|
|
4 Краткий отчет о практике (приложение 1). Строки с таким выделением
Создание листа рассылки
Выполним
LANG=C sudo newlist mailman
Enter the email of the person running the list:
Введем адрес администратора листа рассылки
admin@aaa.ru
Initial mailman password:
Введем пароль, который будет использоваться при администрировании листа рассылки (замените на свой)
Hit enter to notify mailman owner…
Нажмите Enter.
Добавим в таблицу forwardings базы данных mail следующие записи:
source
|
destination
|
mailman@aaa.ru
|
mailman@lists.aaa.ru
|
mailman-admin@aaa.ru
|
mailman-admin@lists.aaa.ru
|
mailman-bounces@aaa.ru
|
mailman-bounces@lists.aaa.ru
|
mailman-confirm@aaa.ru
|
mailman-confirm@lists.aaa.ru
|
mailman-join@aaa.ru
|
mailman-join@lists.aaa.ru
|
mailman-leave@aaa.ru
|
mailman-leave@lists.aaa.ru
|
mailman-owner@aaa.ru
|
mailman-owner@lists.aaa.ru
|
mailman-request@aaa.ru
|
mailman-request@lists.aaa.ru
|
mailman-subscribe@aaa.ru
|
mailman-subscribe@lists.aaa.ru
|
mailman-unsubscribe@aaa.ru
|
mailman-unsubscribe@lists.aaa.ru
|
mysql -u mail_admin -p
Enter password:
Введем пароль
use mail;
INSERT INTO `forwardings` (`source`, `destination`) VALUES ('mailman@aaa.ru', 'mailman@lists.aaa.ru ');
INSERT INTO `forwardings` (`source`, `destination`) VALUES ('mailman-admin@aaa.ru', 'mailman-admin@lists.aaa.ru ');
INSERT INTO `forwardings` (`source`, `destination`) VALUES ('mailman-bounces@aaa.ru', 'mailman-bounces@lists.aaa.ru ');
INSERT INTO `forwardings` (`source`, `destination`) VALUES ('mailman-confirm@aaa.ru', 'mailman-confirm@lists.aaa.ru ');
INSERT INTO `forwardings` (`source`, `destination`) VALUES ('mailman-join@aaa.ru', 'mailman-join@lists.aaa.ru ');
INSERT INTO `forwardings` (`source`, `destination`) VALUES ('mailman-leave@aaa.ru', 'mailman-leave@lists.aaa.ru ');
INSERT INTO `forwardings` (`source`, `destination`) VALUES ('mailman-owner@aaa.ru', 'mailman-owner@lists.aaa.ru ');
INSERT INTO `forwardings` (`source`, `destination`) VALUES ('mailman-request@aaa.ru', 'mailman-request@lists.aaa.ru ');
INSERT INTO `forwardings` (`source`, `destination`) VALUES ('mailman-subscribe@aaa.ru', 'mailman-subscribe@lists.aaa.ru ');
INSERT INTO `forwardings` (`source`, `destination`) VALUES ('mailman-unsubscribe@aaa.ru', 'mailman-unsubscribe@lists.aaa.ru );
quit;
Перезапуcтим mailman
LANG=C sudo /etc/init.d/mailman stop
LANG=C sudo /etc/init.d/mailman start
Нам нужно вставить в DNS-зону для нашего домена запись типа
lists CNAME oban.aaa.ru.
чтобы у нас был доступ к нашим спискам рассылки через веб.
Не забудьте увеличить порядковый номер в записи SOA зоны
Теперь мы можем зайти с паролем администратора листа mailman браузером на http://lists.aaa.ru для дальнейшей настройки листа рассылки.
Прочие листы рассылки добавляются аналогично.
Установка автоответчика
Создадим файл ./autoresponse следующего содержания (отличие от варианта, лежащего на http://nefaria.com/project_index/autoresponse/ в том, что для совместимости с mailman мы используем -autoresponse вместо +autoresponse):
nano
/autoresponse
#!/bin/bash
#+--------------------------------------------------------+
#|autoresponse 1.6.3 - an autoresponder script for postfix|
#| Charles Hamilton - musashi@nefaria.com |
#| This program is GNU/GPL software |
#+--------------------------------------------------------+
shopt -s -o nounset
shopt -s extglob
if [ "${#}" -eq "0" ]; then
printf "%s\n" "Autoresponse v. 1.6.2"
printf "%s\n" "Type -h for help"
exit 0
fi
declare RECIPIENT="unset"
declare SENDER="unset"
declare SASL_USERNAME="unset"
declare CLIENT_IP="unset"
declare AUTHENTICATED="unset"
declare AUTORESPONSE_MESSAGE="unset"
declare DISABLE_AUTORESPONSE="unset"
declare ENABLE_AUTORESPONSE="unset"
declare DELETE_AUTORESPONSE="unset"
declare SEND_RESPONSE="unset"
declare RESPONSES_DIR="/var/spool/autoresponse/responses"
declare SENDMAIL="/usr/sbin/sendmail"
declare RATE_LOG_DIR="/var/spool/autoresponse/log"
declare LOGGER="/usr/bin/logger"
#There are two different modes of operation:
# MODE="0" represents the actions that can not be executed from the command line
# MODE="1" represents the actions that can be executed from the command line
declare MODE="0"
#Time limit, in seconds that determines how often an
#autoresponse will be sent, per e-mail address (3600 = 1 hour, 86400 = 1 day)
declare RESPONSE_RATE="86400"
while getopts "r:s:S:C:e:d:E:D:h" SWITCH; do
case "${SWITCH}" in
r) #Set the recipient's address
RECIPIENT="`echo ${OPTARG} | tr '[:upper:]' '[:lower:]'`"
SEND_RESPONSE="1"
;;
s) #Set the sender's address
SENDER="`echo ${OPTARG} | tr '[:upper:]' '[:lower:]'`"
SEND_RESPONSE="1"
;;
S) #If SASL_USERNAME exists then the user was authenticated
SASL_USERNAME="${OPTARG}"
if [ -z "${SASL_USERNAME}" ]; then
AUTHENTICATED="0"
else
AUTHENTICATED="1"
fi
;;
C) #IP address of client (sender)
CLIENT_IP="${OPTARG}"
;;
e) #Set the filename of the user's autoresponse message
#This is used for creating/editing new autoresponse messages
AUTORESPONSE_MESSAGE="${OPTARG}"
MODE="1"
;;
d) #Disable an existing autoresponse message
DISABLE_AUTORESPONSE="${OPTARG}"
MODE="1"
;;
E) #Enable an existing autoresponse message
ENABLE_AUTORESPONSE="${OPTARG}"
MODE="1"
;;
D) #Delete an existing autoresponse message
DELETE_AUTORESPONSE="${OPTARG}"
MODE="1"
;;
h|*) #Print the help dialog and exit
echo -e "\n${0} [-r {recipient email} -s {sender email} -S {sasl username} -C {client ip}] [-e {email address}] [-d {email address}] [-E {email address}] [-D {email address}] [-h]\n"
echo -e " -r, -s, -S, and optionally -C must be used together to specify a recipient, sender, sasl username, and client IP of an autoresponse message."
echo -e " Normally you configure these in postfix's \"master.cf\" but they can be used from the terminal as well (only for testing purposes!)."
echo -e " If this is executed from a terminal, you'll need to hit CTRL-D when you are finished typing your autoresponse message.\n"
echo " -e is used to create a new autoresponse or edit an existing one for the specified user."
echo -e " If a disabled autoresponse message exists, it will be ignored and a new message will be created.\n"
echo -e " -d is used to disable an existing active autoresponse message.\n"
echo " -E is used to enable an existing autoresponse message. If both a disabled AND and an active autoresponse message exist,"
echo -e " the active message will be overwritten by the disabled one.\n"
echo -e " -D is used to delete an existing autoresponse message, it will not delete disabled autoresponse messages.\n"
echo -e " -h prints this help menu\n"
exit 0
;;
esac
done
#If a SASL authenticated user wants to set their autoresponse message via e-mail...
if [ "${AUTHENTICATED}" = "1" ] && [ "${RECIPIENT/@*/}" = "${SENDER/@*/-autoresponse}" ] && [ "${MODE}" = "0" ]; then
if [ -f "${RESPONSES_DIR}/${SENDER}" ]; then
#Delete a user's existing autoresponse message.
(${0} -D "${SENDER}")
if [ ! -f "${RESPONSES_DIR}/${SENDER}" ]; then
${LOGGER} -i -t autoresponse -p mail.notice "Autoresponse disabled for address: ${SENDER} by SASL authenticated user: ${SASL_USERNAME} from: ${CLIENT_IP}"
(echo -e "From: ${RECIPIENT}\nTo: ${SENDER}\nSubject: Out of Office\n\n"
echo "Autoresponse disabled for ${SENDER} by SASL authenticated user: ${SASL_USERNAME} from: ${CLIENT_IP}") | ${SENDMAIL} -i -f "${RECIPIENT}" "${SENDER}"
else
${LOGGER} -i -t autoresponse -p mail.notice "Autoresponse could not be disabled for address: ${SENDER}"
fi
elif [ ! -f "${RESPONSES_DIR}/${SENDER}" ]; then
#Read from STDIN and save this as the user's autoresponse message.
#This will overwrite any pre-existing autoresponse messages!
cat > "${RESPONSES_DIR}/${SENDER}"
if [ -f "${RESPONSES_DIR}/${SENDER}" ]; then
${LOGGER} -i -t autoresponse -p mail.notice "Autoresponse enabled for address: ${SENDER} by SASL authenticated user: ${SASL_USERNAME} from: ${CLIENT_IP}"
(echo -e "From: ${RECIPIENT}\nTo: ${SENDER}\nSubject: Out of Office\n\n"
echo "Autoresponse enabled for ${SENDER} by SASL authenticated user: ${SASL_USERNAME} from: ${CLIENT_IP}") | ${SENDMAIL} -i -f "${RECIPIENT}" "${SENDER}"
else
${LOGGER} -i -t autoresponse -p mail.notice "Autoresponse could not be enabled for address: ${SENDER}"
fi
fi
#Log any unauthenticated shenanigans. We're attempting to prevent two scenarios here:
#
#(1) A user sends an e-mail to user-autoresponse@domain.tld from user@domain.tld through an open relay
# in an unauthorized attempt to set an autoresponse for the real user@domain.tld. The open relay
# will relay the message but because it will not authenticate with the mail server for domain.tld
# AUTHENTICATED will equal 0 and the user portion of the recipient address will equal user-autoresponse.
# Since we do not allow unauthenticated users to set autoresponse messages, we log this attempt as
# suspicious and exit cleanly so that postfix doesn't generate a bounce message.
#
#(2) A user sends e-mail to user-autoresponse@domain.tld from user@domain.tld through a mail server
# that requires authentication, (but allows relaying) and has autoresponse configured. This will result in
# an autoresponse toggle message being sent to the real user@domain.tld, notifying them that their
# autoresponse message has been enabled or disabled when in fact it has not. This scenario is rarer
# than the first and it is mainly meant to protect against compromised accounts and/or potential abuse
# by legitimate users of the rogue mail server.
#
elif [ "${AUTHENTICATED}" = "0" ] && [ "${RECIPIENT/@*/}" = "${SENDER/@*/-autoresponse}" ] || [ "${SENDER/@*/-autoresponse}" = "${RECIPIENT/@*/-autoresponse-autoresponse}" ] && [ "${MODE}" = "0" ]; then
${LOGGER} -i -t autoresponse -p mail.warning "Unauthenticated attempt to set autoresponse message for ${SENDER/-autoresponse/} from ${CLIENT_IP}!"
exit 0
#Finally, if the user recipient address does not equal user-autoresponse then we assume that it's
#just a normal message. We check to see if the recipient has an autoresponse message set; if one
#has not already been sent to the sender within our timeframe, we send it and then we deliver the
#original message to the original recipient.
elif [ "${RECIPIENT/@*/}" != "${SENDER/@*/-autoresponse}" ] && [ "${MODE}" = "0" ]; then
rate_log_check() {
#Only send one autoresponse per e-mail address per the time limit (in seconds) designated by the RESPONSE_RATE variable
if [ -f "${RATE_LOG_DIR}/${RECIPIENT}/${SENDER}" ]; then
declare ELAPSED_TIME=`echo $[\`date +%s\` - \`stat -c %X "${RATE_LOG_DIR}/${RECIPIENT}/${SENDER}"\`]`
if [ "${ELAPSED_TIME}" -lt "${RESPONSE_RATE}" ]; then
${LOGGER} -i -t autoresponse -p mail.notice "An autoresponse has already been sent from ${RECIPIENT} to ${SENDER} within the last ${RESPONSE_RATE} seconds"
SEND_RESPONSE=0
fi
fi
}
if [ -f "${RESPONSES_DIR}/${RECIPIENT}" ]; then
rate_log_check
#If SEND_RESPONSE still equals "1" after the rate_log_check function, send an autoresponse.
if [ "${SEND_RESPONSE}" = "1" ] && [ "${RECIPIENT}" != "${SENDER}" ]; then
(cat "${RESPONSES_DIR}/${RECIPIENT}") | sed -e "0,/^$/ { s/^To:.*/To: <${SENDER}>/ }" -e '0,/^$/ { /^Date:/ d }' | ${SENDMAIL} -i -f "${RECIPIENT}" "${SENDER}"
mkdir -p "${RATE_LOG_DIR}/${RECIPIENT}"
touch "${RATE_LOG_DIR}/${RECIPIENT}/${SENDER}"
${LOGGER} -i -t autoresponse -p mail.notice "Autoresponse sent from ${RECIPIENT} to ${SENDER}"
fi
fi
exec ${SENDMAIL} -i -f "${SENDER}" "${RECIPIENT}"
fi
#Check to see if we are editing or creating a new autoresponse for a user.
#This should only be used from the command line unlike -D, -d, and -E which
#could be used via postfix pipe or in other areas where no user interaction
#is required.
if [ "${AUTORESPONSE_MESSAGE}" != "unset" ] && [ "${MODE}" = "1" ]; then
#Check to see if an autoresponse message exists for the email address specified by the "AUTORESPONSE_MESSAGE" parameter, if one exists
#then edit the existing one, if one does not exist, create a new one. This action will ignore any disabled autoresponse messages.
if [ -f "${RESPONSES_DIR}/${AUTORESPONSE_MESSAGE}" ]; then
vi "${RESPONSES_DIR}/${AUTORESPONSE_MESSAGE}"
elif ! [ -f "${RESPONSES_DIR}/${AUTORESPONSE_MESSAGE}" ]; then
vi "${RESPONSES_DIR}/${AUTORESPONSE_MESSAGE}"
if [ -f "${RESPONSES_DIR}/${AUTORESPONSE_MESSAGE}" ]; then
#Insert our mail headers; people who will be setting autoresponses from the command line
#hopefully will know better than to screw with these when editing an existing autoresponse.
sed -i "1i\From: ${AUTORESPONSE_MESSAGE}\nTo: THIS GETS REPLACED\nSubject: Out Of Office\n\n" "${RESPONSES_DIR}/${AUTORESPONSE_MESSAGE}"
fi
fi
if [ -f "${RESPONSES_DIR}/${AUTORESPONSE_MESSAGE}" ]; then
chown autoresponse.autoresponse "${RESPONSES_DIR}/${AUTORESPONSE_MESSAGE}"
chmod 600 "${RESPONSES_DIR}/${AUTORESPONSE_MESSAGE}"
else
echo "Editing ${RESPONSES_DIR}/${AUTORESPONSE_MESSAGE} aborted!"
exit 1
fi
#Are we disabling an existing autoresponse message?
elif [ "${DISABLE_AUTORESPONSE}" != "unset" ] && [ "${MODE}" = "1" ]; then
if [ -f "${RESPONSES_DIR}/${DISABLE_AUTORESPONSE}" ]; then
mv -i "${RESPONSES_DIR}/${DISABLE_AUTORESPONSE}" "${RESPONSES_DIR}/${DISABLE_AUTORESPONSE}_DISABLED"
elif ! [ -f "${RESPONSES_DIR}/${DISABLE_AUTORESPONSE}" ]; then
echo "${RESPONSES_DIR}/${DISABLE_AUTORESPONSE} does not exist thus, it cannot be disabled!"
exit 1
fi
#Are we enabling an existing autoresponse message?
elif [ "${ENABLE_AUTORESPONSE}" != "unset" ] && [ "${MODE}" = "1" ]; then
if [ -f "${RESPONSES_DIR}/${ENABLE_AUTORESPONSE}_DISABLED" ]; then
mv -i "${RESPONSES_DIR}/${ENABLE_AUTORESPONSE}_DISABLED" "${RESPONSES_DIR}/${ENABLE_AUTORESPONSE}"
elif ! [ -f "${RESPONSES_DIR}/${ENABLE_AUTORESPONSE}_DISABLED" ]; then
echo "There is no disabled autoresponse for ${ENABLE_AUTORESPONSE}"
exit 1
fi
#Are we deleting an existing autoresponse message (this does not delete disabled autoresponse messages)?
elif [ "${DELETE_AUTORESPONSE}" != "unset" ] && [ "${MODE}" = "1" ]; then
if [ -f "${RESPONSES_DIR}/${DELETE_AUTORESPONSE}" ]; then
rm "${RESPONSES_DIR}/${DELETE_AUTORESPONSE}"
elif ! [ -f "${RESPONSES_DIR}/${DELETE_AUTORESPONSE}" ]; then
echo "${RESPONSES_DIR}/${DELETE_AUTORESPONSE} does not exist thus, it cannot be deleted!"
exit 1
fi
fi
#===КОНЕЦ ФАЙЛА===
Выполним
sudo useradd -d /var/spool/autoresponse -s `which nologin` autoresponse
sudo mkdir -p /var/spool/autoresponse/log /var/spool/autoresponse/responses
sudo cp
/autoresponse /usr/local/sbin/
sudo chown -R autoresponse.autoresponse /var/spool/autoresponse
sudo chmod -R 0770 /var/spool/autoresponse
Откроем файл /etc/postfix/master.cf
sudo nano /etc/postfix/master.cf
и найдем строку
smtp inet n - - - - smtpd
сразу после нее вставим
-o content_filter=autoresponder:dummy
(она должна начинаться хотя бы с одного пробела)
В конце файла вставляем
autoresponder unix - n n - - pipe
flags=Fq user=autoresponse argv=/usr/local/sbin/autoresponse -s ${sender} -r ${recipient} -S ${sasl_username} -C ${client_address}
(это две строки, причем вторая строка должна начинаться хотя бы с одного пробела)
Выполняем команды
sudo postconf -e 'autoresponder_destination_recipient_limit = 1'
sudo postconf -e 'recipient_delimiter = - '
и перезагружаем postfix
sudo /etc/init.d/postfix restart
Теперь для того, чтобы при Вашем отсутствии на работе (например, отпуск) всем, кто послал Вам письмо, автоматически отправлялось сообщение о Вашем отсутствии, нужно послать по адресу <ваш логин>-autoresponse@aaa.ru то письмо, которое Вы хотите установить в качестве автоответчика, например admin-autoresponse@aaa.ru (здесь и далее замените aaa.ru на Ваш домен).
Если все прошло нормально, Вы получите ответ с темой «Out Of Office» следующего содержания: «Autoresponse enabled for admin@aaa.ru by SASL authenticated user: admin@aaa.ru from: x.x.x.x», где x.x.x.x - IP-адрес хоста, с которого было отправлено письмо.
Теперь при посылке Вам письма все автоматически в ответ будут получать то письмо, которое вы установили в качестве автоответчика, сами письма будут сохраняться у Вас в папке «Входящие» как обычно.
Для того, чтобы убрать сообщение автоответчка, пошлите еще раз любое письмо на адрес <ваш логин>-autoresponse@aaa.ru и Вы получите в ответ письмо с темой «Out Of Office» следующего содержания: «Autoresponse disabled for admin@aaa.ru by SASL authenticated user: admin@aaa.ru from: x.x.x.x», где x.x.x.x - IP-адрес хоста, с которого было отправлено письмо.
Каждому корреспонденту автоответ будет отсылаться не чаще, чем раз в сутки, даже если он пошлет Вам несколько писем.
Письма для включения/выключения автоответчика должны быть посланы с Вашего адреса, иначе они не «сработают».
|
|
|
Скачать 0.62 Mb.