Paul, I have a stop-gap system that I have been using, so if you want to develop a full blown system, that would be great. What I am about to describe probably has security holes, but that is not a problem for me, and I'm sure if someone wants to use this method and it's a problem, they will fix it. The standard "it works for me" disclaimers apply.
Quick overview of what I do: 1. I have the quarantine directories linked into my webspace so I can see the directories using a web browser. My webserver is configured to allow directory listings. 2. Crontab entry for directory permissions (otherwise #1 doesn't work!) 3. In the top MD-Quarantine directory, I put a file called "README.html" with a simple table form to call a cgi-script which will delete all directories (a recent addition because I got tired of deleting directories one at a time). 4. When something is to be quarantined, I have mimedefang drop a HEADER.html and a README.html file in the directory (Details below). 5. I have a cgi script and a "helper" script that actually do the deleting and/or remailing. --- Details: 1. I will leave it up to you to figure out how to configure the webserver and directories. 2. Of course, I need a crontab entry to change permissions: # Change permissions * * * * * chmod -R 755 /var/spool/MD-Quarantine/ 3. Here's the README.html file for the MD-Quarantine directory: <form name="input" action="/cgi-bin/quarantine.cgi" method="get"> <table border="1" align="center"> <tr> <td><input type="submit" name="action" value="Delete All Directories"></td> </tr> <input type="hidden" name="qdir" value="'/var/spool/MD-Quarantine/qdir-*'"> </table> 4. I have a routine in my mimedefang-filter: #*********************************************************************** # %Procedure: write_qfiles() # %Prerequiste: creation of quarantine directory # %ARGUMENTS: # # %RETURNS: # # # %DESCRIPTION: # Writes README.html and HEADER.html files for quarantine directories #*********************************************************************** sub write_qfiles() { my $newsender = escapeHTML($Sender); my $newrec = escapeHTML($Recipients[0]); if (open(OUT,">$QuarantineSubdir/HEADER.html")) { print OUT "<H2>Quarantined Message: $Subject</H2>\n"; print OUT "<H3>To: $newrec<br>\n"; print OUT "From: $newsender<br>\n"; print OUT "Relay info: $RelayHostname ($RelayAddr), helo=$Helo</H3><br>\n"; close OUT; } if (open(OUT,">$QuarantineSubdir/README.html")) { print OUT << "BLOCK"; <form name="input" action="/cgi-bin/quarantine.cgi" method="get"> <table border="1" align="center"> <tr> <td><input type="submit" name="action" value="Send to original recipient"></td> <td><input type="submit" name="action" value="Send to address below"></td> <td><input type="submit" name="action" value="Delete This Directory"></td> </tr> <TR> <TD><input type="hidden" name="qdir" value="$QuarantineSubdir"> </TD> <td><input type="text" name="newuser" size="30"></td> <TD> </TD> </tr> </table> <br> <br> BLOCK print OUT "<pre>$report</pre>"; close OUT; } } ------ To quarantine, I do the following (This is a SPAM example): # Quarantine messages above the $qspam theshold action_quarantine_entire_message(); get_quarantine_dir(); write_qfiles(); action_notify_administrator("Message\n$Subject\nfrom $Sender to $Recipients[0] quarantined because SPAM score exceeded threshold.\n\nSee http://www.carpenter.cx$QuarantineSubdir/\n\nCopy sent to [EMAIL PROTECTED] report:\n$report\n"); ------- So when this is done, the messages has been quarantined with the HEADER.html and README.html files, and a message was sent to the administrator with a link to the Quarantine directory. 5. The quarantine.cgi script: ---- #!/usr/bin/perl -w use CGI qw(:standard); my $action = ''; my $sendto = ''; my $qdir = ''; my $cmd= '/usr/sbin/sendmail '; $action = param('action'); $sendto = param('newuser'); $qdir = param('qdir'); if ($action =~ /original/i) { $msg = "Message sent to original recipient"; $cmd = $cmd . "-t < $qdir/ENTIRE_MESSAGE"; } elsif ($action =~ /address/i) { $msg = "Sent message to new address"; if ($sendto eq "") { $msg = $msg . ", but no new address given."; } else { $msg = $msg . ": $sendto"; $cmd = $cmd . "$sendto < $qdir/ENTIRE_MESSAGE"; } } else { $msg = "Quarantine directory deleted."; $cmd = "sudo /usr/local/bin/qdirhelper $qdir"; } system $cmd; print header(); # print out correct content header print <<"EOF" <html> <head> <title>Quarantine Action: $action</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> </head> <body> <h2>$msg</h2><br> Executed command was:</br>$cmd<br> <input type="button" value="Close Window" onclick="window.close()"> <a href=/var/spool/MD-Quarantine/> <a href=/var/spool/MD-Quarantine/>Back to quarantine directory</a> </body> </html> EOF ------- The qdirhelper script: rm -r -f $1 The qdirhelper script needs to be listed in sudoers: apache ALL= NOPASSWD:/usr/local/bin/qdirhelper ------------------------ I think that does it. Let me know if there are any questions. Be aware that I use the digest feature of this list, so I might not answer right away. Troy Carpenter [EMAIL PROTECTED] -----Original Message----- Date: Thu, 1 Apr 2004 11:31:59 +0100 From: "Paul Murphy" <[EMAIL PROTECTED]> Subject: [Mimedefang] Quarantine management - anyone else working on this? To: <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="us-ascii" Hi, I've been working on a CGI program to assist with managing the quarantine folders, which is now working but nowhere near ready for public inspection. The system consists of two Perl CGI scripts - one to display the message details for all quarantined messages (and to approve/delete them) and the other to inspect the quarantined message, and a cron job to sort out the permissions on the qdirs so that the CGI scripts can read the files. Before I invest too much time in this, is there anything else out there to assist with this task? Best Wishes, Paul. __________________________________________________ Paul Murphy Head of Informatics Ionix Pharmaceuticals Ltd 418 Science Park, Cambridge, CB4 0PA Tel. 01223 433741 Fax. 01223 433788 _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang