As an administrator for a medium sized university, part of my job has
become responding to DMCA Copyright Violation notices from the RIAA, et.
al. I generally get between 1 and 20 a day, which each require about 10
minutes of database lookups, copy/paste, etc. I’m looking to automate more
of this procedure by using RT, and I’m looking for some pointers. I need
to get this up and running ASAP because I no longer have much time to take
care of my regular tasks.
We are currently using C.support for this task, but it is going to take too
long to modify it to fit our needs.
Our current process consists of the following steps:
- The General Counsel’s office forwards the notice to an address that
creates a ticket and autoreplies to them. The ticket stays in the name of
the General Counsel’s office so they get status reports, resolution notice,
etc. - I go into the ticket, grep out the IP, Date/Time, and infringing files
- I look up the IP for that Date/Time in our DHCP server logs and get the
MAC address - I look up the MAC address in our User ↔ MAC Address database (like
netreg - www.netreg.org) - I create an email using boilerplate text and customize it by adding the
user’s name, pasting in the infringing files, and send it to the user - I wait for the user to email me back with a notice that says they
deleted the files, etc. - If they wait longer than 3 days to email me back, I knock them off the
network. - I export the email (so I can keep the headers) and attach it to the
original ticket - Close the ticket, response gets sent to General Counsel’s office.
I’m hoping that RT (or RTIR, which I just saw today) can help me streamline
this process like so:
- The General Counsel’s office forwards the notice to an address that
creates a ticket and autoreplies to them. The ticket stays in the name of
the General Counsel’s office so they get status reports, resolution notice,
etc. - An OnCreate scrip fires that parses the ticket body for IP, Date/Time,
and infringing files, does database lookups, etc. and creates an email (or
child ticket) from a template. - Sends the email to an approval queue, so we can double check it
- OnApproval, send email to user.
- OnEscalation, sends a request to an approval queue re: knocking them
off the network - OnApproval, triggers a script that knocks them off the network, updates
some tables, and sends an email to C.support (to create a ticket for the
user regarding why they were kicked off) - When the user responds to the email we sent them, all their responses
get logged in the (RT) ticket - If they respond appropriately, we close the ticket
- an OnResolv scrip triggers that updates a database (so we can track
repeat offenders) and sends a resolution back to the General Counsel’s
office.
So far, I have RT 3.0.3 set up on a test box. It creates tickets by email
submission, sends a customized autoreply to the requestor, and all replies
to the autoreply get catalogued in the ticket.
My next step is #2. I’m looking at ExtractCustomFieldValues from the
contrib directory as a start for creating the Action, but I’m looking for
other pointers.
Is there a central list of all the methods that RT exposes? I’ve been
reading through the source, but it’s tedious.
I saw a reference to a how-to created for the O’Reilly OS Conference. Is
that posted somewhere?
To what extent is http://fsck.com/rtfm out of date? Is it mostly current?
Has anybody done anything like this before? Am I reinventing the wheel?
Any pointers, comments, etc. regarding the process? Is it technically
feasible?
From those that have used RTIR, is it better suited for something like
this, or am I better off with RT?
Thanks,
Michael Grinnell
Network Security Administrator
The American University