So, I’m doing a thought experiment about ways to get around a fully locked down production network. Basically, I’m trying to find a way to send SMTP mail from a network that is very locked down. (Appropriately) the network administrators have locked down the network such that I can’t create a socket to anything. This makes perfect sense, you really do want to have control over what you are sending out. What doesn’t make sense is that port 80 is wide open. I can’t SSH out of the network, but I can connect to port 80. So, I need to send email, a colleague points me at this GCALDaemon project. Now, I’m not doing this, but the requirement was interesting enough that I wanted to see what could’ve been done if I really wanted to send email. Evidently I could just use GMail over port 80. I could just drop a bunch of files in a directory and GCALDaemon will take care of the rest sending them via HTTP over GMail. I check it out, looks pretty cool. But, whoa… look at the feature list (and my emphasis):
Open source and completely free of charge OS-independent standalone application (Java 1.5) Bidirectional sync between iCalendar and Google Calendar View and edit your Google Calendar offline Supports 'Google Apps for Your Domain' Supports multiple file listeners with multiple Google Accounts Makes Gmail contacts accessible via LDAP Customizable Gmail notification Converts RSS/ATOM feed to iCalendar format Reusable mail transfer agent Remote control your computer via Gmail Multi-user abilities (up to 30-40 HTTP and LDAP clients) Run in service mode on Windows NT/2000/XP Run in embedded mode in a Servlet Container Low memory usage (10-20 MBytes) Automatic and fast (3-5 sec/sync) Customizable logging system (Log4J / CommonsLogging) Ability to do TCP/IP hostname/address filtering
I think this solution has a little bit of Rube Goldberg in it, but Google is reliable, I’m willing to live with something like this. Look at the feature list though, something jumps out at you….. “Remote control your computer via Gmail” Now that’s cool, but also very scary. (some digging) It stores scripts in GMail using IMap. Your computer syncs with that folder and then executes scripts from the folder. The whole process is triggered by you sending an email with a secret subject to gmail. There’s a diagram on this page… from the site:
This management service keeps checking a Gmail inbox regularly, if it finds an email from a trusted sender and with a secret subject, it reads and executes a specified script file. Then GCALDaemon sends back a response, which contains the script’s output. Most mobile carriers and recent phones have built-in support for sending email through SMS gateways, therefore a simple cellural phone should be enough to manage a computer.
Evidently, the alien overlords have arrived and they are controlling your computer via GMail IMAP. It is written in Java source is in the download. From the download, the lib directory looks refreshingly sparse. It doesn’t appear to be using everything and the kitchen sink in terms of JAR files (like all of my projects). In other words, the lib directory doesn’t contain 150 MB of JARs everything from Spring to Hibernate. Instead it looks like it is using Commons Codec, C-Collections, C-HttpClient, C-IO, C-Lang, C-Logging, Rome API, ical4j, activation, mail, servlet API, LDAP.
Source code, from the source you can see that we have Andras Berkes to thank for this code. Project appears to be covered under an Apache License Version 2.0 (Good, good!) The source looks very straightfoward/well-documented, and if you take a look at org.gcaldaemon.core.mailterm.ScriptRunner, you can see MailTerminal is easy to understand. Next question, why isn’t this thing in Maven?
Systems like this are going to be essential as we move to a model that involves more applications integrating with hosted platforms like Google Apps. Think about the ability to control machines from GMail, now couple that with my previous entry. You see where we’re going with this?
Ridicule
BTW, a colleague is now making fun of me on Skype.
HIM: btw, they could have written this gcaldaemon stuff in 1 minute if they used salesforce (and they wouuldn’t even need access to the net or a computer).
Laugh now, the cloud has you squarely in its crosshairs. Assimilate or perish.
I dont approve of gmail as it is too easy to forge stuff.
XMPP, on the other hand, works very nice. I have a stack of google talk accounts created (manually) just to give every node in a small cluster a login. If you have google apps for a domain you can create such a pool of names fairly easily. Then you just start a chat with the remote system.
Common guys I have been using GetByMail in combination of Gmail to control my remote PCs for about 2 years. This idea olready explored and implemented. Take look: www.getbymail.com