schleuder 2.2.0

data/lib/schleuder/log/listlogger.rb

@@ -0,0 +1,56 @@
+module Schleuder
+  class ListLogger < Log4r::Logger
+    # Instantiates the list-logger and sets outputters and level.
+    # Warning: Do *not* rely on the list-object here!  It's not yet available
+    # (this actually is part of setting it up) and you'd produce loops and
+    # break the whole thing.
+    def initialize(listname, listdir, config)
+      # Initialize self
+      super('list')
+
+      # define the initial log_level for all outputters (they inherit it)
+      @level = eval("Log4r::#{config.log_level.upcase}")
+
+      # Setting up outputters.
+      fmtr = Log4r::PatternFormatter.new(:pattern => "%d #{listname} %l\t%M")
+
+      if config.log_file
+        require 'log4r/outputter/fileoutputter'
+        filename = config.log_file
+        filename = File.join(listdir, filename) unless filename[0..0].eql?('/')
+        add Log4r::FileOutputter.new("file",
+                                       { :level => @level,
+                                         :filename => filename,
+                                         :formatter => fmtr }
+                                     )
+      end
+
+      if config.log_syslog
+        require 'log4r/outputter/syslogoutputter'
+        syslogfmtr = Log4r::PatternFormatter.new(:pattern => "#{listname}\t%M")
+        add Log4r::SyslogOutputter.new("syslog",
+                                         { :level => @level,
+                                           :ident => 'Schleuder',
+                                           :facility => "LOG_MAIL",
+                                           :formatter => syslogfmtr }
+                                      )
+      end
+
+      if config.log_io
+        require 'log4r/outputter/iooutputter'
+        require 'stringio'
+        io = IO.popen(config.log_io, 'w')
+        add Log4r::IOOutputter.new("io", io, :level => @level)
+      end
+
+      # Add this as last outputter, else you'll see logging-statements from
+      # sending the email before the original error is logged — that's a little
+      # confusing.
+      add EmailOutputter.new("email", :formatter => fmtr)
+    end
+
+    def notify_admin(*args)
+      Log4r::Outputter['email'].notify_admin *args
+    end
+  end
+end

data/lib/schleuder/log/outputter/emailoutputter.rb

@@ -0,0 +1,118 @@
+module Schleuder
+  class EmailOutputter < Log4r::EmailOutputter
+    def initialize(name, hash={})
+      # The class needs to/from/subject, we don't use it
+      hash = {:to => Schleuder.config.superadminaddr,
+              :from => Schleuder.config.myaddr,
+              :'error-to' => Schleuder.config.superadminaddr,
+              :subject => 'Error',
+              :immediate_at => 'ERROR, FATAL',
+              :formatter => formatter,
+              :domain => 'schleuder', # necessary for log4r from debian "stable"
+              :buffsize => 1024**1024 # set the buff size very high otherwise we would trigger random log mails on random log statements if the buffer is full.
+             }.merge(hash)
+      @altmsg = "Hello,\n\nsending an encrypted error message to you failed. Therefore you receive only\nthis message and are kindly requested to take care of the encryption problem\n(e.g. fix your keys) and have a look at the logs to find the error.\n\nYours,  Schleuder\n"
+      super name, hash
+    end
+
+    def format(events)
+      events.map { |event| @formatter.format(event) }
+    end
+
+    def notify_admin(subject, msg)
+      send_mail(makeemail(subject, msg))
+    end
+
+    def makeemail(subject=@subject, msg=nil)
+      m = Mail.new
+      m.subject = subject
+      m.date = Time.now
+      m.from = @from
+
+      if msg
+        case msg
+        when String
+          m.body = msg
+        when Array
+          m.body = ''
+          m.mime_version = 1.0
+          msg.each do |msgpart|
+            part = Mail.new
+            case msgpart
+            when Mail
+              # This contruction is needed to have valid boundaries. Did I mention that Tmail sucks?
+              part.body = Mail.parse(msgpart.to_s).to_s
+              part.content_type = 'message/rfc822'
+            when String
+              part.body = msgpart.to_s
+              part.content_type = 'text/plain'
+            else
+              # This shouldn't happen (we should only have forwarded emails or
+              # strings to notify admins), but who knows.
+              part.body = msgpart
+              part.content_type = 'application/octet-stream'
+            end
+            m.parts.push part
+          end
+        end
+      else
+        # Get the triggering error-msg(s).
+        msg = format(@buff.select { |e| e.level > Log4r::WARN }).join
+        # Get the whole log.
+        backlog = format(@buff).join
+
+        infopart = Mail.new
+        infopart.body = "An error occurred working for list #{Schleuder.list.listname}:\n\n#{msg}\n\nSee also attachments.\n\n"
+        m.parts.push infopart
+
+        if Schleuder.origmsg
+          origm = Mail.new
+          origm.body = Schleuder.origmsg << "\n"
+          origm.content_type = "message/rfc822"
+          origm.set_content_disposition 'inline', { :filename => 'schleuder-orig-message.txt' }
+          origm['content-description'] = "'The originally incoming message'"
+          m.parts.push origm
+        end
+
+        backlogpart = Mail.new
+        backlogpart.body = backlog << "\n\n"
+        backlogpart['content-description'] = "'Schleuder logging output'"
+        backlogpart.set_content_disposition 'inline', { :filename => 'schleuder-log.txt' }
+        m.parts.push backlogpart
+      end
+
+      # Trigger re-parsing of the body, else TMail doesn't know it's multipart... :/
+      m.to_s
+      m
+    end
+
+    def send_mail(mail=makeemail)
+      if @send_mail_lock
+        self.level = Log4r::OFF # it's possible that the loglevel haven't yet been changed
+        Schleuder.log.warn "This is a loop in sending a mail in the EmailOutputer, breaking!"
+        return false
+      end
+      @send_mail_lock = true
+      Schleuder.log.info 'Sending notification to admin'
+      Schleuder.list.config.admins.each do |admin|
+        Schleuder.log.debug { "Looping for admin #{admin}" }
+        m = mail.individualize(admin)
+        m.to = admin.email
+        sender = Schleuder.config.superadminaddr
+        if !Processor.send(m, admin, true, sender)
+          m.body = @altmsg
+          m.content_type = 'text/plain'
+          Processor.send(m, admin, false, sender)
+        end
+      end
+      Schleuder.log.info { 'Sending notification done' }
+    rescue => e
+      # switch off logging per email, else we create loops here!
+      self.level = Log4r::OFF
+      raise
+    ensure
+      @send_mail_lock = false
+      @buff.clear
+    end
+  end
+end

data/lib/schleuder/log/outputter/metaemailoutputter.rb

@@ -0,0 +1,50 @@
+module Schleuder
+  class MetaEmailOutputter < EmailOutputter
+    # TODO: refactor (merge?) with EmailOutputter
+    def send_mail
+      if @send_mail_lock
+        self.level = Log4r::OFF # it's possible that the loglevel haven't yet been changed
+        Schleuder.log.warn 'This is a loop in sending a mail in the MetaEmailOutputter, breaking!'
+        return false
+      end
+      @send_mail_lock = true
+      Schleuder.log.info { 'notifying superadmin' }
+      begin
+        mail = makeemail
+        mail.to = Schleuder.config.superadminaddr
+        r = Member.new('email' => Schleuder.config.superadminaddr)
+        m = mail.individualize(r)
+        if ! Processor.send(m, r, true, Schleuder.config.superadminaddr).first
+          m.body = @altmsg
+          m.content_type = 'text/plain'
+          Processor.send(m, r, false, Schleuder.config.superadminaddr)
+        end
+      rescue => e
+        Schleuder.log.warn "An error occurred while reporting an error: #{e.message}\n#{e.backtrace[0..3].join("\n")}"
+        Schleuder.log.warn "Sending emergency notice to superadmin"
+        mail = "From: root@localhost
+To: #{Schleuder.config.superadminaddr}
+Date: #{Time.now.strftime('%a, %d %b %Y %H:%M:%S %z')}
+Subject: Error
+
+Serious errors happened working for list #{Schleuder.listname}. 
+Please check the logs!
+"
+        Mailer.send mail, Schleuder.config.superadminaddr, 'root@localhost', true
+      end
+      Schleuder.log.info { 'Notifying done' }
+    rescue => e
+      # switch off logging per email, else we create loops here!
+      self.level = Log4r::OFF
+      if e.message.frozen?
+        Schleuder.log.warn "A problematic error happened. I'll better dump the original message to preserve it:\n\n#{Schleuder.origmsg}"
+      else
+        e.message << "\nThis is very problematic, I'll better dump the original message to preserve it:\n\n#{Schleuder.origmsg}"
+      end
+      Schleuder.log.fatal { e }
+    ensure
+      @send_mail_lock = false
+      @buff.clear
+    end
+  end
+end

data/lib/schleuder/log/schleuderlogger.rb

@@ -0,0 +1,23 @@
+module Schleuder
+  class SchleuderLogger < Log4r::Logger
+    # Instantiates a logger to be used outside of list-contexts and sets
+    # outputters and level.
+    def initialize
+      # The name 'log4r' is special: it is considered as meta-logger by Log4r
+      # and receives log_internal()-messages.
+      super 'log4r'
+      # The initial log_level is inherited by all outputters.
+      @level = eval("Log4r::#{Schleuder.config.log_level.upcase}")
+      pattern = "%d Schleuder %l\t%M"
+      formatter = Log4r::PatternFormatter.new(:pattern => pattern)
+      add Log4r::FileOutputter.new('file',
+                                   { :level => @level,
+                                     :filename => Schleuder.config.log_file,
+                                     :formatter => formatter }
+                                  )
+      add MetaEmailOutputter.new('email',
+                                 {:to => Schleuder.config.superadminaddr,
+                                  :immediate_at => 'ERROR, FATAL'})
+    end
+  end
+end

data/lib/schleuder/mail.rb

@@ -0,0 +1,861 @@
+module Schleuder
+  class Mail < TMail::Mail
+
+    # Schleuder::Member's the mail shall be sent to
+    attr_accessor :recipients
+
+    # Additional data that is to be stored into internally sent
+    # mails. Must be a Hash.
+    attr_accessor :metadata
+
+    # Indicator if the incoming mail was encrypted
+    attr_accessor :in_encrypted
+
+    # Indicator if (and by whom) the incoming mail was signed. Is +false+ or a
+    # GPGME::Signature.
+    attr_accessor :in_signed
+
+    attr_accessor :resend_to
+
+    # The incoming  mail in raw form (string). Needed to verify detached
+    # signatures (see +decrypt!+)
+    attr_accessor :original_message
+
+    # Shall we consider this email to be sent by the list-admin?
+    attr_reader :from_admin
+
+    # Shall we consider this email to be sent by a list-member?
+    attr_reader :from_member
+
+    # internal message_id we'll use for all outgoing mails
+    @@schleuder_message_id = nil
+
+    def initialize(*data)
+      super(*data)
+      @resend_to = []
+      @metadata = {:resent_to => [], :notice => [], :warning => [], :error => []}
+    end
+
+    # Overwrites TMail.parse to store the original incoming data. We possibly
+    # need that to verify pgp-signatures (TMail changes headers which
+    # invalidates the signature)
+    def self.parse(string)
+      foo = super(string)
+      foo.original_message = string
+      foo
+    end
+
+    # Desctructivly decrypt/verify +self+.
+    def decrypt!
+      # Note: We don't recurse into nested Mime-parts. Only the first level
+      # will be touched
+      if self.multipart? && !self.type_param('protocol').nil? && self.type_param('protocol').match(/^application\/pgp.*/)
+        Schleuder.log.debug 'mail is pgp/mime-formatted'
+        if self.sub_type == 'signed'
+          Schleuder.log.debug 'mail is signed but not encrypted'
+          Schleuder.log.debug 'Parsing original_message to split content from signature'
+
+          # first, identify the boundary
+          bm = self.original_message.match(/boundary="?'?([^"';]*)/)
+          boundary = "--" + Regexp.escape(bm[1])
+          Schleuder.log.debug "Identified boundary: #{boundary}"
+          # next, find the signed string between the first and the second-last boundary
+          signed_string = self.original_message.match(/.*#{boundary}\r?\n(.*?)\r?\n#{boundary}.*?#{boundary}.*?/m)[1]
+          # Add CRs, which probably have been stripped by the MTA
+          signed_string.gsub!(/\n/, "\r\n") unless signed_string.include?("\r")
+          Schleuder.log.debug "Identified signed string"
+          # third, find the pgp-signature
+          signature = self.original_message.match(/.*(-----BEGIN PGP SIGNATURE-----.*?-----END PGP SIGNATURE-----).*/m)[1] rescue ''
+          Schleuder.log.debug "Identified signature"
+          # finally, verify
+          Schleuder.log.info "Verifying"
+          foo, self.in_signed = self.crypt.verify(signature, signed_string)
+          plaintext = self.parts[0].to_s
+        elsif self.sub_type == 'encrypted'
+          Schleuder.log.debug 'mail is encrypted (and possibly signed)'
+          plaintext, self.in_encrypted, self.in_signed = self.crypt.decrypt(self.parts[1].body)
+        else
+          Schleuder.log.warn "Strange: message claims to be pgp/mime but neither to be signed nor encrypted"
+        end
+        # replace encrypted content with cleartext content
+        plainmsg = Mail.parse(plaintext)
+        #Schleuder.log.debug "plainmsg: #{plainmsg.to_s.inspect}"
+        # test for signed content within the previously encrypted content
+        if plainmsg._content_type_stripped == 'multipart/signed'
+          Schleuder.log.debug "Found signed message as cleartext, recurseing once"
+          plainmsg.original_message = plaintext
+          plainmsg.decrypt!
+          Schleuder.log.debug "End of recursion"
+          self.in_signed = plainmsg.in_signed
+        end
+        # get headers and body(parts) into self
+        if plainmsg.multipart?
+          Schleuder.log.debug "plainmsg.multipart? => true"
+          self.parts.clear
+          plainmsg.parts.each do |p|
+            self.parts.push(Mail.parse(p.to_s))
+          end
+        else
+          Schleuder.log.debug "plainmsg.multipart? => false"
+          self.body = plainmsg.body
+        end
+        self.content_type = plainmsg._content_type
+        self.disposition = plainmsg._disposition
+      else
+        Schleuder.log.debug 'no pgp-mime found, looking for pgp-inline'
+        # Do we simply push everything to crypt as that should return plain
+        # text if it is feeded plain text?  Or does crypt return only an error
+        # if there is nothing to do for it?
+        if self.multipart?
+          Schleuder.log.debug 'multipart found, looking for pgp content in each part'
+          self.parts.each do |part|
+            _decrypt_pgp_inline(part)
+          end
+        else
+          Schleuder.log.debug 'single inline content found, looking for pgp content'
+          _decrypt_pgp_inline(self)
+        end
+      end
+      _parse_signature
+    end
+
+    # Destructivly encrypt and sign. +receiver+ must be a string or a Schleuder::Member
+    def encrypt!(receiver)
+      if receiver.kind_of?(String)
+        receiver = Member.new({'email' => receiver})
+      elsif ! receiver.kind_of?(Member)
+        raise "need a Member-object as argument, got '#{receiver.inspect}'"
+      end
+
+      Schleuder.log.info "Encrypting for #{receiver.inspect}"
+
+      key, msg = receiver.key
+      if key == false
+        Schleuder.log.warn msg.capitalize
+        return [false, msg]
+      elsif key.nil?
+        Schleuder.log.warn "No public key found for '#{keystring}'"
+        return [false, 'no public key found']
+      end
+
+      # choose pgp-variant from addresses value oder config.default_mime
+      pgpvariant = receiver.mime || Schleuder.list.config.default_mime
+
+      case pgpvariant.upcase
+      when 'PLAIN'
+        Schleuder.log.debug "encrypting as text/plain"
+        if self.multipart?
+          self.parts.each_with_index do |p,i|
+            self.parts[i] = _encrypt_pgp_inline(p, receiver)
+          end
+          self.content_type = 'multipart/mixed'
+          self.encoding = nil
+        else
+          foo =  _encrypt_pgp_inline(self, receiver)
+          self.body = foo.body
+          foo.header.each do |k,v|
+            self[k] = v.to_s rescue nil
+          end
+        end
+      when 'MIME'
+        Schleuder.log.debug "encrypting pgp-mime"
+        gpgcontent = Mail.new
+        if self.multipart?
+          self.parts.each do |p|
+            gpgcontent.parts.push(p)
+          end
+        else
+          gpgcontent.body = self.body
+          gpgcontent.content_type = self._content_type
+          gpgcontent.charset = self.charset || 'UTF-8'
+        end
+
+        gpgcontainer = _new_part(crypt.encrypt_str(gpgcontent.to_s, receiver), 'application/octet-stream', self.charset)
+        gpgcontainer.set_disposition('inline', {:filename => 'message.asc'})
+
+        mimecontainer = _new_part("Version: 1\n", 'application/pgp-encrypted')
+        mimecontainer.disposition = 'attachment'
+
+        self.encoding = nil
+        self.body = ""
+        self.parts.clear
+        self.parts.push(mimecontainer)
+        self.parts.push(gpgcontainer)
+        self.set_content_type('multipart', 'encrypted', {:protocol => 'application/pgp-encrypted'})
+        self.mime_version = 1.0
+
+      when 'APPL'
+        Schleuder.log.error "mime-setting 'APPL' is deprecated, use 'MIME' instead for user '#{receiver.email}'"
+      else
+        Schleuder.log.error "Unknown mime-setting for user '#{receiver.email}': #{pgpvariant}"
+      end
+      return true
+    end
+
+    # Clearsign the message. Returns a string (raw msg, which must not be
+    # changed anymore) or a Schleuder::Mail.
+    def sign
+      Schleuder.log.debug "signing message"
+      if (self.to || []).length != 1
+        Schleuder.log.error "I need exactly one recipient in To-header. Found this: #{self.to.inspect}"
+        return false
+      end
+      member = Schleuder.list.find_member_by_email(self.to.to_s)
+      # ugly but necessary: member might be false and member.mime might be nil
+      pgpvariant = member.mime || Schleuder.list.config.default_mime rescue Schleuder.list.config.default_mime
+      case pgpvariant.upcase
+      when 'MIME'
+        Schleuder.log.debug "signing MIME"
+        gpgcontainer = Mail.new
+        if self.multipart?
+          self.parts.each do |p|
+            if p.main_type.eql?('text')
+              # Encode QP (there might be trailing white space
+              p.body = p.body.to_s.split("\n").map do |line|
+                [line].pack("M")
+              end.join("\n")
+              p.encoding = 'Quoted-Printable'
+            end
+            gpgcontainer.parts.push(p)
+          end
+          self.parts.clear
+        else
+          # Encode QP (there might be trailing white space which is illegal
+          # according to RFC 3156).
+          # Don't call body() as that returns the decoded string
+          gpgcontainer.body = body.to_s.split("\n").map do |line|
+              [line].pack("M")
+          end.join("\n")
+          gpgcontainer.encoding = 'Quoted-Printable'
+          gpgcontainer.content_type = self._content_type
+          gpgcontainer.disposition = self._disposition
+          self.body = ''
+        end
+        self.encoding = ''
+        self.parts.push gpgcontainer
+
+        # This following part is quite complicated. We have to do it this way
+        # because TMail changes the mime-boundary on every encoded() (implicit
+        # in to_s()), which invalidates the signature
+
+        # TODO: refactor with encrypt!()
+
+        # First we create the signature-attachment and fill it with a dummy
+        dummy = "dummytobereplaced-#{Time.now.to_f}"
+        sigpart = _new_part(dummy, 'application/pgp-signature')
+        self.parts.push(sigpart)
+
+        # TODO: take care of micalg: the digest used for hashing the plaintext.
+        # RFC 3156 requires it to be set in the content-type. ruby-gpgme
+        # doesn't provide it to us, though.
+        # (Don't use symbols with TMail, it expects strings.)
+        self.set_content_type('multipart', 'signed', {'protocol' => 'application/pgp-signature', 'micalg' => 'pgp-sha1'})
+
+        # Then we dump the crafted msg
+        rawmsg = self.encoded
+
+        # get mime boundary from raw mail
+        bm = rawmsg.match(/boundary="?'?([^"';\r\n]*)/)
+        boundary = "--" + Regexp.escape(bm[1])
+
+        # Now get the to be signed string from the raw message
+        parts = rawmsg.match(/(.*#{boundary}\r?\n)(.*\r?\n)(\r?\n#{boundary}.*?#{boundary}.*)/m)
+
+        if parts
+          # For some reason I don't manage to do this in one gsub-call... *snif*
+          tobesigned_crlf = parts[2].gsub(/\n/, "\r\n").gsub(/\r\r/, "\r")
+          rawmsg = "#{parts[1]}#{tobesigned_crlf}#{parts[3]}"
+
+          # sign the extracted part
+          sig = self.crypt.sign(tobesigned_crlf)
+
+          # replace dummy with signature
+          rawmsg.gsub!(/(.*)#{dummy}(.*?#{boundary}.*?)/m, "\\1#{sig}\\2")
+          rawmsg
+        else
+          Schleuder.log.error "Detection of mime parts in mail for #{self.to} with boundary #{bm} failed. This should not happen. -> Cannot sign outgoing mail."
+
+          false
+        end
+      when 'PLAIN'
+        Schleuder.log.debug "signing PLAIN"
+        if self.multipart?
+          self.parts.each_with_index do |p,i|
+            if p.disposition == 'attachment' || !p.disposition_param('filename').nil?
+              Schleuder.log.debug "found attachment, creating detached signature"
+              # attachment, need detached sig
+              container = Mail.new
+              container.parts.push Mail.parse(p.to_s)
+
+              sig = crypt.sign(p.body)
+              Schleuder.log.debug "sig: #{sig.inspect}"
+              sigpart = _new_part(sig, 'text/plain')
+              sigpart.set_disposition('attachment', {:filename => p.disposition_param('filename') + '.asc'})
+              container.parts.push Mail.parse(sigpart.to_s)
+
+              container.content_type = 'multipart/mixed'
+
+              self.parts[i] = Mail.parse(container.to_s)
+            else
+              p.body = crypt.clearsign(p.body)
+            end
+          end
+        else
+          self.body = crypt.clearsign(self.body)
+        end
+        self
+
+      else
+        Schleuder.log.error "Strange mime-setting: #{pgpvariant}. Don't know what to do with that, ignoring it."
+        self
+      end
+    end
+
+    # Create a new Schleuder::Mail-instance and copy/set selected headers.
+    def individualize(recv)
+      Schleuder.log.debug { "Individualizing mail for #{recv.inspect}" }
+      new = Mail.new
+      new.crypt = crypt
+      # add some headers we want to keep
+      new.content_type = self['content-type'].to_s if self['content-type']
+      new.disposition = self._disposition
+      new.encoding = self.encoding.to_s
+      new.subject = _quote_if_necessary(self.subject.to_s,'UTF-8')
+
+      new.message_id = Mail._schleuder_message_id
+
+      new.to = recv.email.to_s
+      new.date = Time.now
+      new.from = Schleuder.list.config.myaddr
+      new = _add_openpgp_header(new) if Schleuder.list.config.include_openpgp_header
+      if self.multipart?
+        self.parts.each do |p|
+          new.parts.push(Mail.parse(p.to_s))
+        end
+      else
+        new.body = self.body
+      end
+      new
+    end
+
+    def individualize_member(recv)
+      new = self.individualize(recv)
+      _message_ids(new) if Schleuder.list.config.keep_msgid
+      _list_headers(new) if Schleuder.list.config.include_list_headers
+    end
+
+    # Strips keywords from self and stores them in @+keywords+
+    def keywords
+      unless @keywords
+        @keywords = []
+        # we're looking for keywords only in the first mime-part
+        b = self
+        while b.multipart?
+          b = b.parts.first
+        end
+        # split to array to ease parsing
+        a = b.body.split("\n")
+
+        a.map! do |line|
+          if line.match(/^X-.*/)
+            Schleuder.log.debug "found keyword-line: #{line.chomp}"
+            key, val = $&.split(/:|: | /, 2)
+            keyword = key.slice(2..-1).strip
+            if !self.from_admin && Schleuder.list.config.keywords_admin_only.include?(keyword)
+              Schleuder.log.info "Keyword '#{keyword}' is listed as admin only and mail is not from admin, skipping"
+              self.metadata[:error] << "Keyword '#{keyword}' is configured as admin-only."
+              # return the line to have it stay in the body
+              line
+            else
+              # Split values to catch multiple values separated by comma or the like (deprecated).
+              values = val.to_s.strip.split(/[ ,;]+/)
+              values << ' ' if values.empty?
+              values.each do |v|
+                Schleuder.log.info "Storing keyword #{keyword} with value #{v.inspect}"
+                @keywords << {keyword => v.to_s.strip}
+              end
+              nil
+            end
+          elsif line.chomp.empty?
+            line
+          else
+            # break on the first non-empty and non-command line so we don't parse
+            # the whole message (could be much data)
+            break
+          end
+        end
+        # delete nil's (lines formerly containing X-Commands) from array
+        a.compact!
+        # rejoin to string
+        b.body = a.join("\n")
+        # The whole procedure makes TMail parse and reformat the message, so now
+        # it's decoded utf-8
+        b.charset = 'UTF-8'
+        b.encoding = nil
+        Schleuder.log.debug "Inspecting found keywords: #{@keywords.inspect}"
+      end
+      @keywords
+    end
+
+    def request?
+      @request ||= self.to.to_a.include?(Schleuder.list.request_addr)
+    end
+
+    def bounce?
+      self.to.to_a.include?(Schleuder.list.bounce_addr) || \
+        ( # empty Return-Path
+          ['<>'].include?(self['Return-path'].to_s) || \
+          ( # Auto-Submitted exists and does not equal 'no'
+            ! ["no", ""].include?(self['Auto-Submitted'].to_s) && \
+            self['X-Cron-Env'].nil? # cron mails are also autosubmitted
+          )
+        )
+    end
+
+    # +require+s all found plugins, tests SomePlugin.match and if that returns
+    # true runs SomePlugin.process
+    def process_plugins!
+      if self.keywords.empty?
+        Schleuder.log.info 'No keywords present, skipping plugins'
+      elsif File.directory? Schleuder.config.plugins_dir
+        replymsg = ""
+        # We might want to replace the object later, which we can't do with self.
+        mail = self
+        plugins = {:request => [], :list => []}
+        ptype = (self.request? ? :request : :list)
+        used_keywords = []
+        Plugin.signing_key(self)
+        Dir[Schleuder.config.plugins_dir + '/*_plugin.rb'].each do |plugfile|
+          Schleuder.log.debug "Instanciating #{plugfile} as plugin"
+          require plugfile
+          # interpreting class name from file name
+          classname = File.basename(plugfile, '.rb').split('_').collect { |p| p.capitalize }.join
+          plugin = instance_eval(classname).new
+          Schleuder.log.debug "Storing plugin in plugin-list '#{plugin.plugin_type}'"
+          plugins[plugin.plugin_type] << plugin
+        end
+        # This is neither elegant nor fast, but it's got to live only until the rewrite.
+        Schleuder.log.debug "Processing #{ptype}-plugins"
+        self.keywords.each do |kwhash|
+          keyword = kwhash.keys.first
+          value = kwhash.values.first
+          Schleuder.log.debug "Looping for keyword #{keyword}"
+          plugins[ptype].each do |plugin|
+            command = keyword.downcase.gsub(/-/, '_')
+            Schleuder.log.debug "Does #{plugin.class}.respond_to? '#{command}'"
+            if plugin.respond_to?(command)
+              Schleuder.log.debug "Yes it does, executing #{plugin.class}.#{command}"
+              used_keywords << keyword
+              foo = plugin.send(command, mail, value)
+              case foo
+              when String
+                Schleuder.log.debug "Method returned a string, saving it for reply to sender."
+                replymsg << foo << "\n\n\n"
+              when Mail
+                Schleuder.log.debug "Method returned a Mail-object, replacing myself by it."
+                mail = foo
+              else
+                Schleuder.log.debug "Method returned '#{foo.inspect}', don't know how to handle, skipping."
+              end
+              next
+            else
+              Schleuder.log.debug "No it doesn't."
+            end
+          end
+          # Generate error-message if no plugin was executed
+          unless used_keywords.include?(keyword)
+            msg = "No #{ptype}-plugin responded to keyword #{keyword}"
+            Schleuder.log.debug msg
+            if mail.request?
+              replymsg << "Error: #{msg}.\n\n"
+            else
+              mail.metadata[:error] << msg
+            end
+          end
+        end
+        # Decide how to go on: reply or list?
+        if mail.request?
+          Schleuder.log.debug "Message is a request, sending plugins-output back to sender."
+          if replymsg.empty?
+            replymsg = 'The keywords you sent did not produce any output. If you feel this is an error please contact the adminisrators of this list.'.fmt
+          end
+          # This exits.
+          Plugin.reply(mail, replymsg, used_keywords)
+        end
+      else
+        Schleuder.log.error "#{Schleuder.config.plugins_dir} does not exist or is not readable!"
+      end
+    end
+
+    def add_prefix!
+      # only add if it's not already present
+      unless self.subject.index(Schleuder.list.config.prefix)
+        Schleuder.log.debug "adding prefix"
+        self.subject = Schleuder.list.config.prefix + " " + self.subject.to_s
+      end
+    end
+
+    def add_prefix_in!
+      # only add if it's not already present
+      unless self.subject.index(Schleuder.list.config.prefix_in)
+        Schleuder.log.debug "adding prefix_in"
+        self.subject = Schleuder.list.config.prefix_in + " " + self.subject.to_s
+      end
+    end
+
+    def add_prefix_out!
+      # only add if it's not already present
+      unless self.subject.index(Schleuder.list.config.prefix_out)
+        Schleuder.log.debug "adding prefix_out"
+        self.subject = Schleuder.list.config.prefix_out + " " + self.subject.to_s
+      end
+    end
+
+    def add_metadata!
+      Schleuder.log.info "Adding meta-information on old mail to new mail"
+      Schleuder.log.debug 'Generating meta-information'
+      meta = ''
+      Schleuder.list.config.headers_to_meta.each do |h|
+        h = h.to_s.capitalize
+        val = self.header_string(h) rescue '(not parsable)'
+        next if val.nil?
+        val = TMail::Unquoter.unquote_and_convert_to(val,'utf-8')
+        meta << "#{h}: #{val}\n"
+      end
+      meta << "Enc: #{_enc_str @in_encrypted}\n"
+      meta << "Sig: #{_sig_str @in_signed}\n"
+      if self.multipart?
+        self.parts.each_with_index do |p,i|
+          unless p.in_encrypted.nil? && p.in_signed.nil?
+            meta << "part #{i+1}:\n"
+            meta << "  enc: #{_enc_str p.in_encrypted}\n"
+            meta << "  sig: #{_sig_str p.in_signed}\n"
+          end
+        end
+      end
+
+      Schleuder.log.debug 'Adding extra meta data'
+      @metadata.each do |name, content|
+        meta << "#{name.to_s.gsub(/_/, '-').capitalize}: #{(content.join('; ') || content.to_s)}\n" unless content.empty?
+      end
+      meta << "\n"
+
+      # insert oder prepend to the message
+      if self.first_part._content_type_stripped == 'text/plain'
+        Schleuder.log.debug "Glueing meta data into first part of message"
+        self.first_part.body = meta + self.first_part.body
+        # body is now utf-8 and decoded!
+        self.first_part.charset = 'UTF-8'
+        self.first_part.encoding = ''
+      else
+        # make the message multipart and prepend the meta-part 
+        self.to_multipart! unless self.multipart?
+        Schleuder.log.debug "Prepending meta data as own mime part to message"
+        self.parts.unshift _new_part(meta, 'text/plain', 'UTF-8')
+      end
+
+    end
+
+    # Adds Schleuder::ListConfig.public_footer to the end of the body of self
+    # or the body of the first mimepart (if one of those is text/plain) or
+    # appends it as a new mimepart.
+    def add_public_footer!
+      if Schleuder.list.config.public_footer.strip.empty?
+        return false
+      end
+      Schleuder.log.debug "appending public footer"
+      footer = "\n\n-- \n#{Schleuder.list.config.public_footer}\n"
+
+      if self.first_part._content_type_stripped == 'text/plain'
+        self.first_part.body = self.first_part.body.to_s + footer
+      else
+        self.to_multipart! unless self.multipart?
+        self.parts.push _new_part(footer, 'text/plain', 'UTF-8')
+      end
+    end
+
+
+    def to_multipart!
+      # skip if already multipart
+      return false if self.multipart?
+      Schleuder.log.debug "Making message multipart"
+      # else move the body into a mime-part
+      p = _new_part(self.body, self['content-type'].to_s, self.charset, self.encoding)
+      p.disposition = self._disposition
+      self.parts.push p
+      self.body = ''
+      self.set_content_type 'multipart', 'mixed', {:boundary => TMail.new_boundary}
+      self.disposition = ''
+    end
+
+    def first_part
+      if self.multipart?
+        self.parts.first
+      else
+        self
+      end
+    end
+
+    def _content_type(default = 'text/plain')
+      (self['content-type'] || default).to_s rescue default
+    end
+
+    def _content_type_stripped(default = nil)
+      ( default && _content_type(default) || _content_type() ).to_s.split(';').first
+    end
+
+    def _disposition
+      (self['content-disposition'] || '').to_s rescue ''
+    end
+
+   def from_member_address?
+      from.all? { |a| Schleuder.list.find_member_by_address(a) }
+    end
+
+    def from_admin_address?
+      from.all? { |a| Schleuder.list.find_admin_by_address(a) }
+    end
+
+    # An instance of Schleuder::Crypt
+    attr_writer :crypt
+    def crypt
+      @crypt ||= Crypt.new(Schleuder.list.config.gpg_password)
+    end
+ 
+    private
+
+    def _decrypt_pgp_inline(msg)
+      if msg._content_type_stripped == 'text/html'
+        Schleuder.log.debug "Content-type is text/html, can't handle that, skipping"
+      elsif msg.body =~ /^-----BEGIN PGP.*/ || msg.body.content_type.split('/').last.eql?('pgp')
+        Schleuder.log.debug 'found pgp-inline in input'
+        # Look for charset-armor-header. In most cases useless but nobody shall say we didn't try.
+        msg.body.each_line do |l|
+          break if l.strip.empty?
+          next unless m = l.match(/^Charset:\s(.*)$/)
+          @charset = m[1]
+        end
+        # TMail decodes QP if body() is called, Umlauts if to_s() is called.
+        # Life with TMail is hard...
+        if msg.encoding.to_s.downcase.eql?('quoted-printable') || !msg.main_type.eql?('text')
+          str = msg.body
+        else
+          str = msg.to_s
+        end
+        # We need to do this in three steps:
+        # 1. get the decoded body from TMail
+        # 2. delete the encoding-header
+        # 3. put the plaintext back into TMail
+        # Else TMail either can't decode the body correctly or 'over-decodes' it
+        # on next output
+        ptxt, enc, sig = crypt.decrypt(str)
+        if msg.main_type.eql?('text')
+          msg.body = ptxt
+          msg.charset = @charset || 'UTF-8'
+          msg.encoding = nil
+        else
+          # base64-encode if not text as we don't know what's in there. Might
+          # be binary data, which could break otherweise.
+          msg.body = [ptxt].pack("m")
+          msg.encoding = 'base64'
+        end
+        msg.in_encrypted = enc
+        msg.in_signed = sig
+        # RFC 2440 defines that the armored text by default is utf-8
+        if msg.content_type && msg['content-type'].params['x-action'] =~ /^pgp/
+          msg['content-type'].params['x-action'] = nil
+        end
+        unless msg.disposition_param('filename').nil?
+          msg['content-disposition'].params['filename'] =  msg.disposition_param('filename').gsub(/\.(gpg|pgp|asc)$/, '')
+        end
+      else
+        Schleuder.log.debug 'no pgp-inline-data found, doing nothing'
+      end
+    end
+
+    def _encrypt_pgp_inline(msg, receiver)
+      msg.body = crypt.encrypt_str(msg.body.to_s, receiver)
+      # reset encoding, TMail has converted the content
+      msg.encoding = nil
+      # if attachment add '.gpg'-suffix to attachments file names
+      # (The query for 'filename' is a work around against buggy client
+      # formatting that doesn't disposition attachments as attachments. This
+      # variant works ok.)
+      unless msg.disposition_param('filename').nil?
+        msg.set_content_type('application', 'octet-stream', {'x-action' => 'pgp-encrypted'})
+        msg.set_disposition('attachment', {:filename => msg.disposition_param('filename') + '.gpg'})
+      else
+        msg.set_content_type('text', 'plain', {'x-action' => 'pgp-encrypted'})
+        msg.charset = 'UTF-8'
+      end
+      msg
+    end
+
+    def _enc_str(arg)
+      arg ? 'encrypted' : 'unencrypted'
+    end
+
+    def _sig_str(arg)
+      if arg
+        if crypt.get_key(arg.fpr).first
+          arg.to_s
+        else
+          #Schleuder.log.debug arg.inspect
+          "Unknown signature from #{arg.fpr} (public key not present)"
+        end
+      else
+        'No signature'
+      end
+    end
+
+    # Tests if the signature of the incoming mail (if any) belongs to a
+    # list-member or an admin by testing all gpg-key-ids of the signing
+    # key for matches
+    def _parse_signature
+      @from_admin = @from_member = false
+
+      Schleuder.log.debug 'Testing for valid signature'
+      if !in_signed
+        Schleuder.log.info 'No signature found'
+      elsif in_signed.status != 0
+        Schleuder.log.info 'Invalid or unknown signature found'
+      else
+        Schleuder.log.info 'Valid signature found'
+        key, msg = crypt.get_key(in_signed.fpr)
+        if key
+          Schleuder.log.debug "Testing key for matching some member's or admin's keys"
+          if Schleuder.list.find_admin_by_key(key)
+            @from_admin = true
+          end
+          if Schleuder.list.find_member_by_key(key)
+            @from_member = true
+          end
+        else
+          Schleuder.log.debug "Keylookup for signature failed! Reason: #{msg}"
+        end
+      end
+    end
+
+    # Convert the given text into quoted printable format, with an instruction
+    # that the text be eventually interpreted in the given charset.
+    def _quoted_printable(text, charset)
+      text = text.gsub( /[^a-z ]/i ) { _quoted_printable_encode($&) }.
+                  gsub( / /, "_" )
+      "=?#{charset}?Q?#{text}?="
+    end
+
+    # Convert the given character to quoted printable format, taking into
+    # account multi-byte characters (if executing with $KCODE="u", for instance)
+    def _quoted_printable_encode(character)
+      result = ""
+      character.each_byte { |b| result << "=%02X" % b }
+      result
+    end
+
+    # A quick-and-dirty regexp for determining whether a string contains any
+    # characters that need escaping.
+    if !defined?(CHARS_NEEDING_QUOTING)
+      CHARS_NEEDING_QUOTING = /[\000-\011\013\014\016-\037\177-\377]/
+    end
+
+    # Quote the given text if it contains any "illegal" characters
+    def _quote_if_necessary(text, charset)
+      text = text.dup.force_encoding(Encoding::ASCII_8BIT) if text.respond_to?(:force_encoding)
+
+      (text =~ CHARS_NEEDING_QUOTING) ?
+        _quoted_printable(text, charset) :
+        text
+    end
+
+    # Helper for creating new message-parts
+    def _new_part(body, content_type, charset='', encoding='')
+      p = Mail.new
+      p.body = body.to_s
+      p.content_type = content_type
+      p.charset = charset.to_s unless charset.to_s.empty?
+      p.encoding = encoding.to_s unless encoding.to_s.empty?
+      p
+    end
+
+    def _collect_message_ids(ids)
+      return nil if ids.nil? || !ids.is_a?(Array) || ids.empty?
+      ids.select{ |id| Utils.schleuder_id?(id, Schleuder.list.listid) }
+    end
+
+    def self._schleuder_message_id
+      @@schleuder_message_id = Utils.generate_message_id(Schleuder.list.listid) unless @@schleuder_message_id
+      @@schleuder_message_id
+    end
+
+    def _message_ids(mail)
+      Schleuder.log.debug "Copying msgid to in-reply-to/references"
+      mail.in_reply_to = _collect_message_ids(self.in_reply_to)
+      mail.references = _collect_message_ids(self.references)
+      mail
+    end
+
+    def _list_headers(mail)
+      Schleuder.log.debug "Generating list-ids"
+      mail['List-Id'] = "<#{Schleuder.list.listid}>"
+      mail['List-Owner'] = _list_owner
+      mail['List-Post'] = _list_post
+      # TODO: adapt URL to version.
+      mail['List-Help'] = '<https://schleuder2.nadir.org/documentation.html>'
+      mail
+    end
+
+    def _list_owner
+      "<mailto:#{Schleuder.list.owner_addr}> (Use list's public key)"
+    end
+
+    def _list_post
+      if Schleuder.list.config.receive_admin_only
+        "NO (Admins only)"
+      elsif Schleuder.list.config.receive_authenticated_only
+        "<mailto:#{Schleuder.list.config.myaddr}> (Subscribers only)"
+      else
+        "<mailto:#{Schleuder.list.config.myaddr}>"
+      end
+    end
+
+    def _add_openpgp_header(mail)
+      Schleuder.log.debug "Add OpenPGP-Headers"
+      mail['OpenPGP'] = "id=#{Schleuder.list.key_fingerprint} "+
+                        "(Send an email to #{Schleuder.list.sendkey_addr} to receive the public-key)"+
+                        _gen_openpgp_pref_header
+      mail
+    end
+
+    def _gen_openpgp_pref_header
+      unless Schleuder.list.config.openpgp_header_preference == 'none'
+        pref_str = "; preference=#{Schleuder.list.config.openpgp_header_preference} ("
+        if Schleuder.list.config.receive_admin_only
+          pref_str << 'Only encrypted and signed emails by list-admins are accepted'
+        elsif !Schleuder.list.config.receive_authenticated_only
+          if Schleuder.list.config.receive_encrypted_only \
+              && Schleuder.list.config.receive_signed_only
+            pref_str << 'Only encrypted and signed emails are accepted'
+          elsif Schleuder.list.config.receive_encrypted_only \
+                  && !Schleuder.list.config.receive_signed_only
+            pref_str << 'Only encrypted emails are accepted'
+          elsif !Schleuder.list.config.receive_encrypted_only \
+                  && Schleuder.list.config.receive_signed_only
+            pref_str << 'Only signed emails are accepted'
+          else
+            pref_str << 'All kind of emails are accepted'
+          end
+        elsif Schleuder.list.config.receive_authenticated_only
+          if Schleuder.list.config.receive_encrypted_only
+            pref_str << 'Only encrypted and signed emails by list-members are accepted'
+          else
+            pref_str << 'Only signed emails by list-members are accepted'
+          end
+        else
+          pref_str << 'All kind of emails are accepted'
+        end
+        pref_str << ')'
+      end
+      pref_str || ''
+    end
+  end
+end