GWIASIG is a simple NLM to append “disclaimers” or “signatures” to every outgoing Groupwise mail message. It uses the built-in “third-party” directory feature of the GWIA to intercept and reformat messages.

It also can block messages based on sender (incoming), recipient (outgoing), subject content, or attachment type.

New with this Release (v0.9)

• Per-Domain discaimers.
• Allows for top or bottom positioning of disclaimers.
• Compatible with NetWare 6.5 and 6.0sp4 (v0.9a)

Bugs fixed in this Release (v0.9c)

• Disclaimers not being added to messages with attachments. Fixed code which locates attachments in the message body.
• Status messages (450, 550, etc) not being relayed back to GWIA. Fixed code which copies the file. A single-line file with no cr/lf was not being read correctly.

THIS RELEASE SHOULD BE CONSIDERED TEST SOFTWARE.  THIS IS A BETA 
RELEASE, AND IS NOT NECESSARILY STABLE OR RELIABLE.  IT IS PROVIDED 
FOR TESTING PURPOSES ONLY.

THIS SOFTWARE IS PROVIDED WITH NO WARRANTY OF ANY KIND, INCLUDING
MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
DO NOT INSTALL THIS SOFTWARE INTO A PRODUCTION ENVIRONMENT
WITHOUT FIRST SATISFYING YOURSELF THAT THE SOFTWARE WORKS
CORRECTLY AND IS SUITABLE FOR YOUR ENVIRONMENT.

GWIASIG version 0.9a is the first version which is compatible with NetWare 6 SP4 and NetWare 6.5, due to changes in the library architecture of NetWare. Earlier versions of GWIASIG will abend newer NetWare servers.

GWIASIG has been tested on NetWare 4.11, 5.1 and 6, with GroupWise 5.5, 6.0 and 6.5. Since the message-handling functions of GroupWise have remained constant, there should be no issues with other versions of GroupWise as long as the GWIA is used.

GWIASIG has not been tested, and may well not work, with GroupWise 4.x.

GWIASIG 
Copyright (c) 2000-2004  by Lee P. Garner.
All Rights Reserved.
This program is free, but may not be redistributed due to its "test" status.
Please direct all inquiries to support@leegarner.com.

For technical support or suggestions, send email to support@leegarner.com. I will attempt to address support issues and make program modifications as time permits. Suggestions, especially, are welcome.

Now that you know where *not* to install GWIASIG, here's how you do it:

1. Copy GWIASIG.NLM and GWIASIG.INI to a directory on the same server that has the Groupwise GWIA directories (<domain>/wpgate/gwia). You can put the files in separate directories, but you'll need to specify the full path (including filename) to the .ini file on the command line.

   Example: load vol1:gwiasig\gwiasig vol1:directory2\gwiasig.ini

   Note for NetWare 4.x Users: GWIASIG has been tested on NetWare 4.11 with service pack 9 installed. You must ensure that CLXNLM32.NLM and CLIBAUX.NLM are loaded before GWIASIG will load correctly.

2. Edit the GWIASIG.INI file to reflect your environment. The sample file included is commented and should be self-explanatory. You must change this file to contain the correct paths for your GWIA root directory (\domain\WPGATE\GWIA\) and the location of the signature file. If the signature file cannot be found at startup, no signatures will be applied. GWIASIG will still transfer messages intact. Make sure all directory paths end with the '\' character.
3. Create your signature file using a text editor
4. Create a directory to be used as the “third-party” directory.

You also have to tell GWIA to hand over your messages:

1. Open ConsoleOne (or NWAdmin32) and access the GWIA properties.
2. Select the “Server Directories” tab.
3. Click “Advanced”.
4. For the “SMTP Service Queues Directory” enter the same directory that you put in GWIASIG.INI as “ThirdDir”. If you don't have the necessary tab in ConsoleOne, you can add the following line to your GWIA.CFG file:

   Smtphome='unc path to Gwiasig directory'

5. Unload and reload GWIA. GWIA will create the necessary directories under “ThirdDir”. You'll know if these steps worked if there is a SEND, RECEIVE, and RESULT directory under “ThirdDir”.

That's it! Now type load gwiasig at the server console. GWIA will place messages into \wpgate\gwia\send where GWIASIG picks them up. The new messages (with disclaimers) are written to ThirdDir\SEND, and GWIA again picks them up for delivery.

Received and Result messages are also processed through GWIASIG in a similar fashion.

Beginning with version 0.06, the default location for the INI configuration file is the directory in which GWIASIG is installed. This is different from prior versions which used <pre>sys:system</pre> as the default. You have two choices:

1. Copy GWIASIG.INI from sys:system to the GWIASIG installation directory (recommended).
2. Change the startup command to load gwiasig sys:system/gwiasig.ini

Of course, if you previously installed GWIASIG in sys:system, this change will not affect your configuration.

We apologize for any inconvenience that this may cause to current users. The goal is to allow for the complete localization of GWIASIG into a single directory. This will allow for easier updates, installation and removal.

Beginning with version 0.09 you can select whether a disclaimer appears above or below the message text. If you're using per-domain disclaimers, this selection can be made on a per-domain basis with a default selection for domains not specifically configured. The default position remains at the bottom of the message to maintain compatibility with previous versions and since that is the common standard.

To set the default position, add a key to the INI file under the [Signature] section like so:

[Signature]
Position = 1

Add the same key under the domain sections, if used, to deviate from the default position. The position values are:

0 – disclaimer is not used at all.
1 – position at the top of the message.
2 – position at the bottom of the message (this is the default).

For sites that use multiple sender domains, each domain can be configured with a different disclaimer. This may be especially appealing to large or diverse organizations, such as schools. The following steps are needed to set them up:

1. Create disclaimer files similar to the global files, such as mydomain.com.text and, optionally, mydomain.com.html. If only one file is specified (text or html), then the global disclaimer will be used in place of the unspecified version.
2. Create a flag in the configuration INI file to tell GWIASIG that you are using domain-based disclaimers. Since these disclaimers are read from disk each time that they are used (unlike the global disclaimer), omitting this flag where it is not needed saves GWIASIG a bit of work.
   • [Signature]
   • ByDomain=1
3. Then, create a section in the INI file for each domain to have a unique disclaimer. Under that section, specify the locations of the text and html disclaimers. Like the global disclaimer, the text version will be used with basic html formatting if no specific html version is given.

To effectively turn off a domain's disclaimer without deleting it, create a “Position” entry in the INI file with a value of zero. The default value for the position is “1”, which causes the disclaimer to be added to the bottom of the message.

[leegarner.com]
TextFile=vol1:gwiasig/disclaimers/leegarner.com.text
HTMLFile=vol1:gwiasig/disclaimers/leegarner.com.html
Position=1 ; this is the default

If you wish to use disclaimers for only these specific domains, and to let mail pass through without disclaimers by default, then create a “Position” flag in the “Signature” section with a value of zero. Be sure that if you do this, that you include the Position flag for each domain's section, or no disclaimers will be written.

[Signature]
Position=0 ; this will globally shut off disclaimers, unless overridden 
  in a domain section.

If a domain has a specific text or html disclaimer file specifiec, but that file cannot be found or opened, then no disclaimer will be applied. Domains which do not have a specific section created will use the global disclaimer, subject to the “Position” flag mentioned above.

The per-domain disclaimer function is backward- and forward-compatible between versions of GWIASIG and the configuration file. This means that no changes are needed to GWIASIG.INI if you do not wish to use this feature.

The basic text signature file is determined by the “File” parameter in the [Signature] section of the .ini file. Additional parameters may be specified for HTML formatting:

[Signature]
File = full path to text signature file
HTMLPre = HTML formatting tags to precede the signature
HTMLPost = HTML formatting tags to follow the signature
HTMLFile = full path to HTML signature file

The HTML Pre- and Post- tags allow for additional formatting when the signature is applied to an HTML message. For example, you could specify HTMLPre=<I><font=”-1”> to get a small, italicized signature. When a text signature is written to an HTML message, the line break (<br>) tags are automatically appended to each line. Otherwise, the signature is written out just as you entered it into the signature file.

Optionally, you can use a completely separate file for the HTML-formatted signature. In this case, the Pre- and Post- tags are not used at all, and no formatting tags are included. You have complete control over the signature content and formatting. This allows for embedded e-mail or web addresses, and other special formatting for the HTML signature.

Note: A blank HTML message will receive a text disclaimer. This is because GroupWise does not provide any content-type directive in a completely empty message.

Incoming messages sent from certain e-mail addresses, or outgoing messages to certain addresses, can be blocked completely. To do this, create a text file containing one address or partial address per line. Enter the full path to this file in the .ini file. Refer to String Handling below for instructions on setting up this list. Be sure that the list ends with a newline; otherwise the last item won’t be read.

GWIASIG checks both the “From” and “MAIL FROM” fields for incoming messages.

INI Configuration:

[BannedAddresses]
Direction = direction to block.  0  = no blocking, 1 = outgoing, 
      2 = incoming, 3 = both directions
File = full path to address file
Notify = notifications to send.  See “Configuration Notification”

Block inbound and/or outbound messages with specific subjects. Create a text file containing one subject per line. Enter the full path to a text file containing the undesirable subjects in the .ini file. Refer to “String Handling” below for instructions on setting up this list. Be sure that the list ends with a newline; otherwise the last item won’t be read.

To specify the direction of subject blocking, change the parameter for “Direction”. A value of 1 blocks outgoing, 2 blocks incoming and 3 blocks both directions.

Optionally, you can specify a path in the .ini file as “BannedMessageDir” to quarantine the banned messages. You can then review them and send them, if desired, by copying them into \domain\WPGATE\GWIA\RECEIVE or \thirddir\SEND.

INI Configuration:

[Subjects]
File = full path to subjects file
Direction = direction to block.  0  = no blocking, 1 = outgoing, 
    2 = incoming, 3 = both directions
Notify = notifications to send.  See “Configuration Notification”

Attachments can be blocked for messages incoming, outgoing, or both directions. Specify the name of a text file containing attachments to block as the “File” parameter. Specify the direction(s) as the “Direction” parameter (See “Banned Subject Blocking” for details). Be sure that the list ends with a newline; otherwise the last item won’t be read.

Refer to “String Handling” below for instructions on setting up this list.

INI Configuration:

[Attachments]
File = full path to text file listing attachments
Direction = direction to block.  0 = disabled, 1 = outgoing, 
    2 = incoming, 3 = both directions
Notify = notifications to send.  See “Configuration Notification”

You can now specify mime-types to be blocked. Similar to attachment blocking, this function reads a text file for a list of mime-types and attempts to match them against the “Content-Type:” directives in the mail messages.

INI Configuration:

 [MimeTypes]
 File=full path to text file listing mime-types
 Direction= direction to block.  0 = disabled, 1 = outgoing, 
    2 = incoming, 3 = both directions
Notify = notifications to send.  See "Configuration Notification"

There may be certain senders or receivers, both inside and outside of your mail system, which should be exempt from the content-checking functions of GWIASIG. These email addresses can be listed in one or more text files, one item per line, and referenced in GWIASIG.INI.

INI Configuration: [TrustedAddresses] InSenderFile=vol1:gwiasig/trustedin.txt OutSenderFile=vol1:gwiasig/trustedout.txt InReceiverFile= OutReceiverFile=

The four address types can be described as:

1. InSenderFile is a list of external addresses which should be able to send any content in to any internal user.
2. OutSenderFile is a list of internal addresses which should be able to send any content out.
3. InReceiverFile is a list of internal addresses which should be allowed to receive any email content coming in.
4. OutReceiverFile is a list of external addresses which should be able to receive any content sent out.

New with version 0.07. Previously, every eligible outgoing message received a disclaimer. This could result in many disclaimers being added to an e-mail conversation. You can now instruct GWIASIG to append only one disclaimer.

This is done by having GWIASIG check for a specific string in the message which will indicate that the disclaimer has already been added.

INI Configuration:

[Signature]
AllowDup = 0 default is “1” to retain compatibility with previous versions
AddTag = 1 add the tag string if this is non-zero.  Default is “1”
Tag = "<<<<signature already added>>>>"

Setting the “AllowDup” key to “0” tells GWIASIG whether to check for a previously-added disclaimer and, if found, do not add another.

The “Tag” key provides the string that GWIASIG will use to detect a disclaimer. Since disclaimer text may incorporate “normal” text, this special tag is appended to each disclaimer to positively identify the disclaimer. This string can be anything that you like, but should be unique. If a tag is not specified, GWIASIG will append ««GWIASIG»» to each disclaimer.

Keep the tag string shorter than 78 characters to avoid problems with line wrapping by the GroupWise agents.

New with version 0.08b.

By default, a special “tag string” is used to determine whether a disclaimer has already been added. If necessary, the tag string is appended to the disclaimer. If you would like to avoid the inclusion if the extra tag string, then set the “AddTag” variable to zero. Remember that the string defined as your “tag” must, therefore, already be somewhere in the email message in order to avoid duplicate disclaimers. Remember to make it sufficiently unique that it won't inadvertently appear somewhere other than in the disclaimer.

For Attachment, Subject and Address blocking, version 0.06 introduces wildcards. This allows a greater level of control for the administrator setting up the blocking parameters. The “*” character acts as a wildcard and may be placed at the beginning or end of the filename.

If you wish to have the “*” character included as part of a specification, prefix it with the backslash (“\”) character. Only leading or trailing asterisks should be “escaped” by a backslash in order to be treated as literals. Asterisks embedded in the specification should not be escaped as they do not act as wildcards.

Here are some examples, with comments (don’t put comments in your files!):

This allows certain domains to be excluded from receiving signature. The primary purpose for this is to prevent signatures from being added to the Faxware for Groupwise domain name (typically “faxware.company.com”). Any outgoing message to an email address which contains a string listed in this file will not receive a signature.

If you don't need this functionality you need not create the file.

INI Configuration:

[Signature]
ExcludeDomains = full path to file listing excluded domains

Notes:

1. When GWIA creates an outgoing message with multiple recipients, one “To:” line is created with multiple addresses. If any address contains the text in an Excluded Domain line, the message will not receive a signature for any recipient.
2. Wildcards are used when checking for domains to exclude. For example, the entries in the Excluded Domains file might look like (don't put comments in!)
   • company.com ; matches exactly. Probably not too useful for this purpose.
   • *company.com ; matches anything ending in “company.com,” including john@company.com”, “john@div1.company.com”, “john@bigcompany.com”, etc.
   • john@* ; matches any address beginning with “john@.”
   • *company* ; matches any address containing the word “company.”

GWIASIG can now log activity to text files. Set the following parameter in the .ini file to enable file logging:

[System]
LogFilePath = full path to log file

Example:

LogFilePath = vol1:gwiasig\log\

Note that the path must end with a trailing ‘\’.

If this feature is used, a text file will be created each day with a filename formatted as YYYYMMDD.LOG, where YYYY is the year, MM is the month and DD is the day.

A new section has been added to the GWIASIG.INI file to allow for message archiving parameters. To activate message archiving, simply add the following lines to GWIASIG.INI:

[Archive]
Path = path to archive root

For example:

[Archive]
Path = vol1:gwiasig/archive/

Note that, like other paths, the trailing backslash must be specified. Also, the root path (everything up to the final backslash) must already exist. GWIASIG will create daily archive directories under the root as YYYYMMDD and store messages as HHMMSS_D_MSGID.XXX where the D is either “R” for “Received” or “S” for “Sent”.

To have the archive directories preceded by a character string, simply omit the trailing backslash. For example, the entry Path=vol1:gwiasig/archive/msg would cause the directories to be created as msg20030401, msg20030402, etc. under the /gwiasig/archive path.

Important Notes about archiving:

• Unless messages are archived to a WORM device, there can be no assurance of their integrity. This feature is not intended to be used for legal purposes. No warranty is made regarding the integrity or validity of archived messages.
• Message archiving must be activated only with the knowledge and permission of company management, and only within any security or privacy policies which exist.
• Message archiving provides any admin-level user, or anyone with file permissions to the archive directory tree, access to read all inbound and outbound messages. Security must be maintained on the archive directory structure.
• There is no capability for automatic purging of messages, or for moving them to other media. Make sure that the server’s disk space is monitored to avoid filling it up with messages.
• Messages are archived before the disclaimer is applied.

To terminate the NLM, just unload it or press <ESC> or unload it from the console prompt. To re-read all parameters, such as a changed signature file or change to the .ini file, press <F5>.

To display the current parameters, press <F6>.

Press <F1> for help. This will simply display the keystrokes and functions.

Notification messages can be sent in four different ways (not including messages to the administrator). This configuration is done by specifying a “Notify=” tag under each message-type section ([Subjects], [Senders], etc). The value following the “=” sign should be the sum of the values of the desired notifications, according to the following list:

1 = Notify the internal recipient of a blocked incoming message.
2 = Notify the internal recipient of a blocked outgoing message.

For example, to notify internal recipients of all messages blocked you would add Notify = 3 under the message type section.

Set Notify=0 to turn off all notifications for a given message type.

If a Notify value is not present for a given message type, then the Enabled value of the global [Notify] section is consulted. If no value is present there, either, then notifications are disabled completely.

(New with v0.07d)

The customization of notification messages is done by specifying a message filename under the type of message blocking. For example:

[Subjects]
File = vol1:gwiasig\subjects.txt file containing banned subjects
Direction = 3 direction to block (incoming and outgoing)
Notify = 3 direction to notify (everyone)
IntIncoming = vol1:gwiasig\SubRcptInt.msg notify internal recipient 
    ; of a bad incoming message
IntOutgoing = vol1:gwiasig\SubSendInt.msg notify internal sender 
    ; of a bad outgoing message

The format of the message files (SubRcptInt.msg and SubSendInt.msg above) is simply a free-form text file. You can enter any information that you’d like in these files. Additionally, some macros are available to reference data within the original message. Note that these will substitute English text where appropriate.

The first line of a custom notification message file is used as the subject. Macros are not expanded in the subject.

Sample custom message:

NOTICE:  Banned Subject Matter
Your message to %T has been rejected due to:
%A
Please contact your system administrator regarding message %M 
if you feel that this is not correct.

To set global parameters for message notifications, edit the [Notify] section as follows. All values are required, though the “Enabled” flag can be overridden for specific message types.

• Starting with version 0.06, a leading or trailing asterisk will not appear in a disclaimer line since they are interpreted as wildcards. This may be changed in a future version. In the meantime, precede these characters with a backslash (“\”) to treat them as literals.
• Be sure that all text lines in the configuration file and other files have a cr/lf. GWIASIG will not correctly read a line that does not.