[Rtir] Script to sign mail
Carlos Fuentes Bermejo
carlos.bermejo at rediris.es
Mon Apr 12 11:29:15 EDT 2004
Hello guys,
I finished a scripts to sign the mails with GnuPG, I attach it in this mail.
It's very easy to use. To use it, please follow these steps:
1.- Copy the signmail.pl in the RT "bin" directory.
2.- Change the signmail.pl with your path.
- $fileLOG
- $parserFolder
- $keydir
3.- Write a routine to read the passphrase, I actually read the passphrase
from a file, but you can read it from where ever you want... you only must
write the code.
4.- Modify the value of $SendmailPath variable in the RT_SiteConfig to point
out to the above file.
I hope my script was useful.
Cheers,
Carlos
-------------- next part --------------
#! /usr/bin/perl
# Programa para firmar todos los mensajes enviados por RTIR
# El funcionamiento es trivial, recibimos el mensaje por la entrada
# estándar, firmamos ese mensaje con la clave de IRIS-CERT, y
# posteriormente enviamos el mensaje.
use Mail::GnuPG;
use MIME::Entity;
use MIME::Parser;
##############################################################################
# Variables
##############################################################################
# This variable could be read from file configuration, and so we can write the
# entries log in the same file that RT.
my $fileLOG = '/var/log/services/log_time_rt';
##############################################################################
# Main program.
##############################################################################
# Open log file.
open LOG, ">>$fileLOG";
# Pick up sendmail parameters from RT
foreach(@ARGV) { $myarg[$i++] = $_; }
undef @ARGV;
my $mailcmd = '|/usr/sbin/sendmail';
foreach(@myarg) {
$mailcmd .= ' '.$_;
}
$testline = $mailcmd;
$testline =~ s/\s//g;
if ($testline eq '|/usr/sbin/sendmail') {
print LOG scalar localtime, ":RT doesn't pass arguments to sendmail\n";
$mailcmd = '|/usr/sbin/sendmail -oi -t';
}
print LOG scalar localtime, ": Sendmail command --> $mailcmd\n";
# Read the passphrase for the GPG Key.
# Here, you should define the form to read the passphrase for you GPG key.
#
if (defined $passphrase) {
print LOG scalar localtime, ": Read passphrase\n";
# We receive the mail to proccess. First we generate the names of the files.
my @mailIn = <STDIN>;
my $parser = new MIME::Parser;
my $parserFolder = '/tmp/rtir-mails';
if (!(-e $parserFolder) ) {
my $command = ' mkdir -p /tmp/rtir-mails';
system ($command);
}
$parser->output_under("$parserFolder");
eval (my $mailEntity = $parser->parse_data(\@mailIn));
if ($@) {
# Sign --> Se firma el mensaje
my $keydir = '/home/cert/.gnupg';
if ( -e $keydir) {
my $mailsign = new Mail::GnuPG(key =>'88A17FF5',
keydir => $keydir,
passphrase => $passphrase
);
# Sign the body mail.
$mailsign->mime_sign($mailEntity);
print LOG scalar localtime, ": Signed mail.\n";
my $mailOut = $mailEntity->as_string;
# Sendmail --> Enviamos el mensaje a los destinatarios.
open MAIL,"$mailcmd";
print MAIL $mailOut;
close MAIL;
} else {
print LOG scalar localtime, ": Doesn't exist the keydir\n";
open MAIL,"$mailcmd";
print MAIL @mailIn;
close MAIL;
}
# Clean...
$parser->filer->purge;
#Ahora borramos los ficheros generados
} else {
# When there is every problem, we send the message without sign.
print LOG scalar localtime, ": Problems parsing the mail--> ".$parser->last_error.".\n";
open MAIL,"$mailcmd";
print MAIL @mailIn;
close MAIL;
}
} else {
print LOG scalar localtime, ": There isn't passphrase, please enter a passphrase to be able to sign tha mails\n";
open MAIL, "$mailcmd";
print MAIL @mailIn;
close MAIL;
}
close (LOG);
exit (0);
-------------- next part --------------
______________ __ _____________________________
/_/
Carlos Fuentes Bermejo __ __ carlos.bermejo at rediris.es
RedIRIS /_/ RedIRIS /_/ Tel: + 34 915855124
Serrano,142 __ Fax: + 34 915855146
28006 Madrid /_/ http://www.rediris.es
SPAIN Servicio de Seguridad,
IRIS-CERT
Claves PGP http://www.rediris.es/cert/servicios/iris-cert/keys.es.html
Key FINGERPRINT = 41 C5 BE EC 0B BE D5 FE 5E 1E 07 0A 9B 22 F0 CF
____________ Spanish Academic & Research Network ___________________
More information about the Rtir
mailing list