[rt-users] unsubscribe

2015-02-13 Thread Steve Hanselman 
 

Spam detection software, running on the system prodmail18,
has NOT identified this incoming email as spam.  The original
message has been attached to this so you can view it or label
similar future email.  If you have any questions, see
the administrator of that system for details.

Content preview:  [...] 

Content analysis details:   (0.9 points, 5.0 required)

 pts rule name  description
 -- --
-1.0 ALL_TRUSTEDPassed through trusted hosts only via SMTP
 0.4 MIME_HTML_MOSTLY   BODY: Multipart message mostly text/html MIME
-1.9 BAYES_00   BODY: Bayes spam probability is 0 to 1%
[score: 0.]
 0.0 HTML_MESSAGE   BODY: HTML included in message
 4.5 DCC_CHECK  Detected as bulk mail by DCC (dcc-servers.net)
 1.4 PYZOR_CHECKListed in Pyzor (http://pyzor.sf.net/)
 0.0 TVD_SPACE_RATIONo description available.
 0.3 DIGEST_MULTIPLEMessage hits more than one network digest check
-2.9 AWLAWL: Adjusted score from AWL reputation of From: 
address

Re: [rt-users] [SOLVED] Restoring from backup - admins lost privileges

2015-02-13 Thread Andrew Wippler 
: 585-544-0450 x300
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Please report email problems to: postmas...@qvii.commailto:postmas...@qvii.com

QVII MIS/IT Dept - We do what we must because we can.
Thank you for helping us help you help us all.
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

-- next part --
An HTML attachment was scrubbed...
URL: 
http://lists.bestpractical.com/pipermail/rt-users/attachments/20150212/f866b1db/attachment-0001.html

--

Message: 3
Date: Thu, 12 Feb 2015 16:59:08 -0500
From: Matt Brennan brenna...@gmail.com
To: rt-users@lists.bestpractical.com
Subject: [rt-users] fail2ban With RT
Message-ID:
caclbzupjpx89cofqz_k9uw-qgbsvtmdjoockydj-cbdm3kf...@mail.gmail.com
Content-Type: text/plain; charset=utf-8

Good Day,

  I am soon going to be exposing my RT instance on a public IP. It
currently requires VPN access, but users have asked for this to be changed.
As a result, I am trying to implement fail2ban, but am running into some
issues. I'm wondering if anyone else has successfully done this.

  Running fail2ban-regexp against the Apache error log and the fail2ban
filter file show that there are matches, however running fail2ban in debug
mode does not show that it's matching at run time.

  The relevant configs are below. Any help appreciated.

Thanks,
Matt

jail.conf:
[rt-iptables]
enabled  = true
filter   = rtauth
action   = iptables-allports[name=RT, protocol=all]
logpath  = /var/log/apache2/error.log
maxretry = 4
findtime = 21600
bantime  = 86400

filter.d/rtauth.conf:
[INCLUDES]
before = apache-common.conf

[Definition]
failregex = \[.*\] \[[^]]+\] \[error\]: FAILED LOGIN for .* from HOST
\(.*\)$
ignoreregex =
-- next part --
An HTML attachment was scrubbed...
URL: 
http://lists.bestpractical.com/pipermail/rt-users/attachments/20150212/6f1384b1/attachment-0001.html

--

Message: 4
Date: Fri, 13 Feb 2015 11:10:37 +1100
From: Alex Peters a...@peters.net
To: Cena, Stephen (ext. 300) s...@qvii.com
Cc: rt-users@lists.bestpractical.com
rt-users@lists.bestpractical.com
Subject: Re: [rt-users] Prevent users from making Comments on tickets
Message-ID:
cafdkmpumx12xddnoxwjhrswu4wx1xugqyahppjkf3mc6tbv...@mail.gmail.com
Content-Type: text/plain; charset=utf-8

I believe that a user will unconditionally have commenting ability if they
also have the ModifyTicket right, regardless of the state of their
CommentOnTicket right.

You might be able to swap out ModifyTicket and use some finer-grained
rights in its place, depending on what modifications end users actually
need to make.

On 13 February 2015 at 04:06, Cena, Stephen (ext. 300) s...@qvii.com wrote:

  I'm in the process of locking down end-user permissions in our RT
 install. We want it set up so that users can only do Reply, and Admins can
 use Comment and Reply. At present, my end user can't see a Comment in a
 ticket, or an attachment made with a Comment. However, if the user emails
 the Comment address or uses the Comment in the Action drop-down in the
 ticket the entry gets made. The proper visibility of the resulting Comment
 is correct. AFAIK, there are no global permissions for anything (I'm doing
 it al at the queue level for each queue).


 Everyone, Privileged, Unprivileged all have no permissions
 End User perms for queue: CreateTicket, SeeQueue
 Requestor perms for queue: ReplyToTicket, SeeCustomField, SeeQueue,
 ShowTicket, ModifyCustomField, ModifyTicket

 Did I overlook something?

 Stephen J. Cena
 Supervisor/Systems Administrator - MIS/IT Dept
 Quality Vision International
 850 Hudson Ave
 Rochester,NY 14620
 Phone: 585-544-0450 x300
 * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
 Please report email problems to: postmas...@qvii.com

 QVII MIS/IT Dept - We do what we must because we can.
 Thank you for helping us help you help us all.
 * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


-- next part --
An HTML attachment was scrubbed...
URL: 
http://lists.bestpractical.com/pipermail/rt-users/attachments/20150213/944c01c8/attachment-0001.html

--

Message: 5
Date: Fri, 13 Feb 2015 11:34:08 +1100
From: Alex Peters a...@peters.net
To: Cena, Stephen (ext. 300) s...@qvii.com
Cc: rt-users@lists.bestpractical.com
rt-users@lists.bestpractical.com
Subject: Re: [rt-users] Prevent users from adding CC's and AdminCC's
to  tickets
Message-ID:
CAFdkmpu=2kcxdsc+hp7+ivah_nfm7qbr3m02men_unazh5s...@mail.gmail.com
Content-Type: text/plain; charset=utf-8

From the v4.2.7 code, I'm interpreting these rules:

   1. Add/remove anyone if the user has the ModifyTicket right.
   2. Only add/remove self as AdminCc if the user has the WatchAsAdminCc
   right.
   3. Only add/remove self as Cc/Requestor if the user has the Watch right

[rt-users] Correct formatting for respond by email link

2015-02-13 Thread Cena, Stephen (ext. 300) 
I'm trying to use HTML templates to make responding to tickets easier for my 
users. I'm having a problem creating a link to generate an email. The code I 
have is:

trtdYou have the ability to a 
href=mailto:{$Ticket-QueueObj-CorrespondAddress}?subject=[{$Ticket-QueueObj-SubjectTag
 || $rtname} #{$Ticket-id}]update this ticket via email/a./td/tr

This always will generate a new ticket. If I add the nbsp; in front of the 
#{$Ticket-id}, that at least puts the space in but same results. I've tried 
adding an RE:  in front as well, and it still causes a new ticket.

If I do a Reply from the Autoreply email I get when the ticket is created, 
strip off the subject  just leave the queue tag the ticket gets updated 
correctly.

What am I doing wrong?

Stephen J. Cena
Supervisor/Systems Administrator - MIS/IT Dept
Quality Vision International
850 Hudson Ave
Rochester,NY 14620
Phone: 585-544-0450 x300
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Please report email problems to: postmas...@qvii.commailto:postmas...@qvii.com

QVII MIS/IT Dept - We do what we must because we can.
Thank you for helping us help you help us all.
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Re: [rt-users] Prevent users from making Comments on tickets

2015-02-13 Thread Cena, Stephen (ext. 300) 
Thanks to Alex Peters, Daniel Schwager, and Kenneth Crocker for their input on 
my question. I'm going to take a look at the book sections Kenneth sent (I've 
purchased the book), and go over the permissions as all have suggested. What's 
killing me right now is I only have the production system to work with.

Stephen J. Cena
Supervisor/Systems Administrator - MIS/IT Dept
Quality Vision International
850 Hudson Ave
Rochester,NY 14620
Phone: 585-544-0450 x300
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Please report email problems to: postmas...@qvii.commailto:postmas...@qvii.com

QVII MIS/IT Dept - We do what we must because we can.
Thank you for helping us help you help us all.
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

[rt-users] Can't send email with rtcrontool

2015-02-13 Thread Matt Smith 
I'm trying to do a very simple query:  Send notice on all tickets older than 2 
hours.   I can not get the notification to work per the documentation.

Query:

/opt/rt4/bin/rt-crontool --search RT::Search::FromSQL  --search-arg Owner = 
'Nobody' AND Status = 'new' AND Created  '2 hours ago' --action 
RT::Action::NotifyGroup --action-arg 'em...@domain.com' --template 'Blank'

ERROR in log:  RT: [3884] Can't call method CreatorObj on an undefined value 
at /opt/rt4/bin/../lib/RT/Action/NotifyGroup.pm line 87.

I've tried a variety of things like using the transaction switch and thing, 
but not sure what is missing.   The code that it doesn't like is below:

 79 sub SetRecipients {
 80 my $self = shift;
 81
 82 my $arg = $self-Argument;
 83 foreach( $self-__SplitArg( $arg ) ) {
 84 $self-_HandleArgument( $_ );
 85 }
 86
 87 my $creatorObj = $self-TransactionObj-CreatorObj;
 88 my $creator = $creatorObj-EmailAddress();
 89 my $TransactionCurrentUser = RT::CurrentUser-new;
 90 $TransactionCurrentUser-LoadByName($creatorObj-Name);
 91
 92 unless (RT-Config-Get('NotifyActor',$TransactionCurrentUser)) {
 93 @{ $self-{'To'} } = grep ( !/^\Q$creator\E$/, @{ $self-{'To'} 
} );
 94 }
 95
 96 $self-{'seen_ueas'} = {};
 97
 98 return 1;


Any ideas?

Thanks!

Re: [rt-users] Correct formatting for respond by email link

2015-02-13 Thread Alex Peters 
I suspect that you need to escape the special characters in your subject
value.  I've used this with success:

a href=mailto:x...@yyy.zzz?subject={
  require URI::Escape;
  URI::Escape::uri_escape(sprintf(
'Re: [XXX #%s] %s',
$Ticket-id,
$Ticket-Subject
  ))
}Update this ticket via email/a

On 14 February 2015 at 05:31, Cena, Stephen (ext. 300) s...@qvii.com wrote:

  I'm trying to use HTML templates to make responding to tickets easier
 for my users. I'm having a problem creating a link to generate an email.
 The code I have is:

 trtdYou have the ability to a href=
 mailto:{$Ticket-QueueObj-CorrespondAddress}?subject=[{$Ticket-QueueObj-SubjectTag
 %7B$Ticket-%3EQueueObj-%3ECorrespondAddress%7D?subject=[%7B$Ticket-%3EQueueObj-%3ESubjectTag
 || $rtname} #{$Ticket-id}]update this ticket via email/a./td/tr

 This always will generate a new ticket. If I add the nbsp; in front of
 the #{$Ticket-id}, that at least puts the space in but same results. I've
 tried adding an RE:  in front as well, and it still causes a new ticket.

 If I do a Reply from the Autoreply email I get when the ticket is created,
 strip off the subject  just leave the queue tag the ticket gets updated
 correctly.

 What am I doing wrong?

 Stephen J. Cena
 Supervisor/Systems Administrator - MIS/IT Dept
 Quality Vision International
 850 Hudson Ave
 Rochester,NY 14620
 Phone: 585-544-0450 x300
 * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
 Please report email problems to: postmas...@qvii.com

 QVII MIS/IT Dept - We do what we must because we can.
 Thank you for helping us help you help us all.
 * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Re: [rt-users] Prevent users from making Comments on tickets

2015-02-13 Thread Alex Peters 
ModifyTicket is not a strict combination of other rights.  I believe that
without ModifyTicket, you must experiment to determine which rights provide
the correct behaviour for your needs.

On 13 February 2015 at 17:52, Daniel Schwager daniel.schwa...@dtnet.de
wrote:

  Hi,



  You might be able to swap out ModifyTicket and use some

  finer-grained rights in its place, depending on what modifications

   end users actually need to make.



 what are the equivalent (separate) rights for ModifyTicket?



 regards

 Danny





 *From**:* rt-users [mailto:rt-users-boun...@lists.bestpractical.com] *On
 Behalf Of *Alex Peters
 *Sent:* Friday, February 13, 2015 1:11 AM
 *To:* Cena, Stephen (ext. 300)
 *Cc:* rt-users@lists.bestpractical.com
 *Subject:* Re: [rt-users] Prevent users from making Comments on tickets



 I believe that a user will unconditionally have commenting ability if they
 also have the ModifyTicket right, regardless of the state of their
 CommentOnTicket right.



 You might be able to swap out ModifyTicket and use some finer-grained
 rights in its place, depending on what modifications end users actually
 need to make.



 On 13 February 2015 at 04:06, Cena, Stephen (ext. 300) s...@qvii.com
 wrote:

 I'm in the process of locking down end-user permissions in our RT install.
 We want it set up so that users can only do Reply, and Admins can use
 Comment and Reply. At present, my end user can't see a Comment in a
 ticket, or an attachment made with a Comment. However, if the user emails
 the Comment address or uses the Comment in the Action drop-down in the
 ticket the entry gets made. The proper visibility of the resulting Comment
 is correct. AFAIK, there are no global permissions for anything (I'm doing
 it al at the queue level for each queue).