[PLUG] executing a shell script from postfix?

Michael Rasmussen michael at jamhome.us
Sun Oct 9 17:01:52 UTC 2016 

why not have it called from the psu user account .procmailrc ??


On Sun, Oct 09, 2016 at 01:02:03AM -0700, Keith Lofstrom wrote:
> A few weeks ago, I asked for ideas about an email robot
> script to automagically authenticate psu wifi, so that
> I enter the robot's address into the PSU guest wifi
> request page and let the robot access the URL. 
> 
> Almost there!
> 
> I would like to figure out how to redirect the email to
> the script below.  Pretend the following is (for example)
> a line in /etc/postfix/aliases.db that actually executes:
> 
> psu: "| /bin/grep https | /bin/sed 'sX.*\(https://sentinel.net.pdx.edu/activate/email/[0-9a-f]*\).*X/usr/bin/curl -s \1X' | /bin/sh > /dev/null"
> 
> Where should I actually put this one line script to make
> it execute when postfix gets an email to psu at keithl.com ?
> What more should I do to secure it against malformed emails
> and minimize the script's privileges to the bare minimum?
> 
> Keith
> 
> P.S.:  how it works:  it uses grep to find the line in the
> email (from PSU's authentication bot) with the https link,
> then feeds that line into sed to extract the weblink,
> which ends with a random hexidecimal number.
> 
> I substitute the match "\1" into the string
>    /usr/bin/curl -s [matched characters here]
> then pipe the string as a command into /bin/sh 
> which executes curl.  Results from curl go into
> /dev/null .  The -s means curl runs silently,
> without displaying download progress.
> 
> P.P.S.: Note to evildoers: I will use a different email
> address than "psu at keithl.com".  It is true I am lazy,
> but I don't want to create extra hassles for PSU if 
> some twit starts hammering my mail server.
> 
> -- 
> Keith Lofstrom          keithl at keithl.com
> -----
> Don't waste your vote in 2016!  Give it to the Republicans
> and Democrats, and they will gladly waste it for you!
> _______________________________________________
> PLUG mailing list
> PLUG at lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
> 

-- 
      Michael Rasmussen, Portland Oregon  
    Be Appropriate && Follow Your Curiosity
I suppose instead of blindly assuming I'd written something the Internet 
said I wrote I should have done some research.  But, you know, how
many of us have failed to fact check something on the Internet? ...
I immediately downloaded a pirated copy of my own novel. I hit CTRL-F, I
searched, sure enough not there.
    ~ John Green commenting on the mis-attribution of a quote to him

More information about the PLUG mailing list