#!/usr/bin/perl -wT
######
# logmail: Attempt to log when someone reads the email you send
# Author: Jimmy Scott
# Nick: Sick`
# Mail: jimmy *at* inet-solutions.be
# Address: Jimmy Scott
# Goordijk 66
# 2930 BRASSCHAAT
# BELGIUM
# source: http://pub.devbox.be
###
#
# Proof of concept:
#
# Point the script to an image, make the logfile writable by apache,
# you can set the uappnd flag for security reasons.
#
# Make a link to the URL(!) in your HTML email source,
# DO NOT ADD IT INLINE !!!
# telnet test could be like this:
#
# helo example.com
# mail from: noreply@example.com
# rcpt to: roreply@example.com
# data
# Content-type: text/html
#
#
#
#
#
#
# .
#
###
#
# Copyright (C) 2004 Jimmy Scott
#
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
#
# 1. Redistributions of source code must retain the above copyright notice,
# this list of conditions and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# 3. The names of the authors may not be used to endorse or promote products
# derived from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS "AS IS" AND ANY
# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS BE
# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
# THE POSSIBILITY OF SUCH DAMAGE.
#
######
package main;
use strict;
use CGI 'param';
my $filename="readfile.gif"; # filename of the image
my $filetype="image/gif"; # image HTTP header
my $logfile="openlog.txt"; # logfile writable by the webserver user
if (open FH, ">> $logfile") {
my ($rhost,$fhost,$messg,$usrag);
$rhost = $ENV{'REMOTE_ADDR'} || "n/a";
$fhost = $ENV{'HTTP_X_FORWARDED_FOR'} || "n/a";
$usrag = $ENV{'HTTP_USER_AGENT'} || "n/a";
if (param('messg')) {
$messg = substr param('messg'),0,100; # max 100 chars!
} else {
$messg = "n/a";
}
$messg =~ s/[^a-zA-Z0-9{}()<>~:;!@#%&^_='"`,\-\+\\\/\*\.\?\[\]\|\$\ ]//g;
print FH ">>\n";
print FH " Date = ", scalar(localtime), "\n";
print FH " Address = $rhost\n";
print FH " Fowarded for = $fhost\n";
print FH " User agent = $usrag\n";
print FH " Message = $messg\n";
print FH "\n";
close FH;
} else {
warn "Could not open logfile for writing `$logfile': $!\n";
}
if (open FH, "$filename") {
my $bytes;
$bytes = (stat ($filename))[7];
print "Content-type: $filetype", "\n";
print "Content-length: $bytes", "\n";
print "Pragma: no-cache", "\n\n";
binmode FH;
print ;
close FH;
} else {
print "Status: 404 Not Found", "\n\n";
print "The requested URL was not found on this server.", "\n";
}
exit;