-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathgpgmlrobot
executable file
·210 lines (181 loc) · 5.44 KB
/
gpgmlrobot
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
#!/bin/sh
# gpgmlrobot - GnuPG Mailing List Robot
# Copyright (c) 1999 Werner Koch <[email protected]>
# This program may be used under the terms of the GNU General Public Licence
# version 2 or later.
#
#
# The format of the dists file is like this:
#-------------------------------------------------------
# CF8BCC4B18DE08FCD8A1615906AD222CADF6A6E1 [email protected]
# 4444444444444444444444444444444444444444 [email protected]
#---------------------------------------------------------
#
# Each mailing list should have its own directory and an
# entry like this in the .procmailrc:
#-----------------------------------------
# :0
# * ^To: .*laurin-list@example\.com
# {
# :0:
# * ^X-Loop: failed-laurin-list@example\.com
# /dev/null
#
# :0:
# | $HOME/laurin-list/gpgmlrobot
# }
#-------------------------------------
#
# You should create one keypair for each mailing list by
# cd-ing to the list directory and doing a:
# gpg --homedir . --gen-key
# and give it the email address of the mailing list, it might
# be a couuld idea to have a comment in the user ID to mark this
# as a key for an encrypted mailing list. Sen this key to all
# subscribers and put there fingerprint
# (gpg --fingerprint --with-colons [email protected])
# into the dists file along with their email address.
#
#-------------------------------------------
# Configuration section
#-------------------------------------------
ml_address="[email protected]"
full_ml_address="Laurin List <$ml_address>"
ml_domain="example.com"
myhome=/home/cryptorobot/laurin-list
SENDMAIL="/usr/sbin/sendmail"
distsfile=dists
remove_input=no
ciphertextfile="$1"
passphrasefile=passphrase
plaintextfile="plain.$$"
#-------------------------------------------
# End configuration section
#-------------------------------------------
#pgmname=`basename $0`
#today=`date -u "+%Y-%m-%d"`
if ! cd $myhome 2>/dev/null ; then
echo "gpgmlrobot: failed to cd to $myhome" >&2
exit 1
fi
if [ -z "$ciphertextfile" -o "$ciphertextfile" = "-" ]; then
ciphertextfile="input.$$"
cat > $ciphertextfile
remove_input=yes
fi
if [ ! -f "$ciphertextfile" ]; then
echo "usage: gpgmlrobot encrypted-mail-file" >&2
do_exit 1
fi
cleanup () {
[ -f $plaintextfile ] && rm $plaintextfile
[ -f $ciphertextfile -a "$remove_input" = "yes" ] && rm $ciphertextfile
}
do_exit () {
cleanup
exit $1
}
trap "cleanup " 1 2 13 15
do_send () {
key="$1"
recp="$2"
( cat <<EOF
Date:$orig_date
From:$orig_from
To: $full_ml_address
Subject:$orig_subject
Message-ID: $orig_msg_id
Mime-Version: 1.0
Content-Type: multipart/encrypted; protocol="application/pgp-encrypted";
boundary="x42x42x42x42x42x"
X-GPG-ML-Robot: 0.1
X-Loop: $ml_address
Precedence: list
--x42x42x42x42x42x
Content-Type: application/pgp-encrypted
Version: 1
--x42x42x42x42x42x
Content-Type: application/octet-stream
EOF
(
if [ $orig_is_mime = no ]; then
echo "Content-Type: text/plain; charset=iso-8859-1"
echo "Content-Transfer-Encoding: 8bit"
echo " "
fi
cat /dev/null $plaintextfile
echo "-- "
echo "This message has been processed by the gpg-ml-robot"
echo "and is made available to all subscribers of this ML:"
echo $(cut -d ' ' -f 2- $distsfile ) | fold -s -w 70
) | gpg --homedir . --no-secmem-warning --quiet --batch \
--always-trust -ea -r $key
echo ""
echo "--x42x42x42x42x42x--"
echo ""
) | $SENDMAIL -oi $recp
}
# see whether we have already handled this message
if [ "$(formail -x X-Loop: < $ciphertextfile)" = "failed-$ml_address" ]; then
exit 0
fi
if [ "$(formail -x X-Loop: < $ciphertextfile)" = "$ml_address" ]; then
( formail -t -rI"Precedence: junk" \
-i"X-Loop: failed-$ml_address" < $ciphertextfile
echo "Hi,"
echo ""
echo "Your mail has already been processed by this robot"
echo 'and was hopefully delivered to all subscribers.'
echo ""
echo "Hochachtungsvoll,"
echo ""
echo " G. M. Robot"
echo ""
echo "-- "
echo "Powered by the GNU Privacy Guard"
) | $SENDMAIL -oi -t
exit 0
fi
# Decrypt the file and encrypt it to each user in turn.
echo -n "" > $plaintextfile
chmod 600 $plaintextfile
cat $passphrasefile | gpg --homedir . --quiet --no-secmem-warning \
--passphrase-fd 0 --decrypt --batch --always-trust \
-o - $ciphertextfile >> $plaintextfile
if [ $? != 0 ] ; then
( formail -t -i"X-Loop: failed-$ml_address" < $ciphertextfile
echo "Hi,"
echo ""
echo "Your mail could not been processed by this robot"
echo 'probably because you did not encrypt it to the'
echo "robot's key"
echo ""
echo "Hochachtungsvoll,"
echo ""
echo " G. M. Robot"
echo ""
echo "-- "
echo "Powered by the GNU Privacy Guard"
) | $SENDMAIL -oi -t
exit 0
fi
if head -1 $plaintextfile | grep '^Content-Type: text/plain' >/dev/null; then
orig_is_mime=yes
else
orig_is_mime=no
fi
orig_date="$(formail -x Date: < $ciphertextfile)"
orig_subject="$(formail -x Subject: < $ciphertextfile)"
# We munch the message id to hide the posters informations
# This is not really need, because we use the orignal from line,
# but this can be changed when needed.
orig_msg_id="$(formail -x Message-ID < $ciphertextfile|md5sum)"
orig_msg_id="<${orig_msg_id}@${ml_domain}>"
orig_from="$(formail -x From: < $ciphertextfile)"
cat $distsfile | while read ; do
set -- $REPLY
if [ -n "$1" -a -n "$2" ]; then
do_send $1 $2
fi
done
cleanup