Difference between revisions of "Reboot Machines by Monitoring email Instructions"

From Michael's Information Zone
Jump to navigation Jump to search
(Created page with "==Purpose== To monitor for emails, then execute commands. In this case we want to *Look for emails from users *Verify the user sent the email *Reboot their remote desktop *Che...")
 
Line 21: Line 21:
 
*Create .fetchmailrc and add the following contents
 
*Create .fetchmailrc and add the following contents
 
<pre>poll outlook.office365.com protocol imap port 993 username "user@login.tld" password "password" ssl sslfingerprint "97:08:33:5A:74:09:CC:EA:28:2D:9C:A4:49:3B:A2:C7"</pre>
 
<pre>poll outlook.office365.com protocol imap port 993 username "user@login.tld" password "password" ssl sslfingerprint "97:08:33:5A:74:09:CC:EA:28:2D:9C:A4:49:3B:A2:C7"</pre>
 +
*The fingerprint can be obtained using openssl<ref>https://michaelwiki.geekgalaxy.com/w/index.php/Check_IMAP_and_POP_with_OpenSSL</ref><ref>http://www.aerus.net/2017/04/29/updatefix-fetchmail-unix-connection-to-outlook-365/</ref>
 +
<pre>
 +
openssl s_client -connect outlook.office365.com:993 -showcerts | openssl x509 -fingerprint -noout -md5
 +
</pre>
 +
*At this point you can run the following. If you created a new inbox your output should look similar<ref>http://www.fetchmail.info/fetchmail-man.html#2</ref>
 +
<pre>
 +
[emailuser@testserver ~]$ fetchmail -v --sslproto TLS1.2+ --sslcertck
 +
fetchmail: 6.3.24 querying outlook.office365.com (protocol IMAP) at Tue 17 Apr 2018 02:29:42 PM EDT: poll started
 +
Trying to connect to 40.97.100.50/993...connected.
 +
fetchmail: Server certificate:
 +
fetchmail: Issuer Organization: DigiCert Inc
 +
fetchmail: Issuer CommonName: DigiCert Cloud Services CA-1
 +
fetchmail: Subject CommonName: outlook.com
 +
fetchmail: Subject Alternative Name: *.clo.footprintdns.com
 +
fetchmail: Subject Alternative Name: *.nrb.footprintdns.com
 +
fetchmail: Subject Alternative Name: *.hotmail.com
 +
fetchmail: Subject Alternative Name: *.internal.outlook.com
 +
fetchmail: Subject Alternative Name: *.live.com
 +
fetchmail: Subject Alternative Name: *.office.com
 +
fetchmail: Subject Alternative Name: *.office365.com
 +
fetchmail: Subject Alternative Name: *.outlook.com
 +
fetchmail: Subject Alternative Name: *.outlook.office365.com
 +
fetchmail: Subject Alternative Name: attachment.outlook.live.net
 +
fetchmail: Subject Alternative Name: attachment.outlook.office.net
 +
fetchmail: Subject Alternative Name: attachment.outlook.officeppe.net
 +
fetchmail: Subject Alternative Name: ccs.login.microsoftonline.com
 +
fetchmail: Subject Alternative Name: ccs-sdf.login.microsoftonline.com
 +
fetchmail: Subject Alternative Name: hotmail.com
 +
fetchmail: Subject Alternative Name: mail.services.live.com
 +
fetchmail: Subject Alternative Name: office365.com
 +
fetchmail: Subject Alternative Name: outlook.com
 +
fetchmail: Subject Alternative Name: outlook.office.com
 +
fetchmail: Subject Alternative Name: substrate.office.com
 +
fetchmail: Subject Alternative Name: substrate-sdf.office.com
 +
fetchmail: outlook.office365.com key fingerprint: 97:08:33:5A:74:09:CC:EA:28:2D:9C:A4:49:3B:A2:C7
 +
fetchmail: outlook.office365.com fingerprints match.
 +
fetchmail: SSL/TLS: using protocol TLSv1.2, cipher ECDHE-RSA-AES256-GCM-SHA384, 256/256 secret/processed bits
 +
fetchmail: IMAP< * OK The Microsoft Exchange IMAP4 service is ready. [QgBOADMAUABSADAAMwBDAEEAMAAxADAAOAAuAG4AYQBtAHAAcgBkADAAMwAuAHAAcgBvAGQALgBvAHUAdABsAG8AbwBrAC4AYwBvAG0A]
 +
fetchmail: IMAP> A0001 CAPABILITY
 +
fetchmail: IMAP< * CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS MOVE ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
 +
fetchmail: IMAP< A0001 OK CAPABILITY completed.
 +
fetchmail: IMAP> A0002 LOGIN "******@*******.com" *
 +
fetchmail: IMAP< A0002 OK LOGIN completed.
 +
fetchmail: IMAP> A0003 SELECT "INBOX"
 +
fetchmail: IMAP< * 0 EXISTS
 +
fetchmail: IMAP< * 0 RECENT
 +
fetchmail: IMAP< * FLAGS (\Seen \Answered \Flagged \Deleted \Draft $MDNSent)
 +
fetchmail: IMAP< * OK [PERMANENTFLAGS (\Seen \Answered \Flagged \Deleted \Draft $MDNSent)] Permanent flags
 +
fetchmail: IMAP< * OK [UIDVALIDITY 14] UIDVALIDITY value
 +
fetchmail: IMAP< * OK [UIDNEXT 4] The next unique identifier value
 +
fetchmail: IMAP< A0003 OK [READ-WRITE] SELECT completed.
 +
fetchmail: No mail for ******@*****.com at outlook.office365.com
 +
fetchmail: IMAP> A0004 LOGOUT
 +
fetchmail: IMAP< * BYE Microsoft Exchange Server IMAP4 server signing off.
 +
fetchmail: IMAP< A0004 OK LOGOUT completed.
 +
fetchmail: 6.3.24 querying outlook.office365.com (protocol IMAP) at Tue 17 Apr 2018 02:29:51 PM EDT: poll completed
 +
fetchmail: normal termination, status 1
 +
</pre>

Revision as of 13:32, 17 April 2018

Purpose

To monitor for emails, then execute commands. In this case we want to

  • Look for emails from users
  • Verify the user sent the email
  • Reboot their remote desktop
  • Check for errors
  • Report to the user the desktop is ready



For this run we want a Linux server to be the middle man to watch an inbox hosted on Office365, then tell Windows machines to reboot. If the Windows machine does not respond we want to use powercli to forcibly reboot using vsphere (and eventually KVM, which is ironically much easier to do. But when execs want to spend money on the main stream....)

Process

Here I am using Centos 7 with a basic install. Epel-release is installed as well.

Fetchmail

  • Install fetchmail
yum -y install fetchmail
  • Create a non-root user dedicated to the task
useradd mailuser
passwd mailuser
su mailuser
cd ~/
  • Create .fetchmailrc and add the following contents
poll outlook.office365.com protocol imap port 993 username "user@login.tld" password "password" ssl sslfingerprint "97:08:33:5A:74:09:CC:EA:28:2D:9C:A4:49:3B:A2:C7"
  • The fingerprint can be obtained using openssl[1][2]
openssl s_client -connect outlook.office365.com:993 -showcerts | openssl x509 -fingerprint -noout -md5
  • At this point you can run the following. If you created a new inbox your output should look similar[3]
[emailuser@testserver ~]$ fetchmail -v --sslproto TLS1.2+ --sslcertck
fetchmail: 6.3.24 querying outlook.office365.com (protocol IMAP) at Tue 17 Apr 2018 02:29:42 PM EDT: poll started
Trying to connect to 40.97.100.50/993...connected.
fetchmail: Server certificate:
fetchmail: Issuer Organization: DigiCert Inc
fetchmail: Issuer CommonName: DigiCert Cloud Services CA-1
fetchmail: Subject CommonName: outlook.com
fetchmail: Subject Alternative Name: *.clo.footprintdns.com
fetchmail: Subject Alternative Name: *.nrb.footprintdns.com
fetchmail: Subject Alternative Name: *.hotmail.com
fetchmail: Subject Alternative Name: *.internal.outlook.com
fetchmail: Subject Alternative Name: *.live.com
fetchmail: Subject Alternative Name: *.office.com
fetchmail: Subject Alternative Name: *.office365.com
fetchmail: Subject Alternative Name: *.outlook.com
fetchmail: Subject Alternative Name: *.outlook.office365.com
fetchmail: Subject Alternative Name: attachment.outlook.live.net
fetchmail: Subject Alternative Name: attachment.outlook.office.net
fetchmail: Subject Alternative Name: attachment.outlook.officeppe.net
fetchmail: Subject Alternative Name: ccs.login.microsoftonline.com
fetchmail: Subject Alternative Name: ccs-sdf.login.microsoftonline.com
fetchmail: Subject Alternative Name: hotmail.com
fetchmail: Subject Alternative Name: mail.services.live.com
fetchmail: Subject Alternative Name: office365.com
fetchmail: Subject Alternative Name: outlook.com
fetchmail: Subject Alternative Name: outlook.office.com
fetchmail: Subject Alternative Name: substrate.office.com
fetchmail: Subject Alternative Name: substrate-sdf.office.com
fetchmail: outlook.office365.com key fingerprint: 97:08:33:5A:74:09:CC:EA:28:2D:9C:A4:49:3B:A2:C7
fetchmail: outlook.office365.com fingerprints match.
fetchmail: SSL/TLS: using protocol TLSv1.2, cipher ECDHE-RSA-AES256-GCM-SHA384, 256/256 secret/processed bits
fetchmail: IMAP< * OK The Microsoft Exchange IMAP4 service is ready. [QgBOADMAUABSADAAMwBDAEEAMAAxADAAOAAuAG4AYQBtAHAAcgBkADAAMwAuAHAAcgBvAGQALgBvAHUAdABsAG8AbwBrAC4AYwBvAG0A]
fetchmail: IMAP> A0001 CAPABILITY
fetchmail: IMAP< * CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS MOVE ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
fetchmail: IMAP< A0001 OK CAPABILITY completed.
fetchmail: IMAP> A0002 LOGIN "******@*******.com" *
fetchmail: IMAP< A0002 OK LOGIN completed.
fetchmail: IMAP> A0003 SELECT "INBOX"
fetchmail: IMAP< * 0 EXISTS
fetchmail: IMAP< * 0 RECENT
fetchmail: IMAP< * FLAGS (\Seen \Answered \Flagged \Deleted \Draft $MDNSent)
fetchmail: IMAP< * OK [PERMANENTFLAGS (\Seen \Answered \Flagged \Deleted \Draft $MDNSent)] Permanent flags
fetchmail: IMAP< * OK [UIDVALIDITY 14] UIDVALIDITY value
fetchmail: IMAP< * OK [UIDNEXT 4] The next unique identifier value
fetchmail: IMAP< A0003 OK [READ-WRITE] SELECT completed.
fetchmail: No mail for ******@*****.com at outlook.office365.com
fetchmail: IMAP> A0004 LOGOUT
fetchmail: IMAP< * BYE Microsoft Exchange Server IMAP4 server signing off.
fetchmail: IMAP< A0004 OK LOGOUT completed.
fetchmail: 6.3.24 querying outlook.office365.com (protocol IMAP) at Tue 17 Apr 2018 02:29:51 PM EDT: poll completed
fetchmail: normal termination, status 1