4 # MAIN CONFIGURATION FILE
6 # ### Administrators of STUMP robomoderator systems:
8 # set environment variables according to config of your site.
9 # this script is normally invoked from procmail, as a wrapper
10 # to real moderation scripts. Follow the instructions.
17 #######################################################################
18 # this is the root directory where moderation software & config
19 # resides. Make sure that sendmail is in the PATH.
20 # (most likely it is in /usr/lib/sendmail).
23 MNG_ROOT=%BASEDIR%/stump
24 exec >>%BASEDIR%/errs 2>&1
26 printf "============ %s " "$*"
29 export MNG_ROOT BASEDIR
31 # Add bin and local/bin to PATH
32 PATH=$MNG_ROOT/bin:$MNG_ROOT/local/bin:$MNG_ROOT/etc:$PATH:/usr/sbin
33 PATH=$PATH:/usr/local/bin:/bin:/usr/bin:/usr/sbin:$HOME/bin
36 #######################################################################
37 # Name of moderated group. Put the name of your group in here.
40 NEWSGROUP="%GROUP%"; export NEWSGROUP
42 #######################################################################
43 # Email handling and mangling
45 MAILOUT_RECVACK_FORMAIL_ARGS='
46 -I Bcc:%OURUSER%+%ABBREV%-internal-log+mailout@%DOMAIN%
48 MAILOUT_ACCEPTACK_FORMAIL_ARGS='
49 -I Bcc:%OURUSER%+%ABBREV%-internal-log+mailout@%DOMAIN%
51 MAILOUT_REJECT_FORMAIL_ARGS='
52 -I Bcc:%OURUSER%+%ABBREV%-internal-log+mailout@%DOMAIN%
53 -I Bcc:%OURUSER%+%ABBREV%-internal-reject-copy@%DOMAIN%
55 export MAILOUT_RECVACK_FORMAIL_ARGS
56 export MAILOUT_ACCEPTACK_FORMAIL_ARGS
57 export MAILOUT_REJECT_FORMAIL_ARGS
59 #######################################################################
60 # STUMP enforces limitations on the maximum number of newsgroups
61 # used in Newsgroups: header line. The default value is 5. I
62 # You can change this value. If you do not want to enforce limitations
63 # on crossposting, set MAX_CROSSPOSTS to 1000.
69 ######################################################################
70 # Do you really want to use PGP? PGP (Pretty Good Privacy) is a
71 # program that allows you (among other things) digitally sign messages
72 # and check digital signatures.
74 # It can make certain transactions more non-repudiable and secure.
75 # however, for most newsgroups the benefits of security are not as
76 # important and many users prefer not to use PGP.
78 # Those users may set PGP to "none" (lowercase).
80 # This ENTIRELY DISABLES use of PGP. That also disables PGPMoose, a
81 # program that relies on PGP to digitally sign all approvals.
82 # PGP Moose can help you combat forged approvals.
84 # My suggestion is, if you are not comfortable with PGP and have other
85 # things on your plate, set PGP to "none" and set it up later when
86 # time permits. Get other stuff working first.
88 # Alternatively, you could set PGP to the path to the actual PGP executable,
91 # PGP=/usr/local/bin/pgp262
93 # Note that STUMP _requires_ pgp v. 2.6.2.
99 ######################################################################
100 # for pmapp - digital signing
102 ######################################################################
104 # PMUSER must be exactly as the PGP key named in the keyring
105 # Refer to the online documentation on how to create PGP keys.
107 # *IF* you do not plan to use PGP at all, define it like this:
108 # PMUSER_APPROVAL="SCRM Moderators <scrm-board@algebra.com>"
109 # and make sure that PMAPP is defined as "cat".
111 # this MUST be dfined EVEN if PGP is set to "none".
112 # This goes into your Approved: field.
113 PMUSER_APPROVAL="%GROUP% approval key <%MODEMAIL%>"
114 export PMUSER_APPROVAL
116 ######################################################################
117 # type in the passphrase for PGP Moose (passphrase for the Approval Key
118 # named right above that you generated)
119 # ONLY if pgp moose is used
121 # (in turn, PGP Moose is used only if PGP is NOT set to "none")
126 ######################################################################
128 # PMAPP is the name of the PGP Moose signing program. If you do not
129 # want to use it, define PMAPP as "cat", like this:
130 # PMAPP="cat"; export PMAPP
132 # otherwise, use "pmapp":
133 # PMAPP="pmapp"; export PMAPP
135 # NOTE!!! PMApp is disabled if PGP is set to "none"!
138 PMAPP="pmapp"; export PMAPP
140 ######################################################################
142 # DECISION_ADDRESS is the address for approved AND rejected submissions
143 # Used by ModScape subsystem only.
145 #DECISION_ADDRESS=scrm-approved@algebra.com
146 #export DECISION_ADDRESS
148 ######################################################################
149 # put a munged address for your group here. It should best resolve to
150 # a devnulled address, since a lot of rejections/acks will bounce
151 # and there is no need for a human being to see the bounces.
153 MUNGED_ADDRESS=%OURUSER%+%ABBREV%-bounces@%DOMAIN%
154 export MUNGED_ADDRESS
157 ######################################################################
158 # Where to submit ready and signed articles
159 # You do not need this if you set RNEWS (below) to sendmail, as
161 #IHAVE_SERVER=news.uu.net; export IHAVE_SERVER
163 ######################################################################
164 # Path: suffix for news
165 # Put something similar here, it is not a very important value.
167 PATH_SUFFIX="%GROUP%-moderators!robomod!not-for-mail"; export PATH_SUFFIX
169 ######################################################################
170 # Do we want to work in paranoid PGP mode? YES or NO
172 # NOTE: it means more work for the maintainer
174 # I suggest STRONGLY that you should set it to NO!!!!!!!!!!
176 # This is disabled If PGP is set to "none".
178 STUMP_PARANOID_PGP=NO
179 export STUMP_PARANOID_PGP
181 ######################################################################
182 # reachable email address of a real person who is responsible
183 # for maintaining the robomoderator.
185 ADMIN=%ADMIN%; export ADMIN
187 ######################################################################
188 # Address of the moderator's board (little private mailing list
189 # for moderators only) where posters can send their complaints about the
192 BOARD=%MODEMAIL%; export BOARD
194 ######################################################################
195 # address for the no-ack requests.
196 NOACK=%OURUSER%+%ABBREV%-noack@chiark.greenend.org.uk
199 ######################################################################
200 # Official address for submissions to the newsgroup.
202 SUBMIT=%OURUSER%+%ABBREV%+%KEYSUBMIT%@chiark.greenend.org.uk; export SUBMIT
204 ###################################################################### Flags
206 # ATTENTION!!! Flags must be YES or NO, in capital letters.
209 ######################################################################
210 # set this flag to YES if you want to REQUIRE all preapproved
211 # posters to use PGP to sign their messages. Typically you
212 # do not want to do it, unless your group has
213 # been SEVERELY invaded by malicious forgers.
215 # disabled if PGP is set to "none"
217 WHITELIST_MUST_SIGN=NO; export WHITELIST_MUST_SIGN
219 ########################################################## where is your rnews
220 # find out where is rnews program in your system - there may be
221 # several ones called `rnews'. Yours must be setuid or setgid,
224 # Below are several variants of defining RNEWS. The simplest one involves
225 # use of my mail2news gateway for STUMP users.
227 # Use this one if you want to use my gateway -- SIMPLEST way to do it.
228 # RNEWS="sendmail -f devnull@stump.algebra.com news-gateway@stump.algebra.com"
230 # Note that the -f flag is used to prevent any antispamming system from
231 # rejecting email to the news gateway.
233 # Use this only if you want to use your own rnews -- a pain in the
234 # neck if you do not know well how news servers work.
235 # RNEWS="/usr/lib/news/rnews -h $IHAVE_SERVER -S $IHAVE_SERVER "
237 # OR may be something like this if you have inews only:
238 # [you may have problems with "hostname" on bsd-derived systems]
239 #RNEWS="/usr/lib/news/inews -h "; export RNEWS
240 RNEWS="%BASEDIR%/inews"
242 #RNEWS="sendmail -f devnull@stump.algebra.com news-gateway@stump.algebra.com"
246 # MORE ABOUT RNEWS/INEWS: unfortunately, these programs differ on many
247 # systems. Some of the BSD-derived systems have "broken" inews and rnews
248 # that does not like another program "hostname".
250 # If you see error messages about "hostname" in ~/Mail/from, you should
251 # either disregard them, or use the "hostname" shell script provided in
252 # stump/etc. Do the following:
255 # mv hostname.REPLACEMENT hostname
257 # Edit "hostname" and set your host name and fully qualified hostname.
260 ############################################################ Internal vars
262 # Do NOT change this section
265 if [ "$PGP" = "none" ] ; then
270 #######################################################################
271 # Directory for temp files. This directory must NOT be writable by general
272 # public, for security reasons. I suggest keeping this intact.
275 TMP=$MNG_ROOT/tmp; export TMP
277 BEGIN_PGP_SIGNED_MESSAGE="-----BEGIN PGP SIGNED MESSAGE-----"
278 BOT_SUBJECT_PREFIX="KEGHF894ND50MJ"
280 export BEGIN_PGP_SIGNED_MESSAGE BOT_SUBJECT_PREFIX
283 ################################################################# Invocation
287 # I use `antivirus' program as additional protection from all sorts
288 # of attempts to exploit bugs in moderation programs. Antivirus replaces
289 # all suspicious characters by '_' and splits too long lines.
292 if [ "x$1" != "x" ]; then
293 antivirus | decodeBase64 | "$@"