[tor-project] PSA: procmail removed from all torproject.org servers

Antoine Beaupré anarcat at torproject.org
Tue Mar 1 19:55:56 UTC 2022


Hi,

The venerable "procmail" package will progressively be removed from all
torproject.org servers over the next 6 hours.

Details on the why and the how are explained in this ticket:

https://gitlab.torproject.org/tpo/tpa/team/-/issues/40639

... but the short version is that procmail hasn't been maintained for
more than 20 years and has known security issues.

If you currently use any of the following commands in any script or
program, you will need to migrate to an alternative:

 * procmail
 * mailstats
 * lockfile
 * formail

For procmail and mailstats, the alternative is generally to switch to a
Sieve-compatible local delivery agent (LDA). I have deployed this on
rude (rt.torproject.org) successfully. The other host using it was
polyanthum, which has been cleaned up as well (tpo/tpa/team#40635). I am
not aware of any other deployment of procmail, and I searched far and
wide (for .procmailrc files, specifically).

As for the other alternatives, instead of lockfile(1), use
flock(1). Instead of formail(1) you can use reformail(1), from the
courier `maildrop` package.

If I missed anything, do let me know.

Apologies for the rushed deployment. Typically, we would do this sort of
change with an advanced notice and a formal proposal, but considering
the severity of the security issue, I figured it was better to act
quickly, at the cost of breaking things, rather than allow what is
essentially a backdoor into our systems.

A.

-- 
Antoine Beaupré
torproject.org system administration
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20220301/834a0353/attachment.sig>


More information about the tor-project mailing list