added message delivery randomization

fix on config file evaluation admin request replies now come with LIST_REQUEST_ADDRESS instead of LIST_ADDRESS
author: rhatto <rhatto> 2006-10-13 15:34:08 +0000
committer: rhatto <rhatto> 2006-10-13 15:34:08 +0000
commit: 671a04034c6a436adb052a8e069a2d2b999afefc (patch)
tree: b7b564bb8b355a154650851b2d36bad1ab619683 /firma
parent: 8ed7399749189b7cbcb8b0c1a921a69f6b18ddda (diff)
download: firma-671a04034c6a436adb052a8e069a2d2b999afefc.tar.gz
firma-671a04034c6a436adb052a8e069a2d2b999afefc.tar.bz2
1 files changed, 83 insertions, 20 deletions
diff --git a/firma b/firma
index 1961de3..b6a6a09 100755
--- a/firma
+++ b/firma
@@ -123,16 +123,12 @@ WARNING: Setting LOG_TO_SYSLOG to '0'."
     fi
   fi
 
-  if ! grep -q -e "^USER=" $FIRMA_CONFIG_FILE; then
+  if [ -z "$FIRMA_USER" ]; then
     FIRMA_USER="nobody"
-  else
-    FIRMA_USER="`grep "^USER=" $FIRMA_CONFIG_FILE | sed -e 's/"//g' -e "s/'//g" | cut -d = -f 2`"
   fi
 
-  if ! grep -q -e "^GROUP=" $FIRMA_CONFIG_FILE; then
+  if [ -z "$FIRMA_GROUP" ]; then
     FIRMA_GROUP="nobody"
-  else
-    FIRMA_GROUP="`grep "^GROUP=" $FIRMA_CONFIG_FILE | sed -e 's/"//g' -e "s/'//g" | cut -d = -f 2`"
   fi
 
   if [ -z "$KEYSERVER" ]; then
@@ -186,17 +182,15 @@ WARNING: $LIST_NAME: Removing this address from LIST_ADMIN."
     LIST_ADMIN="$valid_admins"
   fi
 
-  if grep -q -e "^USER=" $LIST_CONFIG_FILE; then
-    FIRMA_USER="`grep "^USER=" $LIST_CONFIG_FILE | sed -e 's/"//g' -e "s/'//g" | cut -d = -f 2`"
+  if [ "$REQUIRE_SIGNATURE" != "yes" ] || [ "$REQUIRE_SIGNATURE" != "no" ]; then
+    REQUIRE_SIGNATURE="yes"
   fi
 
-  if grep -q -e "^GROUP=" $LIST_CONFIG_FILE; then
-    FIRMA_GROUP="`grep "^GROUP=" $LIST_CONFIG_FILE | sed -e 's/"//g' -e "s/'//g" | cut -d = -f 2`"
+  if [ -z "$LIST_REQUEST_ADDRESS" ]; then
+    LIST_REQUEST_ADDRESS="`echo $LIST_ADDRESS | cut -d @ -f 1`-request@`echo $LIST_ADDRESS | cut -d @ -f 2`"
   fi
 
-  if [ "$REQUIRE_SIGNATURE" != "yes" ] || [ "$REQUIRE_SIGNATURE" != "no" ]; then
-    REQUIRE_SIGNATURE="yes"
-  fi
+  SetDeliveryRandomization
 
   return $return_code
 }
@@ -597,6 +591,7 @@ function ReEncryptAndSendListMessage {
 
     ReplaceGpgMessage
     AssembleMessage
+    DeliveryRandomization
 
     # send message
     echo "$MESSAGE" | $MAIL_AGENT $MAIL_AGENT_ARGS $recipients
@@ -612,6 +607,7 @@ function ReEncryptAndSendListMessage {
 
       ReplaceGpgMessage
       AssembleMessage
+      DeliveryRandomization
 
       # send message
       echo "$MESSAGE" | $MAIL_AGENT $MAIL_AGENT_ARGS $subscriber
@@ -1826,9 +1822,9 @@ function MimeWrapMessage {
 
   # these are the headers of the message to be sent, so no indentation here
   MESSAGE_HEADERS="\
-From: $LIST_ADDRESS
+From: $LIST_REQUEST_ADDRESS
 To: ${RECIPIENTS}
-Reply-To: $LIST_ADDRESS
+Reply-To: $LIST_REQUEST_ADDRESS
 Subject: ${SUBJECT_PREFIX}${SUBJECT}
 MIME-Version: 1.0
 Content-Type: multipart/encrypted;
@@ -1935,15 +1931,15 @@ function SourceFirmaConfig {
 \t      defaults to "nobody"; you can also specify this parameter
 \t      in each mailing list config file if you plan to have one
 \t      user per mailing list" || \
-  USER="`EvalConfigParameter $FIRMA_CONFIG_FILE USER`"
+  FIRMA_USER="`EvalConfigParameter $FIRMA_CONFIG_FILE USER`"
 
   [ "$1" == "help" ] && echo -e "\tGROUP= group that runs firma (usually the same as your MTA group);
 \t       defaults to "nobody"; you can also specify this parameter
 \t       in each mailing list config file if you plan to have one
 \t       group per mailing list" || \
-  GROUP="`EvalConfigParameter $FIRMA_CONFIG_FILE GROUP`"
+  FIRMA_GROUP="`EvalConfigParameter $FIRMA_CONFIG_FILE GROUP`"
 
-  [ "$1" == "help" ] && echo -e "LOG_TO_SYSLOG= set to "1" to log errors and warnings to syslog, else firma
+  [ "$1" == "help" ] && echo -e "\tLOG_TO_SYSLOG= set to "1" to log errors and warnings to syslog, else firma
 \t               will print errors to STDERR" || \
   LOG_TO_SYSLOG="`EvalConfigParameter $FIRMA_CONFIG_FILE LOG_TO_SYSLOG`"
 
@@ -1980,17 +1976,37 @@ function SourceListConfig {
   # returns: 0 
   #-------------------------------------------------------------
 
+  local firma_user firma_group keyserver
+
   [ "$1" == "help" ] && echo -e "\nMandatory list config parameters\n"
 
   [ "$1" == "help" ] && echo -e "\tLIST_ADDRESS= list's email address" || \
   LIST_ADDRESS="`EvalConfigParameter $LIST_CONFIG_FILE LIST_ADDRESS`"
 
+  [ "$1" == "help" ] && echo -e "\tLIST_REQUEST_ADDRESS= list's email address for administrative
+\t                      requests (defaults to listname-request@domain" || \
+  LIST_REQUEST_ADDRESS="`EvalConfigParameter $LIST_CONFIG_FILE LIST_REQUEST_ADDRESS`"
+
   [ "$1" == "help" ] && echo -e "\tLIST_ADMIN= list's administrators email addresses (space separated)" || \
   LIST_ADMIN="`EvalConfigParameter $LIST_CONFIG_FILE LIST_ADMIN`"
 
   [ "$1" == "help" ] && echo -e "\tLIST_HOMEDIR= list's GnuPG homedir, where the list's keyrings are located" || \
   LIST_HOMEDIR="`EvalConfigParameter $LIST_CONFIG_FILE LIST_HOMEDIR`"
 
+  [ "$1" == "help" ] && echo -e "\tUSER= user that runs firma (usually the same as your MTA user);
+\t      defaults to "nobody"; you can also specify this parameter
+\t      in each mailing list config file if you plan to have one
+\t      user per mailing list" || \
+  firma_user="`EvalConfigParameter $FIRMA_CONFIG_FILE USER`"
+  [ ! -z "$firma_user" ] && FIRMA_USER="$firma_user"
+
+  [ "$1" == "help" ] && echo -e "\tGROUP= group that runs firma (usually the same as your MTA group);
+\t       defaults to "nobody"; you can also specify this parameter
+\t       in each mailing list config file if you plan to have one
+\t       group per mailing list" || \
+  firma_group="`EvalConfigParameter $FIRMA_CONFIG_FILE GROUP`"
+  [ ! -z "$firma_group" ] && FIRMA_GROUP="$firma_group"
+
   [ "$1" == "help" ] && echo -e "\tPASSPHRASE= passphrase for the list's private keyring\n
 \tNOTE: The passphrase _has_ to be enclosed in single quotes and _cannot_
 \tcontain any additional single quote as part of itself. It has to be at least
@@ -2020,13 +2036,22 @@ function SourceListConfig {
 
   [ "$1" == "help" ] && echo -e "\tKEYSERVER= default keyserver to import/export keys
 \t           (defaults to keyserver.noreply.org)" || \
-  KEYSERVER="`EvalConfigParameter $LIST_CONFIG_FILE KEYSERVER`"
+  keyserver="`EvalConfigParameter $LIST_CONFIG_FILE KEYSERVER`"
+  [ ! -z "$keyserver" ] && KEYSERVER="$keyserver"
 
   [ "$1" == "help" ] && echo -e "\tREQUIRE_SIGNATURE= wheter messages sent to the list should be (yes) or dont
 \t                   need to be signed to be processed (no); defaults to yes;
 \t                   this doesnt affect the way email administration works,
 \t                   when signature is mandatory" || \
   REQUIRE_SIGNATURE="`EvalConfigParameter $LIST_CONFIG_FILE REQUIRE_SIGNATURE`"
+
+  [ "$1" == "help" ] && echo -e "\tDELIVERY_RANDOMIZATION= if non-zero, set a random delay between 0 and N seconds
+\t                        between each messsage delivery; if you run firma with a TLS-enabled MTA and mostly of the
+\t                        list messages are sent to others TLS-enabled MTAs, then this option will make harder to a
+\t                        sniffer detect the traffic of you mailing list, specially if your MTA already sends a lot
+\t                        of messages or if you're going to have a lot of encrypted mailing lists, all randomizing
+\t                        its delivery." || \
+  DELIVERY_RANDOMIZATION="`EvalConfigParameter $LIST_CONFIG_FILE DELIVERY_RANDOMIZATION`"
 }
 
 
@@ -2049,6 +2074,42 @@ function ConfigHelp {
   SourceListConfig help
 }
 
+
+function SetDeliveryRandomization {
+  #-------------------------------------------------------------
+  # setup delivery randomization
+  #
+  # parameter(s): none
+  # depends on function(s): none
+  # returns: 0 
+  #-------------------------------------------------------------
+
+  if [ "$DELIVERY_RANDOMIZATION" != "0" ] || [ ! -z "$DELIVERY_RANDOMIZATION" ]; then
+    # remove non-digits
+    DELIVERY_RANDOMIZATION="`echo $DELIVERY_RANDOMIZATION | sed -e 's/[^0-9]//g'`"
+  else
+    DELIVERY_RANDOMIZATION="0"
+  fi
+}
+
+function DeliveryRandomization {
+  #-------------------------------------------------------------
+  # sleep according $DELIVERY_RANDOMIZATION
+  #
+  # parameter(s): none
+  # depends on function(s): none
+  # returns: 0 
+  #-------------------------------------------------------------
+
+  local n
+
+  if [ "$DELIVERY_RANDOMIZATION" != "0" ]; then
+    n="$RANDOM"
+    let "n %= $DELIVERY_RANDOMIZATION"
+    sleep $n
+  fi
+}
+
 #-------------------------------------------------------------
 # main()
 #-------------------------------------------------------------
@@ -2132,7 +2193,9 @@ FUNCTIONS="
   SourceFirmaConfig
   SourceListConfig
   ConfigHelp
-  AdminHelp"
+  AdminHelp
+  SetDeliveryRandomization
+  DeliveryRandomization"
 
 for VAR in $GLOBAL_VARS; do
   declare $VAR
author	rhatto <rhatto>	2006-10-13 15:34:08 +0000
committer	rhatto <rhatto>	2006-10-13 15:34:08 +0000
commit	671a04034c6a436adb052a8e069a2d2b999afefc (patch)
tree	b7b564bb8b355a154650851b2d36bad1ab619683 /firma
parent	8ed7399749189b7cbcb8b0c1a921a69f6b18ddda (diff)
download	firma-671a04034c6a436adb052a8e069a2d2b999afefc.tar.gz firma-671a04034c6a436adb052a8e069a2d2b999afefc.tar.bz2