bogofilter script

Gyepi SAM gyepi at praxis-sw.com
Thu Nov 4 22:48:30 CET 2004 

On Thu, Nov 04, 2004 at 01:14:11PM -0700, Michael Gale wrote:
> 	I have been using Bogofilter for some time now and it works great, 
> 	but I am now curious on how the bogofilter script works, if some one could 
> explain the following or correct me understanding that would be great.
> 
> Script from bogofilter documentation:
> This is where I get a little confused:
> 
>         # bogofilter -e returns: 0 for OK, nonzero for error
>         1. rm -f msg.$$ || exit $EX_TEMPFAIL
>         2. $FILTER -p -u -e > msg.$$ || exit $EX_TEMPFAIL
> 
>         3. exec <msg.$$ || exit $EX_TEMPFAIL
>         4. rm -f msg.$$ # safe, we hold the file descriptor
>         5. exec $POSTFIX "$@"
>         6. exit $EX_TEMPFAIL
> 
> line 2. Has bogofilter read from input / pipe a message and direct the 
> out put to msg.$$ (process ID) and exit if unable to do so.
> 
> line 3. Passes the new file containing the scanned message to the exec 
> function ?

Note quite. Makes the contents of the file available on standard input.

Essentially, this command does the following:
  closes stdin
  opens the input file
  duplicates the new file descriptor to stdin
  closes the file descriptor.

> line 4. Removes the message
> 
> line 5. Executes sendmail passing the argument array $@
>  that contains the new message.

When used with a path to a program file, exec,
starts running the program, replacing the current process.
IOW, the shell script stops running and the sendmail binary starts running.
$@ does not contain the message, it contains the original arguments to the
script. The message is available on standard input, to be read by sendmail.

> line 6. Exit with a EX_TEMPFAIL ?

If the exec call on line 5 had succeeded, line 6 would never be reached.
Therefore reaching it means that the exec failed, so the script exits with an error.
Under normal circumstances, the return value is $SENDMAIL's exit value.

> I don't understand line 1. < Why the need to remove a file that should 
> not exist ? Also if EX_TEMPFAIL is a exit status when some thing goes 
> wrong why does it exit with that value at the end ?

The script is a filter invoked by the Mail Delivery Agent (MDA) -- which
appears to be postfix, in this case -- for every (or some subset, depending on your
configuration) message. The file deletion is just a cautionary step, in case
another instance of the script, with the same pid, had died and left a stale
file. The same precaution would apply against a malicious user who creates
files, hoping to get them read by the script. I would hope though, that the
script's filter directory has proper permissions to prevent this possibility.

If your interest continues, I would recommend that you get yourself a copy of
the late W. Richard Steven's _Advanced Programming in the Unix Environment_.

-Gyepi

More information about the Bogofilter mailing list