Domain Disclaimer Extension Admin UI: Difference between revisions
Line 347: | Line 347: | ||
= Automatic Script Installation = | = Automatic Script Installation = | ||
Download from http://wiki.zimbra.com/images/zimbra_altermime_install_0.0.2.zip | Download from http://wiki.zimbra.com/images/zimbra_altermime_install_0.0.2.zip the automatic install script (actual version: 0.0.2) | ||
Unzip | Unzip |
Revision as of 13:23, 30 November 2007
We are doing this project for integrate a system/wide domain signature (disclaimer) in Zimbra.
I did write a small tutorial for add a domain disclaimer using altermime. First of all, i recommend to read my Zimbra wiki about domain disclaimers and altermime:
http://wiki.zimbra.com/index.php?title=Adding_a_disclaimer_%28altermime%29_or_footer
Now, we are going to integrate this domain signature to the Zimbra Admin interface.
Note: this project have been tested on Zimbra NE 5.0 R2 on Red Hat/CentOS 4.x. We are working on this project, this howto is under construction...
Manual Install
Altermime Install
- 1) Download altermime from http://www.pldaniels.com/altermime/
- 2) Compile
make
- 3) Install altermime
cp altermime /usr/bin/ chown root.root /usr/bin/altermime chmod 755 /usr/bin/altermime
- 4) Create a filter directory
mkdir -p /opt/zimbra/var/spool/filter chown zimbra.zimbra /opt/zimbra/var/spool/filter/ chmod 750 /opt/zimbra/var/spool/filter/
5) Create disclaimers directory
mkdir -p /opt/zimbra/postfix/conf/disclaimers chown -R zimbra.zimbra /opt/zimbra/postfix/conf/disclaimers
Zimbra Postfix Configuration
- 6) Backup you master.cf file
cp /opt/zimbra/postfix/conf/master.cf /opt/zimbra/postfix/conf/master.cf.orig
- 7) Modify /opt/zimbra/postfix/conf/master.cf
smtp inet n - n - - smtpd -o content_filter=dfilt: dfilt unix - n n - - pipe flags=Rq user=filter argv=/opt/zimbra/postfix/conf/disclaimer -f ${sender} -- ${recipient}
OPTION. To ensure disclaimer is added only to outbound mail:
192.168.0.1:smtp inet n - n - - smtpd 192.168.0.2:smtp inet n - n - - smtpd -o content_filter=dfilt: 127.0.0.1:smtp inet n - n - - smtpd -o content_filter=dfilt: dfilt unix - n n - - pipe flags=Rq user=filter argv=/opt/zimbra/postfix/conf/disclaimer -f ${sender} -- ${recipient}
The first IP (192.168.0.1) should be the Incoming IP of the Zimbra server.
The second IP (192.168.0.2) should be the Outgoing IP of the Zimbra server.
- 8) Restart Zimbra postfix (as zimbra user)
zmmtactl stop zmmtactl start
Extending LDAP Schema
- 9) You need to extend your LDAP schema: Edit /opt/zimbra/openldap/etc/openldap/schema/zimbra.schema
And add (line 40 aprox):
objectIdentifier zimbraDomainPrefMailSignatureHTML ZimbraAttrType:656 objectIdentifier zimbraDomainPrefMailSignature ZimbraAttrType:657 objectIdentifier zimbraDomainPrefMailSignatureEnabled ZimbraAttrType:658
Line 3417 aprox.
# Domain Disclaimer attributetype ( zimbraDomainPrefMailSignatureHTML NAME ( 'zimbraDomainPrefMailSignatureHTML' ) DESC 'domain signature' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SINGLE-VALUE)
attributetype ( zimbraDomainPrefMailSignature NAME ( 'zimbraDomainPrefMailSignature' ) DESC 'domain signature' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SINGLE-VALUE) attributetype ( zimbraDomainPrefMailSignatureEnabled NAME ( 'zimbraDomainPrefMailSignatureEnabled' ) DESC 'domain signature enabled' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 EQUALITY booleanMatch SINGLE-VALUE)
In: objectclass ( zimbraDomain (Line 5274 aprox)
... zimbraDomainPrefMailSignatureEnabled $ zimbraDomainPrefMailSignature $ zimbraDomainPrefMailSignatureHTML $ ...
- 10) Restart your LDAP service (as zimbra user):
/opt/zimbra/bin/ldap stop /opt/zimbra/bin/ldap start
- 11) Add a signature for your domain (as zimbra user):
zmprov md mydomain.com zimbraDomainPrefMailSignatureEnabled TRUE zmprov md mydomain.com zimbraDomainPrefMailSignature "This is a domain disclaimer for mydomain.com" zmprov md mydomain.com zimbraDomainPrefMailSignatureHTML "This is a HTML domain disclaimer for mydomain.com"
- 12) Check for your domain disclaimer (as zimbra user):
zmprov gd mydomain.com
You will see:
... zimbraDomainPrefMailSignature: This is a domain disclaimer for mydomain.com zimbraDomainPrefMailSignatureHTML: This is a domain disclaimer for mydomain.com zimbraDomainPrefMailSignatureEnabled: TRUE ...
In this moment, you can enable and set a Domain Signature in your Zimbra LDAP!!!.
Disclaimer Script
- 13) Create /opt/zimbra/postfix/conf/disclaimer file.
This is the last version (0.0.1) of /opt/zimbra/postfix/conf/disclaimer script:
#!/bin/sh INSPECT_DIR=/opt/zimbra/var/spool/filter SENDMAIL=/opt/zimbra/postfix/sbin/sendmail ZIMBRA_HOME="/opt/zimbra" POSTFIX_HOME="$ZIMBRA_HOME/postfix/conf" DISCLAIMER_HOME="$POSTFIX_HOME/disclaimers" # Exit codes from <sysexits.h> EX_TEMPFAIL=75 EX_UNAVAILABLE=69 # Clean up when done or when aborting. trap "rm -f in.$$" 0 1 2 3 15 # Start processing. cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit $EX_TEMPFAIL; } cat > in.$$ || { echo Cannot save mail to file; exit $EX_TEMPFAIL; } # obtain domain name From domain=`grep "From:" in.$$ | cut -d "@" -f 2 | cut -d ">" -f 1` # check for attribute "zimbraDomainPrefMailSignatureEnabled" enable=`/opt/zimbra/bin/zmprov gd $domain | grep zimbraDomainPrefMailSignatureEnabled | awk '{print $2}'` if [ ! -z $enable ]; then # if not empty if [ $enable == "TRUE" ]; then # if value = TRUE echo "TRUE" # Add a disclaimer to the mail /usr/bin/altermime --input=in.$$ --disclaimer=$DISCLAIMER_HOME/$domain \ --disclaimer-html=$DISCLAIMER_HOME/$domain.html \ --xheader="X-Copyrighted-Material: Please visit http://www.$domain/privacy.htm" || { echo Message content rejected; exit $EX_UNAVAILABLE; } else echo "FALSE" # value is FALSE fi else echo "NONE" # domain doesn't have LDAP attributes fi $SENDMAIL -i "$@" < in.$$ exit $?
- 14) Set permissions
chgrp zimbra /opt/zimbra/postfix/conf/disclaimer chmod 750 /opt/zimbra/postfix/conf/disclaimer
CheckSignatures script
Now, we are going to write a script for check domain signature for each domain, and save the zimbraDomainPrefMailSignature attribute into a text file, because altermime script can’t read from LDAP directly and need a text file to use. This script must be added to crontab.
- 15) Install perl RPMS
perl-Convert-ASN1-0.18-3.noarch.rpm perl-HTML-Parser-3.35-6.i386.rpm perl-HTML-Tagset-3.03-30.noarch.rpm perl-IO-Socket-SSL-1.12-1.el4.rf.noarch.rpm perl-LDAP-0.34-1.el4.rf.noarch.rpm perl-libwww-perl-5.79-5.noarch.rpm perl-Net-SSLeay-1.32-1.el4.rf.i386.rpm perl-URI-1.30-4.noarch.rpm perl-XML-NamespaceSupport-1.09-1.2.el4.rf.noarch.rpm perl-XML-SAX-0.16-1.el4.rf.noarch.rpm
Note: this RPMs can be downloaded from:
http://apt.sw.be/redhat/el4/en/i386/RPMS.dag/ http://mirror.centos.org/centos/4/os/i386/CentOS/RPMS/
- 16) Create /opt/zimbra/postfix/conf/check_disclaimers.sh script:
#!/bin/bash # Results: # TRUE: domain have a signature enabled # FALSE: domain don't have a signature enabled # NONE: domain don't have LDAP attributes for domain signature ZIMBRA_HOME="/opt/zimbra" POSTFIX_HOME="$ZIMBRA_HOME/postfix/conf" DISCLAIMER_HOME="$POSTFIX_HOME/disclaimers" # check for every domain for domain in `/opt/zimbra/bin/zmprov gad`; do echo -ne "Domain: $domain \t" dom=`echo $domain | cut -d "." -f 1` # get only subdomain # check for attribute "zimbraDomainPrefMailSignatureEnabled" enable=`/opt/zimbra/bin/zmprov gd $domain | grep zimbraDomainPrefMailSignatureEnabled | awk '{print $2}'` if [ ! -z $enable ]; then # if not empty if [ $enable == "TRUE" ]; then # if value = TRUE echo "TRUE" # save the domain signature value into a text file $POSTFIX_HOME/read_from_ldap.pl $domain $DISCLAIMER_HOME/$domain else echo "FALSE" # value is FALSE # delete text file if exists if [ -f $DISCLAIMER_HOME/$domain ]; then rm -f $DISCLAIMER_HOME/$domain fi fi else echo "NONE" # domain doesn't have LDAP attributes # delete text file if exists if [ -f $DISCLAIMER_HOME/$domain ]; then rm -f $DISCLAIMER_HOME/$domain fi fi done
- 17) Create /opt/zimbra/postfix/conf/read_from_ldap.pl script (Thanks Pato!!!)
Don’t forget to set $server (your_ldap_server) and $pass (your_ldap_password) variables.
#!/usr/bin/perl -w # don't forget to check $server and $pass variables!!! use strict; use Net::LDAP; # Fixed Variables my $server="X.X.X.X"; my $user="uid=zimbra,cn=admins,cn=zimbra"; my $pass="xxxxxx"; # Variables my @domain = split(/\./,$ARGV[0]); my ($sub,$top) = @domain; my $tmpfile = $ARGV[1]; if (!$ARGV[1] || !$ARGV[0]){ print "\n\tUse: read_from_ldap.pl domain file\n\n"; exit(); } my $ldap = Net::LDAP->new("$server"); my $mesg = $ldap->bind("$user", password => "$pass"); $mesg = $ldap->search ( base => "dc=$sub,dc=$top", filter => "(&(objectClass=zimbraDomain) (dc=$sub))", attrs => ['zimbraDomainPrefMailSignature'] ); foreach ($mesg->entries) { my @result= $_->{'asn'}->{'attributes'}; if($result[0][0]{'vals'}[0]){ open (TMPFILE,">$tmpfile"); print TMPFILE "---------------------------------------------------\n"; print TMPFILE "$result[0][0]{'vals'}[0]\n"; } else { print "No signature\n" } }; $mesg = $ldap->search ( base => "dc=$sub,dc=$top", filter => "(&(objectClass=zimbraDomain) (dc=$sub))", attrs => ['zimbraDomainPrefMailSignatureHTML'] ); foreach ($mesg->entries) { my @result= $_->{'asn'}->{'attributes'}; if($result[0][0]{'vals'}[0]){ open (TMPFILE2,">$tmpfile.html"); print TMPFILE2 "---------------------------------------------------
\n"; print TMPFILE2 "$result[0][0]{'vals'}[0]\n"; } else { print "No HTML signature\n" } }; $mesg = $ldap->unbind;
- 8) Add execution permissions:
chmod 755 /opt/zimbra/postfix/conf/check_disclaimers.sh chmod 755 /opt/zimbra/postfix/conf/read_from_ldap.pl
- 19) Add this script in a crontab (as root user):
Create /etc/cron.hourly/check_disclaimer
#!/bin/bash /opt/zimbra/postfix/conf/check_disclaimers.sh
Add excecution permissions:
chmod 755 /etc/cron.hourly/check_disclaimer
Admin Extension for Zimbra UI
This is my disclaimer Admin Extension. This extension add a Disclaimer Tab into domain configuration.
With this extension you can enable and set the Domain Disclaimers. (Thanks Greg!!!)
Download disclaimer.zip file, and Deploy it into Zimbra Admin Extensions.
Automatic Script Installation
Download from http://wiki.zimbra.com/images/zimbra_altermime_install_0.0.2.zip the automatic install script (actual version: 0.0.2)
Unzip
unzip zimbra_altermime_install_0.0.2.zip cd zimbra_altermime_install_0.0.2
Execute
./install.sh
This a view of Domain Disclaimer Admin Extension: