Sendmail Error: Address <user> unsafe for mailing to programs

Posted on 2009-02-10
Last Modified: 2013-12-17
I am using sendmail to forward e-mail into a perl script using procmail.
I have just up graded to a new machine running sendmail version 8 and get the error above and am struggling with the tightened security.
.forward file 

|exec /usr/bin/procmail

.procmailrc file




# Take copies of all incoming mail into the archive file

:0 c


# This is the normal mail handler


* ^From.*

| /home/sysadmin/procmail/rewrite forward

# This recipe forwards any mail to "alert" if it does not come from


! alert

Open in new window

Question by:inscribble82
    LVL 26

    Expert Comment

    You can't forward to any old program, it's a security hazard, and sendmail has a restricted shell. You have to put the program in the directory that this restricted shell allows.

    Typically it's something like /etc/smrsh
    LVL 26

    Expert Comment

    ...additional thought:

    check out the man page for smrsh it'll explain all of this and tell you where the scripts should go (default is /etc/smrsh)

    Author Comment

    there is a symbolic link from /etc/smrsh to /usr/bin/procmail.

    I have duplicated the configuration for root and it works OK.
    LVL 26

    Expert Comment

    by:jar3817 do the permissions look?

    Author Comment

    I have made some progress on this in that I can make it work for any user by adding

    While this works, shouldn't adding the user to TrustedUsers have the same effect?
    LVL 26

    Accepted Solution

    It seems like it should, but I'm not positive. But now you're able to send to non-root users and have it piped into procmail?

    Author Comment

    Although I would like to understand what is actually causing the problem (presumably the permissions on one particular file). Needs must! and I must move on to the next crisis in my day!

    Ho Hum!

    Many thanks for your help.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    The biggest nightmare for any Exchange Server Administrator is to keep the server running without any issue. But the problems often come and they need to be resolved efficiently and timely. Here are important troubleshooting points: Define the Pr…
    Microsoft has released various new features which are capable of handling various tasks. One of these tasks is ‘Migration from pop3 to Exchange Server’. Pop3 data stores various data along mailboxes like contacts, tasks, etc. So, it becomes the need…
    In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
    To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now