|
 |
 |
Forward file items |
|
The contents of the file
or inline string are a list of addresses, file names, or pipe commands, separated by commas or
newlines. Items that are empty are ignored. This includes items consisting
solely of RFC 822 address comments. If an item is entirely enclosed in double
quotes, these are removed, but otherwise double quotes are retained, because
some forms of mail address require the use of double quotes, though never
enclosing the whole address.
Lines starting with a # character are comments, and are ignored, and # may
also appear following a comma, in which case everything between the # and the
end of the line is ignored. If the file is empty, or contains only blank lines
and comments, the director behaves as if it did not exist.
If a message is addressed to two or more different local parts, each of which
results in an expansion that generates an identical file name or pipe command,
different deliveries occur, though of course each delivery process runs with
different values in the LOCAL_PART environment variable, and with
different uids (in the common case). This happens only if the immediate
ancestors of the pipes or files are different local parts. If several different
local parts generate an intermediate alias which in turn generates a pipe or
file delivery, only a single delivery is done, because the duplicate
intermediate addresses are discarded.
-
An address item may safely be the same local part as the one currently under
consideration, because a director is automatically skipped if any ancestor has
the same local part and was processed by that director. Thus a user with login
name spqr who wants to preserve a copy of mail and also forward it somewhere
else can set up a file such as
spqr, spqr@st.else.where
without provoking a loop.
A backslash before an unqualified local part is permitted for compatibility
with other mailers, but is not necessary for loop prevention.
The presence or absence of a backslash does, however, make a difference when
there is more than one local domain. Without a backslash, an unqualified local
part is qualified with the contents of qualify_recipient unless
qualify_preserve_domain is set, but if a backslash is present, the local
part is always qualified with the domain of the incoming address.
Care must be taken if there are alias names for local users. For example if the
system alias file contains
Sam.Reman: spqr
then
Sam.Reman, spqr@reme.else.where
in spqr's forward file fails on an incoming message addressed to Sam.Reman,
because the aliasfile director does not process Sam.Reman the second time
round, having previously done so.
The forward file should really contain
spqr, spqr@reme.else.where
but because this is such a common error, the check_ancestor option (see
below) exists to provide a way to get round it.
-
An item is interpreted as a file name if it begins with `/' and does not
parse as a valid RFC 822 address that includes a domain. For example,
/home/world/shadow
is treated as a file name, but
/s=molari/o=babylon/@x400gate.way
is treated as an address.
For a file name, a transport must be specified using the file_transport
option. However, if the generated path name ends with a forward slash
character, it is interpreted as a directory name rather than a file name, and
directory_transport is used instead. If it ends with two slashes,
directory2_transport is required. This makes it possible to support two
different kinds of directory delivery simultaneously.
If an item is /dev/null, delivery to it is bypassed at a high level, and the
log entry shows `**bypassed**' instead of a transport name. This avoids
the need for a user and group, which are necessary for a genuine delivery to a
file. When the file name is not /dev/null, either the director or the
transport must specify a user and group under which to run the delivery. If
check_local_user is set, the uid and gid from the passwd file are used as
defaults for the generic user and group options.
-
An item is treated as a pipe command if it begins with `|' and does not parse
as a valid RFC 822 address that includes a domain.
A transport for running the command must be specified by the pipe_transport
option. Either the director or the transport must specify a user and group
under which to run the delivery.
If check_local_user is set, the uid and gid from the passwd file are used
as defaults for the generic user and group options.
Both single and double quotes can be used for enclosing individual arguments to
the pipe command; no interpretation of escapes is done for single quotes. If
the command contains a comma character, it is necessary to put the whole item
in double quotes, for example:
"|/some/command ready,steady,go"
since items are terminated by commas. Do not, however, quote just the command.
An item such as
|"/some/command ready,steady,go"
is interpreted as a pipe with a rather strange command name, and no arguments.
-
Instead of an address, file name, or pipe command, an item of the form
:include:<path name>
may appear, in which case a list of addresses is taken from the given file and
included at that point, unless the forbid_include option is set.
There are some security considerations when such an item is included in a
user's `.forward' file:
-
If the seteuid() function is being used to read the main file as a specific
user (see seteuid below) then the included file is read as the same user.
-
Otherwise Exim is running as root at this point. If check_local_user is
set, or if an explicit directory is specified
by file_directory,
then any included files must be within the home or given directory, and no
symbolic links are permitted below the directory name.
-
If neither check_local_user nor
file_directory
is set when seteuid() is not in use, included files are not permitted.
zurück zur Anleitung zum Mailsystem
|
