Automated Mail Services
We host a selection of services that are made accessible via email to
@int.pydis.wtf
addresses.
Unlike service accounts, their mail is not delivered to typical UNIX mailboxes
(for example, like DMARC reports are), but is instead processed by a local
script which is spawned by the master.cf
Postfix config file, and run as the
servicemailer
user.
These scripts are flexible on what they can do, they can respond to an email, forward something, trigger an action, and so on. The full message body is passed to the script for processing.
Services are categorised into the following groups:
Icon | Access |
---|---|
Available to any mail user | |
Available to any PyDis LDAP user | |
Only available to members of the DevOps team |
Available Services
Fortunes (fortune@int.pydis.wtf
)
The fortune service responds to an email with a fortune generated by the Fortune command. It is one of the simplest examples of an automatic mail service.
Optionally, if users send to fortune+cowsay@int.pydis.wtf
then their fortune
response will be wrapped by a cow.
You can trigger this service by sending an email with any subject and any content. It will reply to the email address you sent from.
Security
Mail-available services are generally secure, we apply the same security restrictions we do to all inbound mail:
- Validate SPF policy
- Validate DKIM policy
- Validate DMARC policy
You can read more about these here.
Ultimately, there is no reason to believe that service mail opens any additional vulnerabilities, though it should not be used for tasks requiring fine-grained authorization or to trigger actions that are known to cause consequences, no matter how small.
Ideal use-cases for service mail are:
- Services that run harmless commands and return the responses (i.e.
fortune
) - Services which query information that is non-sensitive (i.e. currently triggered Prometheus alerts)
Anything that is sensitive or otherwise not suited should instead be implemented as a feature on King Arthur or any other system with fine-grained access control.
Parsing Mail
In scripts, you should use
mblaze
utilities to parse inbound mail to scripts to avoid issues that may arise from
manually parsing email files.
As an example, from the fortune@int.pydis.wtf
service:
# Read the entire email into a variable
EMAIL=$(cat)
# Extract the sender's email address
SENDER=$(echo "$EMAIL" | maddr -a -h from -)
# Extract the Message-ID of the original email
MESSAGE_ID=$(echo "$EMAIL" | mhdr -h message-id -)
# Extract the original Subject and prefix it with "Re: " if necessary
ORIGINAL_SUBJECT=$(echo "$EMAIL" | mhdr -h subject -)
# Construct the reply subject
REPLY_SUBJECT="Re: $ORIGINAL_SUBJECT"