# whether or not to actually allow mail to be sent -- for testing purposes $active = 1; # Logging flag. Logs on POST method when mail is sent. $logging = 1; $logfile = '/server/logs/mailto_log'; # Physical script location. Define ONLY if you wish to make your version # of this source code available with GET method and the suffix '?source' # on the url. $script_loc = '/home/scsfac/downeyt/public/sscripts/mailto.pl'; # physical location of your cgi-lib.pl $cgi_lib = '/depot/perl-5.005/lib/cgi-lib.pl'; # http script location $script_http = 'http://mongoose.aul.fiu.edu:12345/scripts/mailto.pl'; # Path to sendmail and its flags. Use the first commented version and # define $listserver = 1if you want the gateway to be used for listserver # subscriptions -- the -f switch might be neccesary to get this to work # correctly. # # sendmail options: # -n no aliasing # -t read message for "To:" # -oi don't terminate message on line containing '.' alone #$sendmail = "/usr/lib/sendmail -t -n -oi -f"; $listserver = 1; $sendmail = "/usr/lib/sendmail -t -n -oi"; # set to 1 if you want the real addresses to be exposed from %addrs #$expose_address = 1; # Uncomment one of the below chunks of code to implement restricted mail # List of address to allow ONLY - gets put in a HTML SELECT type menu. # #%addrs = ("Doug - main address", "doug+@osu.edu", # "Doug at BPRC", "doug@polarmet1.mps.ohio-state.edu", # "Doug at CIS", "stevenso@cis.ohio-state.edu", # "Doug at the calc lab", "dstevens@mathserver.mps.ohio-state.edu", # "Doug at Magnus", "dmsteven@magnus.acs.ohio-state.edu"); # If you don't want the actual mail addresses to be visible by people # who view source, or you don't want to mess with the source, read them # from $mailto_addrs: # #$mailto_addrs = '/usr/local/WWW/etc/mailto_addrs'; #open(ADDRS,$mailto_addrs); #while() { # ($name,$address) = /^(.+)[ \t]+([^ ]+)\n$/; # $name =~ s/[ \t]*$//; # $addrs{$name} = $address; #} # version $version = '2.2'; ############################# # end of configurable options ############################# ########################## # source is self-contained ########################## if ($ENV{'QUERY_STRING'} eq 'source' && defined($script_loc)) { print "Content-Type: text/plain\n\n"; open(SOURCE, $script_loc) || &InternalError('Could not open file containing source code'); print ; close(SOURCE); exit(0); } require $cgi_lib; &ReadParse(); ######################################################################### # method GET implies that we want to be given a FORM to fill out for mail ######################################################################### if ($ENV{'REQUEST_METHOD'} eq 'GET') { # try to get as much info as possible for fields # To: comes from $in{'to'} # Cc: comes from $in{'cc'} # From: comes from REMOTE_IDENT@REMOTE_HOST || $in{'from'} || REMOTE_USER # Subject: comes from $in{'sub'} # body comes from $in{'body'} $destaddr = $in{'to'}; $cc = $in{'cc'}; $subject = $in{'sub'}; $body = $in{'body'}; $nexturl = $in{'nexturl'}; if ($in{'from'}) { $fromaddr = $in{'from'}; } # this is for NetScape pre-1.0 beta users - probably obsolete code elsif ($ENV{'REMOTE_USER'}) { $fromaddr = $ENV{'REMOTE_USER'}; } # this is for Lynx users, or any HTTP/1.0 client giving From header info elsif ($ENV{'HTTP_FROM'}) { $fromaddr = $ENV{'HTTP_FROM'}; } # if all else fails, make a guess else { $fromaddr = "$ENV{'REMOTE_IDENT'}\@$ENV{'REMOTE_HOST'}"; } # Convert multiple bodies (separated by \0 according to CGI spec) # into one big body $body =~ s/\0//; # Make a list of authorized addresses if %addrs exists. if (%addrs) { $selections = '\n"; } # give them the form print &PrintHeader(); print <Doug\'s WWW Mail Gateway $version

The WWW Mail Gateway $version

The To: field should contain the full E-mail address that you want to mail to. The Your Email: field needs to contain your mail address so replies go to the right place. Type your message into the text area below. If the To: field is invalid, or the mail bounces for some reason, you will receive notification if Your Email: is set correctly. If Your Email: is set incorrectly, all bounced mail will be sent to the bit bucket.

EOH ; print "

        To: ";

    # give the selections if set, or INPUT if not
    if ($selections) {
	print $selections;
    }
    else {
	print "\n";
	print "        Cc: \n";
    }

    print <Your Name: 
Your Email: 
   Subject:



Information about the WWW Mail Gateway

About the WWW Mail Gateway

New in version $version

Please report misuse!

Doug Stevenson: doug+\@osu.edu

EOH ; } ######################################################################### # Method POST implies that they already filled out the form and submitted # it, and now it is to be processed. ######################################################################### elsif ($ENV{'REQUEST_METHOD'} eq 'POST') { # get all the variables in their respective places $destaddr = $in{'to'}; $cc = $in{'cc'}; $fromaddr = $in{'from'}; $fromname = $in{'name'}; $replyto = $in{'from'}; $sender = $in{'from'}; $errorsto = $in{'from'}; $subject = $in{'sub'}; $body = $in{'body'}; $nexturl = $in{'nexturl'}; $realfrom = $ENV{'REMOTE_HOST'} ? $ENV{'REMOTE_HOST'}: $ENV{'REMOTE_ADDR'}; # check to see if required inputs were filled - error if not unless ($destaddr && $fromaddr && $body && ($fromaddr =~ /^.+\@.+/)) { print <Mailto error

Mailto error

One or more of the following necessary pieces of information was missing from your mail submission:

  • To:, the full mail address you wish to send mail to
  • Your Email: your full email address
  • Body: the text you wish to send
Please go back and fill in the missing information.

EOH exit(0); } # do some quick logging - you may opt to have more/different info written if ($logging) { open(MAILLOG,">>$logfile"); print MAILLOG "$realfrom\n"; close(MAILLOG); } # Log every CGI variable except for the ones reserved for mail info. # Valid vars go into @data. Text output goes into $data and gets. # appended to the end of the mail. # First, get an ORDERED list of all cgi vars from @in to @keys for (0 .. $#in) { local($key) = split(/=/,$in[$_],2); $key =~ s/\+/ /g; $key =~ s/%(..)/pack("c",hex($1))/ge; push(@keys,$key); } # Now weed out the ones we want @reserved = ('to', 'cc', 'from', 'name', 'sub', 'body', 'nexturl'); local(%mark); foreach (@reserved) { $mark{$_} = 1; } @data = grep(!$mark{$_}, @keys); foreach (@data) { $data .= "$_ -> $in{$_}\n"; } # Convert multiple bodies (separated by \0 according to CGI spec) # into one big body $body =~ s/\0//; # now check to see if some joker changed the HTML to allow other # mail addresses besides the ones in %addrs, if applicable if (%addrs) { if (!scalar(grep($_." <$addrs{$_}>" eq $destaddr || $destaddr eq $_, keys(%addrs)))) { print &PrintHeader(); print <WWW Mail Gateway: Mail address not allowed

Mail address not allowed

The mail address you managed to submit, $destaddr, to this script is not one of the pre-defined set of addresses that are allowed. Go back and try again.

EOH ; exit(0); } } # if we just received an alias, then convert that to an address $realaddr = $destaddr; if ($addrs{$destaddr}) { $realaddr = "$destaddr <$addrs{$destaddr}>"; } # fork over the mail to sendmail and be done with it if ($active) { if ($listserver) { open(MAIL,"| $sendmail$fromaddr") || &InternalError('Could not fork sendmail with -f switch'); } else { open(MAIL,"| $sendmail") || &InternalError('Could not fork sendmail with -f switch'); } # only print Cc if we got one print MAIL "Cc: $cc\n" if $cc; print MAIL < To: $realaddr Reply-To: $replyto Errors-To: $errorsto Sender: $sender Subject: $subject X-Mail-Gateway: Doug\'s WWW Mail Gateway $version X-Real-Host-From: $realfrom $body $data EOM close(MAIL); } # give some short confirmation results # # if the cgi var 'nexturl' is given, give out the location, and let # the browser do the work. if ($nexturl) { print "Location: $nexturl\n\n"; } # otherwise, give them the standard form. else { print &PrintHeader(); print <Mailto results

Mailto results

Mail sent to $destaddr:

Subject: $subject
From: $fromname <$fromaddr>

$body
Back to the WWW Mailto Gateway EOH ; } } # end if METHOD=POST ##################################### # What the heck are we doing here???? ##################################### else { print <Mailto Gateway error

Mailto Gateway error

Somehow your browser generated a non POST/GET request method and it got here. You should get this fixed!!

EOH } exit(0); # # Deal out error messages to the user. Gets passed a string containing # a description of the error # sub InternalError { local($errmsg) = @_; print &PrintHeader(); print <Mailto Gateway Internal Error

Mailto Gateway Internal Error

Your mail failed to send for the following reason:

$errmesg

EOH exit(0); } ## ## end of mailto.pl ##