[Rtir] Script to sign mail

Carlos Fuentes Bermejo carlos.bermejo at rediris.es
Mon Apr 12 11:29:15 EDT 2004


Hello guys,

I finished a scripts to sign the mails with GnuPG, I attach it in this mail. 
It's very easy to use. To use it, please follow these steps:

1.- Copy the signmail.pl in the RT "bin" directory.
2.- Change the signmail.pl with your path.
	- $fileLOG
	- $parserFolder
	- $keydir
3.- Write a routine to read the passphrase, I actually read the passphrase 
from a file, but you can read it from where ever you want... you only must 
write the code.
4.- Modify the value of $SendmailPath variable in the RT_SiteConfig to point 
out to the above file.

I hope my script was useful.

Cheers,
Carlos

-------------- next part --------------
#! /usr/bin/perl
# Programa para firmar todos los mensajes enviados por RTIR
# El funcionamiento es trivial, recibimos el mensaje por la entrada
# estándar, firmamos ese mensaje con la clave de IRIS-CERT, y 
# posteriormente enviamos el mensaje.
use Mail::GnuPG;
use MIME::Entity;
use MIME::Parser;

##############################################################################
# Variables
##############################################################################
# This variable could be read from file configuration, and so we can write the
# entries log in the same file that RT.
my $fileLOG = '/var/log/services/log_time_rt';
##############################################################################
# Main program.
##############################################################################
# Open log file.
open LOG, ">>$fileLOG";

# Pick up sendmail parameters from RT
foreach(@ARGV) { $myarg[$i++] = $_; }
undef @ARGV;
my $mailcmd = '|/usr/sbin/sendmail';
foreach(@myarg) {
  $mailcmd .= ' '.$_;
}

$testline = $mailcmd;
$testline =~ s/\s//g;
if ($testline eq '|/usr/sbin/sendmail') {
  print LOG scalar localtime, ":RT doesn't pass arguments to sendmail\n";
  $mailcmd = '|/usr/sbin/sendmail -oi -t';
}
print LOG scalar localtime, ": Sendmail command --> $mailcmd\n";

# Read the passphrase for the GPG Key.

# Here, you should define the form to read the passphrase for you GPG key.

#

if (defined $passphrase) {
  print LOG scalar localtime, ": Read passphrase\n";
  # We receive the mail to proccess. First we generate the names of the files.
  my @mailIn = <STDIN>;
  my $parser = new MIME::Parser;

  my $parserFolder = '/tmp/rtir-mails';
  if (!(-e $parserFolder) ) {
    my $command = ' mkdir -p /tmp/rtir-mails';
    system ($command);
  }
  
  $parser->output_under("$parserFolder");
  eval (my $mailEntity = $parser->parse_data(\@mailIn));
  if ($@) {
    # Sign --> Se firma el mensaje
    my $keydir = '/home/cert/.gnupg';
    if ( -e $keydir) {
      my $mailsign = new Mail::GnuPG(key =>'88A17FF5',
                                keydir => $keydir,
                                passphrase => $passphrase
                                );
      # Sign the body mail.
      $mailsign->mime_sign($mailEntity);
      print LOG scalar localtime, ": Signed mail.\n";
      my $mailOut = $mailEntity->as_string;

      # Sendmail --> Enviamos el mensaje a los destinatarios.
      open MAIL,"$mailcmd";
      print MAIL $mailOut;
      close MAIL;
    } else {
      print LOG scalar localtime, ": Doesn't exist the keydir\n";
      open MAIL,"$mailcmd";
      print MAIL @mailIn;
      close MAIL;
    }

    # Clean...
    $parser->filer->purge;
    #Ahora borramos los ficheros generados
  } else {
    # When there is every problem, we send the message without sign.
    print LOG scalar localtime, ": Problems parsing the mail--> ".$parser->last_error.".\n";
    open MAIL,"$mailcmd";
    print MAIL @mailIn;
    close MAIL;
  }
} else {
  print LOG scalar localtime, ": There isn't passphrase, please enter a passphrase to be able to sign tha mails\n";
  open MAIL, "$mailcmd";
  print MAIL @mailIn;
  close MAIL;
}
close (LOG);
exit (0);

-------------- next part --------------
 ______________               __          _____________________________
                             /_/
 Carlos Fuentes Bermejo __            __   carlos.bermejo at rediris.es
 RedIRIS               /_/  RedIRIS  /_/   Tel:   + 34 915855124
 Serrano,142                 __            Fax:   + 34 915855146
 28006  Madrid              /_/            http://www.rediris.es
 SPAIN                                     Servicio de Seguridad, 
					   	IRIS-CERT 
 Claves PGP http://www.rediris.es/cert/servicios/iris-cert/keys.es.html
 Key FINGERPRINT = 41 C5 BE EC 0B BE D5 FE  5E 1E 07 0A 9B 22 F0 CF
____________ Spanish Academic & Research Network ___________________


More information about the Rtir mailing list