2iJRzDQXKd6hC46 eJP8BOlW5XuO5V298as9SKpMbJMSWCp8i/3XDZyhjdLujaZEPUobtlXCkc1JWwmu mA7FSp5guhVnMeKP4s6tPSPJchRUwl0feamM26/0j+2JD6ZOdvJqv5wqDNWP0+aS d+mjQEzdWnCTVNSr6PACVfSAMM3PdHim5bXCJVKAUs1/R02XCvonD1OifGAWxl3k 521GPKuCwEroBFaq0UTeP+1I6AlyuKet0CutggtYwsq/f9CkRav65XMxg1bF4xbM LbmMPFk54E8WEvtElpIq15wwtXdF+1V0/UWiuv1QN2W2tkBXJRV//Lj+t6SEECnb jRrpzmHgYgiDYnyzZkYyVTBxXqE0wsPikJWSiJJVlUkIoV76HaB7yMOaM/rAII0G f5BFzKCwk+AxtjXgiNm3kBMrsi+x+RHxOlNyIgg+cucH93Mp8uY=
    =dh43
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)