The 'g_bank_*' settings allow you to configure surgemail to charge users on a monthly basis for accounts, you define what account options exist and how much they cost, their description etc.
The user is shown this list when registering, and if they choose one that is non zero in price, then they will be asked for credit card information, surgemail then submits a http request to perform the charge with your bank or credit card system, the response codes are checked and if ok then the user account is created etc...
Example settings used for news server system (although this is in surgemail we use the same system to create/charge users and then in surgenews we just tell it to use the same authent module that surgemail is using so it can see the users)
Note the use of '*' at the end of the g_bank_ok and g_bank_log settings so it will match the rest of the line.
g_bank_user "bob"
g_bank_pass "secret"
g_bank_url "https://bank.site?boiid=1&Action=Purchase&CCNumber=||NUMBER||&CCName=||NAME||&CCExpiry=
||EXPIRES||&CCAmount=||VDOLLARS||&CCCurrency=||USD||&RegInv+no=||REF||"
g_bank_ok "BANKONIT-ResponseCode: 08*"
g_bank_reason "BANKONIT-ResponseText:*"
g_bank_log "BANKONIT-ResponseText:*"
g_bank_group group="free" price="0" desc="Free, 100mb/month read/post to text groups only"
g_bank_group group="p100" price="20" desc="100mb/month all groups "
g_bank_group group="p500" price="47" desc="500mb/month all groups "
g_bank_group group="p2000" price="97" desc="2gig/month all groups"
Valid variables for g_bank_url:
||NAME|| | Name of person on credit card |
||NUMBER|| | Number on credit card |
||EXPIRES|| | Expiration date in form YYMM |
||CIV|| | CIV from credit card if requested |
||REF|| | A reference the bank can use, the username is passed currently |
||TYPE|| | Type of credit card |
||CURRENCY|| | Set to NZD for amex cards, and USD in other cases |
||DOLLARS|| | Dollars to charge card |
||VDOLLARS|| | For AMEX the dollars converted to NZD, otherwise the USD charge. |
Settings to define what those groups can do, in surgemail you might use:
g_user_alias group="p100" quota="10"
g_user_send_max group="p100" max="1000"
g_user_list_quota group="p100" quota="10"
g_quota group="p100" quota="5mb"g_user_alias group="p500" quota="20"
g_user_send_max group="p500" max="2000"
g_user_list_quota group="p500" quota="20"
g_quota group="p500" quota="10mb"... (another block of settings for each group, "free" and "p2000"
In surgenews you might use:
usergroup name="free" ip="*" groups="*,!*binaries*,!*pictures*,!*mp3*" con="9" speed="" daily="555mb" monthly="100mb" break="TRUE" byip=""
usergroup name="p100" ip="*" groups="*" con="9" speed="" daily="200mb" monthly="100mb" break="TRUE" byip=""
usergroup name="p500" ip="*" groups="*" con="9" speed="" daily="2000mb" monthly="500mb" break="TRUE" byip=""
usergroup name="p2000" ip="*" groups="*" con="9" speed="" daily="2000mb" monthly="2000mb" break="TRUE" byip=""
Authent fields you need to define
g_authent_info name="Card Name" field="ccname" access="user" default="" type=""
g_authent_info name="Card Number" field="ccnumber" access="user" default="" type="encrypt"
g_authent_info name="Card Expiry" field="ccexpires" access="user" default="" type=""
g_authent_info name="Card Security Code" field="ccciv" access="user" default="" type=""
g_authent_info name="Card Type" field="cctype" access="user" default="" type=""
g_authent_info name="Card Last Charged" field="cclastok" access="domadmin" default="" type=""
Setting to encrypt the credit card number, this must not be changed, and must be kept secret.
g_encrypt_key "123353256"
Please note: the user database will contain the credit card information in a weakly encrypted form, the machine and config file should be securely battenned down to avoid hackers using good firewall settings and the minimum of open ports and a virus scanner.
Commands you can use:
tellmail bank_monthly - This command processes your user database and charges each user the appropriate amount. It should be run once a month manually.
tellmail charge - This performs a test charge using the g_bank_url etc...pass it 'number name and expires' as parameters.