* Add ability to extract urls from subject field

Fix phishing plugin.
* Important fix for multimap/cdb handling
* Important fix for phishing detector

src/html.c

@@ -728,7 +728,13 @@ check_phishing (struct worker_task *task, struct uri *href_url, const gchar *url
 							}
 						}
 						/* Compare parts and check for phished hostname */
-						if (c != NULL && g_ascii_strncasecmp (p, c, len) != 0) {
+						if (c != NULL) {
+							if (g_ascii_strncasecmp (p, c, len) != 0) {
+								href_url->is_phished = TRUE;
+								href_url->phished_url = new;
+							}
+						}
+						else {
 							href_url->is_phished = TRUE;
 							href_url->phished_url = new;
 						}

src/main.c

@@ -605,8 +605,8 @@ wait_for_workers (gpointer key, gpointer value, gpointer unused)
 
 	if (got_alarm) {
 		got_alarm = 0;
-		/* Set alarm for hard termination */
-		set_alarm (HARD_TERMINATION_TIME);
+		/* Set alarm for hard termination but with less time */
+		set_alarm (HARD_TERMINATION_TIME / 10);
 	}
 
 	if (waitpid (w->pid, &res, 0) == -1) {

src/message.c

@@ -945,7 +945,10 @@ process_message (struct worker_task *task)
 	GMimePart                      *part;
 	GMimeDataWrapper               *wrapper;
 	struct received_header         *recv;
-	gchar                           *mid;
+	gchar                          *mid, *url_str, *p, *end;
+	struct uri                     *subject_url;
+	gsize                           len;
+	gint                            pos, rc;
 
 	tmp = memory_pool_alloc (task->task_pool, sizeof (GByteArray));
 	tmp->data = task->msg->begin;
@@ -1090,6 +1093,44 @@ process_message (struct worker_task *task)
 #endif
 	}
 
+	/* Parse urls inside Subject header */
+	cur = message_get_header (task->task_pool, task->message, "Subject", FALSE);
+	if (cur) {
+		p = cur->data;
+		len = strlen (p);
+		end = p + len;
+
+		while (p < end) {
+			/* Search to the end of url */
+			if (url_try_text (task->task_pool, p, end - p, &pos, &url_str)) {
+				if (url_str != NULL) {
+					subject_url = memory_pool_alloc0 (task->task_pool, sizeof (struct uri));
+					if (subject_url != NULL) {
+						/* Try to parse url */
+						rc = parse_uri (subject_url, url_str, task->task_pool);
+						if ((rc == URI_ERRNO_OK || rc == URI_ERRNO_NO_SLASHES || rc == URI_ERRNO_NO_HOST_SLASH) &&
+								subject_url->hostlen > 0) {
+							if (subject_url->protocol != PROTOCOL_MAILTO) {
+								if (!g_tree_lookup (task->urls, subject_url)) {
+									g_tree_insert (task->urls, subject_url, subject_url);
+								}
+							}
+						}
+						else if (rc != URI_ERRNO_OK) {
+							msg_info ("extract of url '%s' failed: %s", url_str, url_strerror (rc));
+						}
+					}
+				}
+			}
+			else {
+				break;
+			}
+			p += pos;
+		}
+		/* Free header's list */
+		g_list_free (cur);
+	}
+
 	return 0;
 }
 

src/plugins/lua/multimap.lua

@@ -283,13 +283,13 @@ local function add_multimap_rule(params)
 	if string.find(newrule['map'], '^cdb://.*$') then
 		local test = cdb.create(newrule['map'])
 		newrule['hash'] = cdb.create(newrule['map'])
+		newrule['cdb'] = true
 		if newrule['hash'] then
 			table.insert(rules, newrule)
 			return newrule
 		else
 			rspamd_logger.warn('Cannot add rule: map doesn\'t exists: ' .. newrule['map'])
 		end
-		newrule['cdb'] = true
 	else
 		if newrule['type'] == 'ip' then
 			newrule['ips'] = rspamd_config:add_radix_map (newrule['map'])

src/plugins/lua/phishing.lua

@@ -11,10 +11,10 @@ function phishing_cb (task)
 	if urls then
 		for _,url in ipairs(urls) do
 			if url:is_phished() then
+				local found = false
 				local purl = url:get_phished()
 				if table.maxn(strict_domains) > 0 then
 					local _,_,tld = string.find(purl:get_host(), '([a-zA-Z0-9%-]+\.[a-zA-Z0-9%-]+)$')
-					local found = false
 					if tld then
 						for _,rule in ipairs(strict_domains) do
 							if rule['map']:get_key(tld) then
@@ -22,20 +22,19 @@ function phishing_cb (task)
 								found = true
 							end
 						end
-						if found then
-							return
-						end
 					end
 				end
-				if domains then
-					local _,_,tld = string.find(purl:get_host(), '([a-zA-Z0-9%-]+\.[a-zA-Z0-9%-]+)$')
-					if tld then
-						if domains:get_key(tld) then
-							task:insert_result(symbol, 1, purl:get_host())
+				if not found then
+					if domains then
+						local _,_,tld = string.find(purl:get_host(), '([a-zA-Z0-9%-]+\.[a-zA-Z0-9%-]+)$')
+						if tld then
+							if domains:get_key(tld) then
+								task:insert_result(symbol, 1, purl:get_host())
+							end
 						end
+					else		
+						task:insert_result(symbol, 1, purl:get_host())
 					end
-				else		
-					task:insert_result(symbol, 1, purl:get_host())
 				end
 			end
 		end
@@ -70,7 +69,7 @@ if opts then
 			sd[1] = opts['strict_domains']
 		end
 		for _,d in ipairs(sd) do
-			local s, _ = string.find(d, ':')
+			local s, _ = string.find(d, ':[^:]+$')
 			if s then
 				local sym = string.sub(d, s + 1, -1)
 				local map = string.sub(d, 1, s - 1)