Using procmail to copy emails to another address and altering "from" - email

I get email alerts that are generated by a user on one of my servers. These alerts are generated by server#######.com and they have to do with third party software not working properly.
I'm trying to use procmail to copy (as I want to keep receiving these) these emails to ABC#XYZ.com.
I'm looking for emails that, in their body, have "C:" followed by 6 characters, a dot, and 3 more characters. All of that is working fine, but I want the third party to get these emails from me bruno#XXXXXX.com rather than server.
How can I copy the email to a third party AND change the from address to be bruno#XXXXX.com?
Here's the procmail file:
cat .procmailrc
DROPPRIVS=yes
LOGFILE=$HOME/procmail.log
:0 c:
* B ?? C:......\....
! ABC#XYZ.com
:0 B:
* ^To: .*alerts#XXXXXX.com
! bruno#XXXXXX.com

Inject the headers you want with formail before piping to sendmail. (Recall that ! is basically a shorthand for | $SENDMAIL $SENDMAILFLAGS.)
Do I understand correctly that the first recipe is the one you would like to modify?
:0 c # No lockfile when forwarding
* B ?? C:......\....
| formail -I 'From: bruno#XXXXXX.com' \
| $SENDMAIL $SENDMAILFLAGS ABC#XYZ.com
Your second recipe similarly should not have a lock file; see http://www.iki.fi/era/procmail/mini-faq.html#locking

Related

Nagios Herald won't send emails

I'm currently trying to set up nagios herald on my production nagios instance. I've made all the setup neccessary and when I run the following dry run, the notification is sent straight away:
root#mon1 objects]# /usr/local/nagios-herald/bin/nagios-herald
--env-file /tmp/test_herald.out --message-type email -r my.email#address.net --formatter=$_SERVICEMESSAGE_FORMATTER_NAME$
--nagios-cgi-url=http://192.168.0.1/nagios/cgi-bin/cmd.cgi --reply-to=nagios#somehost.com
I want to be able to test keeping my legacy notifications in place, so I created a new command, contactgroup, and contact definition:
define command {
command_name herald-service-email
command_line /usr/local/nagios-herald/bin/nagios-herald --message-type email -r my.email#address.net --formatter=$_SERVICEMESSAGE_FORMATTER_NAME$ --nagios-cgi-url=http://192.168.0.1/nagios/cgi-bin/cmd.cgi --reply-to=nagios#somehost.com
}
# nagios herald testing
define contactgroup {
contactgroup_name nagios-herald
alias nagios herald
name nagios-herald
members nagios-herald
}
define contact {
contact_name nagios-herald
alias nagios-herald
name nagios-herald
use generic-pager
service_notification_commands herald-service-email
register 1
email my.email#address.net
}
Lastly, I added the service notification command to my global contact used for all our alerting (the alert email is aliased to our actual email in /etc/aliases:
define contact {
contact_name admin
alias admin user
name admin
register 1
host_notification_period 24x7
host_notification_options d,u,r
host_notification_commands notify-host-by-email
service_notification_period 24x7
service_notification_options w,u,c,r
service_notification_commands notify-service-by-email,dump-env,herald-service-email
email admin
pager admin-pager
}
And I see the notification getting invoked in my Thruk web UI, so I'm at a loss as to how/why this isn't working when the command invoked manually works. Anyone have any ideas or suggestions?
Can you provide one of the service definitions you're expecting to see an alert from? Perhaps you have a malformed _message_formatter_name directive.
You can also append the --trace argument to the end of the nagios-herald notification command and it will provide more details on what it's doing. Remember to also set -l <logfile> in the command or specify logfile: in the config so the output is captured in a file.

mutt: Error sending message, child exited 127 (Exec error.)

I have to send a mail with an attachment from a shell script.
I am trying to do it using mutt as shown here: How do I send a file as an email attachment using Linux command line?
Command:
echo "This is the message body" | mutt -a "/path/to/file.to.attach" -s "subject of message" -- recipient#domain.com
Error:
Error sending message, child exited 127 (Exec error.). Could not send
the message.
I was having the same issue on Ubuntu 18.04 and just like #jono, I only had installed mutt. Installing
sudo apt-get install sendmail
After that, sending mail with the test method or straight through the mutt CLI worked perfectly.
I have encountered this same error today.
I found I only had mutt installed, but once I installed sendmail this error went away. However I then got blocked locally.
So I uninstalled sendmail, and installed postfix this worked..
Now receiving email with attached pdf.
This was on RHEL 7.4 in an enterprise environment. Unsure if results will differ on other versions or environments.
I had this error and had to simply add below to my .muttrc. I'm using Gmail if that matters. This way I'm using someone elses server to send and don't have to install extra junk.
set smtp_pass="secrets"
set smtp_url = "smtps://username#gmail.com#smtp.gmail.com:465/"
set the password generated from this link into this file:
# file: ~/.muttrc
set from="first_name.last_name#gmail.com"
set realname="first_name last_name"
set imap_user="first_name.last_name#gmail.com"
#
# v1.0.1
# check the following google help page:
# http://support.google.com/accounts/bin/answer.py?answer=185833
# that is set here your google application password
set imap_pass="SecretPass!"
#nopeset imap_authenticators="gssapi"
set imap_authenticators="gssapi:cram-md5:login"
set certificate_file="~/.mutt/certificates"
#
# These two lines appear to be needed on some Linux distros, like Arch Linux
#
##REMOTE GMAIL FOLDERS
set folder="imaps://imap.gmail.com:993"
set record="+[Gmail]/Sent Mail"
set spoolfile="imaps://imap.gmail.com:993/INBOX"
set postponed="+[Gmail]/Drafts"
set trash="+[Google Mail]/Trash"
#
###SMTP Settings to sent email
set smtp_url="smtp://first_name.last_name#smtp.gmail.com:587"
#
# v1.0.1
# check the following google help page:
# http://support.google.com/accounts/bin/answer.py?answer=185833
# that is set here your google application password
set smtp_pass="SecretPass!"
#
###LOCAL FOLDERS FOR CACHED HEADERS AND CERTIFICATES
set header_cache="~/.mutt/cache/headers"
set message_cachedir="~/.mutt/cache/bodies"
set certificate_file =~/.mutt/certificates
#
###SECURING
set move=no #Stop asking to "move read messages to mbox"!
set imap_keepalive=900
#
###Sort by newest conversation first.
set sort=reverse-threads
set sort_aux=last-date-received
#
###Set editor to create new email
set editor='vim'
set ssl_starttls=yes
set ssl_force_tls=yes
Fix for GMail Account Configuration
The following post worked for me: https://www.codyhiar.com/blog/getting-mutt-setup-with-gmail-using-2-factor-auth-on-ubuntu-14-04/
But it was not very clear. The contents of ~/.muttrc that worked for me are as follows (My account has 2-Step verification enabled and I had to generate app password as described in the post):
set imap_user = "<username>#gmail.com"
set imap_pass = "<16-character-app-password>"
set sendmail="/usr/sbin/ssmtp"
set folder="imaps://imap.gmail.com:993"
set spoolfile="imaps://imap.gmail.com/INBOX"
set record="imaps://imap.gmail.com/[Gmail]/Sent Mail"
set postponed="imaps://imap.gmail.com/[Gmail]/Drafts"
set header_cache = "~/.mutt/cache/headers"
set message_cachedir = "~/.mutt/cache/bodies"
set certificate_file = "~/.mutt/certificates"
set from = "<username>#gmail.com"
set realname = "<name-used-in-the-gmail-account>"
set smtp_url = "smtp://<username>#smtp.gmail.com:587/"
set smtp_pass="<16-character-app-password>"
set move = no
set imap_keepalive = 900
# Gmail-style keyboard shortcuts
macro index,pager ga "<change-folder>=[Gmail]/All<tab><enter>" "Go to all mail"
macro index,pager gi "<change-folder>=INBOX<enter>" "Go to inbox"
macro index,pager gs "<change-folder>=[Gmail]/Starred<enter>" "Go to starred messages"
macro index,pager gd "<change-folder>=[Gmail]/Drafts<enter>" "Go to drafts"
macro index,pager e "<enter-command>unset trash\n <delete-message>" "Gmail archive message" # different from Gmail, but wanted to keep "y" to show folders.
Replace the following:
<username>: Your gmail username
<16-character-app-password>: You have to generate this
<name-used-in-the-gmail-account>: Your name as per gmail account
Note: Don't change <change-folder>

How to get AWStats Error Notification via email?

I'm trying to find a way for an email notification in awstats.
The idea is that whenever there's an error (missing log files, statistics couldn't be generated) an email with an error message should be send to a specific email address.
I already found the config-Attribute "ErrorMessages" but as far as i get it its just for displaying an error.
Is there an attribute like "ErrorMessages" for activating mail notifications or do i have to implement it myself?
You can use cron job to run awstats update proccess.
And it'll sent update process result via email to you.
Example:
* * * * * /usr/local/awstats/update.sh | mail abc#xzy.com
I found a way to trap Errors while my code is executed. It's not an awstats feature, more a generic way:
Inside my script:
#Error Handling
set -e
function sendErrorNotification(){
echo "Awstats: An error occured during processing server logs." | mail -s "AWSTATS ERROR" "...#..."
}
trap sendErrorNotification EXIT
....code goes here...
set +e
trap - EXIT

perl matching syntax with mail filter

We have a part of a mail filter that denies emailing system accounts for security purposes. We recently had a user created that ends in "bin". The bin user is restricted, but the user, lets say l.parrbin, gets flagged via the syntax below:
my #sysaccounts = qw(
root bin daemon adm lp sync shutdown halt mail
news uucp operator games gopher ftp nobody nscd
vcsa rpc mailnull smmsp apache pcap ntp dbus
avahi rpcusder nfsnobody sshd haldaemon xfs defang
clamav monit mysql decode webmaster mailer-daemon
nagios
);
foreach $acct(#sysaccounts){
if ($recip =~ /$acct\#/i){
md_syslog('info', 'Sysaccount Discard');
return('REJECT', "We do not accept messages to system accounts ($acct)");
}
}
How would I prevent the above code from returning REJECT if a name ends or starts with a name from the sysaccounts?
Try doing this :
if ($recip =~ /^$acct\#/i){
# ^
In regex, ^ is an anchor meaning beginning of line (string here)

Postfix/Amavis: local account outgoing mail filter ignored, virtual outgoing filtered

I have a postfix mail server which sends email from both virtual addresses and from local Unix accounts, through a PHP script using mail().
I've installed Amavis and have successfully configured filtering and and the addition of mail signatures for the virtual addresses, but the signatures are not added for any mail sent by the local accounts (e.g. through a script or the mail command)
I've tried a heap of config and routing changes but no luck- does anyone please know how to filter such local outgoing mail?
Thanks!
For future reference, the answer was a postfix configuration setting:
non_smtpd_milters =
The postfix content filtering setting (content_filter) does not seem to apply to non-smtpd traffic, such as that sent by Unix accounts or PHP mail() script.
Actually this is wrong. From Stef on the mailing list changing the message body is not implemented via milter interface:
Have a look at the following documentation:
- http://www.amavis.org/README.postfix.html
- http://www.postfix.org/FILTER_README.html [Advanced content filter example]
A quick run through the config files [this is a quick cut-and-paste from my config files; beware that the port numbers might not match the above documents]:
/etc/amavisd.conf
$notify_method = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025';
$inet_socket_port = [10024, 10026];
$interface_policy{'10026'} = 'ORIGINATING';
$policy_bank{'ORIGINATING'} = { # mail supposedly originating from our users
originating => 1, # declare that mail was submitted by our smtp client
allow_disclaimers => 1, # enables disclaimer insertion if available
}
/etc/postfix/master.cf
smtp inet n - n - - smtpd
-o content_filter = smtp-amavis:[127.0.0.1]:10024
[ you can also have the above config_filter configuration in /etc/postfix/main.cf as a default setting.
The options below override the defaults in main.cf ]
smtp-amavis unix - - n - 4 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
-o smtp_generic_maps=
localhost:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_delay_reject=no
-o smtpd_authorized_xforward_hosts=127.0.0.0/8,[::1]/128
-o smtpd_authorized_xclient_hosts=127.0.0.0/8,[::1]/128
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o smtpd_restriction_classes=
-o mynetworks=127.0.0.0/8,[::1]/128
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o local_header_rewrite_clients=
submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o content_filter=smtp-amavis:[127.0.0.1]:10026
pickup unix n - n 60 1 pickup
-o content_filter=smtp-amavis:[127.0.0.1]:10026
Quick comments:
- incoming e-mail enters on port 25; with the “content-filter” option, it is sent to a mavis on port 10024
- amavis scans, tags, quarantines, … — if mail goes through, it goes to (postfix) port 10025 (this is done with the “$forward_method” in amavisd.conf)
- postfix (listening on port 10025) delivers the e-mail
outgoing e-mail should enter on the submission port [587] or delivered with the pickup service (“local e-mail”).
postfix forwards this e-mail to amavis on port 10026 (!)
the configuration of amavis is changed because of a “policy bank”
again, amavis forwards e-mail to postfix on port 10025
postfix (listening on port 10025) delivers e-mail
Kind regards,
Stef
I had a similar problem (in my case I use amavis to add the dkim signature) and it turns out that the problem was that, in master.cf, the pickup service was defined with "-o content_filter=", that's why content_filter wasn't working for locally generated emails, i.e.
pickup fifo n - n 60 1 pickup
-o content_filter=
-o receive_override_options=
Once I commented out the "-o content_filter=" amavis started filtering even the locally generated messages.
I'm adding a solution since I cannot add a comment and this is the first result when I searched for "postfix content_filter doesn't work for locally generated mail".