Bogus qf Files
For security reasons, V8
sendmail performs a number of checks on each
qf
file before trusting its contents. If any
qf
file fails to be trustworthy,
sendmail converts the leading
q
in its name to an uppercase
Q
.[8] We discuss each possible problem in the sections that
follow.
Note that when sendmail renames a
qf
file into a Qf
file, it logs
that it did so. In the following, qffile is the
full path and filename of the qf
file, before it
was renamed:
Losing qffile: reasonhere
Also note that, although sendmail checks the
qf
file for a number of plausible errors, its
checking is by no means exhaustive. The checks we describe here are
no substitute for a well-managed system.
Badly Formed qf Filename
V8.6 sendmail always checks the form of the
qf
filename for correctness. V8.7 through V8.9
sendmail also check the qf
filename but do so only if PICKY_QF_NAME_CHECK is defined when
building sendmail (PICKY_HELO_CHECK). V8.10 and above no longer check the form of
the qf
filename for correctness.
Prior to V8.10, if the qf
filename is incorrectly
formed (Section 11.2.1), sendmail
presumes that some other program placed the file in the queue and
rejects it:
orderq: bogus qf name bogus namehere
For V8.7 through V8.9, sendmail made this check only if PICKY_QF_NAME_CHECK was defined when building sendmail. This was introduced because some sites allow legitimate programs (other than sendmail) to write into sendmail’s queue. To fix this problem, either undefine PICKY_QF_NAME_CHECK when ...
Get Sendmail, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.