ask@cbrma.UUCP (A.S.Kamlet) (11/06/86)
In article <387@cullvax.UUCP> news@cullvax.UUCP (Mail and USENET News System maintenance account) writes: >We are considering putting in an 'anonymous mail' facility, for use as >a suggestion box. The question is, is there an easy/known way to >implement it. I tried putting a line > > anonymous: "| awk ' NR != 1 && ! /^From:/ {print} ' | sendmail xxx" > >in /usr/lib/aliases, so that awk would strip identifying lines from >the message and then pass them to sendmail for routing to the eventual >reader. Unfortunately, sendmail (when delivering to anonymous), runs >the command under the username of the sender of the message (which >isn't documented, but makes sense from a security point of view), so >the inner sendmail puts the original sender's name on it. > >The only simple solution which comes to mind is to write a C program >that acts like the shell in setting up the pipe, and make the program >suid to our 'news' account. Is there a better way? > >Dale Have you considered establishing a login "anon" which puts anyone who logs in right into mail? There would never be a record of who was on the system -- really anonymous. (For security, you may want to modify mail to prevent an escape to a subshell.) -- Art Kamlet AT&T Bell Laboratories Columbus {cbosgd | ihnp4}!cbrma!ask
stevem@fai.UUCP (Steve Minneman) (11/11/86)
In article <5357@cbrma.UUCP> ask@cbrma.UUCP (A.S.Kamlet(Art)) writes: >In article <387@cullvax.UUCP> news@cullvax.UUCP (Mail and USENET News System maintenance account) writes: >>We are considering putting in an 'anonymous mail' facility, for use as >>a suggestion box. The question is, is there an easy/known way to >>implement it. I tried putting a line >> >> anonymous: "| awk ' NR != 1 && ! /^From:/ {print} ' | sendmail xxx" >> >>in /usr/lib/aliases, so that awk would strip identifying lines from >>the message and then pass them to sendmail for routing to the eventual >>reader. Unfortunately, sendmail (when delivering to anonymous), runs >>the command under the username of the sender of the message (which >>isn't documented, but makes sense from a security point of view), so >>the inner sendmail puts the original sender's name on it. >> >>The only simple solution which comes to mind is to write a C program >>that acts like the shell in setting up the pipe, and make the program >>suid to our 'news' account. Is there a better way? >> >>Dale > >Have you considered establishing a login "anon" which puts anyone >who logs in right into mail? > >There would never be a record of who was on the system -- really anonymous. > >(For security, you may want to modify mail to prevent an escape >to a subshell.) >-- >Art Kamlet AT&T Bell Laboratories Columbus {cbosgd | ihnp4}!cbrma!ask Here's an even simplier suggestion -- write a simple script like the following which temporarily changes the environmental variables and then sets them back. The following works under system 5. It may have to be modified for BSD: ------------------------------cut here and save------------------------------- SAVE1='LOGNAME' SAVE2='NAME' LOGNAME="proper\!unknown\!poster" NAME="I. A. M. Anonymous" export LOGNAME NAME mailx $1 LOGNAME='SAVE1' NAME='SAVE2' export LOGNAME NAME -- --- Steven A. Minneman (Fujitsu America Inc, San Jose, Ca) !seismo!amdahl!fai!stevem or !ihnp4!pesnta!fai!stevem The best government is no government at all.
sjl@ukc.ac.uk (S.J.Leviseur) (11/13/86)
Is it wise to set up an anonymous mail facility? You probably need to nail down who this mail system sends mail to. You could well wind up with a problem of abusive mail otherwise. sean
philip@axis.UUCP (Philip Peake) (11/14/86)
In article <499@fai.UUCP> stevem@fai.UUCP (Steve Minneman) writes: >In article <5357@cbrma.UUCP> ask@cbrma.UUCP (A.S.Kamlet(Art)) writes: >>In article <387@cullvax.UUCP> news@cullvax.UUCP (Mail and USENET News System maintenance account) writes: >>>We are considering putting in an 'anonymous mail' facility, for use as >>>a suggestion box. The question is, is there an easy/known way to >>>implement it. >Here's an even simplier suggestion -- write a simple script like the following >which temporarily changes the environmental variables and then sets them >back. The following works under system 5. It may have to be modified >for BSD: >------------------------------cut here and save------------------------------- > >SAVE1='LOGNAME' >SAVE2='NAME' >LOGNAME="proper\!unknown\!poster" >NAME="I. A. M. Anonymous" >export LOGNAME NAME >mailx $1 >LOGNAME='SAVE1' >NAME='SAVE2' >export LOGNAME NAME Of course, you could always do it as follows: LOGNAME=Anonymous NAME="who ?" mailx $1 Philip
stevem@fai.UUCP (Steve Minneman) (11/14/86)
As Tony Hansen pointed out to me, although the script I submitted to cope with the anonymous mail question worked if it was executed without a . in front, there was an error. The text of his message to me pointing out the problem and suggesting an even better solution follows: ************************************************************************** There are a couple of things wrong with your sample script: SAVE1='LOGNAME' This sets the value of the variable SAVE1 to the string "LOGNAME" and NOT the value of the environment variable $LOGNAME. To do that you would want: SAVE1="$LOGNAME" Note the use of double quotes and the use of the dollar-sign. Also, there is no need to save and restore the environment variables since this code would presumably be placed in a separate script to be executed and not dotted. Any changes made to environmentu variables in subshells have no effect on the values within the parent shell. I would probably write the code as follows: LOGNAME='proper!unknown!poster' NAME='I. A. M. Anonymous' mailx $1 Placing the variable settings on the same line as the invocation of mailx will cause them to only be set and exported for that command. Tony Hansen ihnp4!pegasus!hansen -- Steven A. Minneman (Fujitsu America Inc, San Jose, Ca) !seismo!amdahl!fai!stevem or !ihnp4!pesnta!fai!stevem The best government is no government at all.
ma6nrr@bath63.UUCP (11/23/86)
Fortunately for you,your version of mail is a nice one that checks the environment variables instead of the uid. It appears that any user could send to any other user and appear as a third party...not very nice with letter bombs... Neil. ======================================= My above opinions are no-one's opinions =======================================
boswell@pyr1.Cs.Ucl.ac.uk (12/03/86)
/* Written 4:16 pm Nov 4, 1986 by news@cullvax.UUCP in pyr1:net.unix */ /* ---------- "Anonymous mail" ---------- */ We are considering putting in an 'anonymous mail' facility, for use as a suggestion box. The question is, is there an easy/known way to implement it. /* End of text from pyr1:net.unix */ If you have 'notes', you can set up notesfiles which allow anonymous postings. I'm not familiar with the mechanisms myself, but have seen this suggestion both here on the net and in the 'notes' documentation. Phil
stanonik@nprdc.arpa (12/12/86)
Why not strip the sender info after the fact; ie, alias anonymous anonymous:"|/usr/local/suggestionbox" where /usr/local/suggestionbox does the stripping. Ron Stanonik stanonik@nprdc.arpa