#!/opt/bin/perl $aucheck = 'AUBURN.EDU'; $sname = ($ENV{'HTTP_REFERER'}); chomp($sname); $sname =~ tr/[a-z]/[A-Z]/; $auauth = index($sname,$aucheck); if ($auauth eq "-1") { exit(0); } # Modified for local use by Gene B. Stewart, Manager of Network Services, # Division of University Computing, Auburn University, Alabama # # Doug's WWW Mail Gateway 2.2 # 5/95 # All material here is Copyright 1995 Doug Stevenson. # # Use this script as a front end to mail in your HTML. Not every browser # supports the mailto: URLs, so this is the next best thing. If you # use this script, please leave credits to myself intact! :) You can # modify it all you want, though. # # Documentation at: # http://www-bprc.mps.ohio-state.edu/mailto/mailto_info.html # # Configurable items are just below. Also pay special attention to # GET method arguments that this script accepts to specify defaults # for some fields. # # I didn't exactly follow the RFCs on mail headers when I wrote this, # so please send all flames my way if it breaks your mail client!! # Also, you'll need cgi-lib.pl for the GET and POST parsing. I use # version 1.7. # # Requires cgi-lib.pl which can be found at # http://www.bio.cam.ac.uk/web/form.html # # PLEASE: Use this script freely, but leave credits to myself!! It's # common decency! # ######## # Doug Stevenson # doug+@osu.edu ###################### # Configurable options ###################### # whether or not to actually allow mail to be sent -- for testing purposes $active = 1; # Logging flag. Logs on POST method when mail is sent. $logging = 1; $logfile = '/usr/local/etc/httpd/logs/mailto_log'; # Physical script location. Define ONLY if you wish to make your version # of this source code available with GET method and the suffix '?source' # on the url. $script_loc = '/export/vol2/httpd/cgi-bin/mailto.pl'; # physical location of your cgi-lib.pl $cgi_lib = '/export/vol2/httpd/cgi-bin/cgi-lib.pl'; # http script location $script_http = 'http://www.auburn.edu/cgi-bin/mailto.pl'; # Path to sendmail and its flags. Use the first commented version and # define $listserver = 1if you want the gateway to be used for listserver # subscriptions -- the -f switch might be neccesary to get this to work # correctly. # # sendmail options: # -n no aliasing # -t read message for "To:" # -oi don't terminate message on line containing '.' alone #$sendmail = "/usr/lib/sendmail -t -n -oi -f"; $listserver = 1; $sendmail = "/usr/lib/sendmail -t "; # set to 1 if you want the real addresses to be exposed from %addrs #$expose_address = 1; # Uncomment one of the below chunks of code to implement restricted mail # List of address to allow ONLY - gets put in a HTML SELECT type menu. # #%addrs = ("Doug - main address", "doug+@osu.edu", # "Doug at BPRC", "doug@polarmet1.mps.ohio-state.edu", # "Doug at CIS", "stevenso@cis.ohio-state.edu", # "Doug at the calc lab", "dstevens@mathserver.mps.ohio-state.edu", # "Doug at Magnus", "dmsteven@magnus.acs.ohio-state.edu"); # If you don't want the actual mail addresses to be visible by people # who view source, or you don't want to mess with the source, read them # from $mailto_addrs: # #$mailto_addrs = '/usr/local/WWW/etc/mailto_addrs'; #open(ADDRS,$mailto_addrs); #while() { # ($name,$address) = /^(.+)[ \t]+([^ ]+)\n$/; # $name =~ s/[ \t]*$//; # $addrs{$name} = $address; #} # version $version = '2.2'; ############################# # end of configurable options ############################# ########################## # source is self-contained ########################## if ($ENV{'QUERY_STRING'} eq 'source' && defined($script_loc)) { print "Content-Type: text/plain\n\n"; open(SOURCE, $script_loc) || &InternalError('Could not open file containing source code'); print ; close(SOURCE); exit(0); } require $cgi_lib; &ReadParse(); ######################################################################### # method GET implies that we want to be given a FORM to fill out for mail ######################################################################### if ($ENV{'REQUEST_METHOD'} eq 'GET') { # try to get as much info as possible for fields # To: comes from $in{'to'} # Cc: comes from $in{'cc'} # From: comes from REMOTE_IDENT@REMOTE_HOST || $in{'from'} || REMOTE_USER # Subject: comes from $in{'sub'} # body comes from $in{'body'} $destaddr = $in{'to'}; $cc = $in{'cc'}; $subject = $in{'sub'}; $body = $in{'body'}; $nexturl = $in{'nexturl'}; if ($in{'from'}) { $fromaddr = $in{'from'}; } # this is for NetScape pre-1.0 beta users - probably obsolete code elsif ($ENV{'REMOTE_USER'}) { $fromaddr = $ENV{'REMOTE_USER'}; } # this is for Lynx users, or any HTTP/1.0 client giving From header info elsif ($ENV{'HTTP_FROM'}) { $fromaddr = $ENV{'HTTP_FROM'}; } # if all else fails, make a guess else { $fromaddr = "$ENV{'REMOTE_IDENT'}\@$ENV{'REMOTE_HOST'}"; } # Convert multiple bodies (separated by \0 according to CGI spec) # into one big body $body =~ s/\0//; # Make a list of authorized addresses if %addrs exists. if (%addrs) { $selections = '\n"; } # give them the form print &PrintHeader(); print < WWW Mail Gateway $version

WWW Mail Gateway

The To: field should contain the full E-mail address that you want to mail to. The Your Email: field needs to contain your mail address so replies go to the right place. Type your message into the text area below. If the To: field is invalid, or the mail bounces for some reason, you will receive notification if Your Email: is set correctly. If Your Email: is set incorrectly, all bounced mail will be sent to the bit bucket.

EOH ; print "

        To: ";

    # give the selections if set, or INPUT if not
    if ($selections) {
	print $selections;
    }
    else {
	print "\n";
	print "        Cc: \n";
    }

    print <Your Name:  
Your Email: 
Subject:

Copyright © 1997 · Auburn University · Alabama 36849 · (334) 844-4000
EOH ; } ######################################################################### # Method POST implies that they already filled out the form and submitted # it, and now it is to be processed. ######################################################################### elsif ($ENV{'REQUEST_METHOD'} eq 'POST') { # get all the variables in their respective places $destaddr = $in{'to'}; $cc = $in{'cc'}; $fromaddr = $in{'from'}; $fromname = $in{'name'}; $replyto = $in{'from'}; $sender = $in{'from'}; $errorsto = $in{'from'}; $subject = $in{'sub'}; $body = $in{'body'}; $nexturl = $in{'nexturl'}; $realfrom = $ENV{'REMOTE_HOST'} ? $ENV{'REMOTE_HOST'}: $ENV{'REMOTE_ADDR'}; # check to see if required inputs were filled - error if not unless ($destaddr && $fromaddr && $body && ($fromaddr =~ /^.+\@.+/)) { print &PrintHeader(); print <Mailto error

Mailto error

One or more of the following necessary pieces of information was missing from your mail submission:

To:, the full mail address you wish to send mail to
Your Email: your full email address
Body: the text you wish to send

Please go back and fill in the missing information.

EOH exit(0); } # do some quick logging - you may opt to have more/different info written if ($logging) { open(MAILLOG,">>$logfile"); print MAILLOG "$realfrom\n"; close(MAILLOG); } # Log every CGI variable except for the ones reserved for mail info. # Valid vars go into @data. Text output goes into $data and gets. # appended to the end of the mail. # First, get an ORDERED list of all cgi vars from @in to @keys for (0 .. $#in) { local($key) = split(/=/,$in[$_],2); $key =~ s/\+/ /g; $key =~ s/%(..)/pack("c",hex($1))/ge; push(@keys,$key); } # Now weed out the ones we want @reserved = ('to', 'cc', 'from', 'name', 'sub', 'body', 'nexturl'); local(%mark); foreach (@reserved) { $mark{$_} = 1; } @data = grep(!$mark{$_}, @keys); foreach (@data) { $data .= "$_ -> $in{$_}\n"; } # Convert multiple bodies (separated by \0 according to CGI spec) # into one big body $body =~ s/\0//; # now check to see if some joker changed the HTML to allow other # mail addresses besides the ones in %addrs, if applicable if (%addrs) { if (!scalar(grep($_." <$addrs{$_}>" eq $destaddr || $destaddr eq $_, keys(%addrs)))) { print &PrintHeader(); print <WWW Mail Gateway: Mail address not allowed

Mail address not allowed

The mail address you managed to submit, $destaddr, to this script is not one of the pre-defined set of addresses that are allowed. Go back and try again.

EOH ; exit(0); } } # if we just received an alias, then convert that to an address $realaddr = $destaddr; if ($addrs{$destaddr}) { $realaddr = "$destaddr <$addrs{$destaddr}>"; } # fork over the mail to sendmail and be done with it if ($active) { if ($listserver) { open(MAIL,"| $sendmail$fromaddr") || &InternalError('Could not fork sendmail with -f switch'); } else { open(MAIL,"| $sendmail") || &InternalError('Could not fork sendmail with -f switch'); } # only print Cc if we got one print MAIL "Cc: $cc\n" if $cc; print MAIL < To: $realaddr Reply-To: $replyto Errors-To: $errorsto Sender: $sender Subject: $subject X-Mail-Gateway: Doug\'s WWW Mail Gateway $version X-Real-Host-From: $realfrom $body $data EOM close(MAIL); } # give some short confirmation results # # if the cgi var 'nexturl' is given, give out the location, and let # the browser do the work. if ($nexturl) { print "Location: $nexturl\n\n"; } # otherwise, give them the standard form. else { print &PrintHeader(); print <Mailto results

Mailto results

Mail sent to $destaddr:

Subject: $subject
From: $fromname <$fromaddr>

$body

Back to the WWW Mailto Gateway EOH ; } } # end if METHOD=POST ##################################### # What the heck are we doing here???? ##################################### else { print <Mailto Gateway error

Mailto Gateway error

Somehow your browser generated a non POST/GET request method and it got here. You should get this fixed!!

EOH } exit(0); # # Deal out error messages to the user. Gets passed a string containing # a description of the error # sub InternalError { local($errmsg) = @_; print &PrintHeader(); print <Mailto Gateway Internal Error

Mailto Gateway Internal Error

Your mail failed to send for the following reason:

$errmesg

EOH exit(0); } ## ## end of mailto.pl ##