script/postfix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sent_userinfo_postfix.sh: Add support for configuration file. Running the script must be confirmed after showing the parameter settings.

Browse Source
This commit is contained in:
root 2017-08-04 17:44:02 +02:00
parent 118959fab1
commit 16c22e862e
4 changed files with 232 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.gitignore vendored
View File

@ -1 +1,5 @@
*.swp *.swp
*.log
conf/*.conf
conf/*.email*
!conf/sent_userinfo_postfix.email.sample

56
conf/sent_userinfo_postfix.conf.sample Normal file
View File

@ -0,0 +1,56 @@
# ----------------------------------------------------
# ---
# - Parameter Settings for script 'sent_userinfo_postfix.sh'.
# ---
# ----------------------------------------------------
# - user_info_file
# -
# - Full path to file containing the user info. If file is placed in this
# - configuration directory use '${conf_dir}/<file-name'
# -
# - See sent_userinfo_postfix.email.sample
# -
# - Defaults to '${conf_dir}/conf/sent_userinfo_postfix.email'
# -
#user_info_file="${conf_dir}/conf/sent_userinfo_postfix.email"
# - email_from
# -
# - From Address of user info
# -
# - Example: 'oo@oopen.de'
# -
#email_from=""
# - email_from_org
# -
# - Example: email_from_org="O.OPEN"
# -
#email_from_org=""
# - mail_user
# -
# - The owner of the mailbox directories and within the e-mails itself.
# -
# - defaults to 'vmail'
#mail_user=vmail
# - mail_group
# -
# - The group of the mailbox directories
# -
#mail_group=vmail
# - mail_basedir - No more needed!
# -
# - The root directory where all mailbox-domains are located.
# -
# - Defaults to '/var/vmail'.
# -
#mail_basedir=/var/vmail

41
conf/sent_userinfo_postfix.email.sample Normal file
View File

@ -0,0 +1,41 @@
To: %email_to%
From: %email_from_org% <%email_from%>
Subject: Heartbleed Bug und so36.net
Content-type: text/plain; charset=UTF-8
Liebe so36-Nutzer_innen,
Am Dienstag 08.04.2014 ist eine gravierende Sicherheitslücke in der
Verschlüsselungssoftware OpenSSL bekannt geworden, mit dem u.a. Passwörter
oder andere geheime Daten offen abrufbar sind. Dieser Programmfehler ist
unter dem Namen Heartbleed-Bug [1] berühmt geworden.
Wie fast alle Web-Anbieter nutz auch so36.net OpenSSL und damit sind auch
wir betroffen. Wir haben am Tag des Bekanntwerden der Schwachstelle sofort
Software-Updates auf allen betroffenen Servern eingsielt. Mittlerweile
haben wir auf allen Maschinen auch neue SSL-Zertifikate installiert.
Trotzdem können wir nicht ausschließen, dass auch unsere Server
kompromitiert wurden und sich Dritte damit eure Passwörter beschaffen
konnten.
*Daher müssen alle sofort ihre Passwörter ändern.*
Dazu besucht Ihr folgende Seite: https://webmail.so36.net/
Das neue Zertifikat, das Euch der Server präsentiert hat den Fingerprint
SHA1 Fingerprint = 7C:70:79:C1:30:1E:E8:CC:AF:B5:67:AD:07:53:ED:08:33:C5:8B:D8
Leider müsst ihr davon ausgehen, dass auch andere Webdienste, die ihr
nutzt, von dieser Sicherheitslücke betroffen sind. Heise.de spricht
davon, dass über 600 der meistgenutzten Webdiensten davon betroffen
sind. [2] Ihr könnt dies auch selbst durch Eingabe der URl bei
http://filippo.io/Heartbleed und http://possible.lv/tools/hb überprüfen.
Schöne Grüsse aus dem Dschungel
team so36.net
[1] http://heartbleed.com/ und
http://www.heise.de/newsticker/meldung/Der-GAU-fuer-Verschluesselung-im-Web-Horror-Bug-in-OpenSSL-2165517.html
[2]
http://www.heise.de/newsticker/meldung/Passwort-Zugriff-Heartbleed-Luecke-mit-katastrophalen-Folgen-2166861.html

167
sent_userinfo_postfix.sh
View File

@ -1,26 +1,35 @@
#!/bin/bash #!/usr/bin/env bash
script_dir="$(dirname $(realpath $0))"
conf_dir="${script_dir}/conf"
conf_file="${conf_dir}/sent_userinfo_postfix.conf"
tmp_dir="$(mktemp -d)"
logfile="${script_dir}/sent_userinfo_postfix.$(date +%Y-%m-%d-%H%M).log"
#---------------------------------------
#-----------------------------
# Setting Defaults
#-----------------------------
#---------------------------------------
DEFAULT_user_info_file="${conf_dir}/sent_userinfo_postfix.email"
DEFAULT_mail_user="vmail"
DEFAULT_mail_group="vmail"
user_info_file="/root/Heartbleed-Bug_userinfo.txt" #---------------------------------------
#-----------------------------
# Base Function(s)
#-----------------------------
#---------------------------------------
email_from="oo@oopen.de" clean_up() {
mail_user=vmail # Perform program exit housekeeping
mail_group=vmail rm -rf $tmp_dir
exit $1
mail_basedir=/var/vmail }
logfile=/tmp/user_mail.log
> $logfile
curdir=`pwd`
rc_done="\033[71G[ \033[32mdone\033[m ]"
rc_failed="\033[71G[ \033[31m\033[1mfailed\033[m ]"
## - Functions
## -
echononl(){ echononl(){
echo X\\c > /tmp/shprompt$$ echo X\\c > /tmp/shprompt$$
if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then
@ -31,32 +40,113 @@ echononl(){
rm /tmp/shprompt$$ rm /tmp/shprompt$$
} }
fatal(){ fatal(){
echo "" echo ""
echo Fehler: $* echo -e "[ \033[31m\033[1mFehler\033[m ]: $*"
echo -e "\n\t\033[31m\033[1mSkript wird abgebrochen\033[m\033[m\n" echo -e "\n\t Script was interupted!\n"
echo echo
exit 1 clean_up 1
} }
## - echo_ok() {
## - End: Functions echo -e "\033[75G[ \033[32mok\033[m ]"
}
echo_failed() {
echo -e "\033[75G[ \033[1;31mfailed\033[m ]"
}
echo_skipped() {
echo -e "\033[75G[ \033[33m\033[1mskipped\033[m ]"
}
trap clean_up SIGHUP SIGINT SIGTERM
clear
echo ""
echo -e "\033[32mRunning script \033[1m"$(basename $0)"\033[m .."
echo ""
echo ""
echo ""
echononl " Loading default Configuration values from $(basename ${conf_file}).."
if [[ ! -f "$conf_file" ]]; then
echo_skipped
else
source "${conf_file}" > /dev/null 2>&1
if [[ $? -eq 0 ]]; then
echo_ok
else
echo_failed
fi
fi
if [[ -z "$email_from" ]] ; then
fatal "Missing Mail Sender Address (parameter 'email_from')."
fi
if [[ -z "$email_from_org" ]] ; then
fatal "Missing Mail Sender Organisation (parameter 'email_from_org')."
fi
[[ -n "$user_info_file" ]] || user_info_file="$DEFAULT_user_info_file"
[[ -n "$mail_user" ]] || mail_user="$DEFAULT_mail_user"
[[ -n "$mail_group" ]] || mail_group="$DEFAULT_mail_group"
if [[ ! -f $user_info_file ]];then
fatal "User Info-file to send '$user_info_file' does not exist !!"
fi
echo ""
echo ""
echo -e "\033[32mSettings for script \033[37m\033[1msent_userinfo_postfix.sh\033[m"
echo ""
echo " File containing the mail-body.....: $user_info_file"
echo ""
echo " Mail Sender Address...............: $email_from"
echo " Mail Sender Organisation..........: $email_from_org"
echo ""
echo " Mail User.........................: $mail_user"
echo " Mail Group........................: $mail_group"
echo ""
OK=
while [ "$OK" != "yes" -o "$OK" != "no" ] ; do
echononl "\033[1mParameters ok? [yes/no]:\033[m "
read OK
## - To lower case
OK=${OK,,}
if [ "X$OK" = "X" ]; then
echo -e "\n\t\033[33m\033[1mAn entry is required!\033[m\n"
OK=""
continue
fi
if [ "$OK" != "yes" -o "$OK" != "no" ] ; then
break
fi
echo -e "\n\t\033[33m\033[1mWrong entry!\033[m\n"
done
[[ $OK = "yes" ]] || fatal "Repeat execution with different parameters."
> $logfile
curdir=`pwd`
rc_done="\033[71G[ \033[32mdone\033[m ]"
rc_failed="\033[71G[ \033[31m\033[1mfailed\033[m ]"
if [ ! -f $user_info_file ]; then if [ ! -f $user_info_file ]; then
fatal "Kann Mailtext nicht finden" fatal "File containing User Info not found!"
fi fi
pwd=`pwd` pwd=`pwd`
cd /tmp cd /tmp
clear echo ""
echo -e "\n\t --- Sending userinfo into all local virtual mailboxes --\n" | tee -a $logfile echo -e "\n\t --- Sending userinfo into all local virtual mailboxes --\n" | tee -a $logfile
if [ ! -f $user_info_file ];then
echo "[FATAL]: Info-file to send does not exist !!" >> $logfile
fatal "User Info-file to send does not exist !!"
fi
## - list of local virtual domains ## - list of local virtual domains
@ -67,14 +157,20 @@ declare -i num_dom=0;
declare -i num_mbox_failed=0; declare -i num_mbox_failed=0;
declare -i num_mbox=0; declare -i num_mbox=0;
# - Escape '@' sign for use in perl regex
# -
email_from_regex="$(echo ${email_from//\@/\\@})"
for domain in $domains ;do for domain in $domains ;do
echo -e "\nDOMAIN: $domain\n" | tee -a $logfile echo -e "\nDOMAIN: $domain\n" | tee -a $logfile
local_parts=`su postgres -c"psql -At -F ' ' postfix -c\"SELECT local_part FROM mailbox WHERE domain = '$domain'\""` local_parts=`su postgres -c"psql -At -F ' ' postfix -c\"SELECT local_part FROM mailbox WHERE domain = '$domain'\""`
for local_part in $local_parts ; do for local_part in $local_parts ; do
cp $user_info_file /tmp/ cp "$user_info_file" "$tmp_dir"
perl -i -n -p -e "s/%email_to%/$local_part\@$domain/" /tmp/`basename $user_info_file` perl -i -n -p -e "s/%email_to%/$local_part\@$domain/" "${tmp_dir}/$(basename $user_info_file)"
perl -i -n -p -e "s/%email_from%/${email_from_regex}/" "${tmp_dir}/$(basename $user_info_file)"
perl -i -n -p -e "s/%email_from_org%/${email_from_org}/" "${tmp_dir}/$(basename $user_info_file)"
echononl "\tSend userinfo to $local_part@$domain.." echononl "\tSend userinfo to $local_part@$domain.."
cat /tmp/`basename $user_info_file` | /usr/sbin/sendmail -F 'Christoph Kuchenbuch' -f $email_from -t "$local_part@$domain" cat ${tmp_dir}/$(basename $user_info_file) | /usr/sbin/sendmail -F "$email_from_org" -f $email_from -t "$local_part@$domain"
if [ "$?" = "0" ]; then if [ "$?" = "0" ]; then
num_mbox=num_mbox+1 num_mbox=num_mbox+1
echo -e "$rc_done" echo -e "$rc_done"
@ -97,6 +193,5 @@ fi
echo echo
cd $pwd cd $pwd
rm /tmp/`basename $user_info_file`
exit clean_up 0