Procmail executes filtering rules and can run external commands, which increases risk if recipes are not controlled.
¶ Recipe and Execution Safety
- Review
.procmailrc and system recipes as code.
- Avoid unsafe shell escapes or command execution in recipes.
- Restrict write permissions on rule files.
- Validate message handling to avoid path traversal or unsafe filename use.
- Ensure mailbox and log file permissions are strict.
- Separate procmail execution user from privileged accounts.
¶ Maintenance
- Keep procmail wrapper environment minimal and predictable.
- Audit recipe changes and command invocations.
- Consider migration paths if procmail package maintenance is limited on target distro.