Fix phishing plugin.
* Important fix for multimap/cdb handling
* Important fix for phishing detector
}
}
/* Compare parts and check for phished hostname */
- if (c != NULL && g_ascii_strncasecmp (p, c, len) != 0) {
+ if (c != NULL) {
+ if (g_ascii_strncasecmp (p, c, len) != 0) {
+ href_url->is_phished = TRUE;
+ href_url->phished_url = new;
+ }
+ }
+ else {
href_url->is_phished = TRUE;
href_url->phished_url = new;
}
if (got_alarm) {
got_alarm = 0;
- /* Set alarm for hard termination */
- set_alarm (HARD_TERMINATION_TIME);
+ /* Set alarm for hard termination but with less time */
+ set_alarm (HARD_TERMINATION_TIME / 10);
}
if (waitpid (w->pid, &res, 0) == -1) {
GMimePart *part;
GMimeDataWrapper *wrapper;
struct received_header *recv;
- gchar *mid;
+ gchar *mid, *url_str, *p, *end;
+ struct uri *subject_url;
+ gsize len;
+ gint pos, rc;
tmp = memory_pool_alloc (task->task_pool, sizeof (GByteArray));
tmp->data = task->msg->begin;
#endif
}
+ /* Parse urls inside Subject header */
+ cur = message_get_header (task->task_pool, task->message, "Subject", FALSE);
+ if (cur) {
+ p = cur->data;
+ len = strlen (p);
+ end = p + len;
+
+ while (p < end) {
+ /* Search to the end of url */
+ if (url_try_text (task->task_pool, p, end - p, &pos, &url_str)) {
+ if (url_str != NULL) {
+ subject_url = memory_pool_alloc0 (task->task_pool, sizeof (struct uri));
+ if (subject_url != NULL) {
+ /* Try to parse url */
+ rc = parse_uri (subject_url, url_str, task->task_pool);
+ if ((rc == URI_ERRNO_OK || rc == URI_ERRNO_NO_SLASHES || rc == URI_ERRNO_NO_HOST_SLASH) &&
+ subject_url->hostlen > 0) {
+ if (subject_url->protocol != PROTOCOL_MAILTO) {
+ if (!g_tree_lookup (task->urls, subject_url)) {
+ g_tree_insert (task->urls, subject_url, subject_url);
+ }
+ }
+ }
+ else if (rc != URI_ERRNO_OK) {
+ msg_info ("extract of url '%s' failed: %s", url_str, url_strerror (rc));
+ }
+ }
+ }
+ }
+ else {
+ break;
+ }
+ p += pos;
+ }
+ /* Free header's list */
+ g_list_free (cur);
+ }
+
return 0;
}
if string.find(newrule['map'], '^cdb://.*$') then
local test = cdb.create(newrule['map'])
newrule['hash'] = cdb.create(newrule['map'])
+ newrule['cdb'] = true
if newrule['hash'] then
table.insert(rules, newrule)
return newrule
else
rspamd_logger.warn('Cannot add rule: map doesn\'t exists: ' .. newrule['map'])
end
- newrule['cdb'] = true
else
if newrule['type'] == 'ip' then
newrule['ips'] = rspamd_config:add_radix_map (newrule['map'])
if urls then
for _,url in ipairs(urls) do
if url:is_phished() then
+ local found = false
local purl = url:get_phished()
if table.maxn(strict_domains) > 0 then
local _,_,tld = string.find(purl:get_host(), '([a-zA-Z0-9%-]+\.[a-zA-Z0-9%-]+)$')
- local found = false
if tld then
for _,rule in ipairs(strict_domains) do
if rule['map']:get_key(tld) then
found = true
end
end
- if found then
- return
- end
end
end
- if domains then
- local _,_,tld = string.find(purl:get_host(), '([a-zA-Z0-9%-]+\.[a-zA-Z0-9%-]+)$')
- if tld then
- if domains:get_key(tld) then
- task:insert_result(symbol, 1, purl:get_host())
+ if not found then
+ if domains then
+ local _,_,tld = string.find(purl:get_host(), '([a-zA-Z0-9%-]+\.[a-zA-Z0-9%-]+)$')
+ if tld then
+ if domains:get_key(tld) then
+ task:insert_result(symbol, 1, purl:get_host())
+ end
end
+ else
+ task:insert_result(symbol, 1, purl:get_host())
end
- else
- task:insert_result(symbol, 1, purl:get_host())
end
end
end
sd[1] = opts['strict_domains']
end
for _,d in ipairs(sd) do
- local s, _ = string.find(d, ':')
+ local s, _ = string.find(d, ':[^:]+$')
if s then
local sym = string.sub(d, s + 1, -1)
local map = string.sub(d, 1, s - 1)
projects / rspamd.git / commitdiff