horton - an e-mail directory daemon, whois/ph server, and fuzzy mail forwarder @(#)README 2.3 8/1/92 SYNOPSIS Invoke hourly.sh and monthly.sh from crontab Invoke in.whoisd and horton-qi from inetd INTRODUCTION Horton automatically and silently creates a electronic mail address directory by 'finger'ing each host in your domain periodically, and lets users look up e-mail addresses with the 'whois' command. If your company or university doesn't yet have an e-mail directory, this package will provide you with one without much effort on your part. It can also be a useful adjunct to a manually maintained e-mail directory, because it is always up to date, whereas the manually maintained one can lag weeks or months behind changes in the real world. (e.g. Caltech has both a manual whois server and a Horton whois server.) Besides accepting whois queries, Horton can also forward mail addressed to John-Miller@horton to the most recent e-mail address for John Miller in the whois database. This is sometimes called fuzzy name lookup. Horton can, as a side effect, also accept ph queries. The command whois -h horton_server search_key where horton_server is the name of the computer running Horton search_key is all or part of a person's name lists all people whose name or username match the pattern. Look at dot.plan, or ~horton/.plan, for more info about how to access the database. ENVIRONMENT Horton runs under Unix, and has been tested with SunOS 4.1.1 and partially tested with HP/UX and NeXT Mach 2.0. It requires sh, csh, and TCP/IP, and relies on other machines (possibly VMS systems) to respond to Finger requests. The mail forwarding feature requires sendmail and the Perl interpreted language; the installation instructions mention where to obtain Perl. LIMITATIONS The ph searching is slow, and personal names are restricted to 19 chars. PATCHLEVEL This is horton-2.2, patchlevel 1. It supercedes horton-1.8, which was comp.sources.misc Volume 31, Issue 38. COPYRIGHT STATUS This software is in the public domain, except for quickfinger.c and quick_smtp.c, which are partly derived from publicly available Berkeley Unix networking sources. IMPLEMENTATION Horton simply runs 'finger @host' on a predetermined set of computers, and keep track of who logs in where. It works with the finger services provided by NeXTs, Suns, and even VMS systems running Multinet. It also runs 'finger user' on all the users of the local computer; this is meant to catch users who never log in but rather check their mail with Eudora via POPmail. (POPmail has to be modified to update /var/adm/lastlog for this to have any effect; see popmods/README.) A hacked version of finger which times out after ten seconds is used to avoid locking up when probing unknown hosts. All four daemons (hourly.sh, monthly.sh, in.whoisd, and horton-qi) should be run by the psuedouser 'horton'. Except during the execution of monthly.sh, horton's mail is forwarded to the Horton Administrator. The Administrator's name, phone number, and e-mail address are set in Makefile, copied to the pseudouser's .plan file, and broadcast by monthly.sh. Installation of hourly.sh, in.whoisd, and monthly.sh is documented in INSTALL. monthly.sh is run from crontab to determine which hosts to poll; it updates the file hosts.poll. It reads the file hosts.exclude and avoids polling or probing any of those hosts, addresses, or networks. Only hosts that support finger, SMTP or MX mail, and are able to use source routing to send a message through their machine are added to hosts.poll; a message is sent to postmaster at each site added to hosts.poll to inform them that their machine is now being monitored by Horton. The message describes how to use the database, and how to contact the Administrator in case of trouble. Hosts that are already in hosts.poll stay in hosts.poll until removed manually. hourly.sh is run from crontab. It reads hosts.poll, polls those hosts with finger, updates hourly.dat (the e-mail addreass database), and creates hourly.out (a tabs-expanded copy of the database). Names are rewritten from Last, First to First Last for consistent searching. in.whoisd is a server that accepts search patterns from clients running the program 'whois', and runs egrep on the database file. It is invoked by inetd, and takes one argument: the data file to search. Installation of horton-qi and phquery is documented in INSTALL.QI. horton-qi is an optional server that accepts ph queries from clients running the programs 'ph' or 'phquery'; it is a Perl program which searches the name field of the database file and returns the address of the named person's most recently used mailbox. It is invoked by inetd, and takes one argument: the data file to search. phquery is the optional fuzzy address resolver; it accepts messages from sendmail, looks up the To: address in the name field of the database by connecting to horton-qi, and reinvokes sendmail to deliver the message to the named person. INPUT FILES hosts.xlat must exist and must be nonempty. When you have Horton up and running, you will want to edit this file to add one line for each machine which remote mounts /var/spool/mail from another machine; the first word on the line is the client name, the second word on the line is the server name. Horton uses this info to report all users on the clients as if they only ever logged in to their server; this reduces the confusion of the user who is trying to decide which of the machines to send mail to. For example, if sparky and rover mount /var/spool/mail from dog, you should add the following lines to hosts.xlat: sparky.podunk.edu dog.podunk.edu rover.podunk.edu dog.podunk.edu hosts.exclude must exist and must be nonempty. Use this file to exclude hosts that don't want to be disturbed in any way by automatic fingering or mail-probing. It can contain hostnames or IP addresses. These are matched with fgrep -v, so partial names or addresses will act like wildcards. Careful, or you may exclude more hosts than you intend. The format is one pattern per line: scratchy.podunk.edu 128.149.77. 128.149.80.5 hosts.test should only exist during testing of monthly.sh. If it exists, monthly.sh does not probe hosts whose names are not in hosts.test; also, only 20 seconds are allowed for mail probes to return instead of the usual 1000. This takes some of the hassle out of testing. OUTPUT FILES hosts.poll lists the hosts to query with finger, one per line, e.g. sparky.podunk.edu dog.podunk.edu rover.podunk.edu It is updated by monthly.sh, but you can add lines to it manually, too. The revolving output data file is hourly.dat, which is in the format user@host.podunk.edu full name last date logged in where the columns are separated by tabs. It is both read and written by hourly.sh, and read by horton-qi. The same data is placed in hourly.out, but with tabs expanded to spaces. It is written by hourly.sh, and read by in.whoisd. SECURITY You may wish to restrict whois server access to local hosts. This can be done with log_tcp, a great TCP/IP access control package available from many ftp hosts. It is wise to make your local computers fairly secure before letting the outside world see your whois database. BUGS Truncates long names, such as Barbara Horner-Miller, at 19 characters! Works with the finger output I've seen, but might not work with other finger daemons, such as Charon's. monthly.sh will ignore hosts that refuse to deliver non-local mail but support finger, such as Charon. SEE ALSO Qi/Doc/Protocol.lpr in uxc.cso.uiuc.edu:/pub/qi.tar.Z for a description of the CSO Name Server protocol used by qi, ph, and phquery. sipb.mit.edu:/pub/whois/whois-servers.list for a list of known whois servers on the Internet. uwho: a metawhois which searches first for a whois server, then for the person you're looking for. Submitted to comp.sources.reviewed. Probably the easiest way to make use of the above list of known whois servers, and a good tool to give your users to access your own whois database. AUTHORS Daniel Kegel Heather L. Sherman (the digmeister)