@@ -22,6 +22,7 @@ end | |||
local logger = require "rspamd_logger" | |||
local lua_util = require "lua_util" | |||
local rspamd_util = require "rspamd_util" | |||
local lua_maps = require "lua_maps" | |||
local N = "mime_types" | |||
local settings = { | |||
file = '', | |||
@@ -845,6 +846,13 @@ local function check_mime_type(task) | |||
-- Replace potentially bad characters with '?' | |||
fname = fname:gsub('[^%s%g]', '?') | |||
-- Check file is in filename whitelist | |||
if settings.filename_whitelist:get_key(fname) then | |||
logger.debugm("mime_types", task, "skip checking of %s - file is in filename whitelist", | |||
fname) | |||
return | |||
end | |||
local ext,ext2,parts = gen_extension(fname) | |||
-- ext is the last extension, LOWERCASED | |||
-- ext2 is the one before last extension LOWERCASED | |||
@@ -1073,6 +1081,9 @@ if opts then | |||
settings[k] = v | |||
end | |||
settings.filename_whitelist = lua_maps.rspamd_map_add('mime_types', 'filename_whitelist', 'regexp', | |||
'filename whitelist') | |||
local function change_extension_map_entry(ext, ct, mult) | |||
if type(ct) == 'table' then | |||
local tbl = {} |
@@ -55,6 +55,12 @@ Multipart Archive Extension | |||
${result} = Scan Message With Rspamc ${TESTDIR}/messages/f.zip.001.eml | |||
Should Not Contain ${result.stdout} MIME_ARCHIVE_IN_ARCHIVE | |||
Exe file, but name in filename_whitelist | |||
${result} = Scan Message With Rspamc ${TESTDIR}/messages/exe_attm.eml | |||
Should Not Contain ${result.stdout} MIME_BAD_EXTENSION | |||
Should Not Contain ${result.stdout} MIME_BAD_ATTACHMENT | |||
Should Not Contain ${result.stdout} MIME_DOUBLE_BAD_EXTENSION | |||
Empty text part should not be treat as html | |||
${result} = Scan Message With Rspamc ${TESTDIR}/messages/empty-plain-text.eml | |||
Should Not Contain ${result.stdout} FORGED_OUTLOOK_HTML |
@@ -0,0 +1 @@ | |||
/^hello_world\.exe$/ |
@@ -15,4 +15,5 @@ mime_types { | |||
"application/pdf", | |||
] | |||
} | |||
filename_whitelist = "${TESTDIR}/configs/maps/mime_types.wl"; | |||
} |
@@ -0,0 +1,22 @@ | |||
Return-Path: <root@srv.example.com> | |||
To: test@example.com | |||
From: root@srv.example.com | |||
Subject: test Sat, 26 Jan 2019 12:04:58 +0100 | |||
Message-Id: <20190126120458.015328@srv.example.com> | |||
Date: Sat, 26 Jan 2019 12:04:58 +0100 | |||
MIME-Version: 1.0 | |||
Content-Type: multipart/mixed; boundary="----=_MIME_BOUNDARY_000_15328" | |||
------=_MIME_BOUNDARY_000_15328 | |||
Content-Type: text/plain | |||
This is a test mailing | |||
------=_MIME_BOUNDARY_000_15328 | |||
Content-Type: application/octet-stream; name="hello_world.exe" | |||
Content-Description: hello_world.exe | |||
Content-Disposition: attachment; filename="hello_world.exe" | |||
Content-Transfer-Encoding: BASE64 | |||
f0VMRgIBAQAAAAAAAAAAAAMAPgABAAAAUBAAAAAAAABAAAAAAAAAAGA5AAAAAAAAAAAAAEAAOAAL | |||
------=_MIME_BOUNDARY_000_15328-- |