in reply to Re: perl scripts as daemons
in thread perl scripts as daemons

I forgot to add that I would not write MTA which listens to SMTP port. I don't trust myself to do it in proper, secure, DOS resistant way. Instead I would plug script written with usage of pperl into some "real" MTA like postfix or sendmail. Such script still is subject for security compromises but their changes are lower since your script would be simplier (thus lower probability of security holes) and it would handle only portion of possible attacks.

--
Ilya Martynov (http://martynov.org/)

Replies are listed 'Best First'.
Re: Re: Re: perl scripts as daemons
by rob_au (Abbot) on Dec 07, 2001 at 05:09 UTC
    I would whole-heartedly concur with this approach - In addition to minimising the work of the script author to write a robust and ruggedly network process, this approach would allow the program to be called 'as-needed' rather than as a daemon process.

    Written as a plug-in to a more thoroughly tested and widely used MTA, the script could be called through an /etc/mail/aliases type of pipe such as:

    test:          "|/usr/local/bin/myscript"

    [download]

    With the corresponding script able to process mail received via reading STDIN. eg.

    #!/usr/bin/perl -T

use strict;

undef $/;
my $message = <>;
my ($headers, $body) = split(/\n\n/, $message, 2);
$headers =~ s/\n\s+/ /g;

foreach (split(/\n/, $headers)) {
    # ... process headers ...
}

    [download]

    An excellent suggestion IlyaM++

     

    perl -e 's&&rob@cowsnet.com.au&&&split/[@.]/&&s&.com.&_&&&print'

[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom