mirrors
/
rspamd
spogulis no https://github.com/vstakhov/rspamd.git
Vērot 1
Pievienot zvaigznīti 0
Atdalīts 0
Kods Problēmas 0 Laidieni 159 Vikivietne Aktivitāte
Pārlūkot izejas kodu

[Minor] Rbl: More fixes

tags/2.0
Vsevolod Stakhov pirms 4 gadiem
vecāks
740a249ac3
revīzija
00547ef4b0
1 mainītis faili ar 86 papildinājumiem un 71 dzēšanām
Dalītais skats Rādīt salīdzināšanas statistiku
  1. 86
    71
      src/plugins/lua/rbl.lua

+ 86
- 71
src/plugins/lua/rbl.lua Parādīt failu

@@ -335,7 +335,7 @@ local function gen_rbl_callback(rule)
forced = forced,
n = to_resolve,
orig = orign,
is_ip = resolve_ip,
resolve_ip = resolve_ip,
what = what,
}
requests_table[req] = nreq
@@ -394,7 +394,6 @@ local function gen_rbl_callback(rule)
local function check_dkim(task, requests_table, whitelist)
local das = task:get_symbol('DKIM_TRACE')
local mime_from_domain
local ret = false

if das and das[1] and das[1].options then

@@ -423,24 +422,21 @@ local function gen_rbl_callback(rule)
if mime_from_domain and mime_from_domain == domain_tld then
add_dns_request(task, domain_tld, true, false, requests_table,
'dkim', whitelist)
ret = true
end
else
if rule.dkim_domainonly then
add_dns_request(task, rspamd_util.get_tld(domain),
false, false, requests_table, 'dkim', whitelist)
ret = true
else
add_dns_request(task, domain, false, false, requests_table,
'dkim', whitelist)
ret = true
end
end
end
end
end

return ret
return true
end

local function check_emails(task, requests_table, whitelist)
@@ -458,9 +454,6 @@ local function gen_rbl_callback(rule)
end

local emails = lua_util.extract_specific_urls(ex_params)
if not emails or #emails == 0 then
return false
end

for _,email in ipairs(emails) do
if rule.emails_domainonly then
@@ -496,9 +489,6 @@ local function gen_rbl_callback(rule)
}

local urls = lua_util.extract_specific_urls(ex_params)
if not urls or #urls == 0 then
return false
end

for _,u in ipairs(urls) do
add_dns_request(task, u:get_tld(), false,
@@ -564,54 +554,69 @@ local function gen_rbl_callback(rule)
'sel' .. rule.selector_id, whitelist)
end
end

return true
end

-- Create function pipeline depending on rbl settings
local pipeline = {
is_alive, -- generic for all
}
local description = {
'alive',
}

if rule.exclude_users then
pipeline[#pipeline + 1] = check_user
description[#description + 1] = 'user'
end

if rule.exclude_local or rule.exclude_private_ips then
pipeline[#pipeline + 1] = check_local
description[#description + 1] = 'local'
end

if rule.helo then
pipeline[#pipeline + 1] = check_helo
description[#description + 1] = 'helo'
end

if rule.dkim then
pipeline[#pipeline + 1] = check_dkim
description[#description + 1] = 'dkim'
end

if rule.emails then
pipeline[#pipeline + 1] = check_emails
description[#description + 1] = 'emails'
end

if rule.urls then
pipeline[#pipeline + 1] = check_urls
description[#description + 1] = 'urls'
end

if rule.from then
pipeline[#pipeline + 1] = check_from
description[#description + 1] = 'ip'
end

if rule.received then
pipeline[#pipeline + 1] = check_received
description[#description + 1] = 'received'
end

if rule.rdns then
pipeline[#pipeline + 1] = check_rdns
description[#description + 1] = 'rdns'
end

if rule.selector then
pipeline[#pipeline + 1] = check_selector
description[#description + 1] = 'selector'
end

return function(task)
local callback_f = function(task)
-- DNS requests to issue (might be hashed afterwards)
local dns_req = {}
local whitelist = task:cache_get('rbl_whitelisted') or {}
@@ -623,11 +628,11 @@ local function gen_rbl_callback(rule)
end

-- Execute functions pipeline
for _,f in ipairs(pipeline) do
for i,f in ipairs(pipeline) do
if not f(task, dns_req, whitelist) then
lua_util.debugm(N, task,
"skip rbl check: %s; pipeline condition returned false",
rule.symbol)
"skip rbl check: %s; pipeline condition %s returned false",
rule.symbol, i)
return
end
end
@@ -714,6 +719,8 @@ local function gen_rbl_callback(rule)
end
end
end

return callback_f,string.format('checks: %s', table.concat(description, ','))
end

local function add_rbl(key, rbl)
@@ -778,79 +785,87 @@ local function add_rbl(key, rbl)
'RBL whitelist for ' .. rbl.symbol)
end

local id = rspamd_config:register_symbol{
type = 'callback',
callback = gen_rbl_callback(rbl),
name = rbl.symbol,
flags = table.concat(flags_tbl, ',')
}
local callback,description = gen_rbl_callback(rbl)

if rbl.dkim then
rspamd_config:register_dependency(rbl.symbol, 'DKIM_CHECK')
end
if callback then
local id = rspamd_config:register_symbol{
type = 'callback',
callback = callback,
name = rbl.symbol,
flags = table.concat(flags_tbl, ',')
}

-- Failure symbol
rspamd_config:register_symbol{
type = 'virtual,nostat',
name = rbl.symbol .. '_FAIL',
parent = id,
score = 0.0,
}
rspamd_logger.infox(rspamd_config, 'added rbl rule %s: %s',
rbl.symbol, description)

if rbl.dkim then
rspamd_config:register_dependency(rbl.symbol, 'DKIM_CHECK')
end

local function process_return_code(s)
rspamd_config:register_symbol({
name = s,
-- Failure symbol
rspamd_config:register_symbol{
type = 'virtual,nostat',
name = rbl.symbol .. '_FAIL',
parent = id,
type = 'virtual'
})

if rbl.is_whitelist then
if rbl.whitelist_exception then
local found_exception = false
for _, e in ipairs(rbl.whitelist_exception) do
if e == s then
found_exception = true
break
score = 0.0,
}

local function process_return_code(s)
rspamd_config:register_symbol({
name = s,
parent = id,
type = 'virtual'
})

if rbl.is_whitelist then
if rbl.whitelist_exception then
local found_exception = false
for _, e in ipairs(rbl.whitelist_exception) do
if e == s then
found_exception = true
break
end
end
end
if not found_exception then
if not found_exception then
table.insert(white_symbols, s)
end
else
table.insert(white_symbols, s)
end
else
table.insert(white_symbols, s)
end
else
if rbl.ignore_whitelist == false then
table.insert(black_symbols, s)
if rbl.ignore_whitelist == false then
table.insert(black_symbols, s)
end
end
end
end

if rbl.returncodes then
for s,_ in pairs(rbl.returncodes) do
process_return_code(s)
if rbl.returncodes then
for s,_ in pairs(rbl.returncodes) do
process_return_code(s)
end
end
end

if rbl.returnbits then
for s,_ in pairs(rbl.returnbits) do
process_return_code(s)
if rbl.returnbits then
for s,_ in pairs(rbl.returnbits) do
process_return_code(s)
end
end
end

if not rbl.is_whitelist and rbl.ignore_whitelist == false then
table.insert(black_symbols, rbl.symbol)
end
-- Process monitored
if not rbl.disable_monitoring then
if not monitored_addresses[rbl.rbl] then
monitored_addresses[rbl.rbl] = true
rbl.monitored = rspamd_config:register_monitored(rbl.rbl, 'dns',
get_monitored(rbl))
if not rbl.is_whitelist and rbl.ignore_whitelist == false then
table.insert(black_symbols, rbl.symbol)
end
-- Process monitored
if not rbl.disable_monitoring then
if not monitored_addresses[rbl.rbl] then
monitored_addresses[rbl.rbl] = true
rbl.monitored = rspamd_config:register_monitored(rbl.rbl, 'dns',
get_monitored(rbl))
end
end
return true
end

return true
return false
end

-- Configuration

Rakstīt Priekšskatītījums
Notiek ielāde…
Atcelt
Saglabāt