I am going to take the /etc/exim/vacation approach. And /etc/exim/vacation is going to be read/write to all
users.
How do I right a global filter that says if /etc/exim/vacation/$local_part exists than send an autoreply
containing the contents of /etc/exim/vacation/$local_part?
And can I use the plain mail command in conjunction with the once command? So that every time a user emails
that "away" person they only get one autoreply?
Thanks for your help!
Joseph Kezar
Greg Ward wrote:
Ouch! That sound excessively complicated. I know nothing about writing
> setuid CGI scripts, and I'd be very nervous about making the CGI script
> itself setuid. (Especially to root.)
>
> First idea: I'm sure it's possible with Exim to setup "vacation"
> messages that don't require editing a user's .forward file, and don't
> require the hoary old "vacation" program at all. Check the Exim spec;
> search for "vacation" in the index. Ditto in the filtering manual. My
> guess is you can do something like this:
>
> * make a directory /etc/exim/vacation (it could be argued that this
> belongs in /var: whatever)
>
> * if a file /etc/exim/vacation/foo exists, that means user "foo"
> is on vacation; the content of this file is the vacation message
>
> * when a message is received for user "foo", check to see if
> /etc/exim/vacation/foo exists. If so, use Exim's built-in
> "vacation" message capabilities to send notification to
> the sender, including the contents of /etc/exim/vacation/foo.
> Also deliver the message to foo's mailbox.
>
> I'm pretty sure you can do all this in the system filter. ISTR this is
> covered in the filtering manual; see the "mail" command.
>
> Then all you have to do is make /etc/exim/vacation writeable by your CGI
> script, and write /etc/exim/vacation/foo when user foo tells your CGI
> script he's going on vacation.
>
> Second idea: if you're absolutely wedded to the idea of using .forward
> (eg. you're not sure about this Exim thing, and might want to fallback
> on a different MTA), you can probably do it. It'll be harder, more
> error-prone, and more likely to have security holes. Here's what I'd
> do:
> * write a helper program that takes exactly two arguments:
> a username and the user's desired vacation message (as a single
> string!). This program's *sole* responsibility is to write
> the .forward and .vacation file for a user.
>
> * make it setuid root, and be VERY paranoid. "man perlsec" until blue
> in face. Then it will have sufficient privileges to write any
> user's .forward file. You'll have to do it in C or Perl, because
> those are your only realistic options for writing setuid programs --
> I'd do it in Perl, personally.
>
> * call this helper program from your CGI script. *Avoid the shell*
> like the plague. Eg. if your CGI script is in Perl:
> system "/my/setuid/helper", $username, $vacation_msg;
>
> Greg
> --
> Greg Ward - software developer gward@???
> MEMS Exchange http://www.mems-exchange.org
>
> --
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
--
Joseph Kezar
