ma1l1ists at yahoo
Nov 24, 2011, 11:42 AM
Post #3 of 4
(610 views)
Permalink
|
On Thu, 24 Nov 2011 14:17:12 -0500
Vahid Moghaddasi wrote:
> Well, Solaris 10 comes with bash and perl 5.8.4. I thought regex or shopt
> are standard in many OS's. I do have shopt and regex on the server.>
> Will you be able to share that?
Here, ya go but I'm not sure it will help if your running bash, you
could try changing the sender variable to match.
> So you have converted Kyle's qmail-remote.sh to perl?
No, I just converted that little section and disabled the subdomain
section so it's using both which isn't ideal, but mines low volume. I've
added full paths so just merge in the perl section if you want to try
it. I'll compare to the new version 6 later and forward it to kyle,
though I'm not sure he'll be that interested. The X-DKIM-Originator I
mentioned earlier is for incoming not qmail-remote, so that explains
why you hadn't seen it.
#!/bin/sh
# version 5.1 (not by original author)
PATH=/bin:/usr/bin:/usr/local/bin
host="$1"
sender="$2"
# First, figure out who the sending domain is:
if [ -z "$sender" -a -n "$DEFAULTDOMAIN" ]; then
sender="@$DEFAULTDOMAIN"
fi
if [ -z "$sender" ]; then
sender="@`/bin/hostname`"
fi
DOMAIN="${sender##*@}"
# Sanity-check the domain (regex changed to only match domain chars and converted to /bin/sh + perl from bash for portability, also broke portability by adding paths to bins but that's easy to fix)
/usr/bin/perl -e '
use strict;
use warnings;
my $DOMAIN2PL = q{'"$DOMAIN"'};
if ($DOMAIN2PL =~ qr/[^A-Za-z0-9-.\_]+/) {
print "Message from the qmail-remote wrapper.\n This submitted Sender
domain contained illegal characters.\n $DOMAIN2PL\n"; exit 1 }
' || exit 0
# Now, fill in the basic variables (if they don't exist already)
[ "$DKREMOTE" ] || DKREMOTE="/var/qmail/bin/qmail-remote.orig"
[ "$DKSIGN" ] || DKSIGN="/etc/ssl/domainkeys/"$DOMAIN"/default"
# Now try and find the right subdomain, per RFC 4871
# (you can eliminate this loop if you don't want parent domains signing child
# domain's email)
#if [ "$DOMAIN" ] ; then
# while [ ! -r "${DKSIGN//\%/$DOMAIN}" ] ; do
# # try parent domains, per RFC 4871, section 3.8
# DOMAIN=${DOMAIN#*.}
# DPARTS=( ${DOMAIN//./ } )
# [ ${#DPARTS[*]} -eq 1 ] && DOMAIN="${sender##*@}" && break
# done
#fi
#DKSIGN="${DKSIGN//\%/$DOMAIN}"
#DKSIGN=`echo "$DKSIGN" | /usr/bin/sed s/%/"$DOMAIN"/`
# Now that we have the correct DKSIGN value (i.e. the filename of the key to
# use to sign email), check to see if this file exists
if [ -r "$DKSIGN" ] ; then
# The key does exist, so now use it to generate signatures!
tmp=`/usr/bin/mktemp -t dk.sign.XXXXXXXXXXXXXXXXXXX`
tmp2=`/usr/bin/mktemp -t dk2.sign.XXXXXXXXXXXXXXXXXXX`
/bin/cat - >"$tmp"
# compute the DomainKey signature
error=`(dktest -s "$DKSIGN" -c nofws -h <"$tmp" | \
/usr/bin/sed 's/; d=.*;/; d='"$DOMAIN"';/' > "$tmp2")
2>&1` if [ "$error" ] ; then
# Communicate the problem to qmail (that's why the 'Z')
echo "ZDomainKey error: $error"
/bin/rm "$tmp" "$tmp2"
exit -1
fi
# compute the DKIM signature
error=`(/var/qmail/bin/dkimsign.pl --type=dkim
--selector=default \
--key="$DKSIGN" --method=relaxed
<"$tmp" | \ /usr/bin/tr -d '\r' >> "$tmp2") 2>&1`
if [ "$error" ] ; then
# Communicate the problem to qmail (that's why the 'Z')
echo "ZDKIM error: $error"
/bin/rm "$tmp" "$tmp2"
exit -2
fi
# feed the signatures and the original message to the real
qmail-remote /bin/cat "$tmp2" "$tmp" | "$DKREMOTE" "$@"
retval=$?
/bin/rm "$tmp" "$tmp2"
exit $retval
else
# No signature added
exec "$DKREMOTE" "$@"
fi
|
