From a3ea3d1a02b61c93d9e42de86df4cccc2a1650e1 Mon Sep 17 00:00:00 2001 From: Neil Smith Date: Mon, 9 Jan 2017 22:25:17 +0000 Subject: [PATCH] Added SASL and TLS support --- etc/cron.daily/opendmarc_report | 4 +++- usr/sbin/opendmarc-reports | 27 ++++++++++++++++++++++++++- 2 files changed, 29 insertions(+), 2 deletions(-) diff --git a/etc/cron.daily/opendmarc_report b/etc/cron.daily/opendmarc_report index 6cd7157..fe80268 100755 --- a/etc/cron.daily/opendmarc_report +++ b/etc/cron.daily/opendmarc_report @@ -9,6 +9,8 @@ WORK_DIR='/var/run/opendmarc' REPORT_EMAIL='dmarc@*****' REPORT_ORG='*****' SMTP_SERVER='*****' +SMTP_USER='****' +SMTP_PASS='****' mv ${WORK_DIR}/opendmarc.dat ${WORK_DIR}/opendmarc_import.dat -f # cat /dev/null > ${WORK_DIR}/opendmarc.dat @@ -16,5 +18,5 @@ sudo -u ${SHELL_USER} touch ${WORK_DIR}/opendmarc.dat # chown opendmarc:opendmarc ${WORK_DIR}/opendmarc.dat /usr/sbin/opendmarc-import --dbhost=${DB_SERVER} --dbuser=${DB_USER} --dbpasswd=${DB_PASS} --dbname=${DB_NAME} --verbose < ${WORK_DIR}/opendmarc_import.dat -/usr/sbin/opendmarc-reports --dbhost=${DB_SERVER} --dbuser=${DB_USER} --dbpasswd=${DB_PASS} --dbname=${DB_NAME} --smtp-server=${SMTP_SERVER} --verbose --interval=86400 --report-email=${REPORT_EMAIL} --report-org=${REPORT_ORG} +/usr/sbin/opendmarc-reports --dbhost=${DB_SERVER} --dbuser=${DB_USER} --dbpasswd=${DB_PASS} --dbname=${DB_NAME} --smtp-server=${SMTP_SERVER} --smtp-user=${SMTP_USER} --smtp-passwd=${SMTP_PASS} --smtp-use-tls --verbose --interval=86400 --report-email=${REPORT_EMAIL} --report-org=${REPORT_ORG} /usr/sbin/opendmarc-expire --dbhost=${DB_SERVER} --dbuser=${DB_USER} --dbpasswd=${DB_PASS} --dbname=${DB_NAME} --verbose diff --git a/usr/sbin/opendmarc-reports b/usr/sbin/opendmarc-reports index 43f1ea4..4ae243f 100755 --- a/usr/sbin/opendmarc-reports +++ b/usr/sbin/opendmarc-reports @@ -23,6 +23,7 @@ use IO::Compress::Zip qw(zip); use POSIX; use MIME::Base64; use Net::SMTP; +use Authen::SASL; require DBD::mysql; @@ -132,7 +133,10 @@ my $repdom = hostdomain(); my $repemail = "postmaster@" . $repdom; my $smtp_server = '127.0.0.1'; -my $smtp_port = 25; +my $smtp_port = 587; +my $smtp_user; +my $smtp_passwd; +my $smtp_usetls = 0; my $smtp; my $answer; @@ -161,6 +165,9 @@ sub usage print STDERR "\t--report-org reporting organization [$repdom]\n"; print STDERR "\t--smtp-port smtp server port [$smtp_port]\n"; print STDERR "\t--smtp-server smtp server [$smtp_server]\n"; + print STDERR "\t--smtp-user smtp user (for SASL login)\n"; + print STDERR "\t--smtp-passwd smtp password (for SASL login)\n"; + print STDERR "\t--smtp-use-tls use TLS for SMTP\n"; print STDERR "\t--test don't send reports\n"; print STDERR "\t--utc operate in UTC\n"; print STDERR "\t (implies --keepfiles --noupdate)\n"; @@ -189,6 +196,9 @@ my $opt_retval = &Getopt::Long::GetOptions ('day!' => \$daybound, 'report-org=s' => \$repdom, 'smtp-server=s' => \$smtp_server, 'smtp-port=i' => \$smtp_port, + 'smtp-user=s' => \$smtp_user, + 'smtp-passwd=s' => \$smtp_passwd, + 'smtp-use-tls!' => \$smtp_usetls, 'update!' => \$doupdate, 'utc!' => \$use_utc, 'verbose+' => \$verbose, @@ -385,12 +395,27 @@ if ($verbose) $smtp = Net::SMTP->new($smtp_server, 'Port' => $smtp_port, 'Hello' => hostfqdn()); + if (!defined($smtp)) { print STDERR "$progname: open SMTP server $smtp_server:$smtp_port failed\n"; exit(1); } +if ($smtp_usetls) +{ + $smtp->starttls(); +} + +if (defined($smtp_user)) +{ + if (!$smtp->auth($smtp_user, $smtp_passwd)) + { + print STDERR "$progname: could not login to $smtp_server as user $smtp_user\n"; + exit(1); + } +} + foreach (@$domainset) { $domain = $_->[0]; -- 2.34.1