Sendmail user forward file not working

Josué Souza josue at NEXOS.COM.BR
Thu Jul 8 21:09:41 IST 2004 

Thanks! You were right. Users directories were ok but /var/home was 
group writeable. The home dir was migrated from another machine and I 
forgot to check ownership and permissions after all migration process. I 
  changed it and it worked fine.

Best regards,

Josué Souza
josue at nexos.com.br

Nexos Information Security
Rua Thomaz Antônio Gonzaga, 226, Pernambués
Salvador - Bahia - Brasil
+55 71 2106-9125


Derek Winkler wrote:
>>Anyone have any hints to try to solve this problem?
> 
> 
> This has nothing to do with MailScanner.
> 
> Check .forward file ownership and permissions.
> 
> From sendmail.org...
> 
> Beginning with sendmail 8.9, these checks have become more strict to
> prevent users from being able to access files they would normally not
> be able to read.  In particular, .forward and :include: files in unsafe
> directory paths (directory paths which are group or world writable) will
> no longer be allowed.  This would mean that if user joe's home directory
> was writable by group staff, sendmail would not use his .forward file.
> This behavior can be altered, at the expense of system security, by
> setting the DontBlameSendmail option.  For example, to allow .forward
> files in group writable directories:
> 
>         O DontBlameSendmail=forwardfileingroupwritabledirpath
> 
> Or to allow them in both group and world writable directories:
> 
>         O DontBlameSendmail=forwardfileinunsafedirpath
> 
> Items from these unsafe .forward and :include: files will be marked
> as unsafe addresses -- the items can not be deliveries to files or
> programs.  This behavior can also be altered via DontBlameSendmail:
> 
>         O DontBlameSendmail=forwardfileinunsafedirpath,
>                 forwardfileinunsafedirpathsafe
> 
> The first flag allows the .forward file to be read, the second allows
> the items in the file to be marked as safe for file and program
> delivery.
> 
> 
>>Thanks in advance,
>>
>>Josue Souza
> 
> 
> This email and any files transmitted with it are confidential and
> proprietary to Algorithmics Incorporated and its affiliates
> ("Algorithmics").  If received in error, use is prohibited.  Please destroy,
> and notify sender.  Sender does not waive confidentiality or privilege.
> Internet communications cannot be guaranteed to be timely, secure, error or
> virus-free.  Algorithmics does not accept liability for any errors or
> omissions.  Any commitment intended to bind Algorithmics must be reduced to
> writing and signed by an authorized signatory.
> 
> -------------------------- MailScanner list ----------------------
> To leave, send    leave mailscanner    to jiscmail at jiscmail.ac.uk
> Before posting, please see the Most Asked Questions at
> http://www.mailscanner.biz/maq/     and the archives at
> http://www.jiscmail.ac.uk/lists/mailscanner.html
> 

-------------------------- MailScanner list ----------------------
To leave, send    leave mailscanner    to jiscmail at jiscmail.ac.uk
Before posting, please see the Most Asked Questions at
http://www.mailscanner.biz/maq/     and the archives at
http://www.jiscmail.ac.uk/lists/mailscanner.html

More information about the MailScanner mailing list