[ZendTo] Re: Zendto and notification email on new dropoff created by local authenticated user or anonymous user

Jules Jules at ZendTo.com
Fri Aug 6 16:36:18 BST 2010 


On 06/08/2010 16:24, Duncan, Brian M. wrote:
> zendto-3.59-2
> MySQL, CentOS VM
> Local users NOT AD
> Just getting ready to put ZendTo into production.
> When dropoffs are created by authenticated (local user) or non 
> authenticated (anonymous users  - Captcha and confirming email type 
> user ) at the final step when you click the box [Drop-off the File(s)]
> Is the Zendto system not supposed to send a notification email to the 
> TO Email listed in the dropoff form, no notify of a dropoff?  I could 
> have sworn when I tested a couple weeks ago under earlier versions it was.
Yes. The mail comes *from* the person who made the dropoff, not a fixed 
arbitrary (and useless) address. So the problem will be your mail relay 
accepting mails coming from people who leave dropoffs, who may not be 
users at yourdomain.com. So check that your mail relay will accept mail 
coming from your IP addresses as well as mail coming from users who are 
@yourdomain.com.
> I cannot get it to send a notification on any dropoffs.  The system is 
> sending the confirmation email to non-authenticated users to arrange 
> the dropoff, so my email seems to be working properly.  Not sure what 
> I could have wrong here.
> Also as a note, that confirmation email link for an anonymous dropoff 
> is usable multiple times, I am not sure if that is a potential abuse 
> vector.
Thanks for that one, I'll have a look. Fairly hard to stop, as they can 
just reload the form and press the button again even if I disable it as 
soon as they click on it.

> Thanks
> Brian
> This is my zendto.log after logging in as a local user, dropping off 
> one file for an external email address that never receives a 
> notification of a file for them:
> [root at localhost zendto]# tail -f zendto.log
> 2010-08-06 10:21:31 [Katten Public Dropbox]: authorization succeeded 
> for bduncan
> 2010-08-06 10:21:31 [Katten Public Dropbox]: authenticated as 'bduncan'
> 2010-08-06 10:22:40 [Katten Public Dropbox]: Brian Duncan 
> <brian.duncan at kattenlaw.com <mailto:brian.duncan at kattenlaw.com>> => 
> rg0qGpaVuRizfEjM [1 file]
>
> BRIAN M. DUNCAN
> Data Security Administrator
> Katten Muchin Rosenman LLP
> 525 W. Monroe Street / Chicago, IL 60661-3693
> p / (312) 577-8045 f / (312) 577-4490
> brian.duncan at kattenlaw.com / www.kattenlaw.com
>
>
> ------------------------------------------------------------------------
> *From:* zendto-bounces at zendto.com [mailto:zendto-bounces at zendto.com] 
> *On Behalf Of *Jules
> *Sent:* Friday, August 06, 2010 7:50 AM
> *To:* ZendTo Users
> *Subject:* [ZendTo] Re: illegal attempt to update using time #######
>
> It happens when you call the 2 rrd scripts too close to each other.
> Your root crontab should say this, so they stay well apart from each 
> other (they were on the same command-line in earlier releases by mistake):
>
> 5 0 * * * root /usr/bin/php /opt/zendto/sbin/cleanup.php 
> /opt/zendto/config/preferences.php
> 2 10 * * * root /usr/bin/php /opt/zendto/sbin/rrdInit.php 
> /opt/zendto/config/preferences.php
> 2 12 * * * root /usr/bin/php /opt/zendto/sbin/rrdUpdate.php 
> /opt/zendto/config/preferences.php
>
> Jules.
>
> On 06/08/2010 13:25, Gavin Silver wrote:
>> whats this business? i truncated a lot as it all looks pretty similar
>> ----
>> /usr/bin/rrdtool update /var/zendto/rrd/zendto.rrd 1280275200:1:1:6774.8
>>
>> ERROR: /var/zendto/rrd/zendto.rrd: illegal attempt to update using 
>> time 1280275200 when last update time is 1280966400 (minimum one 
>> second step)
>> 11,12,13
>> /usr/bin/rrdtool update /var/zendto/rrd/zendto.rrd 1280361600:3:3:9512.0
>>
>> ERROR: /var/zendto/rrd/zendto.rrd: illegal attempt to update using 
>> time 1280361600 when last update time is 1280966400 (minimum one 
>> second step)
>> 14,15,16
>> /usr/bin/rrdtool update /var/zendto/rrd/zendto.rrd 1280793600:3:1:11.0
>> ------
>>
>>
>> _______________________________________________
>> ZendTo mailing list
>> ZendTo at zendto.com
>> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
>>    
>
> Jules
>
> -- 
> Julian Field MEng CITP CEng
> www.ZendTo.com
>
> Need help fixing or optimising your systems?
> Contact me!
> Need help getting you started solving new requirements from your boss?
> Contact me!
>
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
> Follow me at twitter.com/JulesFM
>    
> ===========================================================
> CIRCULAR 230 DISCLOSURE: Pursuant to Regulations Governing Practice Before the Internal Revenue
> Service, any tax advice contained herein is not intended or written to be used and cannot be used
> by a taxpayer for the purpose of avoiding tax penalties that may be imposed on the taxpayer.
> ===========================================================
> CONFIDENTIALITY NOTICE:
> This electronic mail message and any attached files contain information intended for the exclusive
> use of the individual or entity to whom it is addressed and may contain information that is
> proprietary, privileged, confidential and/or exempt from disclosure under applicable law.  If you
> are not the intended recipient, you are hereby notified that any viewing, copying, disclosure or
> distribution of this information may be subject to legal restriction or sanction.  Please notify
> the sender, by electronic mail or telephone, of any unintended recipients and delete the original
> message without making any copies.
> ===========================================================
> NOTIFICATION:  Katten Muchin Rosenman LLP is an Illinois limited liability partnership that has
> elected to be governed by the Illinois Uniform Partnership Act (1997).
> ===========================================================
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zendto.com
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
>    

Jules

-- 
Julian Field MEng CITP CEng
www.ZendTo.com

Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
Follow me at twitter.com/JulesFM

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20100806/44abd671/attachment.html

More information about the ZendTo mailing list