SURVIVOR: Mail Gateway | |||||||||||||||||||
The Survivor Mail Gateway allows email based reply messages to affect the system state. It reads the messages on stdin, executes any valid commands found, and records its actions via syslog. The gateway can also relay messages to Persons and Call Lists. The gateway is used to accept replies in response to previously generated alert notifications. It is not intended to be a general purpose interface. Tokens are required in replies to prevent delayed replies from inadvertantly changing state when they are no longer relevant, and to provide a frustration against nuisance attacks against the gateway. Tokens are not guaranteed to be secure against more sophisticated attacks. The gateway will not accept messages larger than MAXMESSAGESIZE as defined in include/gateway.H. This value defaults to 50,000 bytes. Dependencies
The gateway is installed in $INSTDIR/sbin/sg. Two-way reply messages must be piped into sg, the specific method for doing so is dependent on the mail system in use. Configuring the Mail SystemBy default, alert notifications sent by the scheduler should have a return address of $INSTUSER@schedulerhost, although this is dependent on the local mail configuration. The key installation step is to intercept reply messages sent to this address and direct them to sg. An easy way to do this is by creating $INSTUSER/.forward with contents like|$INSTDIR/sbin/sgor, to keep a copy of each messages received |$INSTDIR/sbin/sg,\$INSTUSER$INSTDIR and $INSTUSER must be replaced with their actual values. Additionally, some mail handlers may require the entire line to be surrounded by quotes ("). Note that for Sendmail, sg may need to be run via smrsh. Using procmail, $INSTUSER/.procmailrc could contain an entry like # Pipe all mail to sg for processing two-way replies :0 H * ^To:.*$INSTUSER@schedulerhost | $INSTDIR/sbin/sgAgain, $INSTDIR and $INSTUSER must be replaced with their actual values. It may also make sense to intercept the messages at a system-wide level, rather than wait until delivery to the local user. This would require changes to /etc/aliases, /etc/mail/aliases, the global procmailrc, sendmail.cf, or any other relevant file. SysloggingThe gateway syslogs as follows:
With Nextel Two-Way MessagingMessages formatted with the nextel format module are capable of being replied to and processed by the gateway. Messages must be transmitted via Nextel's two-way messaging infrastructure, which as of this writing is not available via TAP (modem transmission of pages). Simply select the appropriate command when replying to the alert notification.
With SMS Text MessagesMessages formatted with the sms format module are capable of being replied to and processed by the gateway, however the mechanism is more complicated due to the limitations of SMS text messaging.First, the mail system must be capable of delivering messages addressed to $INSTUSER+x@scheduler, where x is the one letter command described below. For example, survivor+e@monitor.foo.edu must be delivered to survivor@monitor.foo.edu. Sendmail sites may already have this functionality enabled. Other sites may need to make adjustments. One approach would be to define aliases in /etc/aliases (if appropriate for the local mail system): survivor+a: survivor survivor+e: survivor survivor+i: survivor In order to reply to an alert notification, forward the message (do not reply to it) to the address for the appropriate command:
Relaying MessagesThe gateway can accept messages and relay them to Persons or Call Lists. By default, this functionality is disabled. To enable message relaying, edit the configuration file gateway.cf.$Date: 2006/11/19 17:33:07 $ $Revision: 0.12 $ |
(sg) |