perl matching syntax with mail filter - perl

We have a part of a mail filter that denies emailing system accounts for security purposes. We recently had a user created that ends in "bin". The bin user is restricted, but the user, lets say l.parrbin, gets flagged via the syntax below:
my #sysaccounts = qw(
root bin daemon adm lp sync shutdown halt mail
news uucp operator games gopher ftp nobody nscd
vcsa rpc mailnull smmsp apache pcap ntp dbus
avahi rpcusder nfsnobody sshd haldaemon xfs defang
clamav monit mysql decode webmaster mailer-daemon
nagios
);
foreach $acct(#sysaccounts){
if ($recip =~ /$acct\#/i){
md_syslog('info', 'Sysaccount Discard');
return('REJECT', "We do not accept messages to system accounts ($acct)");
}
}
How would I prevent the above code from returning REJECT if a name ends or starts with a name from the sysaccounts?

Try doing this :
if ($recip =~ /^$acct\#/i){
# ^
In regex, ^ is an anchor meaning beginning of line (string here)

Related

Using Dovecot LMTP as LDA

I am trying to set up a postfix mail server with dovecot as MDA.
According to this link to set up dovecot to use LMTP I have done the following config.
postfix
main.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
master.cf
submission inet n - y - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/bin/sudo /usr/lib/dovecot/deliver -f ${sender} -d ${user}
dovecot
dovecot.conf
protocols = imap lmtp
10-mail.conf
mail_privileged_group = mail
10-master.conf
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
mode = 0600
user = postfix
group = postfix
}
# Create inet listener only if you can't use the above UNIX socket
#inet_listener lmtp {
# Avoid making LMTP visible for the entire internet
#address =
#port =
#}
}
The mailboxes will be present in user's home directory /users/<username>
As stated by the link /users is the home directory of vmail user.
However with this config when I try to send mail like:
mail -s "subj" username
The mail bounces saying
warning: maildir access problem for UID/GID=<uid>/<gid>: create maildir file ~username/Maildir/tmp/<tmp file>: Permission denied
The ownership of ~username is vmail:vmail
However the mail is successfully sent when the ownership is changed to <user>:<group> for each user.
How can I get this thing working with the mail directory ownership kept as vmail:vmail ?
Note: I am not trying to set up SASL as of yet.
I am just tryin
You need to change ownership users and groups using below mentioned command.
example:-
chown -R user:group /path/to/file
-R --> recursive option

mutt: Error sending message, child exited 127 (Exec error.)

I have to send a mail with an attachment from a shell script.
I am trying to do it using mutt as shown here: How do I send a file as an email attachment using Linux command line?
Command:
echo "This is the message body" | mutt -a "/path/to/file.to.attach" -s "subject of message" -- recipient#domain.com
Error:
Error sending message, child exited 127 (Exec error.). Could not send
the message.
I was having the same issue on Ubuntu 18.04 and just like #jono, I only had installed mutt. Installing
sudo apt-get install sendmail
After that, sending mail with the test method or straight through the mutt CLI worked perfectly.
I have encountered this same error today.
I found I only had mutt installed, but once I installed sendmail this error went away. However I then got blocked locally.
So I uninstalled sendmail, and installed postfix this worked..
Now receiving email with attached pdf.
This was on RHEL 7.4 in an enterprise environment. Unsure if results will differ on other versions or environments.
I had this error and had to simply add below to my .muttrc. I'm using Gmail if that matters. This way I'm using someone elses server to send and don't have to install extra junk.
set smtp_pass="secrets"
set smtp_url = "smtps://username#gmail.com#smtp.gmail.com:465/"
set the password generated from this link into this file:
# file: ~/.muttrc
set from="first_name.last_name#gmail.com"
set realname="first_name last_name"
set imap_user="first_name.last_name#gmail.com"
#
# v1.0.1
# check the following google help page:
# http://support.google.com/accounts/bin/answer.py?answer=185833
# that is set here your google application password
set imap_pass="SecretPass!"
#nopeset imap_authenticators="gssapi"
set imap_authenticators="gssapi:cram-md5:login"
set certificate_file="~/.mutt/certificates"
#
# These two lines appear to be needed on some Linux distros, like Arch Linux
#
##REMOTE GMAIL FOLDERS
set folder="imaps://imap.gmail.com:993"
set record="+[Gmail]/Sent Mail"
set spoolfile="imaps://imap.gmail.com:993/INBOX"
set postponed="+[Gmail]/Drafts"
set trash="+[Google Mail]/Trash"
#
###SMTP Settings to sent email
set smtp_url="smtp://first_name.last_name#smtp.gmail.com:587"
#
# v1.0.1
# check the following google help page:
# http://support.google.com/accounts/bin/answer.py?answer=185833
# that is set here your google application password
set smtp_pass="SecretPass!"
#
###LOCAL FOLDERS FOR CACHED HEADERS AND CERTIFICATES
set header_cache="~/.mutt/cache/headers"
set message_cachedir="~/.mutt/cache/bodies"
set certificate_file =~/.mutt/certificates
#
###SECURING
set move=no #Stop asking to "move read messages to mbox"!
set imap_keepalive=900
#
###Sort by newest conversation first.
set sort=reverse-threads
set sort_aux=last-date-received
#
###Set editor to create new email
set editor='vim'
set ssl_starttls=yes
set ssl_force_tls=yes
Fix for GMail Account Configuration
The following post worked for me: https://www.codyhiar.com/blog/getting-mutt-setup-with-gmail-using-2-factor-auth-on-ubuntu-14-04/
But it was not very clear. The contents of ~/.muttrc that worked for me are as follows (My account has 2-Step verification enabled and I had to generate app password as described in the post):
set imap_user = "<username>#gmail.com"
set imap_pass = "<16-character-app-password>"
set sendmail="/usr/sbin/ssmtp"
set folder="imaps://imap.gmail.com:993"
set spoolfile="imaps://imap.gmail.com/INBOX"
set record="imaps://imap.gmail.com/[Gmail]/Sent Mail"
set postponed="imaps://imap.gmail.com/[Gmail]/Drafts"
set header_cache = "~/.mutt/cache/headers"
set message_cachedir = "~/.mutt/cache/bodies"
set certificate_file = "~/.mutt/certificates"
set from = "<username>#gmail.com"
set realname = "<name-used-in-the-gmail-account>"
set smtp_url = "smtp://<username>#smtp.gmail.com:587/"
set smtp_pass="<16-character-app-password>"
set move = no
set imap_keepalive = 900
# Gmail-style keyboard shortcuts
macro index,pager ga "<change-folder>=[Gmail]/All<tab><enter>" "Go to all mail"
macro index,pager gi "<change-folder>=INBOX<enter>" "Go to inbox"
macro index,pager gs "<change-folder>=[Gmail]/Starred<enter>" "Go to starred messages"
macro index,pager gd "<change-folder>=[Gmail]/Drafts<enter>" "Go to drafts"
macro index,pager e "<enter-command>unset trash\n <delete-message>" "Gmail archive message" # different from Gmail, but wanted to keep "y" to show folders.
Replace the following:
<username>: Your gmail username
<16-character-app-password>: You have to generate this
<name-used-in-the-gmail-account>: Your name as per gmail account
Note: Don't change <change-folder>

Using procmail to copy emails to another address and altering "from"

I get email alerts that are generated by a user on one of my servers. These alerts are generated by server#######.com and they have to do with third party software not working properly.
I'm trying to use procmail to copy (as I want to keep receiving these) these emails to ABC#XYZ.com.
I'm looking for emails that, in their body, have "C:" followed by 6 characters, a dot, and 3 more characters. All of that is working fine, but I want the third party to get these emails from me bruno#XXXXXX.com rather than server.
How can I copy the email to a third party AND change the from address to be bruno#XXXXX.com?
Here's the procmail file:
cat .procmailrc
DROPPRIVS=yes
LOGFILE=$HOME/procmail.log
:0 c:
* B ?? C:......\....
! ABC#XYZ.com
:0 B:
* ^To: .*alerts#XXXXXX.com
! bruno#XXXXXX.com
Inject the headers you want with formail before piping to sendmail. (Recall that ! is basically a shorthand for | $SENDMAIL $SENDMAILFLAGS.)
Do I understand correctly that the first recipe is the one you would like to modify?
:0 c # No lockfile when forwarding
* B ?? C:......\....
| formail -I 'From: bruno#XXXXXX.com' \
| $SENDMAIL $SENDMAILFLAGS ABC#XYZ.com
Your second recipe similarly should not have a lock file; see http://www.iki.fi/era/procmail/mini-faq.html#locking

Where to find logs for a cloud-init user-data script?

I'm initializing spot instances running a derivative of the standard Ubuntu 13.04 AMI by pasting a shell script into the user-data field.
This works. The script runs. But it's difficult to debug because I can't figure out where the output of the script is being logged, if anywhere.
I've looked in /var/log/cloud-init.log, which seems to contain a bunch of stuff that would be relevant to debugging cloud-init, itself, but nothing about my script. I grepped in /var/log and found nothing.
Is there something special I have to do to turn logging on?
The default location for cloud init user data is already /var/log/cloud-init-output.log, in AWS, DigitalOcean and most other cloud providers. You don't need to set up any additional logging to see the output.
You could create a cloud-config file (with "#cloud-config" at the top) for your userdata, use runcmd to call the script, and then enable output logging like this:
output: {all: '| tee -a /var/log/cloud-init-output.log'}
so I tried to replicate your problem. Usually I work in Cloud Config and therefore I just created a simple test user-data script like this:
#!/bin/sh
echo "Hello World. The time is now $(date -R)!" | tee /root/output.txt
echo "I am out of the output file...somewhere?"
yum search git # just for fun
ls
exit 0
Notice that, with CloudInit shell scripts, the user-data "will be executed at rc.local-like level during first boot. rc.local-like means 'very late in the boot sequence'"
After logging in into my instance (a Scientific Linux machine) I first went to /var/log/boot.log and there I found:
Hello World. The time is now Wed, 11 Sep 2013 10:21:37 +0200! I am
out of the file. Log file somewhere? Loaded plugins: changelog,
kernel-module, priorities, protectbase, security,
: tsflags, versionlock 126 packages excluded due to repository priority protections 9 packages excluded due to repository
protections ^Mepel/pkgtags
| 581 kB 00:00
=============================== N/S Matched: git =============================== ^[[1mGit^[[0;10mPython.noarch : Python ^[[1mGit^[[0;10m Library c^[[1mgit^[[0;10m.x86_64 : A fast web
interface for ^[[1mgit^[[0;10m
...
... (more yum search output)
...
bin etc lib lost+found mnt proc sbin srv tmp var
boot dev home lib64 media opt root selinux sys usr
(other unrelated stuff)
So, as you can see, my script ran and was rightly logged.
Also, as expected, I had my forced log 'output.txt' in /root/output.txt with the content:
Hello World. The time is now Wed, 11 Sep 2013 10:21:37 +0200!
So...I am not really sure what is happening in you script.
Make sure you're exiting the script with
exit 0 #or some other code
If it still doesn't work, you should provide more info, like your script, your boot.log, your /etc/rc.local, and your cloudinit.log.
btw: what is your cloudinit version?

How read Gmail via POP3 with ActivePerl 5.10 on Windows XP?

I'm using Windows XP SP3 with ActiveState Perl 5.10.0, and I've written this function--taken/edited from CPAN's Net::POP3--in an attempt to read Gmail via POP3:
my $pop = Net::POP3->new('pop.gmail.com',
Timeout => 60,
Port => 995,
Debug => 1) || die "$!";
my $num = $pop->login('xyz#gmail.com', 'password');
if (!defined($num))
{
die "Error: couldn't sign-in to your email account.\n";
}
elsif ($num > 0)
{
warn "There are $num message(s) in your inbox.\n";
my $msgnums = $pop->list;
foreach my $msgnum (keys %$msgnums)
{
my $msg = $pop->get($msgnum);
print #$msg;
}
}
else
{
die "There are no messages in your inbox. (Nothing to do.)\n"
}
$pop->quit;
The code simply times-out with this error message:
Use of uninitialized value in numeric eq (==) at C:/Perl/lib/Net/POP3.pm line 59.
Bad file descriptor at pop3.pl line xxx (i.e., the Net::POP3->new() line)
The debug info from Net::POP3 before the timeout occurred was:
Net::POP3>>> Net::POP3(2.29)
Net::POP3>>> Net::Cmd(2.29)
Net::POP3>>> Exporter(5.62)
Net::POP3>>> IO::Socket::INET(1.31)
Net::POP3>>> IO::Socket(1.30_01)
Net::POP3>>> IO::Handle(1.27)
Net::POP3=GLOB(0x20d253c): Timeout at pop3.pl line xxx
I also tried using Mail::POP3Client; no joy on Windows XP because neither CPAN nor PPM would install it and its dependencies (IO::SOCKET::SSL and etc.).
Any ideas what's wrong with my code and/or how one can read Gmail via POP3 on Windows XP with ActivePerl 5.10.0?
According to Gmail, the standard configuration instructions are:
Incoming Mail (POP3) Server - requires SSL: pop.gmail.com
Use SSL: Yes
Port: 995
You need to use SSL to access GMail. This means you need to install the Perl module IO::Socket::SSL. But this is very simple. ActiveState ships a good cpan client and a huge amount of binary 'PPM' packages. It does require that you upgrade Perl to 5.14 or 5.16 or get some kind of contract they require for supporting older perls.
You can also use Strawberry Perl; it has an equally good cpan client + build tools.