scott@zorch.SF-Bay.ORG (Scott Hazen Mueller) (06/04/90)
Since the last rash of BIFF forged newgroups has given everyone fits, I'll
repost my hacked C news newgroup and rmgroup scripts. These scripts fake
B news-style mail messages that give the originator of the control message,
a subject line with the newsgroup name (and the moderated keyword), and include
the control message text (if any) in the notifying mail message. When the
BIFF struck, Zorch.SF-Bay.ORG, my home site, and Tandem.COM, where I work, were
both secure to the extent that all that happened was gobs and gobs of junk
mail.
Enjoy,
--
Scott Hazen Mueller | scott@zorch.SF-Bay.ORG or (ames|pyramid|vsi1)!zorch!scott
10122 Amador Oak Ct.|(408) 253-6767 |Mail fusion-request@zorch.SF-Bay.ORG
Cupertino, CA 95014|Love make, not more|for emailed sci.physics.fusion digests
SF-Bay Public-Access Unix 408-996-7358/61/78/86 login newuser password public
----- cut here for newgroup -----
#! /bin/sh
# newgroup group flag - create group (4-field version: B-2.10.3+ compatible)
# subject to our sys file group pattern
# =()<. ${NEWSCONFIG-@<NEWSCONFIG>@}>()=
. ${NEWSCONFIG-/usr/lib/news/bin/config}
export NEWSCTL NEWSBIN NEWSARTS
PATH=$NEWSCTL/bin:$NEWSBIN/relay:$NEWSBIN:$NEWSPATH ; export PATH # include mkpdir
umask $NEWSUMASK
afile=/tmp/ncd
afilehdr=/tmp/ncdhdr
afilebody=/tmp/ncdbody
hdr=/tmp/nc$$
trap "rm -f $hdr $afile*; exit 0" 0
$NEWSBIN/inject/tear $afile
$NEWSBIN/canonhdr <$afilehdr >$hdr
# unapproved ctl msg? then quit
grep -s '^Approved:' $hdr >/dev/null || { rm -f $hdr; exit 0; }
SENDER="`grep '^Sender:' $hdr | sed 's/^[^:]*: *//'`"
case "$SENDER" in
"") SENDER="`grep '^From:' $hdr | sed 's/^[^:]*: *//' `" ;;
esac
( echo "Subject: newgroup $1 $2"; echo "$SENDER says:";
cat $afilebody ) | mail $NEWSMASTER
----- cut here for rmgroup -----
#! /bin/sh
# rmgroup group - snuff group
# =()<. ${NEWSCONFIG-@<NEWSCONFIG>@}>()=
. ${NEWSCONFIG-/usr/lib/news/bin/config}
export NEWSCTL NEWSBIN NEWSARTS
PATH=$NEWSCTL/bin:$NEWSBIN:$NEWSPATH ; export PATH
umask $NEWSUMASK
afile=/tmp/ncd
afilehdr=/tmp/ncdhdr
afilebody=/tmp/ncdbody
hdr=/tmp/nc$$
$NEWSBIN/inject/tear $afile
$NEWSBIN/canonhdr <$afilehdr >$hdr
# unapproved ctl msg? then quit
egrep '^Approved:' $hdr >/dev/null || { rm -f $afile*; exit 0; }
# quit if no active entry
egrep "^`echo $1 | sed 's/\./\\\\./g'` " $NEWSCTL/active >/dev/null ||
{ rm -f $hdr $afile*; exit 0; }
SENDER="`grep '^Sender:' $hdr | sed 's/^[^:]*: *//'`"
case "$SENDER" in
"") SENDER="`grep '^From:' $hdr | sed 's/^[^:]*: *//'`" ;;
esac
# tell the local usenet administrator to do it by hand
( echo "Subject: rmgroup $1"; echo "$SENDER says:";
cat $afilebody ) | mail $NEWSMASTER
rm -f $hdr $afilehdr $afilebody