schleuder 2.2.0

data/contrib/check-expired-keys.rb

@@ -0,0 +1,59 @@
+#!/usr/bin/env ruby
+#
+# This script checks all public keys in the keyring of the given schleuder-list
+# for being expired (or otherwise unusable) and reports the output (if there
+# was something found) to the list-admins.
+# Key are being reported if they expire within the next 14 days.
+# We suggest to run this script from cron once a week.
+
+$VERBOSE = nil
+
+require 'schleuder'
+include Schleuder
+
+if ARGV.size != 1
+  puts "Usage: #{File.basename(__FILE__)} listname"
+  exit 1
+elsif ! File.directory?(List.listdir(ARGV.first))
+  puts "No such list: '#{ARGV.first}'."
+  exit 1
+end
+
+listname = ARGV.first
+Schleuder.list = List.new(listname)
+
+now = Time.now
+checkdate = now + 120960000 # two weeks
+crypt = Crypt.new('')
+msg = ''
+unusable = []
+expiring = []
+
+crypt.list_keys.each do |key|
+  if (exp = key.subkeys.first.expires) > Time.utc(1971, 1, 1, 1)
+    # key has expiry date
+    if now < exp && exp < checkdate
+      # key expires in the near future
+      expdays = ((exp - now)/86400).to_i
+      expiring << [key, expdays]
+    end
+  end
+
+  if not (trust = [:revoked, :expired, :disabled, :invalid].grep(key.trust)).empty?
+    unusable << [key, trust]
+  end
+end
+
+expiring.each do |key,days|
+  msg << "-> Key expires in #{days} days:\n#{key.to_s}\n\n"
+end
+
+unusable.each do |key,trust|
+  msg << "-> Key is #{trust.join(' and ')}:\n#{key.to_s}\n"
+end
+
+unless msg.empty?
+  prefix = "Checking the public keys present in the keyring of list #{listname} for usability gave the following result:".fmt
+  Schleuder.log.notify_admin('keys', prefix + "\n\n" + msg)
+end
+

data/contrib/mutt-schleuder-colors.rc

@@ -0,0 +1,10 @@
+# insert "source /path/to/mutt-schleuder-colors.rc" into your muttrc
+# metadata schleuder v2
+color body red default "^From: .*"
+color body red default "^To: .*"
+color body red default "^Cc: .*"
+color body red default "^Date: .*"
+color body brightred default "^Enc: unenc.*"
+color body red default "^Enc: enc.*"
+color body brightred default "^Sig: [^G]?.*"
+color body red default "^Sig: Good signature.*"

data/contrib/mutt-schleuder-resend.vim

@@ -0,0 +1,24 @@
+" Reply-helper for mutt with schleuder (>= v2.0.0).
+" Will insert a resend-line filled with the address from the quoted Text
+" you're replying to.
+function! SchleuderInsert(string)
+  let fromline = search('> From:', 'n')
+  let addr = matchstr(getline(fromline), '[^ <]*@[^ >]*')
+  let insline = search('^$', 'n')
+  " append after the first blank line
+  let foo = append(insline, a:string . addr)
+  " can't figure out how to append() a newline, so we simply add another
+  " empty line
+  return append(insline+1, '')
+endfunction
+
+function! SchleuderInsertResendEncrypted()
+  return SchleuderInsert('X-RESEND-ENCRYPTED-ONLY: ')
+endfunction
+
+function! SchleuderInsertResend()
+  return SchleuderInsert('X-RESEND: ')
+endfunction
+
+nmap ;sr :call SchleuderInsertResend()<CR>
+nmap ;sc :call SchleuderInsertResendEncrypted()<CR>

data/contrib/smtpserver.rb

@@ -0,0 +1,76 @@
+#!/usr/bin/env ruby
+
+# defaults
+port = 25
+output = "/tmp"
+
+def usage
+  file = File.basename(__FILE__)
+  puts "Usage: #{file} [-p portnum]  { .../output_base_dir/ | .../bin/schleuder listname }"
+  exit 1
+end
+
+# get args
+if (not ARGV.empty?) and (ARGV.first[0..0] == '-')
+  arg = ARGV.shift
+  if arg == '-p'
+    port = ARGV.shift.to_i 
+    usage if port == 0 # nil or not convertable strings convert to 0
+  else
+    usage
+  end
+end
+
+output = ARGV.join(" ") || output
+
+
+# run the server
+require 'socket'
+server = TCPServer.new("localhost", port)
+
+def p(msg)
+  #puts "o:" + msg
+  @s.print msg + "\r\n"
+end
+
+# receive input
+while (@s = server.accept)
+  input = ''
+  #p "200 OK"
+  p "220 localhost SMTP"
+  #p "Wazzup?"
+  begin
+    while i = @s.gets.chomp
+      #puts "i:" + i
+      case i[0..3].downcase
+      when 'ehlo', 'helo'
+        p "250 localhost"
+      when 'mail', 'rcpt', 'rset', '.'
+        p "250 ok"
+      when 'data'
+        p "354 go ahead"
+      when 'quit'
+        p "221 localhost" 
+        @s.close
+      else
+        input << i + "\n"
+      end
+    end
+  rescue IOError
+  end
+  # write input to #{output}
+  if File.directory? output
+    file = output + "/schleuder-#{$$}-#{Time.now.to_f}"
+    File.open(file, 'w') do |f|
+      f.puts input
+    end
+    File.chown 1000, 10, file
+    puts file
+  else
+    IO.popen(output, 'w') do |p|
+      p.puts input
+    end
+  end
+end
+
+

data/ext/default-list.conf

@@ -0,0 +1,146 @@
+# Setting default values for lists. Each setting can be overridden by the
+# list-specific config-file.
+# Options are listed alphabetically and provided with the default behaviour.
+# Some options that need to be set for each list individually are listed in
+# list.conf.example.
+#
+# The configuration format is yaml (http://www.yaml.org).
+#
+# Be careful with changes here once lists are running! You might change
+# their behaviour!
+---
+# Emailaddresses and key_fingerprints of the admin(s) (aka maintainer) of the
+# list, which will receive errormsgs etc. Must be a non-empty array of hashes
+# (:email, :key_fingerprint).
+#admins:
+#- email: anna@example.org
+#  key_fingerprint: 01234567DEADBEE01234567DEADBEEF
+#- email: arthur@example.org
+#  key_fingerprint: DEADBEE01234567DEADBEEF01234567
+#
+# Only send out enrypted emails?
+#send_encrypted_only: false
+#
+# Allow receiving unenrypted mails? If false, any other email will be bounced.
+#receive_encrypted_only: false
+#
+# Allow receiving mails not validly signed? If false, any other email will be
+# bounced.
+#receive_signed_only: false
+#
+# Allow receiving mails that are not validly signed by a list members key? If
+# true, any other email will be bounced.
+#receive_authenticated_only: false
+#
+# Only allow mails being sent from a members address? If true, any other sending
+# address will be dropped.
+# NOTE: This is a very weak restriction mechanism on which you should not rely,
+#       as sending addresses can easily be faked! We recommend you to rather
+#       rely on the `receive_authenticated_only` option. Setting the
+#       `receive_authenticated_only` option to true, will authenticated senders
+#       based on the signature on the mail, which is the strongest
+#       authentication mechanism you can get.
+#       This option could be useful, if you would like to have a closed
+#       mailinglist, but could not yet get all members to properly use GPG.
+#receive_from_member_emailaddresses_only: false
+#
+# Whether to accept only emails that are validly signed by a list-admin's key
+# This is useful for newsletters, announce or notification lists
+#receive_admin_only: false
+#
+# Which pgp encoding? Chose out of PLAIN (text/plain), APPL (application/pgp)
+# and MIME (pgp/mime)
+#default_mime: MIME
+#
+# Schleuder can include various metadata from the original mail. You can tweak
+# Schleuder which header fields should be included.
+#headers_to_meta:
+#- :from
+#- :to
+#- :cc
+#- :date
+#
+# Whether to keep the msgids (In-Reply-To:, References:) or not
+# Schleuder will only pass valid schleuder Message-Ids, all the others
+# are filtered out.
+# This setting can lead to information leakage, as replies are connectable
+# and a thread of (encrypted) messages can be built by an eavesdropper.
+#keep_msgid: true
+#
+# Schleuder can be commanded to process various plugins via keywords in signed
+# emails. To restrict the usage of specific keywords to the admin (some can
+# cause fatal damage) list them here.
+#keywords_admin_only: ['ADD-MEMBER', 'DELETE-MEMBER', 'DELETE-KEY', 'SAVE-MEMBERS', 'DEL-KEY']
+#
+# For keywords listed here the list-admin(s) will receive a notice whenever a
+# member triggers a command with it.
+#keywords_admin_notify: ['ADD-KEY']
+#
+# list-specific log-level: ERROR || WARN || INFO || DEBUG
+#log_level: ERROR
+#
+# Log to SYSLOG? To enable set to true.
+#log_syslog: false
+#
+# Log to IO (write into STDIN of another process/executable)? To enable specify
+# executable with full path and optional arguments here.
+# Example: /path/to/multilog tt /var/schleuderlists/listname/log/
+#log_io: false
+#
+# Log to a file? To enable specify a filename, optionally with full path.
+#log_file: false
+#
+# speaks for itself, no?
+#public_footer:
+#
+# A string that the subject of every email that *is* validly signed by a
+# list-member will be prefixed with (unless the string is already present in
+# the subject)
+#prefix: ''
+#
+# A string that the subject of every email that is *not* validly signed by a
+# list-member will be prefixed with.
+#prefix_in: ''
+#
+# A string that the subject of every internal email, that has been resent to
+# the outside, will be prefixed with.
+#prefix_out: ''
+#
+# Drop any bounces (incoming email not passing the receive_*_only-rules)
+#bounces_drop_all: false
+#
+# Drop bounces if they match one of these headers. Must be a hash, keys and
+# values are case insensitive.
+#bounces_drop_on_headers: {'x-spam-flag' => 'yes'}
+#
+# Send a notice to admin(s) on bouncing or dropping
+#bounces_notify_admins: true
+#
+# Include RFC-compliant List-* Headers into member mails
+#include_list_headers: true
+#
+# Include OpenPGP-Header
+#include_openpgp_header: true
+#
+# Prefered way to receive emails to note in OpenPGP-Header ('sign'|'encrypt'|'signencrypt'|'unprotected'|'none')
+# 'none' to not include a preference
+# default: 'signencrypt'
+#openpgp_header_preference: 'signencrypt'
+#
+# If we want to dump the original incoming mail.
+# ATTENTION: this stores the incoming e-mail on disk!
+#dump_incoming_mail: false
+#
+# Maximum size of message allowed on the list in kilobyte. All others will be bounced.
+# Default is 10MB
+#max_message_size: 10240
+#
+# Whether to archive messages sent to list members or not.
+# Setting this option to true will archive every message sent to list members
+# into <listdir>/archive/$YEAR/$MONTH/$DAY/$MESSAGEID.msg
+# The messages are encrypted with the lists' public key and dumped as it would
+# have been handed over to the MTA.
+# Beware that this will archive every communication over that list on a remote
+# box amongst the matching private key and its password!
+# Default: false
+#archive: false

data/ext/default-members.conf

@@ -0,0 +1,7 @@
+# Example members-file to give an idea of the syntax.
+--- 
+- email: root@localhost
+  key_fingerprint: DEADBEEFDEADBEEFDEADBEEFDEADBEEF
+- email: postmaster@localhost
+  key_fingerprint: BEEFDEADBEEFDEADBEEFDEADBEEFDEAD
+  mime: plain

data/ext/list.conf.example

@@ -0,0 +1,14 @@
+# Configuration options for individal lists.
+# Options are listed alphabetically and provided with the default behaviour.
+# Beyond those options listed here all options listed in default-list.conf can be specified.
+#
+# The configuration format is yaml (http://www.yaml.org).
+---
+# The emailaddress of the list. Needed to identify headers, loops and also the GnuPG key.
+# Must be a valid email address.
+#myaddr: list@example.org
+# Realname of this list address (mainly used for GnuPG key)
+#myname: The Listname
+# Password for the GnuPG private key. (You're working on an encrypted filesystem, aren't you?)
+# Make it long and complicated, you won't ever need to type it.
+#gpg_password: "iuttIs6flewd)#misIg5drash/#tesJor:5Quej"

data/ext/schleuder.conf

@@ -0,0 +1,62 @@
+# Configuration options for schleuder.  
+# The options are sorted alphabetically and the defaults
+# are provided as commented option.
+# The configuration format is yaml.
+--- 
+# Outgoing SMTP host
+#smtp_host: localhost
+#
+# Outgoing SMTP port
+#smtp_port: 25
+#
+# Set the type of a key we might create for new lists.
+#gpg_key_type: RSA
+#
+# Set the length of a key we might create for new lists.
+#gpg_key_length: 2048
+#
+# Set the type of the subkey of a key we might create
+# for new lists.
+#gpg_subkey_type: RSA
+#
+# Set the length of the subkey of a key we might create
+# for new lists.
+#gpg_subkey_length: 2048
+#
+# Name of the per list config file.
+#lists_configfile: list.conf
+#
+# Per list logfile name. Will be written into the directory
+# of the list.
+#lists_logfile: list.log
+#
+# Name of the per list file containing all members and their
+# options.
+#lists_memberfile: members.conf
+#
+# Where we find the global options for all lists.
+# Note: the following notion isn't valid. You have
+# to provide a fully qualified path.
+#lists_default_conf: conf_dir + '/default-list.conf'
+#
+# Location of the various schleuderlists' directory.
+#lists_dir: /var/schleuderlists
+#
+# Location of the global logfile.
+#log_file: /var/log/schleuder/schleuder.log
+#
+# Global schleuder log level, might change after the list config
+# have been read.
+# Possible values: ERROR || WARN || INFO || DEBUG
+#log_level: ERROR
+#
+# Location of schleuder plugins. Note: the following notion
+# isn't valid. You have to provide a fully qualified path.
+#plugins_dir = schleuder_base + '/plugins'
+#
+# The super administrator of this schleuder installation. This
+# address will receive all notices which can'tbe delivered to a certain list
+# admin. It will also be used as sender for emails to list-admins and thus
+# receive their bounces and be seen in public.
+#superadminaddr: root@localhost
+

data/lib/schleuder.rb

@@ -0,0 +1,49 @@
+# third party
+
+errmsg = "For use with ruby v%s %s is required!\nPlease run schleuder-fix-gem-dependencies to fix this!"
+if RUBY_VERSION =~ /1.8/
+  require 'rubygems'
+  begin
+    require 'tmail'
+  rescue LoadError
+    $stderr.puts errmsg % %w(1.8, tmail \(preferably v1.2.3.1\))
+    exit 1
+  end
+else
+  begin
+    gem 'actionmailer', '=2.3.14'
+    require 'action_mailer'
+  rescue LoadError
+    $stderr.puts errmsg % %w(1.9, actionmailer-2.3.14)
+    exit 1
+  end
+end
+
+gem 'gpgme', '=1.0.8'
+require 'gpgme'
+
+require 'net/smtp'
+require 'log4r'
+require 'log4r/outputter/emailoutputter'
+require 'log4r/outputter/fileoutputter'
+require 'filemagic/ext'
+
+# internal requires
+$:.unshift File.dirname(__FILE__)
+require 'schleuder/errors'
+require 'schleuder/utils'
+require 'schleuder/crypt'
+require 'schleuder/storage'
+require 'schleuder/list_config'
+require 'schleuder/list'
+require 'schleuder/mailer'
+require 'schleuder/mail'
+require 'schleuder/member'
+require 'schleuder/plugin'
+require 'schleuder/schleuder_config'
+require 'schleuder/log/outputter/emailoutputter'
+require 'schleuder/log/outputter/metaemailoutputter'
+require 'schleuder/log/schleuderlogger'
+require 'schleuder/log/listlogger'
+require 'schleuder/archiver'
+require 'schleuder/processor'