One question I do have, one requirement that we do have is that we accept
bug reports via email. While this makes it easier (we think), it opens us
up to spam… large amounts of spam… REALLY large amounts of spam on a
daily basis (as these bugs aliases are very well known in the Internet
community, we are on every known spammers list). We even have the
occasional mail-loop to provide fun for one and all.
I’ll raise you one. We get people whinging about spam mail that they’ve
received, in addition to receiving the sodding crap. And they’re not very
polite about it either.
Are there ways in the mail gateway abilities in RT2 to prevent this?
Something like a cookie-based system, where you have to confirm your bug
submission before it gets entered into the db? Or are their other ways
other RT admins have dealt with this issue?
On a slightly serious note, maybe a ‘white’ listing approach would work,
similar to the spamcop once-off of:
Your address is not recognised. Please confirm it by replying to
this message, then we'll process your mail/bug report.
Elsethread, someone mentioned procmail… looking at the procmailex man
page, this seems trivial to implement… Actually, I’ve spent 10 minutes
or so and the below is the (untested) result - if it doesn’t make sense,
read the procmail man pages before asking 
Have fun.
– Main rt procmail protection
:0 :sender.chk
* !^FROM_MAILER
* !^X-Loop:.*RT
* ^TO_rt_address
{
:0 Whc: sender.chk
| formail -rD 81920 sender.cache
# If the address wasn't in the cache.
:0 e
{
# Get a random identifier. 1 line
THISID="`perl -e '$frflag=0;while(<>)next
if($frflag>0);next
unless(m/^From\s(\S+)\s\s\S+/);$add=$1;$frflag=1;$crstr=rand(8192) . $add
. rand(16234);$lprt=crypt( $add, “rt”);print "$lprt\n";}'`"
# Send back the identifier.
:0 hc
| (formail -r -I"Precedence: junk"\
-A"X-Loop: RT-auth-loop" \
-I"From: rt-auth@your-domain" \
; \
cat std_auth_self_template | \
sed -e "s/IDENTIFIER/$THISID/g" ) | \
$SENDMAIL -t
# Save the message in a spot indicated by the identifier.
# perl 'crypt' function should be pathname safe.
:0
maildir/$THISID
}
# Address was in the cache - Send it on to RT.
:0Whc: fastloop.chk
| formail -rD 128 fastloop.cache
# Address wasn't in the small fast-loop cache
:0e
| rt-mailgate
# Address was in the fast loop cache. Don't send an auto-ack
# in case this is a fast loop. Downside is that if this is a
# slow ticket queue, multiple issues from one person will not be
# acked until someone else emails the ticketing system. You
# could put a crontab to delete the fastloop.cache file every
# 30 minutes I guess.
:0
| rt-mailgate -no-auto-ack-whats-the-flag-for-this?
}
# Deal with mails from mailer daemons and possible loops
:0
* ^TO_rt
| rt-mailgate -no-auto-ack-whats-the-flag-for-this?
# Mails not to RT, but received
:0
! human_person
— std_auth_self_template
Hi there,
Thankyou for emailing Example.Com, the organisation proudly used
for examples the world over. Our Marketing people insist that we
plug our website, at http://www.example.com/ .
So that we can serve *you* better, (and so we're not wasting our
time by dealing with spam mail), we'd like to ask you to do
something special for us. We have put your original message to
one side, where it will be kept nice and secure until we've got
this trifling administrative detail out of the way, or a week
passes.
Please verify that you are a human, and not some annoying spam
mail, by replying to this message, making sure that you include
the line below.
Random-Auth-ID: IDENTIFIER
Please send your reply to 'rt-auth@example.com'. Once we receive
this, we will send your original message onwards to our shiney
tracking system, where we'll keep your original date and time of
sending.
If you need to interact with us (and we hope you do) beyond the
items outlined in your message, we will recognise your address the
next time, and not ask you to prove your existence again.
Yours in hopeful existence-certainty:
Example.Com
Proud Makers of Example Texts Everywhere.
—RT-auth procmail snippet
# Find the identifier in the mail - 13 chars is what crypt
# returns? Note we don't bind to the start of the line, as
# too many people misunderstand forward (^), reply (^>\s+) or
# other requests. As long as its in the body, as-is, its fine.
FOUNDID="`perl -e '$found=0;while(<>){next if( $found >
0);next unless(m/Random-Auth-ID:\s*(\S{13,13})\s*/i;$lprt=$1;if(
$lprt =~ /+$/){$found=1;print "$lprt\n";}}'"
# See if its there.
:0
* ? test -f mail/$FOUNDID
{
# The file exists. Send this file on.
:0
* ? cat mail/$FOUNDID | formail -s $SENDMAIL -t
* ? rm mail/$FOUNDID
| ( formail -r -I"Precedence: junk" \
-I"X-Loop: RT-auth@your.domain" \
; \
cat std_auth_ack ) | $SENDMAIL -t
# Some error occured. Bounce to a person.
:0
! human_person
}
# They had no identifier there.
:0 Whc
| ( formail -r -I"Precedence: junk" \
-I"X-Loop: RT-auth@your.domain" \
; \
cat std_no_auth_found ) | $SENDMAIL -t
# Bounce it to a human just in case.
:0
! human_person
— Cronscript to clean up old auth files - your xargs may not support
this flag.
Find files older than 7 days.
5 */8 * * * find mail -mtime +7 -print | xargs --no-run-if-empty rm
— Are you still reading this far?
Bruce Campbell RIPE
NCC
Operations
