4 # MAIN CONFIGURATION FILE
6 # ### Administrators of STUMP robomoderator systems:
8 # set environment variables according to config of your site.
9 # this script is normally invoked from procmail, as a wrapper
10 # to real moderation scripts. Follow the instructions.
15 #######################################################################
16 # this is the root directory where moderation software & config
17 # resides. Make sure that sendmail is in the PATH.
18 # (most likely it is in /usr/lib/sendmail).
21 MNG_ROOT=%BASEDIR%/stump
22 exec >>%BASEDIR%/errs 2>&1
24 printf "============ %s " "$*"
27 export MNG_ROOT BASEDIR
29 # Add bin and local/bin to PATH
30 PATH=$MNG_ROOT/bin:$MNG_ROOT/local/bin:$MNG_ROOT/etc:$PATH:/usr/sbin
31 PATH=$PATH:/usr/local/bin:/bin:/usr/bin:/usr/sbin:$HOME/bin
34 #######################################################################
35 # Name of moderated group. Put the name of your group in here.
38 NEWSGROUP="%GROUP%"; export NEWSGROUP
40 #######################################################################
41 # Email handling and mangling
43 MAILOUT_RECVACK_FORMAIL_ARGS='
44 -I Bcc:%OURUSER%+%ABBREV%-internal-log+mailout@%DOMAIN%
46 MAILOUT_ACCEPTACK_FORMAIL_ARGS='
47 -I Bcc:%OURUSER%+mtm-internal-log+mailout@%DOMAIN%
49 MAILOUT_REJECT_FORMAIL_ARGS='
50 -I Bcc:%OURUSER%+%ABBREV%-internal-log+mailout@%DOMAIN%
51 -I Bcc:%OURUSER%+%ABBREV%-internal-reject-copy@%DOMAIN%
54 #######################################################################
55 # STUMP enforces limitations on the maximum number of newsgroups
56 # used in Newsgroups: header line. The default value is 5. I
57 # You can change this value. If you do not want to enforce limitations
58 # on crossposting, set MAX_CROSSPOSTS to 1000.
64 ######################################################################
65 # Do you really want to use PGP? PGP (Pretty Good Privacy) is a
66 # program that allows you (among other things) digitally sign messages
67 # and check digital signatures.
69 # It can make certain transactions more non-repudiable and secure.
70 # however, for most newsgroups the benefits of security are not as
71 # important and many users prefer not to use PGP.
73 # Those users may set PGP to "none" (lowercase).
75 # This ENTIRELY DISABLES use of PGP. That also disables PGPMoose, a
76 # program that relies on PGP to digitally sign all approvals.
77 # PGP Moose can help you combat forged approvals.
79 # My suggestion is, if you are not comfortable with PGP and have other
80 # things on your plate, set PGP to "none" and set it up later when
81 # time permits. Get other stuff working first.
83 # Alternatively, you could set PGP to the path to the actual PGP executable,
86 # PGP=/usr/local/bin/pgp262
88 # Note that STUMP _requires_ pgp v. 2.6.2.
94 ######################################################################
95 # for pmapp - digital signing
97 ######################################################################
99 # PMUSER must be exactly as the PGP key named in the keyring
100 # Refer to the online documentation on how to create PGP keys.
102 # *IF* you do not plan to use PGP at all, define it like this:
103 # PMUSER_APPROVAL="SCRM Moderators <scrm-board@algebra.com>"
104 # and make sure that PMAPP is defined as "cat".
106 # this MUST be dfined EVEN if PGP is set to "none".
107 # This goes into your Approved: field.
108 PMUSER_APPROVAL="%GROUP% approval key <%MODEMAIL%>"
109 export PMUSER_APPROVAL
111 ######################################################################
112 # type in the passphrase for PGP Moose (passphrase for the Approval Key
113 # named right above that you generated)
114 # ONLY if pgp moose is used
116 # (in turn, PGP Moose is used only if PGP is NOT set to "none")
121 ######################################################################
123 # PMAPP is the name of the PGP Moose signing program. If you do not
124 # want to use it, define PMAPP as "cat", like this:
125 # PMAPP="cat"; export PMAPP
127 # otherwise, use "pmapp":
128 # PMAPP="pmapp"; export PMAPP
130 # NOTE!!! PMApp is disabled if PGP is set to "none"!
133 PMAPP="pmapp"; export PMAPP
135 ######################################################################
137 # DECISION_ADDRESS is the address for approved AND rejected submissions
138 # Used by ModScape subsystem only.
140 #DECISION_ADDRESS=scrm-approved@algebra.com
141 #export DECISION_ADDRESS
143 ######################################################################
144 # put a munged address for your group here. It should best resolve to
145 # a devnulled address, since a lot of rejections/acks will bounce
146 # and there is no need for a human being to see the bounces.
148 MUNGED_ADDRESS=%OURUSER%+%ABBREV%-bounces@%DOMAIN%
149 export MUNGED_ADDRESS
152 ######################################################################
153 # Where to submit ready and signed articles
154 # You do not need this if you set RNEWS (below) to sendmail, as
156 #IHAVE_SERVER=news.uu.net; export IHAVE_SERVER
158 ######################################################################
159 # Path: suffix for news
160 # Put something similar here, it is not a very important value.
162 PATH_SUFFIX="%GROUP%-moderators!robomod!not-for-mail"; export PATH_SUFFIX
164 ######################################################################
165 # Do we want to work in paranoid PGP mode? YES or NO
167 # NOTE: it means more work for the maintainer
169 # I suggest STRONGLY that you should set it to NO!!!!!!!!!!
171 # This is disabled If PGP is set to "none".
173 STUMP_PARANOID_PGP=NO
174 export STUMP_PARANOID_PGP
176 ######################################################################
177 # reachable email address of a real person who is responsible
178 # for maintaining the robomoderator.
180 ADMIN=%ADMIN%; export ADMIN
182 ######################################################################
183 # Address of the moderator's board (little private mailing list
184 # for moderators only) where posters can send their complaints about the
187 BOARD=%MODEMAIL%; export BOARD
189 ######################################################################
190 # address for the no-ack requests.
191 NOACK=%OURUSER%+%ABBREV%-noack@chiark.greenend.org.uk
194 ######################################################################
195 # Official address for submissions to the newsgroup.
197 SUBMIT=%OURUSER%+%ABBREV%+%KEYSUBMIT%@chiark.greenend.org.uk; export SUBMIT
199 ###################################################################### Flags
201 # ATTENTION!!! Flags must be YES or NO, in capital letters.
204 ######################################################################
205 # set this flag to YES if you want to REQUIRE all preapproved
206 # posters to use PGP to sign their messages. Typically you
207 # do not want to do it, unless your group has
208 # been SEVERELY invaded by malicious forgers.
210 # disabled if PGP is set to "none"
212 WHITELIST_MUST_SIGN=NO; export WHITELIST_MUST_SIGN
214 ########################################################## where is your rnews
215 # find out where is rnews program in your system - there may be
216 # several ones called `rnews'. Yours must be setuid or setgid,
219 # Below are several variants of defining RNEWS. The simplest one involves
220 # use of my mail2news gateway for STUMP users.
222 # Use this one if you want to use my gateway -- SIMPLEST way to do it.
223 # RNEWS="sendmail -f devnull@stump.algebra.com news-gateway@stump.algebra.com"
225 # Note that the -f flag is used to prevent any antispamming system from
226 # rejecting email to the news gateway.
228 # Use this only if you want to use your own rnews -- a pain in the
229 # neck if you do not know well how news servers work.
230 # RNEWS="/usr/lib/news/rnews -h $IHAVE_SERVER -S $IHAVE_SERVER "
232 # OR may be something like this if you have inews only:
233 # [you may have problems with "hostname" on bsd-derived systems]
234 #RNEWS="/usr/lib/news/inews -h "; export RNEWS
235 RNEWS="%BASEDIR%/inews"
237 #RNEWS="sendmail -f devnull@stump.algebra.com news-gateway@stump.algebra.com"
241 # MORE ABOUT RNEWS/INEWS: unfortunately, these programs differ on many
242 # systems. Some of the BSD-derived systems have "broken" inews and rnews
243 # that does not like another program "hostname".
245 # If you see error messages about "hostname" in ~/Mail/from, you should
246 # either disregard them, or use the "hostname" shell script provided in
247 # stump/etc. Do the following:
250 # mv hostname.REPLACEMENT hostname
252 # Edit "hostname" and set your host name and fully qualified hostname.
255 ############################################################ Internal vars
257 # Do NOT change this section
260 if [ "$PGP" = "none" ] ; then
265 #######################################################################
266 # Directory for temp files. This directory must NOT be writable by general
267 # public, for security reasons. I suggest keeping this intact.
270 TMP=$MNG_ROOT/tmp; export TMP
272 BEGIN_PGP_SIGNED_MESSAGE="-----BEGIN PGP SIGNED MESSAGE-----"
273 BOT_SUBJECT_PREFIX="KEGHF894ND50MJ"
275 export BEGIN_PGP_SIGNED_MESSAGE BOT_SUBJECT_PREFIX
278 ################################################################# Invocation
282 # I use `antivirus' program as additional protection from all sorts
283 # of attempts to exploit bugs in moderation programs. Antivirus replaces
284 # all suspicious characters by '_' and splits too long lines.
287 if [ "x$1" != "x" ]; then
289 antivirus | decodeBase64 | "$@"