Update of /cvsroot/tmda/tmda-cgi/htdocs
In directory sc8-pr-cvs1:/tmp/cvs-serv30456
Added Files:
Makefile TMDAGenerator.py index.ht index.html links.h
Removed Files:
tmda-cgi.ht tmda-cgi.html
Log Message:
Moved documentation to this new directory. Updated the download and install
directions.
--- NEW FILE ---
# Copyright (C) 2001,2002 Jason R. Mastaler <[EMAIL PROTECTED]>
#
# This file is part of TMDA.
#
# TMDA is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version. A copy of this license should
# be included in the file COPYING.
#
# TMDA is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# for more details.
#
# You should have received a copy of the GNU General Public License
# along with TMDA; if not, write to the Free Software Foundation, Inc.,
# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
DEF2HTML = ../contrib/def2html
HTROOT = .
HT2HTML = /usr/local/packages/ht2html/ht2html.py
HTSTYLE = TMDAGenerator
HTALLFLAGS = -f -s $(HTSTYLE)
HTFLAGS = $(HTALLFLAGS) -r $(HTROOT)
SOURCES = $(shell echo *.ht)
TARGETS = $(filter-out *.html,$(SOURCES:%.ht=%.html)) $(EXTRA_TARGETS)
GENERATED_HTML= $(SOURCES:.ht=.html)
DEST = [EMAIL PROTECTED]:www/tmda.net/htdocs/
EXCLUDES = --exclude "*"
INCLUDES = --include "*.html"
ARGS = -v -a -z --delete $(INCLUDES) $(EXCLUDES)
.SUFFIXES: .ht .html
.ht.html:
$(HT2HTML) $(HTFLAGS) $<
all: $(TARGETS)
config-vars.ht: config-vars.tpl config-vars.tmp
sed -e '/<!--config_vars-->/r config-vars.tmp' -e \
'/<!--config_vars-->/d' < config-vars.tpl > config-vars.ht
config-vars.tmp: ../TMDA/Defaults.py
$(DEF2HTML) ../TMDA/Defaults.py > config-vars.tmp
clean: clean
-rm -f *~
-rm -f $(GENERATED_HTML)
-rm -f config-vars.tmp
remake: clean all
install:
rsync $(ARGS) . $(DEST)
--- NEW FILE ---
# -*- python -*-
#
# Copyright (C) 2001,2002 Jason R. Mastaler <[EMAIL PROTECTED]>
#
# This file is part of TMDA.
#
# TMDA is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version. A copy of this license should
# be included in the file COPYING.
#
# TMDA is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# for more details.
#
# You should have received a copy of the GNU General Public License
# along with TMDA; if not, write to the Free Software Foundation, Inc.,
# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
"""Generates the TMDA documentation style
"""
import os
import time
from Skeleton import Skeleton
from Sidebar import Sidebar, BLANKCELL
from Banner import Banner
from HTParser import HTParser
from LinkFixer import LinkFixer
�
sitelinks = [
('%(rootdir)s/index.html', 'TMDA Homepage', '<br>[\
<a href="http://www.au.tmda.net/";>AU</a> |\
<a href="http://www.us.tmda.net/";>US</a> \
mirror ]'),
('http://sourceforge.net/projects/tmda', 'TMDA @ SourceForge'),
]
�
class TMDAGenerator(Skeleton, Sidebar, Banner):
AUTHOR = 'Jason R. Mastaler'
EMAIL = '[EMAIL PROTECTED]'
def __init__(self, file, rootdir, relthis):
root, ext = os.path.splitext(file)
html = root + '.html'
p = self.__parser = HTParser(file, self.AUTHOR, self.EMAIL)
f = self.__linkfixer = LinkFixer(html, rootdir, relthis)
self.__body = None
self.__cont = None
# Calculate the sidebar links, adding a few of our own.
self.__d = {'rootdir': rootdir}
p.process_sidebar()
p.sidebar.append(BLANKCELL)
self.__linkfixer.massage(p.sidebar, self.__d)
Sidebar.__init__(self, p.sidebar)
#p.sidebar.append(BLANKCELL)
copyright = self.__parser.get('copyright', '2001-%d' %
time.localtime()[0])
p.sidebar.append((None, '© ' + copyright))
#last_modified = self.__parser.get('last_modified', '%s' %
# time.asctime(time.gmtime(time.time())))
#p.sidebar.append('Updated: ' + last_modified)
# Fix up our site links, no relthis because the site links are
# relative to the root of our web pages.
sitelink_fixer = LinkFixer(f.myurl(), rootdir)
sitelink_fixer.massage(sitelinks, self.__d, aboves=1)
Banner.__init__(self, sitelinks)
# kludge!
for i in range(len(p.sidebar)-1, -1, -1):
if p.sidebar[i] == 'Email Us':
p.sidebar[i] = 'Author'
break
def get_title(self):
return self.__parser.get('title')
def get_sidebar(self):
if self.__parser.get('wide-page', 'no').lower() == 'yes':
return None
return Sidebar.get_sidebar(self)
def get_banner(self):
return Banner.get_banner(self)
def get_banner_attributes(self):
return 'CELLSPACING=0 CELLPADDING=0'
def get_corner(self):
# It is important not to have newlines between the img tag and the end
# anchor and end center tags, otherwise layout gets messed up
return '''<center><font size="+2"
>>>> TMDA </font></center>'''
def get_body(self):
self.__grokbody()
return self.__body
def get_cont(self):
self.__grokbody()
return self.__cont
def __grokbody(self):
if self.__body is None:
text = self.__parser.fp.read()
i = text.find('<!--table-stop-->')
if i >= 0:
self.__body = text[:i]
self.__cont = text[i+17:]
else:
# there is no wide body
self.__body = text
# python.org color scheme overrides
def get_lightshade(self):
return '#cccccc'
def get_mediumshade(self):
return '#9862cb'
def get_darkshade(self):
return '#191970'
def get_corner_bgcolor(self):
return '#afeeee'
# jython.org color scheme
# def get_lightshade(self):
# return '#cccccc'
# def get_mediumshade(self):
# return '#9862cb'
# def get_darkshade(self):
# return '#666699'
# def get_corner_bgcolor(self):
# return '#cccccc'
--- NEW FILE ---
Title: tmda-cgi HOWTO
<h1>tmda-cgi (contributed by <a href="mailto:[EMAIL PROTECTED]">Gre7g
Luterman</a>)</h1>
<p><a href="#What">What is it?</a><br>
<a href="#Screen">Screenshots</a> <br>
<a href="#Require">Requirements</a><br>
<a href="#Blame">Credit/blame</a><br>
<a href="#Install">Installation</a><br>
<a href="#SystemWide">System-wide mode</a><br>
<a href="#SingleUser">Single-user mode</a><br>
<a href="#nosu">no-su mode</a><br>
<a href="#nosuExample">Centralized
no-su setup</a><br>
<a href="#Pass">Passwords</a><br>
<a href="#Virtual">Virtual users</a><br>
<a href="#Config">Configuration</a><br>
<a href="#Surprise">Surprises & gotcha's</a><br>
<a href="#Template">Templates (URL confirmation)</a></p>
<hr>
<h2><a name="What"></a>What is it?</h2>
<p>tmda-cgi is an alpha-release program for managing your
TMDA account over the web. At the time of this writing, tmda-cgi
can:</p>
<ul>
<li>Page through lists of pending e-mail (mail received by your MTA, but still
awaiting confirmation)
<li>View the text content (and see what sorts of attachments are included) in
any of your pending e-mails
<li>Release (move into your mail folder as if a confirmation had been received)
any of your pending e-mails.
<li>Delete any pending e-mail
<li>Whitelist or blacklist the author of any pending e-mails.
</ul>
<p>At the moment, tmda-cgi's focus is clearly manipulating pending e-mails. At
some point, I would like tmda-cgi to become more of a general system tool. Features
I hope to add soon include:</p>
<ul>
<li>Filter configuration</li>
<li>List editing</li>
<li>Automated clean-ups of pending e-mails</li>
<li>E-mail address generation (keyword, dated, or sender)</li>
</ul>
<p>tmda-cgi provides quick and easy access to your pending e-mails. This is an
ideal tool for users who either do not have access to a shell account or are
intimidated by operating in a command-line environment.</p>
<p>Although TMDA users do not generally need to mess with their pending e-mails,
there are times when this is the most convenient way to go. For instance:</p>
<ul>
<li>When you use a web site that says it will automatically mail you a password,
authentication link, or a receipt for a transaction you are making right now,
but you're not interested in any follow-up e-mail they will likely send you
in the future (and you don't feel like generating a dated address).
<p> Simply fill out the web form like you normally would and give your regular,
filtered e-mail address. The web site will send the e-mail to your mail
server, and your mail server will send a confirmation request back to the
web site (which will most likely never be seen by a human being). Then log
into tmda-cgi and manually release their letter. Any further mail they send
you will sit quietly in your pending directory like the one you released.
</li>
<li>To search your incoming mail for automated mailings you want to receive.
<p> Using tmda-cgi regularly for a few weeks or months after you begin filtering
your e-mail is a good way to make sure your filters are configured correctly.
<li>
<p>To look for "lost" e-mail.
<p> It's really rare that e-mail will get lost, but it's bound to happen
sometimes.
Perhaps Aunt Margaret can't figure out what the confirmation e-mail meant
(even though it is written in a very obvious way). Perhaps your boss was
in a hurry and deleted the confirmation request thinking
<em><strong>it</strong></em>
was spam (or perhaps he has a really crappy spam filter that mistook the
confirmation for spam). Perhaps Grandpa Joe sent you some e-mail from someone
else's e-mail account and they deleted the confirmation request, not realizing
what it was.
<li>
<p>To remind you <em><strong>why</strong></em> you got TMDA in the first place.
<p> "Wow, I would have gotten 100 e-mails about Viagara, cheap cigarettes,
weight loss drugs, penis enlargement, and Nigerian swindles today! Now I
remember why the rest of my family thinks that e-mail is a pain."
</ul>
<hr>
<h2><a name="Screen" id="Screen"></a>Screenshots</h2>
<p><b><i>Note:</i></b> You may find the default colors ugly. Those can be changed
by modifying the CSS file.</p>
<p><a href="http://tmda.sourceforge.net/screenshots/login.png";
target="_blank">Login</a></p>
<p><a href="http://tmda.sourceforge.net/screenshots/pending.png"; target="_blank">Index
of pending e-mails (whitelist & blacklist options enabled)</a></p>
<p><a href="http://tmda.sourceforge.net/screenshots/view1.png"; target="_blank">View
the contents of a pending e-mail with attachements</a></p>
<p><a href="http://tmda.sourceforge.net/screenshots/confirm.png";
target="_blank">Optional
Javascript confirmation when deleting or blacklisting</a></p>
<p><a href="http://tmda.sourceforge.net/screenshots/view2.png"; target="_blank">Show
all headers mode when viewing an e-mail</a></p>
<p><a href="http://tmda.sourceforge.net/screenshots/confirmed.png"; target="_blank">URL
confirmation
feedback</a></p>
<hr>
<h2><a name="Require"></a>Requirements</h2>
<ul>
<li><a href="http://python.org/";>Python</a> 2.1 or later.
<li><a href="/releases">TMDA</a> 0.74 or later.
<li>A webserver capable of running CGI (such as
<a href="http://httpd.apache.org/";>Apache</a>)
</ul>
<p>TBD. Until we do more testing it isn't clear what systems have problems with
tmda-cgi.</p>
<hr>
<h2><a name="Blame" id="Blame"></a>Credit/blame</h2>
<p>As already mentioned, this is contributed software at an alpha-level release.
That means:</p>
<ul>
<li>Use at your own risk.
<p>That's true of all software in general, but we're telling you up front
that not a lot of people have tested or analyzed the code yet. If it goes
awry or opens a security hole on your machine, I won't drop dead from the
shock.</p>
</li>
<li>tmda-cgi was written by <a href="mailto:[EMAIL PROTECTED]">Gre7g Luterman</a>,
with support from Jason R. Mastaler, David Guerizec, Tim Legant, and others on
the TMDA lists.
</li>
</ul>
<hr>
<h2><a name="Install"></a>Installation</h2>
<p>Download the <a href="/tmda-cgi/releases/">latest release</a> of tmda-cgi.</p>
<p>Uncompress the archive where you plan to keep tmda-cgi:</p>
<blockquote>
<p><code>$ tar -xzf tmda-cgi-X.XX.tgz<br>
$ cd tmda-cgi-X.XX</code></p>
</blockquote>
<p>Once you've obtained a copy of tmda-cgi, you need to decide how you want to
use tmda-cgi. tmda-cgi has been designed to run three different ways: system-wide,
single-user, and in no-su modes.</p>
<ul>
<li>In system-wide mode, multiple users can use tmda-cgi to access their TMDA
system. The program launches as root and then performs a <tt>seteuid</tt>
to run as the requested user once password authentication has been accomplished.
This is the best solution for system administrators who wish to set up their
TMDA system for use by multiple users.<br>
</li>
<li>In single-user mode, only one user can access tmda-cgi. That user will still
need to authenticate their access with a password, but the program runs as
the user who compiled it and therefore cannot access anyone else's personal
data. If multiple users wish to install tmda-cgi in single-user mode (strange,
but not absurd) then each user can compile a different 14k shell that launches
the Python code. This method is less convenient than the system-wide installation,
but it is the best solution for users without root access to their server,
or for users who don't trust any program running as root that does not absolutely
have to run as root.<br>
</li>
<li>no-su mode, runs the program with no special privileges of any sort. The
downside of such an installation is that to allow the program access to your
personal files (such as pending e-mails) you will have to make some of your
files and directories group or world readable and writable. no-su mode is
a good solution for an unusual breed of user: someone who doesn't trust the
software, but trusts the other users on the server (since they could get
read/write
access to his/er pending e-mail).</li>
</ul>
<p><b><i>Notes:</i></b></p>
<ul>
<li>You will have to recompile tmda-cgi if you move your configuration files,
supplimental display files (icons and style sheet), or either the tmda-cgi
or TMDA source trees.<br>
</li>
<li>You will have to recompile tmda-cgi if you change which mode (system-wide,
single-user, or no-su) you run in.</li>
</ul>
<h3><a name="SystemWide"></a>Installing system-wide</h3>
<p>As root, run the <tt>compile</tt> program. You can specify all of your options
on the command line, but I find it more convenient to run in interactive mode:</p>
<blockquote>
<pre># ./compile</pre>
</blockquote>
<p><tt>compile</tt> asks you a bunch of questions and provides its best-guess
at the answers where possible. If you are not sure of an answer when running
in interactive mode, hit control-C to break out. <tt>compile</tt> will remember
the answers you have already given it and will use those as the default next
time. compile will want to know:</p>
<ol>
<li>The location of your Python interpreter</li>
<li>Where to save the CGI</li>
<li>The path to the TMDA's root directory</li>
<li>The path to tmda-cgi's root directory</li>
<li>An optional path or "formula" to find the user <tt>config</tt>
files</li>
<li>The web path from the CGI to the <tt>display</tt> directory</li>
<li>Mode</li>
</ol>
<p>Finally, tmda-cgi requires a variety of visual elements to be saved in a
<tt>display</tt>
directory (see #6, above). This directory comes with the tmda-cgi source and
will need to be manually copied or linked (make sure your web server is configured
to follow links!) into the appropriate web directory. Please note that #6 specifies
the relative <i>web path</i> from the CGI to the <tt>display</tt> directory,
which may be different than the actual path. For example:</p>
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="35"> </td>
<th>Web path</th>
<td width="15"> </td>
<th>Actual path</th>
</tr>
<tr>
<td> </td>
<td>http://your.domain/cgi-bin/tmda.cgi</td>
<td> </td>
<td>/www/tmda/cgi-bin/tmda.cgi</td>
</tr>
<tr>
<td> </td>
<td>http://your.domain/display/</td>
<td> </td>
<td>/www/tmda/htdocs/display</td>
</tr>
</table>
<p>In the above example, the actual path from the CGI to the display directory
is <tt>../htdocs/display/</tt> but the web path is <tt>../display/</tt>. The
web path is the path that should be entered in question #6.</p>
<h3><a name="SingleUser"></a>Installing single-user</h3>
<p>To install in single user mode, follow the exact same instructions as for
system-wide
mode, but instead of running compile as root, run compile as the single user
who will be able to use the CGI.</p>
<h3><a name="nosu"></a>Installing no-su</h3>
<p>To install in no-su mode, follow the exact same instructions as for system-wide
mode. It will not matter what user you do this as. </p>
<p>At this point you will have to change permissions on any existing pending mail
and add something akin to:</p>
<blockquote>
<pre>os.umask(027)</pre>
</blockquote>
<p>to your configuration file. That will make sure that future pending e-mails
are written such that they can be read by group members (i.e. the CGI).</p>
<h4><a name="nosuExample"></a>Centralized no-su setup</h4>
<p>If you multiple users plan on using tmda-cgi in no-su mode, then you might
consider moving all of your TMDA files into one central location. This will
make it easier to keep group permissions on your directories and files. Here's
some sample directories and file contents I set up for my user <tt>cgitest</tt>:</p>
<blockquote> <tt>/etc:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>-rw-r--r-- 1 root
root 22 Nov 24 23:54 tmda-cgi<br>
-rw-r--r-- 1 root root
557 Nov 27 15:05 tmdarc<br>
-rw------- 1 tofmipd tofmipd 49 Nov 10
11:02 tofmipd</tt></td>
</tr>
</table><br>
<tt>/var:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>drwxr-s--x 3 root
nobody 72 Nov 27 11:24 tmda</tt></td>
</tr>
</table><br>
<tt>/var/tmda:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>drwx--s--- 6 cgitest
nobody 200 Nov 27 11:39 cgitest</tt></td>
</tr>
</table><br>
<tt>/var/tmda/cgitest:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>-rw-r----- 1 cgitest
nobody 0 Nov 27 11:39 config<br>
-rw-r----- 1 cgitest nobody 41 Nov 27
11:39 crypt_key<br>
drwx--s--- 2 cgitest nobody 96 Nov 27
12:55 filters<br>
drwx--s--- 2 cgitest nobody 144 Nov 27
12:59 lists<br>
drwx--s--- 2 cgitest nobody 120 Nov 27
12:57 logs<br>
drwxrws--- 2 cgitest nobody 48 Nov 27
11:37 pending<br>
drwx--s--- 2 cgitest nobody 768 Nov 29
09:54 responses<br>
drwxr-sr-x 2 cgitest nobody 200 Dec
6 20:33 templates</tt></td>
</tr>
</table><br>
<tt>/var/tmda/cgitest/filters:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>-rw-rw---- 1 cgitest
nobody 153 Nov 27 12:54 incoming<br>
-rw-rw---- 1 cgitest nobody 150 Nov 27
12:55 outgoing</tt></td>
</tr>
</table><br>
<tt>/var/tmda/cgitest/lists:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>-rw-rw---- 1 cgitest
nobody 0 Nov 27 12:59 blacklist<br>
-rw-rw---- 1 cgitest nobody 0 Nov
27 12:59 confirmed<br>
-rw-rw---- 1 cgitest nobody 0 Nov
27 12:59 whitelist</tt></td>
</tr>
</table><br>
<tt>/var/tmda/cgitest/logs:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>-rw-r----- 1 cgitest
nobody 0 Nov 27 12:57 debug<br>
-rw-r----- 1 cgitest nobody 0 Nov
27 12:57 in<br>
-rw-r----- 1 cgitest nobody 0 Nov
27 12:57 out</tt></td>
</tr>
</table><br>
<tt>/var/tmda/cgitest/templates:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>-rw-r--r-- 1 cgitest
nobody 407 Dec 6 20:30 bounce.txt<br>
-rw-r--r-- 1 cgitest nobody 215 Dec
6 20:30 confirm_accept.txt<br>
-rw-r--r-- 1 cgitest nobody 702 Dec
6 20:33 confirm_request.txt</tt></td>
</tr>
</table><br>
<tt>/etc/tmda-cgi:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>cgitest:XPkY0q/9Uge9I</tt></td>
</tr>
</table><br>
<tt>/var/tmda/cgitest/filters/incoming:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>from-file
/var/tmda/cgitest/lists/blacklist reject<br>
from-file /var/tmda/cgitest/lists/whitelist accept<br>
from-file /var/tmda/cgitest/lists/confirmed accept</tt></td>
</tr>
</table><br>
<tt>/var/tmda/cgitest/filters/outgoing:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>to-file /var/tmda/cgitest/lists/whitelist
tag envelope dated=10d from bare<br>
to-file /var/tmda/cgitest/lists/confirmed tag envelope dated=10d from bare</tt></td>
</tr>
</table><br>
<tt>/var/tmda/cgitest/templates/confirm_request.txt:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>From.US-ASCII: "%(FULLNAME)s"
<%(recipient_address)s><br>
Subject.US-ASCII: Please confirm your message<br>
Reply-To.US-ASCII: %(confirm_accept_address)s<br>
BodyCharset: US-ASCII<br>
<br>
This message was created automatically by mail delivery software<br>
(TMDA).<br>
<br>
Your message attached below is being held because the address<br>
<%(confirm_append_address)s> has not been verified.<br>
<br>
To release your message for delivery, please send an empty message<br>
to the following address, surf the following link, or use your<br>
mailer's "Reply" feature.<br>
<br>
%(confirm_accept_address)s<br>
<br>
%(confirm_accept_url)s<br>
<br>
This confirmation verifies that your message is legitimate and not<br>
junk-mail. You should only have to confirm your address once.</tt></td>
</tr>
</table><br>
<tt>/etc/tmdarc:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>import Util<br>
<br>
# Allow group access to critical files<br>
ALLOW_MODE_640 = 1<br>
os.umask(0027)<br>
<br>
# Locate important files and directories<br>
DATADIR = "/var/tmda/%s/" % os.environ["USER"]<br>
CONFIRM_APPEND = DATADIR +
"lists/confirmed"<br>
FILTER_INCOMING = DATADIR + "filters/incoming"<br>
FILTER_OUTGOING = DATADIR + "filters/outgoing"<br>
LOGFILE_DEBUG = DATADIR + "logs/debug"<br>
LOGFILE_INCOMING = DATADIR + "logs/in"<br>
LOGFILE_OUTGOING = DATADIR + "logs/out"<br>
PENDING_BLACKLIST_APPEND = DATADIR + "lists/blacklist"<br>
PENDING_WHITELIST_APPEND = DATADIR + "lists/whitelist"<br>
TEMPLATE_DIR = DATADIR + "templates/"<br>
<br>
# CGI location<br>
CGI_URL = "http://wolfhome.com/~cgitest/index2.cgi";<br>
<br>
# Define X-Primary-Address key for TMDA-to-TMDA communications<br>
ADDED_HEADERS_CLIENT = { "X-Primary-Address": "[EMAIL PROTECTED]" % \<br>
(os.environ["USER"], Util.gethostname()) }</tt></td>
</tr>
</table><br>
<tt>~cgitest/.qmail:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>|preline /usr/src/tmda/bin/tmda-filter -c
/var/tmda/cgitest/config<br>
./Maildir/</tt></td>
</tr>
</table>
</blockquote>
<p>tmda-cgi was compiled with the following:</p>
<blockquote>
<pre>./compile -nc /var/tmda/~/config -t /www/tmda.cgi -u nobody</pre>
</blockquote>
<p>Use the <tt>./compile -h</tt> for more details on how to use compile.</p>
<hr>
<h2><a name="Pass"></a>Passwords</h2>
<p>tmda-cgi currently authenticate logins against user name & password pairs
stored in a password file (or files). tmda-cgi will look in two different places
for password file(s), but it (they) must be readable by the CGI.</p>
<p>If you are running in system-wide mode, the password file can be owned by root.
If you are running in single-user mode, the password file can be owned by the
user who will be running the CGI. If you are running in no-su mode, the file
must either be owned by "nobody" (or whatever user your web server
is configured to run as) or made globally readable See the table below for a
better breakdown of your options.</p>
<p>tmda-cgi first checks for a readable file called <tt>tmda-cgi</tt> in the same
directory as the user's configuration file (if that location has been specified,
otherwise it will look in <tt>~user/.tmda/tmda-cgi</tt>). It then tries
<tt>/etc/tmda-cgi</tt>
if it can't find a match or cannot read the file. This allows the system
administrator
to keep a list of access passwords while allowing the user to override what
the sysadmin has set.</p>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="35"> </td>
<td width="10"> </td>
<td> </td>
<td width="10"> </td>
<td colspan="2" align="center" nowrap
bgcolor="#FFFFCC"><tt>~user/.tmda/tmda-cgi</tt></td>
<td width="10" align="center" nowrap> </td>
<td colspan="2" align="center" nowrap bgcolor="#FFFFCC"><tt>/etc/tmda-cgi</tt></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
<td width="80" align="center" bgcolor="#FFFFCC">owner</td>
<td width="90" align="center" bgcolor="#FFFFCC">permissions</td>
<td align="center"> </td>
<td width="80" align="center" bgcolor="#FFFFCC">owner</td>
<td width="90" align="center" bgcolor="#FFFFCC">permissions</td>
</tr>
<tr>
<td> </td>
<td bgcolor="#CCFFFF"> </td>
<td bgcolor="#CCFFFF">system-wide</td>
<td bgcolor="#CCFFFF"> </td>
<td align="center" bgcolor="#CCFFCC">user</td>
<td align="center" bgcolor="#CCFFCC">600</td>
<td align="center" bgcolor="#CCFFFF"> </td>
<td align="center" bgcolor="#CCFFCC">root</td>
<td align="center" bgcolor="#CCFFCC">600</td>
</tr>
<tr>
<td> </td>
<td> </td>
<td>single-user</td>
<td> </td>
<td align="center" bgcolor="#FFFFCC">user</td>
<td align="center" bgcolor="#FFFFCC">600</td>
<td align="center"> </td>
<td colspan="2" align="center" bgcolor="#FFFFCC">n/a</td>
</tr>
<tr>
<td> </td>
<td bgcolor="#CCFFFF"> </td>
<td bgcolor="#CCFFFF">no-su</td>
<td bgcolor="#CCFFFF"> </td>
<td align="center" bgcolor="#CCFFCC">user</td>
<td align="center" bgcolor="#CCFFCC">644</td>
<td align="center" bgcolor="#CCFFFF"> </td>
<td align="center" bgcolor="#CCFFCC">root<br>
nobody </td>
<td align="center" bgcolor="#CCFFCC">644<br>
600 </td>
</tr>
<tr>
<td> </td>
<td colspan="8" align="center">File owner & permission options</td>
</tr>
</table>
<p>The password file for tmda-cgi is formatted in much the same way as the password
file for tofmipd. In fact, if you are using a password file with tofmipd and
you wish to run tmda-cgi in system-wide mode, feel free to make a symbolic link
between the two:</p>
<blockquote>
<pre> # ln -s /etc/tofmipd /etc/tmda-cgi</pre>
</blockquote>
<p>Password files for tmda-cgi look like:</p>
<blockquote>
<pre><user1>:<password1>
<user2>:<password2></pre>
</blockquote>
<p>where each item in <tt><></tt> is replaced with text.</p>
<p>The difference between this password file and the one for tofmipd is that the
file does not need to have <br>
permissions of 400 or 600. If you, for example, are running in no-su mode, you
will have to make your password file group or world readable.</p>
<p>To keep the passwords secure, tmda-cgi will assume all passwords are DES encrypted
if the file permissions are anything other than 400 or 600. Plaintext passwords
will <i><b>not</b></i> work in such cases.</p>
<p>Additionally, any entry with a blank password field, such as:</p>
<blockquote>
<pre>cantlogin:</pre>
</blockquote>
<p>will be prohibited from login, regardless of the file permissions.</p>
<p><tt>contrib/cgi/genpass.py</tt> is provided for encrypted password generation.
Output from <tt>genpass.py</tt> can be safely piped with <tt>></tt> or
<tt>>></tt>
into a password file. For example:</p>
<blockquote>
<pre># contrib/cgi/genpass.py joe >> /etc/tmda-cgi</pre>
</blockquote>
<p> or</p>
<blockquote>
<pre>$ contrib/cgi/genpass.py joe > /home/joe/.tmda/tmda-cgi</pre>
</blockquote>
<p>If you encounter difficulties logging in, the problem may be a result of incorrect
permissions on your password file(s). To debug this, append a <tt>?debug=1</tt>
onto the end of your CGI URL. This will display some diagnostic information
if the login fails instead of simply saying "Wrong password. Try
again."</p>
<hr>
<h2><a name="Virtual" id="Virtual"></a>Virtual users</h2>
<p>Although planned for future releases, there is no support for virtual users
at this time. Each user who plans to use tmda-cgi must have a login record in
<tt>/etc/passwd</tt>.</p>
<hr>
<h2><a name="Config"></a>Configuration</h2>
<p>tmda-cgi is configured by a set of parameters in your configuration file(s).
All tmda-cgi configuration variables begin with a "<tt>CGI_</tt>"
and are described on the <a href="config-vars.html">Configuration Variables</a>
page.</p>
<p><em><strong>Note:</strong></em> If you change nothing else, you will have to
at least set the value for <a
href="config-vars.html#CGI_ACTIVE"><tt>CGI_ACTIVE</tt></a>.</p>
<hr>
<h2><a name="Surprise" id="Surprise"></a>Surprises & gotcha's</h2>
<p>This section of the documentation is reserved for functionality and quirks
that, although not erroneous, may not be what you expect. Check this list for
help if you experience problems with tmda-cgi.</p>
<ol>
<li>tmda-cgi's whitelist feature does not update the list pointed to by
configuration
variable <tt><a
href="/config-vars.html#CONFIRM_APPEND">CONFIRM_APPEND</a></tt><tt>.</tt>
<p>tmda-cgi uses configuration variable <a
href="/config-vars.html#PENDING_WHITELIST_APPEND"><tt>PENDING_WHITELIST_APPEND</tt></a>
instead of <tt><a
href="/config-vars.html#CONFIRM_APPEND">CONFIRM_APPEND</a>.</tt>
To use the whitelist feature, you must set <a
href="/config-vars.html#PENDING_WHITELIST_APPEND"><tt>PENDING_WHITELIST_APPEND</tt></a>
to a list that is handled by your incoming filter.<p></li>
<li>TMDA requires Python version 2.1 but some flavors of Linux (such as <a
href="http://redhat.com";>RedHat</a>)
come with two different versions of Python installed, one older and one newer.
<p>If tmda-cgi tries to run using the wrong version of Python, then you must
specify the correct version at compile time. Instead of typing:
<blockquote>
<pre>$ ./compile <options></pre>
</blockquote>
<p>Type:</p>
<blockquote>
<pre>$ /usr/bin/python2 compile <options></pre>
</blockquote>
<p>(Assuming that your Python 2.1+ can be found at <tt>/usr/bin/python2</tt>.)
The compiler will save the correct version of the Python interpreter and
use it when tmda-cgi is run.</p>
</li>
</ol>
<hr>
<h2><a name="Template" id="Template"></a>Templates</h2>
<p>By supplying your own templates (see the <a href="howto-template.html">Template
HOWTO</a> for more on customizing your templates) you can use tmda-cgi's URL
confirmation feature. This allows you to specify a URL in your confirmation
e-mail as an alternative to confirming by e-mail.</p>
<p>To supply a confirmation URL, simply use the <tt>%(confirm_accept_url)s</tt>
variable in <tt>confirm_request.txt</tt> as shown in <a
href="#nosuExample">Centralized
no-su setup</a>.</p>
<p><em><strong>Notes:</strong></em></p>
<ul>
<li>Be sure you set <a href="config-vars.html#CGI_ACTIVE"><tt>CGI_ACTIVE</tt></a>,
<a href="config-vars.html#CGI_URL"><tt>CGI_URL</tt></a>, and <a
href="config-vars.html#TEMPLATE_DIR"><tt>TEMPLATE_DIR</tt></a>
before modifying your template! No confirmation e-mails will be sent if you
specify a <tt>%(confirm_accept_url)</tt> until these variables are properly
configured.<br>
</li>
<li>Always test your configuration after making a change to your templates.<br>
</li>
<li>Your crypt_key file must be readible by tmda-cgi to use this feature.
<p>This is not and issue if you are running in system-wide orf single-user
modes, but in no-su mode, you will have to:</p>
</li>
<ul>
<li>Put crypt_key in the CGI's group.</li>
<li>Assign crypt_key 640 permissions.</li>
<li>Turn on <a href="config-vars.html#ALLOW_MODE_640">ALLOW_MODE_640</a>.<br>
</li>
</ul>
</ul>
--- NEW FILE ---
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<!-- THIS PAGE IS AUTOMATICALLY GENERATED. DO NOT EDIT. -->
<!-- Mon Mar 31 22:02:41 2003 -->
<!-- USING HT2HTML 2.0 -->
<!-- SEE http://ht2html.sf.net -->
<!-- User-specified headers:
Title: tmda-cgi HOWTO
-->
<head>
<title>tmda-cgi HOWTO</title>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="generator" content="HT2HTML/2.0">
<style type="text/css">
body { margin: 0px; }
</style>
</head>
<body bgcolor="#ffffff" text="#000000"
marginwidth="0" marginheight="0"
link="#0000bb" vlink="#551a8b"
alink="#ff0000">
<!-- start of page table -->
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<!-- start of banner row -->
<tr>
<!-- start of corner cells -->
<td width="150" valign="middle" bgcolor="#afeeee" class="corner">
<center><font size="+2"
>>>> TMDA </font></center> </td>
<td width="15" bgcolor="#cccccc"> </td><!--spacer-->
<!-- end of corner cells -->
<!-- start of banner -->
<td width="90%" bgcolor="#cccccc" class="banner">
<!-- start of site links table -->
<table width="100%" border="0"
CELLSPACING=0 CELLPADDING=0
bgcolor="#ffffff">
<tr>
<td bgcolor="#cccccc">
<b>TMDA Homepage</b><br>[ <a href="http://www.au.tmda.net/";>AU</a> | <a
href="http://www.us.tmda.net/";>US</a> mirror ]
</td>
<td bgcolor="#cccccc">
<a href="http://sourceforge.net/projects/tmda";>TMDA @ SourceForge</a>
</td>
<td bgcolor="#cccccc">
</td>
<td bgcolor="#cccccc">
</td>
</tr>
</table><!-- end of site links table -->
</td><!-- end of banner -->
</tr><!-- end of banner row -->
<tr><!-- start of sidebar/body row -->
<!-- start of sidebar cells -->
<td width="150" valign="top" bgcolor="#cccccc" class="sidebar">
<!-- start of sidebar table -->
<table width="100%" border="0" cellspacing="0" cellpadding="3"
bgcolor="#ffffff">
<tr><td bgcolor="#191970"><b><font color="#ffffff">
Overview
</font></b></td></tr>
<tr><td bgcolor="#cccccc">
<a href="/index.html">Introduction</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="/history.html">History</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="/features.html">Features</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="/results.html">Results & Testimonials</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="/inuse.html">TMDA In Use</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="/press.html">Press Coverage</a><!-- -*- html -*- -->
</td></tr>
<tr><td bgcolor="#cccccc">
<tr><td bgcolor="#191970"><b><font color="#ffffff">
Install
</font></b></td></tr>
<tr><td bgcolor="#cccccc">
<a href="/requirements.html">Requirements</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="/download.html">Download</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="/install.html">Installation</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<tr><td bgcolor="#191970"><b><font color="#ffffff">
Configuration
</font></b></td></tr>
<tr><td bgcolor="#cccccc">
<a href="/config.html">Overview</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="/config-pre.html">Pre-Configuration</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="/config-server.html">Server Configuration</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="/config-client.html">Client Configuration</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="/config-vars.html">Configuration Variables</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="/config-filter.html">Filter Specification</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="/filter-sources.html">Filter Sources</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<tr><td bgcolor="#191970"><b><font color="#ffffff">
HOWTOs
</font></b></td></tr>
<tr><td bgcolor="#cccccc">
<a href="/howtos.html">Overview</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="/howto-template.html">Templates</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="/tmda-ofmipd.html">tmda-ofmipd</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="/tmda-vdomains.html">Virtual Domains</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<b>tmda-cgi</b>
</td></tr>
<tr><td bgcolor="#cccccc">
<tr><td bgcolor="#191970"><b><font color="#ffffff">
Support
</font></b></td></tr>
<tr><td bgcolor="#cccccc">
<a href="/trouble.html">Troubleshooting</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="http://tmda.net/faq.cgi"; TARGET="Resource Window">FAQ</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="/bugs.html">Bugs & Patches</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="http://tmda.net/lists/listinfo/"; TARGET="Resource Window">Mailing Lists</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="http://mla.libertine.org/"; TARGET="Resource Window">List Archive</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="/support-commercial.html">Commercial Support</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="/resources.html">External Resources</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<a href="/mirrors.html">Mirrors</a>
</td></tr>
<tr><td bgcolor="#cccccc">
<tr><td bgcolor="#191970"><b><font color="#ffffff">
Author
</font></b></td></tr>
<tr><td bgcolor="#cccccc">
<a href="mailto:[EMAIL PROTECTED]">Jason R. Mastaler</a>
</td></tr>
<tr><td bgcolor="#cccccc">
</td></tr>
<tr><td bgcolor="#cccccc">
© 2001-2003
</td></tr>
</table><!-- end of sidebar table -->
</td>
<td width="15"> </td><!--spacer-->
<!-- end of sidebar cell -->
<!-- start of body cell -->
<td valign="top" width="90%" class="body"><br>
<h1>tmda-cgi (contributed by <a href="mailto:[EMAIL PROTECTED]">Gre7g
Luterman</a>)</h1>
<p><a href="#What">What is it?</a><br>
<a href="#Screen">Screenshots</a> <br>
<a href="#Require">Requirements</a><br>
<a href="#Blame">Credit/blame</a><br>
<a href="#Install">Installation</a><br>
<a href="#SystemWide">System-wide mode</a><br>
<a href="#SingleUser">Single-user mode</a><br>
<a href="#nosu">no-su mode</a><br>
<a href="#nosuExample">Centralized
no-su setup</a><br>
<a href="#Pass">Passwords</a><br>
<a href="#Virtual">Virtual users</a><br>
<a href="#Config">Configuration</a><br>
<a href="#Surprise">Surprises & gotcha's</a><br>
<a href="#Template">Templates (URL confirmation)</a></p>
<hr>
<h2><a name="What"></a>What is it?</h2>
<p>tmda-cgi is an alpha-release program for managing your
TMDA account over the web. At the time of this writing, tmda-cgi
can:</p>
<ul>
<li>Page through lists of pending e-mail (mail received by your MTA, but still
awaiting confirmation)
<li>View the text content (and see what sorts of attachments are included) in
any of your pending e-mails
<li>Release (move into your mail folder as if a confirmation had been received)
any of your pending e-mails.
<li>Delete any pending e-mail
<li>Whitelist or blacklist the author of any pending e-mails.
</ul>
<p>At the moment, tmda-cgi's focus is clearly manipulating pending e-mails. At
some point, I would like tmda-cgi to become more of a general system tool. Features
I hope to add soon include:</p>
<ul>
<li>Filter configuration</li>
<li>List editing</li>
<li>Automated clean-ups of pending e-mails</li>
<li>E-mail address generation (keyword, dated, or sender)</li>
</ul>
<p>tmda-cgi provides quick and easy access to your pending e-mails. This is an
ideal tool for users who either do not have access to a shell account or are
intimidated by operating in a command-line environment.</p>
<p>Although TMDA users do not generally need to mess with their pending e-mails,
there are times when this is the most convenient way to go. For instance:</p>
<ul>
<li>When you use a web site that says it will automatically mail you a password,
authentication link, or a receipt for a transaction you are making right now,
but you're not interested in any follow-up e-mail they will likely send you
in the future (and you don't feel like generating a dated address).
<p> Simply fill out the web form like you normally would and give your regular,
filtered e-mail address. The web site will send the e-mail to your mail
server, and your mail server will send a confirmation request back to the
web site (which will most likely never be seen by a human being). Then log
into tmda-cgi and manually release their letter. Any further mail they send
you will sit quietly in your pending directory like the one you released.
</li>
<li>To search your incoming mail for automated mailings you want to receive.
<p> Using tmda-cgi regularly for a few weeks or months after you begin filtering
your e-mail is a good way to make sure your filters are configured correctly.
<li>
<p>To look for "lost" e-mail.
<p> It's really rare that e-mail will get lost, but it's bound to happen
sometimes.
Perhaps Aunt Margaret can't figure out what the confirmation e-mail meant
(even though it is written in a very obvious way). Perhaps your boss was
in a hurry and deleted the confirmation request thinking
<em><strong>it</strong></em>
was spam (or perhaps he has a really crappy spam filter that mistook the
confirmation for spam). Perhaps Grandpa Joe sent you some e-mail from someone
else's e-mail account and they deleted the confirmation request, not realizing
what it was.
<li>
<p>To remind you <em><strong>why</strong></em> you got TMDA in the first place.
<p> "Wow, I would have gotten 100 e-mails about Viagara, cheap cigarettes,
weight loss drugs, penis enlargement, and Nigerian swindles today! Now I
remember why the rest of my family thinks that e-mail is a pain."
</ul>
<hr>
<h2><a name="Screen" id="Screen"></a>Screenshots</h2>
<p><b><i>Note:</i></b> You may find the default colors ugly. Those can be changed
by modifying the CSS file.</p>
<p><a href="http://tmda.sourceforge.net/screenshots/login.png";
target="_blank">Login</a></p>
<p><a href="http://tmda.sourceforge.net/screenshots/pending.png"; target="_blank">Index
of pending e-mails (whitelist & blacklist options enabled)</a></p>
<p><a href="http://tmda.sourceforge.net/screenshots/view1.png"; target="_blank">View
the contents of a pending e-mail with attachements</a></p>
<p><a href="http://tmda.sourceforge.net/screenshots/confirm.png";
target="_blank">Optional
Javascript confirmation when deleting or blacklisting</a></p>
<p><a href="http://tmda.sourceforge.net/screenshots/view2.png"; target="_blank">Show
all headers mode when viewing an e-mail</a></p>
<p><a href="http://tmda.sourceforge.net/screenshots/confirmed.png"; target="_blank">URL
confirmation
feedback</a></p>
<hr>
<h2><a name="Require"></a>Requirements</h2>
<ul>
<li><a href="http://python.org/";>Python</a> 2.1 or later.
<li><a href="/releases">TMDA</a> 0.74 or later.
<li>A webserver capable of running CGI (such as
<a href="http://httpd.apache.org/";>Apache</a>)
</ul>
<p>TBD. Until we do more testing it isn't clear what systems have problems with
tmda-cgi.</p>
<hr>
<h2><a name="Blame" id="Blame"></a>Credit/blame</h2>
<p>As already mentioned, this is contributed software at an alpha-level release.
That means:</p>
<ul>
<li>Use at your own risk.
<p>That's true of all software in general, but we're telling you up front
that not a lot of people have tested or analyzed the code yet. If it goes
awry or opens a security hole on your machine, I won't drop dead from the
shock.</p>
</li>
<li>tmda-cgi was written by <a href="mailto:[EMAIL PROTECTED]">Gre7g Luterman</a>,
with support from Jason R. Mastaler, David Guerizec, Tim Legant, and others on
the TMDA lists.
</li>
</ul>
<hr>
<h2><a name="Install"></a>Installation</h2>
<p>Download the <a href="/tmda-cgi/releases/">latest release</a> of tmda-cgi.</p>
<p>Uncompress the archive where you plan to keep tmda-cgi:</p>
<blockquote>
<p><code>$ tar -xzf tmda-cgi-X.XX.tgz<br>
$ cd tmda-cgi-X.XX</code></p>
</blockquote>
<p>Once you've obtained a copy of tmda-cgi, you need to decide how you want to
use tmda-cgi. tmda-cgi has been designed to run three different ways: system-wide,
single-user, and in no-su modes.</p>
<ul>
<li>In system-wide mode, multiple users can use tmda-cgi to access their TMDA
system. The program launches as root and then performs a <tt>seteuid</tt>
to run as the requested user once password authentication has been accomplished.
This is the best solution for system administrators who wish to set up their
TMDA system for use by multiple users.<br>
</li>
<li>In single-user mode, only one user can access tmda-cgi. That user will still
need to authenticate their access with a password, but the program runs as
the user who compiled it and therefore cannot access anyone else's personal
data. If multiple users wish to install tmda-cgi in single-user mode (strange,
but not absurd) then each user can compile a different 14k shell that launches
the Python code. This method is less convenient than the system-wide installation,
but it is the best solution for users without root access to their server,
or for users who don't trust any program running as root that does not absolutely
have to run as root.<br>
</li>
<li>no-su mode, runs the program with no special privileges of any sort. The
downside of such an installation is that to allow the program access to your
personal files (such as pending e-mails) you will have to make some of your
files and directories group or world readable and writable. no-su mode is
a good solution for an unusual breed of user: someone who doesn't trust the
software, but trusts the other users on the server (since they could get
read/write
access to his/er pending e-mail).</li>
</ul>
<p><b><i>Notes:</i></b></p>
<ul>
<li>You will have to recompile tmda-cgi if you move your configuration files,
supplimental display files (icons and style sheet), or either the tmda-cgi
or TMDA source trees.<br>
</li>
<li>You will have to recompile tmda-cgi if you change which mode (system-wide,
single-user, or no-su) you run in.</li>
</ul>
<h3><a name="SystemWide"></a>Installing system-wide</h3>
<p>As root, run the <tt>compile</tt> program. You can specify all of your options
on the command line, but I find it more convenient to run in interactive mode:</p>
<blockquote>
<pre># ./compile</pre>
</blockquote>
<p><tt>compile</tt> asks you a bunch of questions and provides its best-guess
at the answers where possible. If you are not sure of an answer when running
in interactive mode, hit control-C to break out. <tt>compile</tt> will remember
the answers you have already given it and will use those as the default next
time. compile will want to know:</p>
<ol>
<li>The location of your Python interpreter</li>
<li>Where to save the CGI</li>
<li>The path to the TMDA's root directory</li>
<li>The path to tmda-cgi's root directory</li>
<li>An optional path or "formula" to find the user <tt>config</tt>
files</li>
<li>The web path from the CGI to the <tt>display</tt> directory</li>
<li>Mode</li>
</ol>
<p>Finally, tmda-cgi requires a variety of visual elements to be saved in a
<tt>display</tt>
directory (see #6, above). This directory comes with the tmda-cgi source and
will need to be manually copied or linked (make sure your web server is configured
to follow links!) into the appropriate web directory. Please note that #6 specifies
the relative <i>web path</i> from the CGI to the <tt>display</tt> directory,
which may be different than the actual path. For example:</p>
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="35"> </td>
<th>Web path</th>
<td width="15"> </td>
<th>Actual path</th>
</tr>
<tr>
<td> </td>
<td>http://your.domain/cgi-bin/tmda.cgi</td>
<td> </td>
<td>/www/tmda/cgi-bin/tmda.cgi</td>
</tr>
<tr>
<td> </td>
<td>http://your.domain/display/</td>
<td> </td>
<td>/www/tmda/htdocs/display</td>
</tr>
</table>
<p>In the above example, the actual path from the CGI to the display directory
is <tt>../htdocs/display/</tt> but the web path is <tt>../display/</tt>. The
web path is the path that should be entered in question #6.</p>
<h3><a name="SingleUser"></a>Installing single-user</h3>
<p>To install in single user mode, follow the exact same instructions as for
system-wide
mode, but instead of running compile as root, run compile as the single user
who will be able to use the CGI.</p>
<h3><a name="nosu"></a>Installing no-su</h3>
<p>To install in no-su mode, follow the exact same instructions as for system-wide
mode. It will not matter what user you do this as. </p>
<p>At this point you will have to change permissions on any existing pending mail
and add something akin to:</p>
<blockquote>
<pre>os.umask(027)</pre>
</blockquote>
<p>to your configuration file. That will make sure that future pending e-mails
are written such that they can be read by group members (i.e. the CGI).</p>
<h4><a name="nosuExample"></a>Centralized no-su setup</h4>
<p>If you multiple users plan on using tmda-cgi in no-su mode, then you might
consider moving all of your TMDA files into one central location. This will
make it easier to keep group permissions on your directories and files. Here's
some sample directories and file contents I set up for my user <tt>cgitest</tt>:</p>
<blockquote> <tt>/etc:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>-rw-r--r-- 1 root
root 22 Nov 24 23:54 tmda-cgi<br>
-rw-r--r-- 1 root root
557 Nov 27 15:05 tmdarc<br>
-rw------- 1 tofmipd tofmipd 49 Nov 10
11:02 tofmipd</tt></td>
</tr>
</table><br>
<tt>/var:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>drwxr-s--x 3 root
nobody 72 Nov 27 11:24 tmda</tt></td>
</tr>
</table><br>
<tt>/var/tmda:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>drwx--s--- 6 cgitest
nobody 200 Nov 27 11:39 cgitest</tt></td>
</tr>
</table><br>
<tt>/var/tmda/cgitest:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>-rw-r----- 1 cgitest
nobody 0 Nov 27 11:39 config<br>
-rw-r----- 1 cgitest nobody 41 Nov 27
11:39 crypt_key<br>
drwx--s--- 2 cgitest nobody 96 Nov 27
12:55 filters<br>
drwx--s--- 2 cgitest nobody 144 Nov 27
12:59 lists<br>
drwx--s--- 2 cgitest nobody 120 Nov 27
12:57 logs<br>
drwxrws--- 2 cgitest nobody 48 Nov 27
11:37 pending<br>
drwx--s--- 2 cgitest nobody 768 Nov 29
09:54 responses<br>
drwxr-sr-x 2 cgitest nobody 200 Dec
6 20:33 templates</tt></td>
</tr>
</table><br>
<tt>/var/tmda/cgitest/filters:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>-rw-rw---- 1 cgitest
nobody 153 Nov 27 12:54 incoming<br>
-rw-rw---- 1 cgitest nobody 150 Nov 27
12:55 outgoing</tt></td>
</tr>
</table><br>
<tt>/var/tmda/cgitest/lists:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>-rw-rw---- 1 cgitest
nobody 0 Nov 27 12:59 blacklist<br>
-rw-rw---- 1 cgitest nobody 0 Nov
27 12:59 confirmed<br>
-rw-rw---- 1 cgitest nobody 0 Nov
27 12:59 whitelist</tt></td>
</tr>
</table><br>
<tt>/var/tmda/cgitest/logs:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>-rw-r----- 1 cgitest
nobody 0 Nov 27 12:57 debug<br>
-rw-r----- 1 cgitest nobody 0 Nov
27 12:57 in<br>
-rw-r----- 1 cgitest nobody 0 Nov
27 12:57 out</tt></td>
</tr>
</table><br>
<tt>/var/tmda/cgitest/templates:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>-rw-r--r-- 1 cgitest
nobody 407 Dec 6 20:30 bounce.txt<br>
-rw-r--r-- 1 cgitest nobody 215 Dec
6 20:30 confirm_accept.txt<br>
-rw-r--r-- 1 cgitest nobody 702 Dec
6 20:33 confirm_request.txt</tt></td>
</tr>
</table><br>
<tt>/etc/tmda-cgi:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>cgitest:XPkY0q/9Uge9I</tt></td>
</tr>
</table><br>
<tt>/var/tmda/cgitest/filters/incoming:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>from-file
/var/tmda/cgitest/lists/blacklist reject<br>
from-file /var/tmda/cgitest/lists/whitelist accept<br>
from-file /var/tmda/cgitest/lists/confirmed accept</tt></td>
</tr>
</table><br>
<tt>/var/tmda/cgitest/filters/outgoing:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>to-file /var/tmda/cgitest/lists/whitelist
tag envelope dated=10d from bare<br>
to-file /var/tmda/cgitest/lists/confirmed tag envelope dated=10d from bare</tt></td>
</tr>
</table><br>
<tt>/var/tmda/cgitest/templates/confirm_request.txt:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>From.US-ASCII: "%(FULLNAME)s"
<%(recipient_address)s><br>
Subject.US-ASCII: Please confirm your message<br>
Reply-To.US-ASCII: %(confirm_accept_address)s<br>
BodyCharset: US-ASCII<br>
<br>
This message was created automatically by mail delivery software<br>
(TMDA).<br>
<br>
Your message attached below is being held because the address<br>
<%(confirm_append_address)s> has not been verified.<br>
<br>
To release your message for delivery, please send an empty message<br>
to the following address, surf the following link, or use your<br>
mailer's "Reply" feature.<br>
<br>
%(confirm_accept_address)s<br>
<br>
%(confirm_accept_url)s<br>
<br>
This confirmation verifies that your message is legitimate and not<br>
junk-mail. You should only have to confirm your address once.</tt></td>
</tr>
</table><br>
<tt>/etc/tmdarc:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>import Util<br>
<br>
# Allow group access to critical files<br>
ALLOW_MODE_640 = 1<br>
os.umask(0027)<br>
<br>
# Locate important files and directories<br>
DATADIR = "/var/tmda/%s/" % os.environ["USER"]<br>
CONFIRM_APPEND = DATADIR +
"lists/confirmed"<br>
FILTER_INCOMING = DATADIR + "filters/incoming"<br>
FILTER_OUTGOING = DATADIR + "filters/outgoing"<br>
LOGFILE_DEBUG = DATADIR + "logs/debug"<br>
LOGFILE_INCOMING = DATADIR + "logs/in"<br>
LOGFILE_OUTGOING = DATADIR + "logs/out"<br>
PENDING_BLACKLIST_APPEND = DATADIR + "lists/blacklist"<br>
PENDING_WHITELIST_APPEND = DATADIR + "lists/whitelist"<br>
TEMPLATE_DIR = DATADIR + "templates/"<br>
<br>
# CGI location<br>
CGI_URL = "http://wolfhome.com/~cgitest/index2.cgi";<br>
<br>
# Define X-Primary-Address key for TMDA-to-TMDA communications<br>
ADDED_HEADERS_CLIENT = { "X-Primary-Address": "[EMAIL PROTECTED]" % \<br>
(os.environ["USER"], Util.gethostname()) }</tt></td>
</tr>
</table><br>
<tt>~cgitest/.qmail:</tt>
<table>
<tr>
<td width="600" bgcolor="#CCCCCC"><tt>|preline /usr/src/tmda/bin/tmda-filter -c
/var/tmda/cgitest/config<br>
./Maildir/</tt></td>
</tr>
</table>
</blockquote>
<p>tmda-cgi was compiled with the following:</p>
<blockquote>
<pre>./compile -nc /var/tmda/~/config -t /www/tmda.cgi -u nobody</pre>
</blockquote>
<p>Use the <tt>./compile -h</tt> for more details on how to use compile.</p>
<hr>
<h2><a name="Pass"></a>Passwords</h2>
<p>tmda-cgi currently authenticate logins against user name & password pairs
stored in a password file (or files). tmda-cgi will look in two different places
for password file(s), but it (they) must be readable by the CGI.</p>
<p>If you are running in system-wide mode, the password file can be owned by root.
If you are running in single-user mode, the password file can be owned by the
user who will be running the CGI. If you are running in no-su mode, the file
must either be owned by "nobody" (or whatever user your web server
is configured to run as) or made globally readable See the table below for a
better breakdown of your options.</p>
<p>tmda-cgi first checks for a readable file called <tt>tmda-cgi</tt> in the same
directory as the user's configuration file (if that location has been specified,
otherwise it will look in <tt>~user/.tmda/tmda-cgi</tt>). It then tries
<tt>/etc/tmda-cgi</tt>
if it can't find a match or cannot read the file. This allows the system
administrator
to keep a list of access passwords while allowing the user to override what
the sysadmin has set.</p>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="35"> </td>
<td width="10"> </td>
<td> </td>
<td width="10"> </td>
<td colspan="2" align="center" nowrap
bgcolor="#FFFFCC"><tt>~user/.tmda/tmda-cgi</tt></td>
<td width="10" align="center" nowrap> </td>
<td colspan="2" align="center" nowrap bgcolor="#FFFFCC"><tt>/etc/tmda-cgi</tt></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
<td width="80" align="center" bgcolor="#FFFFCC">owner</td>
<td width="90" align="center" bgcolor="#FFFFCC">permissions</td>
<td align="center"> </td>
<td width="80" align="center" bgcolor="#FFFFCC">owner</td>
<td width="90" align="center" bgcolor="#FFFFCC">permissions</td>
</tr>
<tr>
<td> </td>
<td bgcolor="#CCFFFF"> </td>
<td bgcolor="#CCFFFF">system-wide</td>
<td bgcolor="#CCFFFF"> </td>
<td align="center" bgcolor="#CCFFCC">user</td>
<td align="center" bgcolor="#CCFFCC">600</td>
<td align="center" bgcolor="#CCFFFF"> </td>
<td align="center" bgcolor="#CCFFCC">root</td>
<td align="center" bgcolor="#CCFFCC">600</td>
</tr>
<tr>
<td> </td>
<td> </td>
<td>single-user</td>
<td> </td>
<td align="center" bgcolor="#FFFFCC">user</td>
<td align="center" bgcolor="#FFFFCC">600</td>
<td align="center"> </td>
<td colspan="2" align="center" bgcolor="#FFFFCC">n/a</td>
</tr>
<tr>
<td> </td>
<td bgcolor="#CCFFFF"> </td>
<td bgcolor="#CCFFFF">no-su</td>
<td bgcolor="#CCFFFF"> </td>
<td align="center" bgcolor="#CCFFCC">user</td>
<td align="center" bgcolor="#CCFFCC">644</td>
<td align="center" bgcolor="#CCFFFF"> </td>
<td align="center" bgcolor="#CCFFCC">root<br>
nobody </td>
<td align="center" bgcolor="#CCFFCC">644<br>
600 </td>
</tr>
<tr>
<td> </td>
<td colspan="8" align="center">File owner & permission options</td>
</tr>
</table>
<p>The password file for tmda-cgi is formatted in much the same way as the password
file for tofmipd. In fact, if you are using a password file with tofmipd and
you wish to run tmda-cgi in system-wide mode, feel free to make a symbolic link
between the two:</p>
<blockquote>
<pre> # ln -s /etc/tofmipd /etc/tmda-cgi</pre>
</blockquote>
<p>Password files for tmda-cgi look like:</p>
<blockquote>
<pre><user1>:<password1>
<user2>:<password2></pre>
</blockquote>
<p>where each item in <tt><></tt> is replaced with text.</p>
<p>The difference between this password file and the one for tofmipd is that the
file does not need to have <br>
permissions of 400 or 600. If you, for example, are running in no-su mode, you
will have to make your password file group or world readable.</p>
<p>To keep the passwords secure, tmda-cgi will assume all passwords are DES encrypted
if the file permissions are anything other than 400 or 600. Plaintext passwords
will <i><b>not</b></i> work in such cases.</p>
<p>Additionally, any entry with a blank password field, such as:</p>
<blockquote>
<pre>cantlogin:</pre>
</blockquote>
<p>will be prohibited from login, regardless of the file permissions.</p>
<p><tt>contrib/cgi/genpass.py</tt> is provided for encrypted password generation.
Output from <tt>genpass.py</tt> can be safely piped with <tt>></tt> or
<tt>>></tt>
into a password file. For example:</p>
<blockquote>
<pre># contrib/cgi/genpass.py joe >> /etc/tmda-cgi</pre>
</blockquote>
<p> or</p>
<blockquote>
<pre>$ contrib/cgi/genpass.py joe > /home/joe/.tmda/tmda-cgi</pre>
</blockquote>
<p>If you encounter difficulties logging in, the problem may be a result of incorrect
permissions on your password file(s). To debug this, append a <tt>?debug=1</tt>
onto the end of your CGI URL. This will display some diagnostic information
if the login fails instead of simply saying "Wrong password. Try
again."</p>
<hr>
<h2><a name="Virtual" id="Virtual"></a>Virtual users</h2>
<p>Although planned for future releases, there is no support for virtual users
at this time. Each user who plans to use tmda-cgi must have a login record in
<tt>/etc/passwd</tt>.</p>
<hr>
<h2><a name="Config"></a>Configuration</h2>
<p>tmda-cgi is configured by a set of parameters in your configuration file(s).
All tmda-cgi configuration variables begin with a "<tt>CGI_</tt>"
and are described on the <a href="config-vars.html">Configuration Variables</a>
page.</p>
<p><em><strong>Note:</strong></em> If you change nothing else, you will have to
at least set the value for <a
href="config-vars.html#CGI_ACTIVE"><tt>CGI_ACTIVE</tt></a>.</p>
<hr>
<h2><a name="Surprise" id="Surprise"></a>Surprises & gotcha's</h2>
<p>This section of the documentation is reserved for functionality and quirks
that, although not erroneous, may not be what you expect. Check this list for
help if you experience problems with tmda-cgi.</p>
<ol>
<li>tmda-cgi's whitelist feature does not update the list pointed to by
configuration
variable <tt><a
href="/config-vars.html#CONFIRM_APPEND">CONFIRM_APPEND</a></tt><tt>.</tt>
<p>tmda-cgi uses configuration variable <a
href="/config-vars.html#PENDING_WHITELIST_APPEND"><tt>PENDING_WHITELIST_APPEND</tt></a>
instead of <tt><a
href="/config-vars.html#CONFIRM_APPEND">CONFIRM_APPEND</a>.</tt>
To use the whitelist feature, you must set <a
href="/config-vars.html#PENDING_WHITELIST_APPEND"><tt>PENDING_WHITELIST_APPEND</tt></a>
to a list that is handled by your incoming filter.<p></li>
<li>TMDA requires Python version 2.1 but some flavors of Linux (such as <a
href="http://redhat.com";>RedHat</a>)
come with two different versions of Python installed, one older and one newer.
<p>If tmda-cgi tries to run using the wrong version of Python, then you must
specify the correct version at compile time. Instead of typing:
<blockquote>
<pre>$ ./compile <options></pre>
</blockquote>
<p>Type:</p>
<blockquote>
<pre>$ /usr/bin/python2 compile <options></pre>
</blockquote>
<p>(Assuming that your Python 2.1+ can be found at <tt>/usr/bin/python2</tt>.)
The compiler will save the correct version of the Python interpreter and
use it when tmda-cgi is run.</p>
</li>
</ol>
<hr>
<h2><a name="Template" id="Template"></a>Templates</h2>
<p>By supplying your own templates (see the <a href="howto-template.html">Template
HOWTO</a> for more on customizing your templates) you can use tmda-cgi's URL
confirmation feature. This allows you to specify a URL in your confirmation
e-mail as an alternative to confirming by e-mail.</p>
<p>To supply a confirmation URL, simply use the <tt>%(confirm_accept_url)s</tt>
variable in <tt>confirm_request.txt</tt> as shown in <a
href="#nosuExample">Centralized
no-su setup</a>.</p>
<p><em><strong>Notes:</strong></em></p>
<ul>
<li>Be sure you set <a href="config-vars.html#CGI_ACTIVE"><tt>CGI_ACTIVE</tt></a>,
<a href="config-vars.html#CGI_URL"><tt>CGI_URL</tt></a>, and <a
href="config-vars.html#TEMPLATE_DIR"><tt>TEMPLATE_DIR</tt></a>
before modifying your template! No confirmation e-mails will be sent if you
specify a <tt>%(confirm_accept_url)</tt> until these variables are properly
configured.<br>
</li>
<li>Always test your configuration after making a change to your templates.<br>
</li>
<li>Your crypt_key file must be readible by tmda-cgi to use this feature.
<p>This is not and issue if you are running in system-wide orf single-user
modes, but in no-su mode, you will have to:</p>
</li>
<ul>
<li>Put crypt_key in the CGI's group.</li>
<li>Assign crypt_key 640 permissions.</li>
<li>Turn on <a href="config-vars.html#ALLOW_MODE_640">ALLOW_MODE_640</a>.<br>
</li>
</ul>
</ul>
</td><!-- end of body cell -->
</tr><!-- end of sidebar/body row -->
</table><!-- end of page table -->
</body></html>
--- NEW FILE ---
<!-- -*- html -*- -->
<h3>Overview</h3>
<li><a href="/index.html">Introduction</a>
<li><a href="/history.html">History</a>
<li><a href="/features.html">Features</a>
<li><a href="/results.html">Results & Testimonials</a>
<li><a href="/inuse.html">TMDA In Use</a>
<li><a href="/press.html">Press Coverage</a><!-- -*- html -*- -->
<h3>Install</h3>
<li><a href="/requirements.html">Requirements</a>
<li><a href="/download.html">Download</a>
<li><a href="/install.html">Installation</a>
<h3>Configuration</h3>
<li><a href="/config.html">Overview</a>
<li><a href="/config-pre.html">Pre-Configuration</a>
<li><a href="/config-server.html">Server Configuration</a>
<li><a href="/config-client.html">Client Configuration</a>
<li><a href="/config-vars.html">Configuration Variables</a>
<li><a href="/config-filter.html">Filter Specification</a>
<li><a href="/filter-sources.html">Filter Sources</a>
<h3>HOWTOs</h3>
<li><a href="/howtos.html">Overview</a>
<li><a href="/howto-template.html">Templates</a>
<li><a href="/tmda-ofmipd.html">tmda-ofmipd</a>
<li><a href="/tmda-vdomains.html">Virtual Domains</a>
<li><a href="index.html">tmda-cgi</a>
<h3>Support</h3>
<li><a href="/trouble.html">Troubleshooting</a>
<li><a href="http://tmda.net/faq.cgi"; TARGET="Resource Window">FAQ</a>
<li><a href="/bugs.html">Bugs & Patches</a>
<li><a href="http://tmda.net/lists/listinfo/"; TARGET="Resource Window">Mailing
Lists</a>
<li><a href="http://mla.libertine.org/"; TARGET="Resource Window">List Archive</a>
<li><a href="/support-commercial.html">Commercial Support</a>
<li><a href="/resources.html">External Resources</a>
<li><a href="/mirrors.html">Mirrors</a>
--- tmda-cgi.ht DELETED ---
--- tmda-cgi.html DELETED ---
_______________________________________
tmda-cvs mailing list
http://tmda.net/lists/listinfo/tmda-cvs
![http://tmda.sourceforge.net/screenshots/login.png"](http://tmda.sourceforge.net/screenshots/login.png"){kind=link}
![http://tmda.sourceforge.net/screenshots/pending.png"](http://tmda.sourceforge.net/screenshots/pending.png"){kind=link}
![http://tmda.sourceforge.net/screenshots/view1.png"](http://tmda.sourceforge.net/screenshots/view1.png"){kind=link}
![http://tmda.sourceforge.net/screenshots/confirm.png"](http://tmda.sourceforge.net/screenshots/confirm.png"){kind=link}
![http://tmda.sourceforge.net/screenshots/view2.png"](http://tmda.sourceforge.net/screenshots/view2.png"){kind=link}
![http://tmda.sourceforge.net/screenshots/confirmed.png"](http://tmda.sourceforge.net/screenshots/confirmed.png"){kind=link}