3 # MAIN CONFIGURATION FILE
5 # ### Administrators of STUMP robomoderator systems:
7 # set environment variables according to config of your site.
8 # this script is normally invoked from procmail, as a wrapper
9 # to real moderation scripts. Follow the instructions.
12 #######################################################################
13 # this is the root directory where moderation software & config
14 # resides. Make sure that sendmail is in the PATH.
15 # (most likely it is in /usr/lib/sendmail).
18 MNG_ROOT=%BASEDIR%/stump
19 exec >>%BASEDIR%/errs 2>&1
21 export MNG_ROOT BASEDIR
23 # Add bin and local/bin to PATH
24 PATH=$MNG_ROOT/bin:$MNG_ROOT/local/bin:$MNG_ROOT/etc:$PATH:/usr/sbin
25 PATH=$PATH:/usr/local/bin:/bin:/usr/bin:/usr/sbin:$HOME/bin
28 #######################################################################
29 # Name of moderated group. Put the name of your group in here.
32 NEWSGROUP="%GROUP%"; export NEWSGROUP
34 #######################################################################
35 # STUMP enforces limitations on the maximum number of newsgroups
36 # used in Newsgroups: header line. The default value is 5. I
37 # You can change this value. If you do not want to enforce limitations
38 # on crossposting, set MAX_CROSSPOSTS to 1000.
44 ######################################################################
45 # Do you really want to use PGP? PGP (Pretty Good Privacy) is a
46 # program that allows you (among other things) digitally sign messages
47 # and check digital signatures.
49 # It can make certain transactions more non-repudiable and secure.
50 # however, for most newsgroups the benefits of security are not as
51 # important and many users prefer not to use PGP.
53 # Those users may set PGP to "none" (lowercase).
55 # This ENTIRELY DISABLES use of PGP. That also disables PGPMoose, a
56 # program that relies on PGP to digitally sign all approvals.
57 # PGP Moose can help you combat forged approvals.
59 # My suggestion is, if you are not comfortable with PGP and have other
60 # things on your plate, set PGP to "none" and set it up later when
61 # time permits. Get other stuff working first.
63 # Alternatively, you could set PGP to the path to the actual PGP executable,
66 # PGP=/usr/local/bin/pgp262
68 # Note that STUMP _requires_ pgp v. 2.6.2.
74 ######################################################################
75 # for pmapp - digital signing
77 ######################################################################
79 # PMUSER must be exactly as the PGP key named in the keyring
80 # Refer to the online documentation on how to create PGP keys.
82 # *IF* you do not plan to use PGP at all, define it like this:
83 # PMUSER_APPROVAL="SCRM Moderators <scrm-board@algebra.com>"
84 # and make sure that PMAPP is defined as "cat".
86 # this MUST be dfined EVEN if PGP is set to "none".
87 # This goes into your Approved: field.
88 PMUSER_APPROVAL="%GROUP% approval key <urcm-moderators@chiark.greenend.org.uk>"
89 export PMUSER_APPROVAL
91 ######################################################################
92 # type in the passphrase for PGP Moose (passphrase for the Approval Key
93 # named right above that you generated)
94 # ONLY if pgp moose is used
96 # (in turn, PGP Moose is used only if PGP is NOT set to "none")
101 ######################################################################
103 # PMAPP is the name of the PGP Moose signing program. If you do not
104 # want to use it, define PMAPP as "cat", like this:
105 # PMAPP="cat"; export PMAPP
107 # otherwise, use "pmapp":
108 # PMAPP="pmapp"; export PMAPP
110 # NOTE!!! PMApp is disabled if PGP is set to "none"!
113 PMAPP="pmapp"; export PMAPP
115 ######################################################################
117 # DECISION_ADDRESS is the address for approved AND rejected submissions
118 # Used by ModScape subsystem only.
120 #DECISION_ADDRESS=scrm-approved@algebra.com
121 #export DECISION_ADDRESS
123 ######################################################################
124 # put a munged address for your group here. It should best resolve to
125 # a devnulled address, since a lot of rejections/acks will bounce
126 # and there is no need for a human being to see the bounces.
128 MUNGED_ADDRESS=%OURUSER%+urcm-bounces@%DOMAIN%
129 export MUNGED_ADDRESS
132 ######################################################################
133 # Where to submit ready and signed articles
134 # You do not need this if you set RNEWS (below) to sendmail, as
136 #IHAVE_SERVER=news.uu.net; export IHAVE_SERVER
138 ######################################################################
139 # Path: suffix for news
140 # Put something similar here, it is not a very important value.
142 PATH_SUFFIX="%GROUP%-moderators!robomod!not-for-mail"; export PATH_SUFFIX
144 ######################################################################
145 # Do we want to work in paranoid PGP mode? YES or NO
147 # NOTE: it means more work for the maintainer
149 # I suggest STRONGLY that you should set it to NO!!!!!!!!!!
151 # This is disabled If PGP is set to "none".
153 STUMP_PARANOID_PGP=NO
154 export STUMP_PARANOID_PGP
156 ######################################################################
157 # reachable email address of a real person who is responsible
158 # for maintaining the robomoderator.
160 ADMIN=%ADMIN%; export ADMIN
162 ######################################################################
163 # Address of the moderator's board (little private mailing list
164 # for moderators only) where posters can send their complaints about the
167 BOARD=%MODEMAIL%; export BOARD
169 ######################################################################
170 # address for the no-ack requests.
171 NOACK=%OURUSER%+urcm-noack@chiark.greenend.org.uk
174 ######################################################################
175 # Official address for submissions to the newsgroup.
177 SUBMIT=%OURUSER%+urcm+%KEYSUBMIT%@chiark.greenend.org.uk; export SUBMIT
179 ###################################################################### Flags
181 # ATTENTION!!! Flags must be YES or NO, in capital letters.
184 ######################################################################
185 # set this flag to YES if you want to REQUIRE all preapproved
186 # posters to use PGP to sign their messages. Typically you
187 # do not want to do it, unless your group has
188 # been SEVERELY invaded by malicious forgers.
190 # disabled if PGP is set to "none"
192 WHITELIST_MUST_SIGN=NO; export WHITELIST_MUST_SIGN
194 ########################################################## where is your rnews
195 # find out where is rnews program in your system - there may be
196 # several ones called `rnews'. Yours must be setuid or setgid,
199 # Below are several variants of defining RNEWS. The simplest one involves
200 # use of my mail2news gateway for STUMP users.
202 # Use this one if you want to use my gateway -- SIMPLEST way to do it.
203 # RNEWS="sendmail -f devnull@stump.algebra.com news-gateway@stump.algebra.com"
205 # Note that the -f flag is used to prevent any antispamming system from
206 # rejecting email to the news gateway.
208 # Use this only if you want to use your own rnews -- a pain in the
209 # neck if you do not know well how news servers work.
210 # RNEWS="/usr/lib/news/rnews -h $IHAVE_SERVER -S $IHAVE_SERVER "
212 # OR may be something like this if you have inews only:
213 # [you may have problems with "hostname" on bsd-derived systems]
214 #RNEWS="/usr/lib/news/inews -h "; export RNEWS
215 RNEWS="%BASEDIR%/inews"
217 #RNEWS="sendmail -f devnull@stump.algebra.com news-gateway@stump.algebra.com"
221 # MORE ABOUT RNEWS/INEWS: unfortunately, these programs differ on many
222 # systems. Some of the BSD-derived systems have "broken" inews and rnews
223 # that does not like another program "hostname".
225 # If you see error messages about "hostname" in ~/Mail/from, you should
226 # either disregard them, or use the "hostname" shell script provided in
227 # stump/etc. Do the following:
230 # mv hostname.REPLACEMENT hostname
232 # Edit "hostname" and set your host name and fully qualified hostname.
235 ############################################################ Internal vars
237 # Do NOT change this section
240 if [ "$PGP" = "none" ] ; then
245 #######################################################################
246 # Directory for temp files. This directory must NOT be writable by general
247 # public, for security reasons. I suggest keeping this intact.
250 TMP=$MNG_ROOT/tmp; export TMP
252 BEGIN_PGP_SIGNED_MESSAGE="-----BEGIN PGP SIGNED MESSAGE-----"
253 BOT_SUBJECT_PREFIX="KEGHF894ND50MJ"
255 export BEGIN_PGP_SIGNED_MESSAGE BOT_SUBJECT_PREFIX
258 ################################################################# Invocation
262 # I use `antivirus' program as additional protection from all sorts
263 # of attempts to exploit bugs in moderation programs. Antivirus replaces
264 # all suspicious characters by '_' and splits too long lines.
267 if [ "x$1" != "x" ]; then
269 antivirus | decodeBase64 | "$@"