schleuder 2.2.0
Sign up to get free protection for your applications and to get access to all the features.
- data.tar.gz.sig +0 -0
- data/LICENSE +339 -0
- data/README +32 -0
- data/bin/schleuder +96 -0
- data/bin/schleuder-fix-gem-dependencies +30 -0
- data/bin/schleuder-init-setup +37 -0
- data/bin/schleuder-migrate-v2.1-to-v2.2 +205 -0
- data/bin/schleuder-newlist +384 -0
- data/contrib/check-expired-keys.rb +59 -0
- data/contrib/mutt-schleuder-colors.rc +10 -0
- data/contrib/mutt-schleuder-resend.vim +24 -0
- data/contrib/smtpserver.rb +76 -0
- data/ext/default-list.conf +146 -0
- data/ext/default-members.conf +7 -0
- data/ext/list.conf.example +14 -0
- data/ext/schleuder.conf +62 -0
- data/lib/schleuder.rb +49 -0
- data/lib/schleuder/archiver.rb +46 -0
- data/lib/schleuder/crypt.rb +188 -0
- data/lib/schleuder/errors.rb +5 -0
- data/lib/schleuder/list.rb +177 -0
- data/lib/schleuder/list_config.rb +146 -0
- data/lib/schleuder/log/listlogger.rb +56 -0
- data/lib/schleuder/log/outputter/emailoutputter.rb +118 -0
- data/lib/schleuder/log/outputter/metaemailoutputter.rb +50 -0
- data/lib/schleuder/log/schleuderlogger.rb +23 -0
- data/lib/schleuder/mail.rb +861 -0
- data/lib/schleuder/mailer.rb +26 -0
- data/lib/schleuder/member.rb +69 -0
- data/lib/schleuder/plugin.rb +54 -0
- data/lib/schleuder/processor.rb +363 -0
- data/lib/schleuder/schleuder_config.rb +72 -0
- data/lib/schleuder/storage.rb +84 -0
- data/lib/schleuder/utils.rb +80 -0
- data/lib/schleuder/version.rb +3 -0
- data/man/schleuder-newlist.8 +191 -0
- data/man/schleuder.8 +400 -0
- data/plugins/README +20 -0
- data/plugins/manage_keys_plugin.rb +113 -0
- data/plugins/manage_members_plugin.rb +152 -0
- data/plugins/manage_self_plugin.rb +26 -0
- data/plugins/resend_plugin.rb +35 -0
- data/plugins/version_plugin.rb +12 -0
- metadata +178 -0
- metadata.gz.sig +2 -0
@@ -0,0 +1,72 @@
|
|
1
|
+
# the schleuder config class - a simple container
|
2
|
+
module Schleuder
|
3
|
+
# Provides schleuder.conf as object, contains default values for most settings
|
4
|
+
class SchleuderConfig < Storage
|
5
|
+
|
6
|
+
# Options and their defaults
|
7
|
+
# If you want to change them edit the global config file.
|
8
|
+
# Usually in /etc/schleuder/schleuder.conf
|
9
|
+
|
10
|
+
# Outgoing SMTP server address
|
11
|
+
schleuder_attr :smtp_host, 'localhost'
|
12
|
+
|
13
|
+
# Outgoing SMTP server port
|
14
|
+
schleuder_attr :smtp_port, 25
|
15
|
+
|
16
|
+
# Used as sender-address ans for determining the own gpg-key
|
17
|
+
schleuder_attr :myaddr, 'schleuder@localhost'
|
18
|
+
|
19
|
+
# The address to which SchleuderLogger#fatal messages (and possibly also
|
20
|
+
# SchleuderLogger#error messages) are reported
|
21
|
+
schleuder_attr :superadminaddr, 'root@localhost'
|
22
|
+
|
23
|
+
# Location of the global log-file.
|
24
|
+
schleuder_attr :log_file, '/var/log/schleuder/schleuder.log'
|
25
|
+
|
26
|
+
# Global log_level: (ERROR || WARN || INFO || DEBUG)
|
27
|
+
schleuder_attr :log_level, 'ERROR'
|
28
|
+
|
29
|
+
# Directory which holds plugin-files
|
30
|
+
schleuder_attr :plugins_dir, File.join(File.expand_path(File.dirname(__FILE__) + '/../..'),'plugins')
|
31
|
+
|
32
|
+
# Directory which holds one subdirectory for each list
|
33
|
+
schleuder_attr :lists_dir, '/var/schleuderlists'
|
34
|
+
|
35
|
+
# Name of the list-specific file that holds the list configuration (YAML-formatted)
|
36
|
+
schleuder_attr :lists_configfile, 'list.conf'
|
37
|
+
|
38
|
+
# Name of the file that holds the members (YAML-formatted)
|
39
|
+
schleuder_attr :lists_memberfile, 'members.conf'
|
40
|
+
|
41
|
+
# Name of the file that holds default settings for all lists (YAML-formatted)
|
42
|
+
schleuder_attr :lists_default_conf do
|
43
|
+
File.join(@conf_dir,'default-list.conf')
|
44
|
+
end
|
45
|
+
|
46
|
+
# GPG-Key type.
|
47
|
+
schleuder_attr :gpg_key_type, 'RSA'
|
48
|
+
|
49
|
+
# GPG-Key length.
|
50
|
+
schleuder_attr :gpg_key_length, 2048
|
51
|
+
|
52
|
+
# GPG-Sub-Key type.
|
53
|
+
schleuder_attr :gpg_subkey_type, 'RSA'
|
54
|
+
|
55
|
+
# GPG-Sub-Key length.
|
56
|
+
schleuder_attr :gpg_subkey_length, 2048
|
57
|
+
|
58
|
+
### END OF CONFIG OPTIONS
|
59
|
+
|
60
|
+
def initialize(config_file=nil, fromfile=true)
|
61
|
+
if config_file && config_file.is_a?(String)
|
62
|
+
@conf_dir = File.dirname(config_file)
|
63
|
+
elsif config_file.nil?
|
64
|
+
@conf_dir = '/etc/schleuder'
|
65
|
+
config_file = File.join(@conf_dir,'schleuder.conf')
|
66
|
+
end
|
67
|
+
|
68
|
+
# overload with config_file
|
69
|
+
super(config_file, fromfile)
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
@@ -0,0 +1,84 @@
|
|
1
|
+
require 'yaml'
|
2
|
+
|
3
|
+
module Schleuder
|
4
|
+
# Abstract class to provide loading of files and overloading of values.
|
5
|
+
# Note: don't use Schleuder.log in here, is might be not yet available, and
|
6
|
+
# you will produce loops.
|
7
|
+
class Storage
|
8
|
+
|
9
|
+
class << self
|
10
|
+
def schleuder_attr(attr_name, default_value=nil,&block)
|
11
|
+
attr_name = attr_name.to_s unless attr_name.is_a?(String)
|
12
|
+
default_schleuder_attributes[attr_name] = block_given? ? block : Proc.new{ default_value }
|
13
|
+
|
14
|
+
class_eval <<-EOE
|
15
|
+
def #{attr_name}
|
16
|
+
if schleuder_attributes['#{attr_name}'].nil?
|
17
|
+
schleuder_attributes['#{attr_name}'] = self.instance_eval(&self.class.default_schleuder_attributes['#{attr_name}'])
|
18
|
+
end
|
19
|
+
schleuder_attributes['#{attr_name}']
|
20
|
+
end
|
21
|
+
def #{attr_name}=(value)
|
22
|
+
schleuder_attributes['#{attr_name}'] = value
|
23
|
+
end
|
24
|
+
EOE
|
25
|
+
end
|
26
|
+
|
27
|
+
def default_schleuder_attributes
|
28
|
+
@default_schleuder_attributes ||= {}
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
def schleuder_attributes
|
33
|
+
@schleuder_attributes ||= {}
|
34
|
+
end
|
35
|
+
|
36
|
+
# If +input+ is String or Hash it will be used to fill instance variables
|
37
|
+
# fromfile = whether to load the information from file
|
38
|
+
def initialize(input=nil, fromfile=true)
|
39
|
+
if input.kind_of?(Hash)
|
40
|
+
overload_from_hash!(input)
|
41
|
+
elsif input.kind_of?(String) && fromfile
|
42
|
+
overload_from_file!(input)
|
43
|
+
else
|
44
|
+
raise "Unknown input: #{input.class}"
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
48
|
+
private
|
49
|
+
|
50
|
+
# Load content from +filename+ and overwrite existing instance variables of
|
51
|
+
# self
|
52
|
+
def overload_from_file!(filename)
|
53
|
+
h = YAML.load_file(filename) || Hash.new # yaml returns nil if the Hash is empty
|
54
|
+
overload_from_hash!(h)
|
55
|
+
end
|
56
|
+
|
57
|
+
# Load content from +h+ into self (if allowed so according to
|
58
|
+
# attr_reader/writer/accessor)
|
59
|
+
def overload_from_hash!(h)
|
60
|
+
h.each_pair do |k,v|
|
61
|
+
k = k.to_s unless k.is_a?(String)
|
62
|
+
if self.class.default_schleuder_attributes.keys.include?(k)
|
63
|
+
schleuder_attributes[k] = v
|
64
|
+
else
|
65
|
+
Schleuder.log.warn "Attempt to set illegal attribute: #{k} => #{v}"
|
66
|
+
end
|
67
|
+
end
|
68
|
+
end
|
69
|
+
|
70
|
+
def to_hash
|
71
|
+
self.class.default_schleuder_attributes.keys.inject({}) do |res, key|
|
72
|
+
val = send(key)
|
73
|
+
res[key] = if val.is_a?(Array)
|
74
|
+
val.collect { |e| e.respond_to?(:to_hash) ? e.to_hash : e }
|
75
|
+
elsif val.respond_to?(:to_hash)
|
76
|
+
val.to_hash
|
77
|
+
else
|
78
|
+
val
|
79
|
+
end
|
80
|
+
res
|
81
|
+
end
|
82
|
+
end
|
83
|
+
end
|
84
|
+
end
|
@@ -0,0 +1,80 @@
|
|
1
|
+
module Schleuder
|
2
|
+
|
3
|
+
class Utils
|
4
|
+
def self.random_password(size = 32)
|
5
|
+
chars = (('a'..'z').to_a + ('A'..'Z').to_a + ('0'..'9').to_a) + "+*%/()=?![]{}-_.,;:<>".split(//)
|
6
|
+
Utils.generate_random_str(size,chars)
|
7
|
+
end
|
8
|
+
def self.generate_random_str(size=32,chars = nil)
|
9
|
+
chars = (('a'..'z').to_a + ('A'..'Z').to_a + ('0'..'9').to_a) if chars.nil?
|
10
|
+
(1..size).collect{|a| chars[rand(chars.size)] }.join.to_s
|
11
|
+
end
|
12
|
+
|
13
|
+
def self.verify_addr(name, address)
|
14
|
+
unless Utils.emailaddress?(address)
|
15
|
+
raise "Invalid #{name}: #{address}"
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
def self.emailaddress?(address)
|
20
|
+
begin
|
21
|
+
address == TMail::Address.parse(address).address
|
22
|
+
rescue TMail::SyntaxError, TypeError => e
|
23
|
+
false
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
def self.get_pretty_fingerprint(key)
|
28
|
+
"Wrong input, need GPGME::Key!" unless key.kind_of?(GPGME::Key)
|
29
|
+
key.subkeys.first.fingerprint.gsub(/(.{4})/, "\\1 ").strip
|
30
|
+
end
|
31
|
+
|
32
|
+
def self.generate_message_id(listid='')
|
33
|
+
listid = listid + '-' unless listid.empty?
|
34
|
+
'<'+Utils.generate_random_str+"@#{listid}schleuder>"
|
35
|
+
end
|
36
|
+
|
37
|
+
def self.schleuder_id?(message_id,listid='')
|
38
|
+
return false unless message_id
|
39
|
+
listid = listid + '-' unless listid.empty?
|
40
|
+
/<\w*@#{Regexp.quote(listid)}schleuder>/ === message_id
|
41
|
+
end
|
42
|
+
|
43
|
+
def self.compress_fingerprint(fpr)
|
44
|
+
fpr =~ / / ? fpr.gsub(/ /,'') : fpr
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
49
|
+
class Symbol
|
50
|
+
include Comparable
|
51
|
+
|
52
|
+
def <=>(other)
|
53
|
+
self.to_s <=> other.to_s
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
class Hash
|
58
|
+
# Replacing the to_yaml function so it'll serialize hashes sorted (by their keys)
|
59
|
+
#
|
60
|
+
# Original function is in /usr/lib/ruby/1.8/yaml/rubytypes.rb
|
61
|
+
def to_yaml( opts = {} )
|
62
|
+
YAML::quick_emit( object_id, opts ) do |out|
|
63
|
+
out.map( taguri, to_yaml_style ) do |map|
|
64
|
+
sort.each do |k, v| # <-- here's my addition (the 'sort')
|
65
|
+
map.add( k, v )
|
66
|
+
end
|
67
|
+
end
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
|
72
|
+
class String
|
73
|
+
def fmt(linewidth=nil)
|
74
|
+
if linewidth.nil?
|
75
|
+
require 'highline/system_extensions'
|
76
|
+
linewidth = HighLine::SystemExtensions.terminal_size.first || 76
|
77
|
+
end
|
78
|
+
gsub(/(.{1,#{linewidth}})(\s+|$)/, "\\1\n")
|
79
|
+
end
|
80
|
+
end
|
@@ -0,0 +1,191 @@
|
|
1
|
+
.\" generated with Ronn/v0.7.3
|
2
|
+
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
|
+
.
|
4
|
+
.TH "SCHLEUDER\-NEWLIST" "8" "June 2012" "" ""
|
5
|
+
.
|
6
|
+
.SH "NAME"
|
7
|
+
\fBschleuder\-newlist\fR \- create new Schleuder mailing list
|
8
|
+
.
|
9
|
+
.SH "SYNOPSIS"
|
10
|
+
schleuder\-newlist \fILISTADDRESS\fR \e [\-realname \fI\e\'Foo\e List\e\'\fR]
|
11
|
+
.
|
12
|
+
.br
|
13
|
+
\e [\-adminaddress \fIlistadmin@example\.net\fR]
|
14
|
+
.
|
15
|
+
.br
|
16
|
+
\e [\-initmember \fImember1@example\.net\fR
|
17
|
+
.
|
18
|
+
.br
|
19
|
+
\e \e \-initmemberkey \fI/path/to/initmember_publickey\fR]
|
20
|
+
.
|
21
|
+
.br
|
22
|
+
\e [\-privatekeyfile \fI/path/to/privatekey\fR
|
23
|
+
.
|
24
|
+
.br
|
25
|
+
\e \e \-publickeyfile \fI/path/to/publickey\fR
|
26
|
+
.
|
27
|
+
.br
|
28
|
+
\e \e \-passphrase \fIkey_passphrase\fR]
|
29
|
+
.
|
30
|
+
.br
|
31
|
+
\e [\-mailuser mail]
|
32
|
+
.
|
33
|
+
.br
|
34
|
+
\e [\-nointeractive]
|
35
|
+
.
|
36
|
+
.SH "DESCRIPTION"
|
37
|
+
\fBschleuder\-newlist\fR automates the creation of new Schleuder mailing lists\. For more information on Schleuder, please look at \fBschleuder\fR(8)\.
|
38
|
+
.
|
39
|
+
.P
|
40
|
+
\fBschleuder\-newlist\fR does various input validation, and can generate a key or import one\. It will give you as well an easy interface to build new lists in a scripted manner\.
|
41
|
+
.
|
42
|
+
.P
|
43
|
+
It also supports an interactive mode, with which the user will be prompted for missing mandatory options\. The interactive mode can be disabled, using the \fB\-nointercative\fR flag; it is automatically disabled if the script isn\'t run within a valid tty\.
|
44
|
+
.
|
45
|
+
.P
|
46
|
+
If no \fB\-privatekeyfile\fR, \fB\-publickeyfile\fR and \fB\-passphrase\fR are provided, the list will create a new keypair with a random password\. The type and length of the generated keypair is specified in \fB/etc/schleuder/schleuder\.conf\fR\.
|
47
|
+
.
|
48
|
+
.SH "OPTIONS"
|
49
|
+
.
|
50
|
+
.IP "\(bu" 4
|
51
|
+
\fB\-realname\fR \fI\'Foo List\'\fR: Specify the name of the mailing list\.
|
52
|
+
.
|
53
|
+
.IP "\(bu" 4
|
54
|
+
\fB\-adminaddress\fR \fIlistadmin@example\.net\fR: Specify the email address of a list administrator\. This address will be notified of errors, and depending on configuration may also be allowed to send restricted email commands\.
|
55
|
+
.
|
56
|
+
.IP "\(bu" 4
|
57
|
+
\fB\-initmember\fR \fImember1@example\.net\fR: Specify the first subscribed list member address\. Can be the same as the administrator address\. This option must be accompanied by \fB\-initmemberkey\fR\.
|
58
|
+
.
|
59
|
+
.IP "\(bu" 4
|
60
|
+
\fB\-initmemberkey\fR \fI/path/to/initmember_publickey\fR: Specify the path to first subscribed list member public key\. \fB\-initmember\fR must also be specified\.
|
61
|
+
.
|
62
|
+
.IP "\(bu" 4
|
63
|
+
\fB\-privatekeyfile\fR \fI/path/to/privatekey\fR: Specify the path to a previously\-generated private key for the list\. This option must be accompanied by \fB\-publickeyfile\fR and \fB\-passphrase\fR\.
|
64
|
+
.
|
65
|
+
.IP "\(bu" 4
|
66
|
+
\fB\-publickeyfile\fR \fI/path/to/publickey\fR Specify the path to a previously\-generated public key for the list\. This option must be accompanied by \fB\-privatekeyfile\fR and \fB\-passphrase\fR\.
|
67
|
+
.
|
68
|
+
.IP "\(bu" 4
|
69
|
+
\fB\-passphrase\fR \fI\'key passphrase\'\fR Specify the passphrase needed to access the private key specified in \fB\-privatekeyfile\fR\. This option must be accompanied by \fB\-publickeyfile\fR as well\.
|
70
|
+
.
|
71
|
+
.IP "\(bu" 4
|
72
|
+
\fB\-mailuser\fR \fIschleuder\fR Specify the system user account under which \fBschleuder\fR(8) will be executed\. (when run as root, this defaults to "schleuder")
|
73
|
+
.
|
74
|
+
.IP "\(bu" 4
|
75
|
+
\fB\-nointeractive\fR When specified, no questions will be asked to complete missing information\.
|
76
|
+
.
|
77
|
+
.IP "" 0
|
78
|
+
.
|
79
|
+
.SH "EXAMPLES"
|
80
|
+
This creates a new list called \fBtest1\fR with the initial member \fBfoo@bar\.ch\fR\. A new keypair will be generated for the list\.
|
81
|
+
.
|
82
|
+
.IP "" 4
|
83
|
+
.
|
84
|
+
.nf
|
85
|
+
|
86
|
+
schleuder\-newlist foobar@example\.org \e
|
87
|
+
\-realname "bal jak" \e
|
88
|
+
\-adminaddress admin@example\.org \e
|
89
|
+
\-initmember foo@example\.com \-initmemberkey /tmp/foo\.pub
|
90
|
+
.
|
91
|
+
.fi
|
92
|
+
.
|
93
|
+
.IP "" 0
|
94
|
+
.
|
95
|
+
.P
|
96
|
+
The list test2 will be created, a keypair from the following files with the passphrase \fBtest\fR will be imported\.
|
97
|
+
.
|
98
|
+
.IP "" 4
|
99
|
+
.
|
100
|
+
.nf
|
101
|
+
|
102
|
+
schleuder\-newlist test2@example\.com \e
|
103
|
+
\-realname "bal jak" \e
|
104
|
+
\-adminaddress foobar@example\.org \e
|
105
|
+
\-privatekeyfile ~/tmp/test2\.priv \e
|
106
|
+
\-publickeyfile /tmp/test2\.pub \e
|
107
|
+
\-passphrase test
|
108
|
+
.
|
109
|
+
.fi
|
110
|
+
.
|
111
|
+
.IP "" 0
|
112
|
+
.
|
113
|
+
.SH "FILES"
|
114
|
+
/etc/schleuder/schleuder\.conf
|
115
|
+
.
|
116
|
+
.IP "" 4
|
117
|
+
.
|
118
|
+
.nf
|
119
|
+
|
120
|
+
Global Schleuder configuration
|
121
|
+
.
|
122
|
+
.fi
|
123
|
+
.
|
124
|
+
.IP "" 0
|
125
|
+
.
|
126
|
+
.P
|
127
|
+
/etc/schleuder/default\-list\.conf
|
128
|
+
.
|
129
|
+
.IP "" 4
|
130
|
+
.
|
131
|
+
.nf
|
132
|
+
|
133
|
+
Default list settings
|
134
|
+
.
|
135
|
+
.fi
|
136
|
+
.
|
137
|
+
.IP "" 0
|
138
|
+
.
|
139
|
+
.P
|
140
|
+
/var/schleuderlists/HOSTNAME/LISTNAME
|
141
|
+
.
|
142
|
+
.IP "" 4
|
143
|
+
.
|
144
|
+
.nf
|
145
|
+
|
146
|
+
List internal data
|
147
|
+
.
|
148
|
+
.fi
|
149
|
+
.
|
150
|
+
.IP "" 0
|
151
|
+
.
|
152
|
+
.P
|
153
|
+
/var/schleuderlists/HOSTNAME/LISTNAME/list\.conf
|
154
|
+
.
|
155
|
+
.IP "" 4
|
156
|
+
.
|
157
|
+
.nf
|
158
|
+
|
159
|
+
List settings
|
160
|
+
.
|
161
|
+
.fi
|
162
|
+
.
|
163
|
+
.IP "" 0
|
164
|
+
.
|
165
|
+
.P
|
166
|
+
/var/schleuderlists/HOSTNAME/LISTNAME/members\.conf
|
167
|
+
.
|
168
|
+
.IP "" 4
|
169
|
+
.
|
170
|
+
.nf
|
171
|
+
|
172
|
+
List susbcribers\.
|
173
|
+
.
|
174
|
+
.fi
|
175
|
+
.
|
176
|
+
.IP "" 0
|
177
|
+
.
|
178
|
+
.P
|
179
|
+
All configuration files are formatted as YAML\. See \fIhttp://www\.yaml\.org/\fR for more details\.
|
180
|
+
.
|
181
|
+
.SH "BUGS"
|
182
|
+
Known bugs are listed on the Schleuder website\.
|
183
|
+
.
|
184
|
+
.SH "SEE ALSO"
|
185
|
+
\fBschleuder\fR(8), \fBaliases\fR(5), \fBgnupg\fR(7)\.
|
186
|
+
.
|
187
|
+
.P
|
188
|
+
Schleuder website: \fIhttp://schleuder\.nadir\.org/\fR
|
189
|
+
.
|
190
|
+
.P
|
191
|
+
YAML website: \fIhttp://www\.yaml\.org/\fR
|
data/man/schleuder.8
ADDED
@@ -0,0 +1,400 @@
|
|
1
|
+
.\" generated with Ronn/v0.7.3
|
2
|
+
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
|
+
.
|
4
|
+
.TH "SCHLEUDER" "8" "June 2012" "" ""
|
5
|
+
.
|
6
|
+
.SH "NAME"
|
7
|
+
\fBSchleuder\fR \- A groups email gateway\.
|
8
|
+
.
|
9
|
+
.SH "SYNOPSIS"
|
10
|
+
schleuder \fILISTADDRESS\fR < EMAIL
|
11
|
+
.
|
12
|
+
.P
|
13
|
+
schleuder \-test [\fILISTADDRESS\fR]
|
14
|
+
.
|
15
|
+
.SH "DESCRIPTION"
|
16
|
+
Schleuder is a groups email gateway: subscribers can communicate encrypted (and pseudonymously) among themselves, receive emails from non\-subscribers and send emails to non\-subscribers via the list\.
|
17
|
+
.
|
18
|
+
.P
|
19
|
+
Schleuder takes care of all decryption and encryption, stripping of headers, format conversions, etc\. Schleuder can also send out its own public key upon request and process administrative commands received by email\.
|
20
|
+
.
|
21
|
+
.P
|
22
|
+
Email cryptography is handled by using GnuPG\. Schleuder understands all common encapsulation formats: \fBinline\fR, \fBmultipart/encrypted\fR and \fBmultipart/signed\fR\.
|
23
|
+
.
|
24
|
+
.P
|
25
|
+
\fBschleuder\fR(8) is usually called in delivery mode by a \fIMail Transport Agent\fR with an incoming email piped to its standard input\. For more informations on how to integrate Schleuder with your existing mail setup, please look at the Schleuder website: http://schleuder\.nadir\.org/
|
26
|
+
.
|
27
|
+
.P
|
28
|
+
If run with the \fB\-test\fR option Schleuder checks that the setup and basic settings are in a workable state\.
|
29
|
+
.
|
30
|
+
.P
|
31
|
+
\fBschleuder\-newlist\fR(8) automates the creation of new mailing lists\.
|
32
|
+
.
|
33
|
+
.SH "AUTOMATIC SENDING OF LIST PUBLIC KEY"
|
34
|
+
To receive the public key of the mailing list anybody can send an email to the special list address which includes \-sendkey as a postfix
|
35
|
+
.
|
36
|
+
.IP "" 4
|
37
|
+
.
|
38
|
+
.nf
|
39
|
+
|
40
|
+
listname\-sendkey@example\.com
|
41
|
+
.
|
42
|
+
.fi
|
43
|
+
.
|
44
|
+
.IP "" 0
|
45
|
+
.
|
46
|
+
.P
|
47
|
+
Schleuder will reply with the public key of the list without forwarding the request to the list\-members\.
|
48
|
+
.
|
49
|
+
.SH "EMAIL COMMANDS"
|
50
|
+
Schleuder provides some special commands for advanced features to be used by list\-members\. Generally they are called by keywords written into the first non\-blank line of an email\. Schleuder scans for those keywords in every incoming email that is encrypted and validly signed by a list\-admin or —— if allowed by the list\'s configuration —— a list\-member\.
|
51
|
+
.
|
52
|
+
.P
|
53
|
+
Administrative commands (membership and key management) must be sent to the request\-address or the list, which includes \-request as a postfix: listname\-request@example\.org
|
54
|
+
.
|
55
|
+
.P
|
56
|
+
Communicative commands (resending) must be sent to the normal list\-address\.Resending is a list\-command, that means it is only allowed in emails sent over the mailing list\.
|
57
|
+
.
|
58
|
+
.P
|
59
|
+
To receive the list of members send:
|
60
|
+
.
|
61
|
+
.IP "" 4
|
62
|
+
.
|
63
|
+
.nf
|
64
|
+
|
65
|
+
X\-LIST\-MEMBERS
|
66
|
+
|
67
|
+
You will receive a list of list\-admins and list\-members, and their public
|
68
|
+
keys (or the lack thereof)\.
|
69
|
+
.
|
70
|
+
.fi
|
71
|
+
.
|
72
|
+
.IP "" 0
|
73
|
+
.
|
74
|
+
.P
|
75
|
+
To see details on one list\-member, including his/her public key:
|
76
|
+
.
|
77
|
+
.P
|
78
|
+
X\-GET\-MEMBER: you@example\.net
|
79
|
+
.
|
80
|
+
.P
|
81
|
+
To add a member:
|
82
|
+
.
|
83
|
+
.IP "" 4
|
84
|
+
.
|
85
|
+
.nf
|
86
|
+
|
87
|
+
X\-ADD\-MEMBER: you@example\.net mime
|
88
|
+
\-\-\-\-\-BEGIN PGP PUBLIC KEY BLOCK\-\-\-\-\-
|
89
|
+
Version: GnuPG v1\.4\.9 (GNU/Linux)
|
90
|
+
|
91
|
+
mQGiBEjVO7oRBADQvT6wtD2IzzIiK0NbrcilCKCp4MWb8cYXTXguwPQI6y0Nerz4
|
92
|
+
dsK6J0X1Vgeo02tqA4xd3EDK8rdqL2yZfl/2egH8+85R3gDk+kqkfEp4pwCgp6VO
|
93
|
+
[\.\.\.]
|
94
|
+
pNlF/qkaWwRb048h+iMrW21EkouLKTDPFkdFbapV2X5KJZIcfhO1zEbwc1ZKF3Ju
|
95
|
+
Q9X5GRmY62hz9SCZnsC0jeYAni8OUQV9NXfXlS/vePBUnOL08NQB
|
96
|
+
=xTv3
|
97
|
+
\-\-\-\-\-END PGP PUBLIC KEY BLOCK\-\-\-\-\-
|
98
|
+
|
99
|
+
`mime` could also be `plain` (for receiving `inline`\-encapsulated messages)
|
100
|
+
or be skipped (then the list\'s default setting is used)\.
|
101
|
+
|
102
|
+
The public key block is also optional\.
|
103
|
+
.
|
104
|
+
.fi
|
105
|
+
.
|
106
|
+
.IP "" 0
|
107
|
+
.
|
108
|
+
.P
|
109
|
+
To delete a member from the list:
|
110
|
+
.
|
111
|
+
.IP "" 4
|
112
|
+
.
|
113
|
+
.nf
|
114
|
+
|
115
|
+
X\-DELETE\-MEMBER: you@example\.net
|
116
|
+
|
117
|
+
Please note that this doesn\'t delete any public keys\.
|
118
|
+
.
|
119
|
+
.fi
|
120
|
+
.
|
121
|
+
.IP "" 0
|
122
|
+
To receive the list of public keys known to the list
|
123
|
+
.
|
124
|
+
.IP "" 4
|
125
|
+
.
|
126
|
+
.nf
|
127
|
+
|
128
|
+
X\-LIST\-KEYS
|
129
|
+
.
|
130
|
+
.fi
|
131
|
+
.
|
132
|
+
.IP "" 0
|
133
|
+
.
|
134
|
+
.P
|
135
|
+
To receive a certain public key known to the list
|
136
|
+
.
|
137
|
+
.IP "" 4
|
138
|
+
.
|
139
|
+
.nf
|
140
|
+
|
141
|
+
X\-GET\-KEY: foobar@example\.com
|
142
|
+
|
143
|
+
You can also specify a KeyID, or parts of it, as long as it identifies
|
144
|
+
the key distinctly\.
|
145
|
+
.
|
146
|
+
.fi
|
147
|
+
.
|
148
|
+
.IP "" 0
|
149
|
+
.
|
150
|
+
.P
|
151
|
+
To add a public key to the list
|
152
|
+
.
|
153
|
+
.IP "" 4
|
154
|
+
.
|
155
|
+
.nf
|
156
|
+
|
157
|
+
X\-ADD\-KEY:
|
158
|
+
\-\-\-\-\-BEGIN PGP PUBLIC KEY BLOCK\-\-\-\-\-
|
159
|
+
Version: GnuPG v1\.4\.9 (GNU/Linux)
|
160
|
+
|
161
|
+
mQGiBEjVO7oRBADQvT6wtD2IzzIiK0NbrcilCKCp4MWb8cYXTXguwPQI6y0Nerz4
|
162
|
+
dsK6J0X1Vgeo02tqA4xd3EDK8rdqL2yZfl/2egH8+85R3gDk+kqkfEp4pwCgp6VO
|
163
|
+
[\.\.\.]
|
164
|
+
pNlF/qkaWwRb048h+iMrW21EkouLKTDPFkdFbapV2X5KJZIcfhO1zEbwc1ZKF3Ju
|
165
|
+
Q9X5GRmY62hz9SCZnsC0jeYAni8OUQV9NXfXlS/vePBUnOL08NQB
|
166
|
+
=xTv3
|
167
|
+
\-\-\-\-\-END PGP PUBLIC KEY BLOCK\-\-\-\-\-
|
168
|
+
.
|
169
|
+
.fi
|
170
|
+
.
|
171
|
+
.IP "" 0
|
172
|
+
.
|
173
|
+
.P
|
174
|
+
To delete a key from the list\'s keyring:
|
175
|
+
.
|
176
|
+
.IP "" 4
|
177
|
+
.
|
178
|
+
.nf
|
179
|
+
|
180
|
+
X\-DELETE\-KEY: 0xDEADBEEF
|
181
|
+
|
182
|
+
You can also specify an email address, as long as it identifies the key
|
183
|
+
distinctly\.
|
184
|
+
.
|
185
|
+
.fi
|
186
|
+
.
|
187
|
+
.IP "" 0
|
188
|
+
Resending is a list\-command, that means it is only allowed in emails sent over the mailing list\.
|
189
|
+
.
|
190
|
+
.P
|
191
|
+
To send out an email to an external recipient (encrypted if possible, otherwise in the clear)
|
192
|
+
.
|
193
|
+
.IP "" 4
|
194
|
+
.
|
195
|
+
.nf
|
196
|
+
|
197
|
+
X\-RESEND: emailaddress@example\.net
|
198
|
+
.
|
199
|
+
.fi
|
200
|
+
.
|
201
|
+
.IP "" 0
|
202
|
+
.
|
203
|
+
.P
|
204
|
+
Or to send it only if encryption is available
|
205
|
+
.
|
206
|
+
.IP "" 4
|
207
|
+
.
|
208
|
+
.nf
|
209
|
+
|
210
|
+
X\-RESEND\-ENCRYPTED\-ONLY: emailaddress@example\.net
|
211
|
+
.
|
212
|
+
.fi
|
213
|
+
.
|
214
|
+
.IP "" 0
|
215
|
+
.
|
216
|
+
.P
|
217
|
+
To specify multiple recipients separate the addresses with spaces or specify the command multiple times:
|
218
|
+
.
|
219
|
+
.IP "" 4
|
220
|
+
.
|
221
|
+
.nf
|
222
|
+
|
223
|
+
X\-RESEND: you@example\.net me@example\.net
|
224
|
+
or
|
225
|
+
|
226
|
+
X\-RESEND: you@example\.net
|
227
|
+
X\-RESEND: me@example\.net
|
228
|
+
|
229
|
+
With the first format don\'t let your Mail User Agent break long lines!
|
230
|
+
.
|
231
|
+
.fi
|
232
|
+
.
|
233
|
+
.IP "" 0
|
234
|
+
.
|
235
|
+
.SH "EXIT STATUS"
|
236
|
+
0
|
237
|
+
.
|
238
|
+
.IP "" 4
|
239
|
+
.
|
240
|
+
.nf
|
241
|
+
|
242
|
+
Incoming email was processed without errors\.
|
243
|
+
|
244
|
+
Configuration is correct in test mode\.
|
245
|
+
.
|
246
|
+
.fi
|
247
|
+
.
|
248
|
+
.IP "" 0
|
249
|
+
.
|
250
|
+
.P
|
251
|
+
1
|
252
|
+
.
|
253
|
+
.IP "" 4
|
254
|
+
.
|
255
|
+
.nf
|
256
|
+
|
257
|
+
Internal failure in incoming email processing\.
|
258
|
+
|
259
|
+
Bad configuration in test mode\.
|
260
|
+
.
|
261
|
+
.fi
|
262
|
+
.
|
263
|
+
.IP "" 0
|
264
|
+
.
|
265
|
+
.P
|
266
|
+
100
|
267
|
+
.
|
268
|
+
.IP "" 4
|
269
|
+
.
|
270
|
+
.nf
|
271
|
+
|
272
|
+
Unable to decrypt the received message\.
|
273
|
+
|
274
|
+
Unable to verify the signature when configured to only accept signed
|
275
|
+
messages\.
|
276
|
+
|
277
|
+
Message is cleartext when only encrypted messages are allowed\.
|
278
|
+
|
279
|
+
Message is not authenticated as coming from a list\-member when
|
280
|
+
authentication is required\.
|
281
|
+
.
|
282
|
+
.fi
|
283
|
+
.
|
284
|
+
.IP "" 0
|
285
|
+
.
|
286
|
+
.SH "FILES"
|
287
|
+
/etc/schleuder/schleuder\.conf
|
288
|
+
.
|
289
|
+
.IP "" 4
|
290
|
+
.
|
291
|
+
.nf
|
292
|
+
|
293
|
+
Global Schleuder configuration
|
294
|
+
.
|
295
|
+
.fi
|
296
|
+
.
|
297
|
+
.IP "" 0
|
298
|
+
.
|
299
|
+
.P
|
300
|
+
/etc/schleuder/default\-list\.conf
|
301
|
+
.
|
302
|
+
.IP "" 4
|
303
|
+
.
|
304
|
+
.nf
|
305
|
+
|
306
|
+
Default list settings
|
307
|
+
.
|
308
|
+
.fi
|
309
|
+
.
|
310
|
+
.IP "" 0
|
311
|
+
.
|
312
|
+
.P
|
313
|
+
/var/schleuderlists/LISTNAME/list\.conf
|
314
|
+
.
|
315
|
+
.IP "" 4
|
316
|
+
.
|
317
|
+
.nf
|
318
|
+
|
319
|
+
List settings
|
320
|
+
.
|
321
|
+
.fi
|
322
|
+
.
|
323
|
+
.IP "" 0
|
324
|
+
.
|
325
|
+
.P
|
326
|
+
/var/schleuderlists/LISTNAME/members\.conf
|
327
|
+
.
|
328
|
+
.IP "" 4
|
329
|
+
.
|
330
|
+
.nf
|
331
|
+
|
332
|
+
List susbcribers\.
|
333
|
+
|
334
|
+
Each member must have the email\-attribute set\. All other attributes are
|
335
|
+
optional\.
|
336
|
+
|
337
|
+
The following attributes are available:
|
338
|
+
|
339
|
+
* mime: defines the \'pgp\-variant\' to send to the member, possible values are
|
340
|
+
`MIME` (for pgp/mime\-formatted mail according to RFC 3156), and `PLAIN` (for
|
341
|
+
inline\-pgp)\. The fallback\-default for this is defined in the
|
342
|
+
list\.conf\.
|
343
|
+
* encrypted_only: schleuder tries to encrypt every outgoing email\. If
|
344
|
+
that is not possible under some conditions it sends the email
|
345
|
+
unecrypted\. If this attribute is set the member will never receive
|
346
|
+
unencrypted emails; the member will be skipped if encrypting is not
|
347
|
+
possible\.
|
348
|
+
|
349
|
+
Example:
|
350
|
+
|
351
|
+
\- email: you@example\.net
|
352
|
+
\- email: me@example\.org
|
353
|
+
mime: PLAIN
|
354
|
+
\- email: them@example\.com
|
355
|
+
encrypted_only: true
|
356
|
+
.
|
357
|
+
.fi
|
358
|
+
.
|
359
|
+
.IP "" 0
|
360
|
+
.
|
361
|
+
.P
|
362
|
+
/var/schleuderlists/HOSTNAME/LISTNAME
|
363
|
+
.
|
364
|
+
.IP "" 4
|
365
|
+
.
|
366
|
+
.nf
|
367
|
+
|
368
|
+
List internal data
|
369
|
+
.
|
370
|
+
.fi
|
371
|
+
.
|
372
|
+
.IP "" 0
|
373
|
+
.
|
374
|
+
.P
|
375
|
+
/var/log/schleuder
|
376
|
+
.
|
377
|
+
.IP "" 4
|
378
|
+
.
|
379
|
+
.nf
|
380
|
+
|
381
|
+
Schleuder logs directory
|
382
|
+
.
|
383
|
+
.fi
|
384
|
+
.
|
385
|
+
.IP "" 0
|
386
|
+
.
|
387
|
+
.P
|
388
|
+
All configuration files are formatted as YAML\. See \fIhttp://www\.yaml\.org/\fR for more details\.
|
389
|
+
.
|
390
|
+
.SH "BUGS"
|
391
|
+
Known bugs are listed on the Schleuder bugtracker at https://git\.codecoop\.org/projects/schleuder\fBschleuder\-newlist\fR(8), \fBgnupg\fR(7)\.
|
392
|
+
.
|
393
|
+
.P
|
394
|
+
Schleuder website: \fIhttp://schleuder\.nadir\.org/\fR
|
395
|
+
.
|
396
|
+
.P
|
397
|
+
Webschleuder website: \fIhttp://webschleuder\.nadir\.org/\fR (web interface to schleuder)
|
398
|
+
.
|
399
|
+
.P
|
400
|
+
YAML website: \fIhttp://www\.yaml\.org/\fR
|