[Minor] mime_types - add filename whitelist

src/plugins/lua/mime_types.lua

@@ -22,6 +22,7 @@ end
 local logger = require "rspamd_logger"
 local lua_util = require "lua_util"
 local rspamd_util = require "rspamd_util"
+local lua_maps = require "lua_maps"
 local N = "mime_types"
 local settings = {
   file = '',
@@ -845,6 +846,13 @@ local function check_mime_type(task)
     -- Replace potentially bad characters with '?'
     fname = fname:gsub('[^%s%g]', '?')
 
+    -- Check file is in filename whitelist
+    if settings.filename_whitelist:get_key(fname) then
+      logger.debugm("mime_types", task, "skip checking of %s - file is in filename whitelist",
+        fname)
+      return
+    end
+
     local ext,ext2,parts = gen_extension(fname)
     -- ext is the last extension, LOWERCASED
     -- ext2 is the one before last extension LOWERCASED
@@ -1073,6 +1081,9 @@ if opts then
     settings[k] = v
   end
 
+  settings.filename_whitelist = lua_maps.rspamd_map_add('mime_types', 'filename_whitelist', 'regexp',
+    'filename whitelist')
+
   local function change_extension_map_entry(ext, ct, mult)
     if type(ct) == 'table' then
       local tbl = {}

test/functional/cases/105_mimetypes.robot

@@ -55,6 +55,12 @@ Multipart Archive Extension
   ${result} =  Scan Message With Rspamc  ${TESTDIR}/messages/f.zip.001.eml
   Should Not Contain  ${result.stdout}  MIME_ARCHIVE_IN_ARCHIVE
 
+Exe file, but name in filename_whitelist
+  ${result} =  Scan Message With Rspamc  ${TESTDIR}/messages/exe_attm.eml
+  Should Not Contain  ${result.stdout}  MIME_BAD_EXTENSION
+  Should Not Contain  ${result.stdout}  MIME_BAD_ATTACHMENT
+  Should Not Contain  ${result.stdout}  MIME_DOUBLE_BAD_EXTENSION
+
 Empty text part should not be treat as html
   ${result} =  Scan Message With Rspamc  ${TESTDIR}/messages/empty-plain-text.eml
   Should Not Contain  ${result.stdout}  FORGED_OUTLOOK_HTML

test/functional/configs/maps/mime_types.wl

@@ -0,0 +1 @@
+/^hello_world\.exe$/

test/functional/configs/mime_types.conf

@@ -15,4 +15,5 @@ mime_types {
             "application/pdf",
         ]
     }
+    filename_whitelist = "${TESTDIR}/configs/maps/mime_types.wl";
 }

test/functional/messages/exe_attm.eml

@@ -0,0 +1,22 @@
+Return-Path: <root@srv.example.com>
+To: test@example.com
+From: root@srv.example.com
+Subject: test Sat, 26 Jan 2019 12:04:58 +0100
+Message-Id: <20190126120458.015328@srv.example.com>
+Date: Sat, 26 Jan 2019 12:04:58 +0100
+MIME-Version: 1.0
+Content-Type: multipart/mixed; boundary="----=_MIME_BOUNDARY_000_15328"
+
+------=_MIME_BOUNDARY_000_15328
+Content-Type: text/plain
+
+This is a test mailing
+------=_MIME_BOUNDARY_000_15328
+Content-Type: application/octet-stream; name="hello_world.exe"
+Content-Description: hello_world.exe
+Content-Disposition: attachment; filename="hello_world.exe"
+Content-Transfer-Encoding: BASE64
+
+f0VMRgIBAQAAAAAAAAAAAAMAPgABAAAAUBAAAAAAAABAAAAAAAAAAGA5AAAAAAAAAAAAAEAAOAAL
+
+------=_MIME_BOUNDARY_000_15328--