#!/bin/sh
##########################################################################
# Copyright KAZ 2021 #
# #
# contact (at) kaz.bzh #
# #
# This software is a filter to shrink email by attachment extraction. #
# #
# This software is governed by the CeCILL-B license under French law and #
# abiding by the rules of distribution of free software. You can use, #
# modify and/or redistribute the software under the terms of the #
# CeCILL-B license as circulated by CEA, CNRS and INRIA at the following #
# URL "http://www.cecill.info". #
# #
# As a counterpart to the access to the source code and rights to copy, #
# modify and redistribute granted by the license, users are provided #
# only with a limited warranty and the software's author, the holder of #
# the economic rights, and the successive licensors have only limited #
# liability. #
# #
# In this respect, the user's attention is drawn to the risks associated #
# with loading, using, modifying and/or developing or reproducing the #
# software by the user in light of its specific status of free software, #
# that may mean that it is complicated to manipulate, and that also #
# therefore means that it is reserved for developers and experienced #
# professionals having in-depth computer knowledge. Users are therefore #
# encouraged to load and test the software's suitability as regards #
# their requirements in conditions enabling the security of their #
# systems and/or data to be ensured and, more generally, to use and #
# operate it in the same conditions as regards security. #
# #
# The fact that you are presently reading this means that you have had #
# knowledge of the CeCILL-B license and that you accept its terms. #
##########################################################################
##########################################################################
# - installer l' utilitaire apg pour génération de mot de passes
# - le contenu de INSPECT_DIR doit être accessible en écriture pour le
# proriétaire du script
# - shrinkEMail et jirafeau.sh doivent être accessible en execution pour
# le roriétaire du script
##########################################################################
cd $( dirname $0 )
DOMAINNAME = $( cat domainname)
# Exit codes from <sysexits.h>
EX_TEMPFAIL = 75
EX_UNAVAILABLE = 69
EX_TOO_LARGE = 552
INSPECT_DIR = /var/spool/filter
FIC_LOG = /var/log/mail/filter.log
SENDMAIL = "/usr/sbin/sendmail -G -i"
MAILS = /tmp/FILTER
MAX_KEEP_IN_MAIL = 5ki
MAX_UPLOAD_SIZE = 1Gi
SHRINK_CMD = /home/filter/eMailShrinker
JIRAFEAU_CMD = /home/filter/jirafeauAPI
JIRAFEAU_URL = https://depot.${ DOMAINNAME :- "kaz.bzh" }
JIRAFEAU_LOCAL = http://depot
JIRAFEAU_TIME = month
MD5_CMD = /usr/bin/md5sum
DISCLAMER_CMD = altermime
MAX_FINAL_SIZE = 204800 # 200ki
ARCHIVE_TITLE = "archive_content"
ARCHIVE_MIME = "text/kaz_email_archive"
#################### FONCTIONS ############################################
BOLD = '[1m'
RED = '[0;31m'
GREEN = '[0;32m'
YELLOW = '[0;33m'
BLUE = '[0;34m'
MAGENTA = '[0;35m'
CYAN = '[0;36m'
NC = '[0m' # No Color
NL = '
'
#--------------------- Fichier de LOG -------------------
LOG_FIC( ) {
echo " ${ BLUE } $( date +%d-%m-%Y-%H-%M-%S) ${ NC } : $* " >> " ${ FIC_LOG } "
}
quitFilter ( ) {
LOG_FIC " ${ GREEN } ######################################## filter stop ${ NC } "
exit $1
}
#################### MAIN #################################################
echo " ${ NL } " >> " ${ FIC_LOG } "
LOG_FIC " ${ GREEN } ######################################## filter start ${ NC } "
if ! mkdir -p " ${ MAILS } " ; then
LOG_FIC " ${ RED } Can't mkdir ${ MAILS } ${ NC } "
quitFilter " ${ EX_UNAVAILABLE } "
fi
MAIL_SOURCE = $( echo $@ | awk 'BEGIN{FS=" "} {print $2}' )
DATE_TEMPS = $( date "+%Y-%m-%d-%H:%M:%S" )
REP_PIECE_JOINTE = " ${ MAILS } / ${ DATE_TEMPS } _ ${ MAIL_SOURCE } _ $$ "
TRACK = $( curl " ${ JIRAFEAU_LOCAL } /a.php?r= ${ MAIL_SOURCE } " 2>/dev/null)
PERIOD = $( curl " ${ JIRAFEAU_LOCAL } /a.php?p= ${ MAIL_SOURCE } " 2>/dev/null)
if [ -n " $( echo " ${ PERIOD } " | grep -e minute -e hour -e day -e week -e month -e quarter 2>/dev/null) " ] ; then
JIRAFEAU_TIME = " ${ PERIOD } "
fi
LOG_FIC "\n" \
" MAIL_SOURCE : ${ YELLOW } ${ MAIL_SOURCE } ${ NC } \n " \
" DATE_TEMPS : ${ YELLOW } ${ DATE_TEMPS = } ${ NC } \n " \
" TRACK : ${ YELLOW } ${ TRACK } ${ NC } \n " \
" PERIOD : ${ YELLOW } ${ PERIOD } ${ NC } \n " \
" JIRAFEAU_TIME: ${ YELLOW } ${ JIRAFEAU_TIME } ${ NC } "
if ! cd " ${ INSPECT_DIR } " ; then
echo " ${ INSPECT_DIR } does not exist "
quitFilter " ${ EX_TEMPFAIL } "
fi
# lien renvoyé par le téléverssement
ONE_LINK = " ${ REP_PIECE_JOINTE } /one.txt "
# anciens liens à réactiver
OLD_LINKS = " ${ REP_PIECE_JOINTE } /url-to-refresh.txt "
# contenu de l'archive
ARCHIVE_CONTENT = " ${ REP_PIECE_JOINTE } /archive-content.txt "
# create if error
JIRAFEAU_ERROR = " ${ REP_PIECE_JOINTE } /jirafeau-error.txt "
# Clean up when done or when aborting.
trap " rm -rf in. $$ in. $$ .altered ${ REP_PIECE_JOINTE } " 0 1 2 3 15
if ! cat > " in. $$ " ; then
LOG_FIC " ${ RED } Cannot save mail to file ${ NC } "
quitFilter " ${ EX_TEMPFAIL } "
fi
LOG_FIC "\n" \
" size: ${ YELLOW } $( wc -c < " ${ INSPECT_DIR } /in. $$ " ) ${ NC } "
# XXX trace
# cp "${INSPECT_DIR}/in.$$" "${INSPECT_DIR}/in.$$.bak"
mkdir -p " ${ REP_PIECE_JOINTE } / "
>" ${ OLD_LINKS } "
>" ${ ARCHIVE_CONTENT } "
# Etape de rafraichissement des anciens fichiers inclus
echo " time: ${ DATE_TEMPS } \nid: $( date +%s) " > " ${ ARCHIVE_CONTENT } "
[ -n " ${ TRACK } " ] && echo " sender: ${ MAIL_SOURCE } " >> " ${ ARCHIVE_CONTENT } "
LOG_FIC " ${ CYAN } ${ SHRINK_CMD } -u \" ${ INSPECT_DIR } /in. $$ \" 2>> \" ${ FIC_LOG } \" > \" ${ OLD_LINKS } \" ${ NC } "
" ${ SHRINK_CMD } " -u " ${ INSPECT_DIR } /in. $$ " 2>> " ${ FIC_LOG } " > " ${ OLD_LINKS } "
cat " ${ OLD_LINKS } " | grep " ${ JIRAFEAU_URL } " | while read REMOTE_LINK
do
REMOTE_REF = $( echo " ${ REMOTE_LINK } " | sed -e 's/.*h=\([^&]*\).*/\1/' -e 's/.*http.*//' )
[ -z " ${ REMOTE_REF } " ] && continue
REMOTE_KEY = $( echo " ${ REMOTE_LINK } " | grep "k=" | sed 's%.*k=\([^&]*\).*%\1%' )
# update periode for download
LOG_FIC " - ${ CYAN } \" ${ JIRAFEAU_CMD } \" -f \" ${ JIRAFEAU_LOCAL } \" -t \" ${ JIRAFEAU_TIME } \" update \" ${ REMOTE_REF } \" 2>&1 >> \" ${ FIC_LOG } \" ${ NC } "
" ${ JIRAFEAU_CMD } " -f " ${ JIRAFEAU_LOCAL } " -t " ${ JIRAFEAU_TIME } " update " ${ REMOTE_REF } " 2>& 1 >> " ${ FIC_LOG } "
echo " old: ${ REMOTE_REF } ${ REMOTE_KEY } " >> " ${ ARCHIVE_CONTENT } "
done
LOG_FIC " - archive starts with: ${ NL } ${ YELLOW } $( cat ${ ARCHIVE_CONTENT } ) ${ NC } "
# Etape extraction des pieces jointes
LOG_FIC " ${ CYAN } ${ SHRINK_CMD } -s ${ MAX_KEEP_IN_MAIL } -d ${ REP_PIECE_JOINTE } ${ INSPECT_DIR } /in. $$ ${ NC } "
" ${ SHRINK_CMD } " -s " ${ MAX_KEEP_IN_MAIL } " -d " ${ REP_PIECE_JOINTE } " " ${ INSPECT_DIR } /in. $$ " 2>> " ${ FIC_LOG } " | {
while read ATTACH_TMP_NAME
do
if [ -d " ${ ATTACH_TMP_NAME } " ]
then
ATTACH_MEDIA = " ${ ATTACH_TMP_NAME } /media "
ATTACH_NAME = $( grep "^Name: " " ${ ATTACH_TMP_NAME } /meta " | cut -c 7- )
ATTACH_CONTENT_TYPE = $( grep "^Content-Type: " " ${ ATTACH_TMP_NAME } /meta " | cut -c 15- )
else
LOG_FIC " - ${ RED } no ATTACH_TMP_NAME ( ${ ATTACH_TMP_NAME } ) ${ NC } "
# XXX error
continue
fi
# Etape de televersement des pieces jointes
PASSWORD = $( apg -n 1 -m 12)
PASSWORD_MD5 = $( echo -n ${ PASSWORD } | ${ MD5_CMD } | cut -d \ -f 1)
LOG_FIC " - ${ CYAN } \" ${ JIRAFEAU_CMD } \" -f \" ${ JIRAFEAU_LOCAL } \" -t \" ${ JIRAFEAU_TIME } \" -s \" ${ MAX_UPLOAD_SIZE } \" -c \" ${ ATTACH_CONTENT_TYPE } \" -n \" ${ ATTACH_NAME } \" send \" ${ ATTACH_MEDIA } \" \" ${ PASSWORD } \" 2>> \" ${ FIC_LOG } \" > \" ${ ONE_LINK } \" ${ NC } "
" ${ JIRAFEAU_CMD } " -f " ${ JIRAFEAU_LOCAL } " -t " ${ JIRAFEAU_TIME } " -s " ${ MAX_UPLOAD_SIZE } " -c " ${ ATTACH_CONTENT_TYPE } " -n " ${ ATTACH_NAME } " send " ${ ATTACH_MEDIA } " " ${ PASSWORD } " 2>> " ${ FIC_LOG } " > " ${ ONE_LINK } "
cat " ${ ONE_LINK } " | {
read JIR_TOKEN
read JIR_CODE
LOG_FIC " - return code ${ YELLOW } ${ JIR_TOKEN } ${ NC } / ${ YELLOW } ${ JIR_CODE } ${ NC } "
case " ${ JIR_TOKEN } " in
"" | no | *Error* | \< * )
LOG_FIC " - ${ RED } Can't upload < ${ ATTACH_NAME } > < ${ ATTACH_CONTENT_TYPE } > < $( wc -c < " ${ ATTACH_MEDIA } " ) > ( ${ JIR_TOKEN } ) <in. $$ .bak>. It will be not change in e-mail. ${ NC } "
echo "new:"
cp " ${ INSPECT_DIR } /in. $$ " " ${ INSPECT_DIR } /in. $$ .bak "
echo "UPLOAD_FAIL" >> " ${ JIRAFEAU_ERROR } "
; ;
* )
LOG_FIC " - change by link ${ YELLOW } ${ JIRAFEAU_URL } /f.php?d=1&h= ${ JIR_TOKEN } &k= ${ PASSWORD_MD5 } ${ NC } "
echo " url: ${ JIRAFEAU_URL } /f.php?d=1&h= ${ JIR_TOKEN } &k= ${ PASSWORD_MD5 } "
echo " new: ${ JIR_TOKEN } ${ PASSWORD_MD5 } " >> " ${ ARCHIVE_CONTENT } "
; ;
esac
}
done
# Création de l'archive
NB_ATTACH = $( grep -e "^old: " -e "^new: " " ${ ARCHIVE_CONTENT } " | wc -l)
if [ \( -n " ${ TRACK } " -a " ${ NB_ATTACH } " -gt 0 \) -o " ${ NB_ATTACH } " -gt 1 ] ; then
PASSWORD = $( apg -n 1 -m 12)
PASSWORD_MD5 = $( echo -n ${ PASSWORD } | ${ MD5_CMD } | cut -d \ -f 1)
LOG_FIC " - ${ MAGENTA } upload archive ${ NC } "
LOG_FIC " - ${ CYAN } \" ${ JIRAFEAU_CMD } \" -f \" ${ JIRAFEAU_LOCAL } \" -t \" ${ JIRAFEAU_TIME } \" -s \" ${ MAX_UPLOAD_SIZE } \" -c \" ${ ARCHIVE_MIME } \" -n \" ${ ARCHIVE_TITLE } \" send \" ${ ARCHIVE_CONTENT } \" \" ${ PASSWORD } \" 2>> \" ${ FIC_LOG } \" > \" ${ ONE_LINK } \" ${ NC } "
" ${ JIRAFEAU_CMD } " -f " ${ JIRAFEAU_LOCAL } " -t " ${ JIRAFEAU_TIME } " -s " ${ MAX_UPLOAD_SIZE } " -c " ${ ARCHIVE_MIME } " -n " ${ ARCHIVE_TITLE } " send " ${ ARCHIVE_CONTENT } " " ${ PASSWORD } " 2>> " ${ FIC_LOG } " > " ${ ONE_LINK } "
fi
LOG_FIC " - final archive content: ${ NL } ${ YELLOW } $( cat ${ ARCHIVE_CONTENT } ) ${ NC } "
if [ " ${ NB_ATTACH } " -gt 1 ] ; then
cat " ${ ONE_LINK } " | {
read JIR_TOKEN
read JIR_CODE
LOG_FIC " - return code ${ YELLOW } ${ JIR_TOKEN } ${ NC } / ${ YELLOW } ${ JIR_CODE } ${ NC } "
case " ${ JIR_TOKEN } " in
"" | no | *Error* | \< * )
LOG_FIC " - ${ RED } can't upload archive ( ${ JIR_TOKEN } ) <in. $$ .bak>, substitution couldn't be done ${ NC } "
echo "arch: bad"
cp " ${ INSPECT_DIR } /in. $$ " " ${ INSPECT_DIR } /in. $$ .bak "
echo "ARCHIVE_FAIL" >> " ${ JIRAFEAU_ERROR } "
; ;
* )
LOG_FIC " - add archive ${ YELLOW } ${ JIRAFEAU_URL } /a.php?g= ${ JIR_TOKEN } ~ ${ PASSWORD_MD5 } ${ NC } "
echo " arch: ${ JIRAFEAU_URL } /a.php?g= ${ JIR_TOKEN } ~ ${ PASSWORD_MD5 } "
; ;
esac
}
else
LOG_FIC " - no archive (less than 2 attach file)"
echo "arch: none"
fi
# Etape de substitution
LOG_FIC " ${ CYAN } ${ SHRINK_CMD } -s \" ${ MAX_KEEP_IN_MAIL } \" \" ${ INSPECT_DIR } /in. $$ \" \" ${ INSPECT_DIR } /in. $$ .altered\" 2>> \" ${ FIC_LOG } \" ${ NC } "
} | " ${ SHRINK_CMD } " -s " ${ MAX_KEEP_IN_MAIL } " " ${ INSPECT_DIR } /in. $$ " " ${ INSPECT_DIR } /in. $$ .altered " 2>> " ${ FIC_LOG } "
# XXX trace
# cp "${INSPECT_DIR}/in.$$" "${INSPECT_DIR}/in.$$.altered" /var/mail/tmp/
if [ -s " ${ JIRAFEAU_ERROR } " ] ; then
LOG_FIC " - ${ RED } upload fail ${ NC } "
quitFilter " ${ EX_TEMPFAIL } "
fi
# Etape choix de modification du message d'origine
if [ " $( wc -l < " ${ ARCHIVE_CONTENT } " ) " -ge 3 ] ; then
# verification de taille finale
actualSize = $( wc -c < " ${ INSPECT_DIR } /in. $$ .altered " )
if [ ${ actualSize } -ge $MAX_FINAL_SIZE ] ; then
LOG_FIC " - ${ RED } too big even after diet ${ INSPECT_DIR } /in. $$ .altered ( ${ actualSize } ) ${ NC } "
quitFilter " ${ EX_TOO_LARGE } "
fi
LOG_FIC " - ${ GREEN } send with : ${ SENDMAIL } $@ ${ INSPECT_DIR } /in. $$ .altered ${ NC } "
${ SENDMAIL } " $@ " < " ${ INSPECT_DIR } /in. $$ .altered "
else
# verification de taille finale
actualSize = $( wc -c < " ${ INSPECT_DIR } /in. $$ " )
if [ ${ actualSize } -ge $MAX_FINAL_SIZE ] ; then
LOG_FIC " - ${ RED } too big without diet ${ INSPECT_DIR } /in. $$ ( ${ actualSize } ) ${ NC } "
quitFilter " ${ EX_TOO_LARGE } "
fi
LOG_FIC " - ${ GREEN } send without attach file ${ NC } "
${ SENDMAIL } " $@ " < " in. $$ "
fi
quitFilter 0
##########################################################################