Milan Obuch wrote:
On Friday 16 May 2008, Aleksander Adamowski wrote:
[snip]
Hi!
You might find this Perl script I wrote useful.
It monitors courier's maillog in real time (requires File::Tail from
CPAN), and when this typical TLS failure occurs, adds an exception for
the misconfigured domain to esmtproutes, e.g.:
bad-tls-domain.com:/SECURITY=NONE
During the next retry the original message should go through because
STARTTLS won't be attempted.
The script also sends a notification about the problem to the postmaster
of that domain (if that mail bounces to you, you could report the domain
to "RFC Ignorant" postmaster blacklist:
http://www.rfc-ignorant.org/tools/submit_form.php?table=postmaster).
Note: you have to customize the script a bit - change your own
postmaster address (the $our_postmaster variable) and change the message
template (it currently contains my own signature).
I'm running this script since 2005 and I've already got 290 domains in
/etc/courier/esmtproutes.
Hi,
for some reason no script attached... Did you forget it or got it filtered?
Regards,
Milan
Oops... here it is...
I'll repost the original message with the attachment just in case.
--
Best Regards,
Aleksander Adamowski
GG#: 274614
ICQ UIN: 19780575
http://olo.org.pl
#!/usr/bin/perl
# by Aleksander Adamowski
# Tue Aug 16 11:41:26 CEST 2005
#
# Monitors the mail log, adds workaround for domains with broken TLS to
# esmtproutes and sends notifications to postmaster addresses of those domains
#
use File::Tail;
use Mail::Sendmail;
use POSIX qw(strftime);
my $regexp = qr/(454[ 0-9.]+TLS)/;
$file=File::Tail->new('/var/log/maillog');
while (defined($line=$file->read)) {
if ($line =~ /$regexp/) {
$line =~ /addr=<[^@>]*\@([^>]+)\>\:/;
my $domain = $1;
if ($domain =~ /^[-a-zA-Z0-9.]+$/) {
my $subject = "Invalid TLS configuration for $domain mail domain";
my $message = "Greetings!\n\n".
"Invalid configuration of the mail server that handles $domain domain\n".
"is causing problems in mail delivery to this domain when TLS is being used:\n".
"\n".$line."\n".
"This situation creates problems with mail delivery to Your domain.\n\n".
"--\n".
"Best Regards,\n".
" Adamowski\n".
" Corporate Systems Administrator\n".
" Altkom Akademia S.A.\n".
" http://www.altkom.pl\n";;
#my %mail = ( To => "[EMAIL PROTECTED]",
my %mail = ( To => "[EMAIL PROTECTED]",
Cc => '[EMAIL PROTECTED]',
From => '[EMAIL PROTECTED]',
'Content-Type' => 'text/plain; charset="utf-8"',
Subject => $subject,
Message => $message
);
#print $message;
open ROUTES, '< /etc/courier/esmtproutes';
my $found = 0;
my $route;
while ($route = <ROUTES>) {
next unless (index($route, $domain) != -1);
print "$route\n";
print "Found $domain in /etc/courier/esmtproutes\n";
$found = 1;
}
close ROUTES;
if (! $found) {
# You should hav a script that makes a timestamped backup copy of esmtproutes - just in case:
system('/root/bin/backup /etc/courier/esmtproutes');
open ROUTES, '>> /etc/courier/esmtproutes';
print ROUTES "\n# Added automatically ".strftime("%F %H:%M:%S", localtime)." by $0:\n$domain:/SECURITY=NONE\n";
close ROUTES;
print strftime("%F %H:%M:%S", localtime).": notification for $domain\n";
sendmail(%mail) or die $Mail::Sendmail::error;
} else {
my %mail = (
To => '[EMAIL PROTECTED]',
From => '[EMAIL PROTECTED]',
Subject => "Domain is present in esmtproutes but TLS errors persist",
Message => "Problematic domain:\n$domain\n"
);
print strftime("%F %H:%M:%S", localtime).": strange domain $domain\n";
sendmail(%mail) or die $Mail::Sendmail::error;
}
} else {
my %mail = (
To => '[EMAIL PROTECTED]',
From => '[EMAIL PROTECTED]',
Subject => "Strange domain in TLS logs",
Message => "Strange domain:\n$domain\n"
);
print strftime("%F %H:%M:%S", localtime).": strange domain $domain\n";
sendmail(%mail) or die $Mail::Sendmail::error;
}
}
}
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
