This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Email Protection -> Quarantine Report -> Script language question

Hi to all,

I am working on a modification for the Quarantine Report of Sophos UTM Email Protection.
I am modifying the file /var/storage/chroot-smtp/etc/digest/digest and so far it works like I expect it.

My question is now ... there are some script parts within this file to control the dynamic content.
These syntax is f.e. <? $MsgRelease ?>.
To use this example in this variable $MsgRelease the release link for a quarantined mail is stored.

What I now want to achive is to paste the content of this Variable into a mailto: line but this does not work correctly as this $MsgRelease contains special characters like & which are control characters for a mailto line.

In other occasions I re-formatted variables like this with HEX or converted them to a URL string but I cannot figure out which kind of script language is used on the UTM.
Can someone please tell me what script language is used so that I can have a look on what commands are available on this language to reformat the output of $MsgRelease ... 

Thanks a lot!

And yes I know working on the CLI like this modifying files means no warranty ... 

Best regards

Jupp



This thread was automatically locked due to age.
Parents
  • Hallo Jupp and welcome to the UTM Community!

    Sounds like a fun project, but did you know that if you don't have a user in the UTM, it won't send a Quarantine Report for his email address - rather a single email for each email quarantined?

    Likewise, if you disable the Quarantine Report for everyone, everyone will receive an email each time an email is quarantined.  If users receive individual emails instead of a Quarantine Report, they can bulk manage their quarantine with the User Portal.

    You might play with those things a bit to see if there's an easier way to accomplish your goal.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hello Bob,

    what you describe is exactly what I would like to implement (email notification each time an email is quarantined). I have configured users (AD authentication for recipient validation). If I disable the quarantine report on global settings completely each user should receive an email each time an email is quarantined?

    Using UTM 9.701-6 it does not work for me, any hints?

     

    thanks, Georg

  • Hallo Georg and welcome to the UTM Community!

    This is about the SMTP Proxy - is that what you're using?  If you are and it's not working as described, you might consider getting a ticket open with Sophos Support.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

    yes this is about the SMPT proxy. If I understand correctly you said that if Quarantine Report is generally disabled, then the UTM should send an e-mail to the recipient that the e-mail has been  quarantined (e.g. because of a blocked file exension). I would love for that to work because the quarantine report twice a day is just not enough. I know there are ssh scripts out there and stuff but I am looking for an easier way.

    thanks, Georg

Reply
  • Hi Bob,

    yes this is about the SMPT proxy. If I understand correctly you said that if Quarantine Report is generally disabled, then the UTM should send an e-mail to the recipient that the e-mail has been  quarantined (e.g. because of a blocked file exension). I would love for that to work because the quarantine report twice a day is just not enough. I know there are ssh scripts out there and stuff but I am looking for an easier way.

    thanks, Georg

Children
  • If you're not uncomfortable at the command line, Georg, a better solution, sending a report every two hours, was proposed by someone here several years ago.

    The /etc/crontab-static file is not modified by WebAdmin, so use it to permanently add cron jobs.  As root at the command line, copy and paste the entire block below:

    echo "30 09 * * * root /usr/local/bin/confd-client.plx set digest send_time_one 11:00:00">>/etc/crontab-static
    echo "30 09 * * * root /usr/local/bin/confd-client.plx set digest send_time_two 13:00:00">>/etc/crontab-static
    echo "30 13 * * * root /usr/local/bin/confd-client.plx set digest send_time_one 15:00:00">>/etc/crontab-static
    echo "30 13 * * * root /usr/local/bin/confd-client.plx set digest send_time_two 17:00:00">>/etc/crontab-static

    Now, to force /etc/crontab-static to be integrated into /etc/crontab, activate the Quarantine Report to be sent at 7:00 and 9:00.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA