- Package:
- courier-mta
- Source:
- courier
- Description:
- Courier mail server - ESMTP daemon
- Submitter:
- Dave Platt
- Date:
- 2025-04-16 20:21:03 UTC
- Severity:
- important
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
* What exactly did you do (or not do) that was effective (or
ineffective)?
* What was the outcome of this action?
* What outcome did you expect instead?
*** End of the template - remove these template lines ***
The removal of the courier-specific "courier-maildrop"
program, and the decision to switch courier-mta to use the
standard version of "maildrop", has broken the "maildropfilter"
feature which is used to provide spam filtering during SMTP.
The version of maildrop included with (and previously built
and packaged with) courier-mta, includes some special functionality
required to operate in "embedded" mode. In particular, courier
passes the destination user's UID and GID to maildrop via the
special option "-D uidvalue/gidvalue", and this is used to
provide proper access restrictions when maildrop is reading
the filter files during the SMTP session.
The standard version of maildrop does not recognize or support
this option. This causes SMTP sessions to fail, if maildrop-
based filtering is specified in the courier configuration: it
results in a "511" error with a complaint from maildrop. The
mail bounces.
There is no way to override the inclusion of the "-D uid/gid"
option when the maildrop filter is invoked - it's hardcoded into
that section of courier-mta.
From looking briefly at the maildrop code included with courier-mta
I can see that there's a fair amount of code there which is needed
for embedded-mode operation and which is probably "compiled out" of
the standard version of maildrop.
So, Debian Stretch users of courier-mta have an unfortunate
choice to make - either give up SMTP-time spam filtering
(which is _really_ important these days), hand-build a new
courier-specific version of maildrop from the Debian sources,
or revert back to an older courier-mta package.
I can understand why you'd want to simplify the courier-mta
package by not building its custom version of maildrop, but
I'm afraid that by doing so you've broken a significant aspect
of Courier's functionality.
I have xpecting issues with the courier due this bug of maildrop.. cos we cannot follow courier upstream recommendations.. I ask about that upstream.. Lenz McKAY Gerardo (PICCORO) http://qgqlochekone.blogspot.com
The maildrop package in debian is severely out of sync and outdated: First of all stop of "Upstream is not willing to add another feature", seems people dont understan maildrop are made for courier, and if need can proposed a fork for that! Second: **several problems where aborted upstream**, the most important ones are: * libs/maildrop/deliver.C (delivery): Always return 75 upon delivery failure, for the standalone maildrop build. related to #481223 * libs/maildir/maildirmake.c (main): maildirmake's -q option will create the maildir if it does not exist. related to #501557 * libs/rfc2045/reformime.c (main2): Fix crash when the -s option is not valid. related to #71625 * rfc2045/reformime.c (main2): fix crash if -x or -X is specified without the corresponding -s option. related to #71625 A new maildrop pack is required and this must either come from the same courier sources (#867121) or update the one... this last seems quite stupid as courier is the official sources of maildrop and although it is offered separately by the author upstream, unifying it will improve maintenance from a team, and as you guys notice lack of interest/avaliable time in the courier suite (reading the last changelog, seems changes are more to complain with debian package policy that is innecesary respect real issues) ... and as far as I can see you are looking for the sources in sf instead of the right place which is the courier oficial download page, additional while the courier-mta sources are up to date in salsa-debian, the maildrop one in salsa-debian are too old respect the mta suite! while I made my own package on OBS vegnuli home for Devuan and Debian, is you guys need help i'm a often user of the complete suite and not just parts or toys of, maildrop can be build with two ways: * set GID mail without restricted caller (maildrop) * set UID root with restricted caller for courier-mta (maildrop-courier) -- missing and the way i set in my package cos is the need by the original suite the courier-mta NOTE: Courier maildrop in debian present a very not proper behaviour.. original sources are from courier and any other implementation are non-related and users can fork the software, cases like #375589 are not valid cos seems maildrop (as author make it for courier filtering) is a courier implementation if applies! so any external specific usage are purely optional This are related to #910380 (separate makemime from sources) #204187, #596057 & #375589#26 (bad usage cos is not made for), #481223 (changed behaviour cos is not made for, what?), #592585 (dovecot specific crap) and go and go.. seems people thinks that maildrop are made for others rather than the courier suite... funny please close all of those package cos seems many of them are not supported by upstream and community must make a fork in those several cases! Lenz McKAY Gerardo (PICCORO) http://qgqlochekone.blogspot.com
for those interesting (cos seems mantainers dont care of courier
packages) https://build.opensuse.org/package/show/home:vegnuli:deploy-vnx1/maildrop
buils and dsc source files for all debians .. including 10 and
testing, and stop to said "that is for olders" dont be stupid
* New upstream release: Closes #974898
+ Closes: #204187, #596057, #375589, #481223, #592585
+ Closes: #501557, #481223, #716252
+ Updated config file Closes: #861906
* debian/control:
+ new dependency libidn-dev | libidn11-dev
* debian/patches:
- remove 0003-permanent-err.patch merged upstream. Closes: #265399
+ Explicit pass CAT=/bin/cat to configure to make build reproducible
between merged-usr and non-merged-usr systems. Closes: #915180
+ refresh the Re-added the fix for #82986 Filter directory and files
being accessible to groups and just check for world-writability.
+ refresh 0004-deliver-extra-newlines.patch, just comment!
I have just taken over maintenance of courier. I am planning on looking at the feasibility of restoring the courier-maildrop package, but probably not until after I have cleaned up most of the other problems with the packages that we are currently shipping.
I have just taken over maintenance of courier. I am planning on looking at the feasibility of restoring the courier-maildrop package, but probably not until after I have cleaned up most of the other problems with the packages that we are currently shipping.