mirrors
/
rspamd
mirror of https://github.com/vstakhov/rspamd.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 159 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
21175 Commits
28 Branches
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
rspamd/contrib/exim/local_scan.c.in

local_scan.c.in 11KB
Raw Permalink Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377 
  1. /*

  2.  * This program is RSPAMD agent for use with

  3.  * exim (http://www.exim.org) MTA by its local_scan feature.

  4.  *

  5.  * To enable exim local scan please copy this file to exim source tree

  6.  * Local/local_scan.c, edit Local/Makefile to add

  7.  *

  8.  * LOCAL_SCAN_SOURCE=Local/local_scan.c

  9.  * LOCAL_SCAN_HAS_OPTIONS=yes

  10.  *

  11.  * and compile exim.

  12.  *

  13.  * For exim compilation with local scan feature details please visit

  14.  * http://www.exim.org/exim-html-current/doc/html/spec_html/ch42.html

  15.  *

  16.  * For RSPAMD details please visit

  17.  * https://bitbucket.org/vstakhov/rspamd/

  18.  *

  19.  * Example configuration:

  20.  * **********************

  21.  *

  22.  * local_scan_timeout = 50s

  23.  *

  24.  * begin local_scan

  25.  *       rspam_ip = 127.0.0.1

  26.  *       rspam_port = 11333

  27.  *       rspam_skip_sasl_authenticated = true

  28.  *       # don't reject message if on of recipients from this list

  29.  *       rspam_skip_rcpt = postmaster@example.com : some_user@example.com

  30.  *       rspam_message = "Spam rejected; If this is not spam, please contact <postmaster@example.com>"

  31.  *

  32.  *

  33.  * $Id: local_scan.c 646 2010-08-11 11:49:36Z ayuzhaninov $

  34.  */

  35. 

  36. #include <sys/types.h>

  37. #include <sys/socket.h>

  38. #include <sys/stat.h>

  39. #include <sys/uio.h>

  40. 

  41. #include <netinet/in.h>

  42. #include <arpa/inet.h>

  43. 

  44. #include <errno.h>

  45. #include <math.h>

  46. #include <stdio.h>

  47. #include <string.h>

  48. #include <unistd.h>

  49. 

  50. #include "local_scan.h"

  51. 

  52. #define REQUEST_LINES	64

  53. #define REPLY_BUF_SIZE	16384

  54. #define HEADER_STATUS	"X-Rspam-Status"

  55. #define HEADER_METRIC	"X-Rspam-Metric"

  56. #define HEADER_SCORE	"X-Rspam-Score"

  57. 

  58. /* configuration options */

  59. static uschar *daemon_ip = US"127.0.0.1";

  60. static int max_scan_size = 4 * 1024 * 1024;

  61. static uschar *reject_message = US"Spam message rejected";

  62. static int daemon_port = 11333;

  63. static BOOL skip_authenticated = TRUE;

  64. static uschar *want_spam_rcpt_list = US"";

  65. 

  66. /* the entries must appear in alphabetical order */

  67. optionlist local_scan_options[] = {

  68. 	{ "rspam_ip", opt_stringptr, &daemon_ip },

  69. 	{ "rspam_max_scan_size", opt_mkint, &max_scan_size },

  70. 	{ "rspam_message", opt_stringptr, &reject_message },

  71. 	{ "rspam_port", opt_int, &daemon_port },

  72. 	{ "rspam_skip_rcpt", opt_stringptr, &want_spam_rcpt_list },

  73. 	{ "rspam_skip_sasl_authenticated", opt_bool, &skip_authenticated },

  74. };

  75. 

  76. int local_scan_options_count = sizeof(local_scan_options) / sizeof(optionlist);

  77. 

  78. /* push formatted line into vector */

  79. int push_line(struct iovec *iov, int i, const char *fmt, ...);

  80. 

  81. int

  82. local_scan(int fd, uschar **return_text)

  83. {

  84. 	struct stat sb;

  85. 	struct sockaddr_in server_in;

  86. 	int s, i, r, request_p = 0, headers_count = 0, is_spam = 0, is_reject = 0;

  87. 	off_t message_size;

  88. 	struct iovec request_v[REQUEST_LINES], *headers_v;

  89. #if "@CMAKE_SYSTEM_NAME@" == "FreeBSD"

  90. 	struct sf_hdtr headers_sf;

  91. #endif

  92. 	uschar *helo, *log_buf;

  93. 	header_line *header_p;

  94. 	char reply_buf[REPLY_BUF_SIZE], io_buf[BUFSIZ];

  95. 	ssize_t size;

  96. 	char *tok_ptr, *str;

  97. 	char mteric[128], result[8];

  98. 	float score, required_score;

  99. 

  100. 	*return_text = reject_message;

  101. 

  102. 	/*

  103. 	 * one msaage can be send via exim+rspamd twice

  104. 	 * remove header from previous pass

  105. 	 */

  106. 	header_remove(0, US HEADER_STATUS);

  107. 	header_remove(0, US HEADER_METRIC);

  108. 

  109. 	/* check message size */

  110. 	fstat(fd,&sb); /* XXX shuld check error */

  111. 	message_size = sb.st_size - SPOOL_DATA_START_OFFSET;

  112. 	if (message_size > max_scan_size) {

  113. 		header_add(' ', HEADER_STATUS ": skip_big\n");

  114. 		log_write (0, LOG_MAIN, "rspam: message larger than rspam_max_scan_size, accept");

  115. 		return LOCAL_SCAN_ACCEPT;

  116. 	}

  117. 

  118. 	/* don't scan mail from authenticated hosts */

  119. 	if (skip_authenticated && sender_host_authenticated != NULL) {

  120. 		header_add(' ', HEADER_STATUS ": skip_authenticated\n");

  121. 		log_write(0, LOG_MAIN, "rspam: from=<%s> ip=%s authenticated (%s), skip check\n",

  122. 				sender_address,

  123. 				sender_host_address == NULL ? US"localhost" : sender_host_address,

  124. 				sender_host_authenticated);

  125. 		return LOCAL_SCAN_ACCEPT;

  126. 	}

  127. 

  128. 	/*

  129. 	 * add status header, which mean, that message was not scanned

  130. 	 * if message will be scanned, this header will be replaced

  131. 	 */

  132. 	header_add(' ', HEADER_STATUS ": check_error\n");

  133. 

  134. 	/* create socket */

  135. 	memset(&server_in, 0, sizeof(server_in));

  136. 	server_in.sin_family = AF_INET;

  137. 	server_in.sin_port = htons(daemon_port);

  138. 	server_in.sin_addr.s_addr = inet_addr(daemon_ip);

  139. 	if ((s = socket(PF_INET, SOCK_STREAM, 0)) < 0) {

  140. 		log_write(0, LOG_MAIN, "rspam: socket (%d: %s)", errno, strerror(errno));

  141. 		return LOCAL_SCAN_ACCEPT;

  142. 	}

  143. 	if (connect(s, (struct sockaddr *) &server_in, sizeof(server_in)) < 0) {

  144. 		close(s);

  145. 		log_write(0, LOG_MAIN, "rspam: can't connect to %s:%d (%d: %s)", daemon_ip, daemon_port, errno, strerror(errno));

  146. 		return LOCAL_SCAN_ACCEPT;

  147. 	}

  148. 

  149. 	/* count message headers */

  150. 	for (header_p = header_list; header_p != NULL; header_p = header_p->next) {

  151. 		/* header type '*' is used for replaced or deleted header */

  152. 		if (header_p->type == '*')

  153. 			continue;

  154. 		headers_count++;

  155. 	}

  156. 

  157. 	/* write message headers to vector */

  158. #if "@CMAKE_SYSTEM_NAME@" == "FreeBSD"

  159. 	memset(&headers_sf, 0, sizeof(headers_sf));

  160. 	if (headers_count > 0) {

  161. 		headers_v = store_get((headers_count + 1)* sizeof(*headers_v));

  162. 		i = 0;

  163. 		for (header_p = header_list; header_p != NULL; header_p = header_p->next) {

  164. 			if (header_p->type == '*')

  165. 				continue;

  166. 			headers_v[i].iov_base = header_p->text;

  167. 			headers_v[i].iov_len = header_p->slen;

  168. 			i++;

  169. 			message_size += header_p->slen;

  170. 		}

  171. 		headers_v[i].iov_base = "\n";

  172. 		headers_v[i].iov_len = strlen("\n");

  173. 		message_size += strlen("\n");

  174. 

  175. 		headers_sf.headers = headers_v;

  176. 		headers_sf.hdr_cnt = headers_count + 1;

  177. 	}

  178. #else

  179. 	if (headers_count > 0) {

  180. 		headers_v = store_get((headers_count + 1)* sizeof(*headers_v));

  181. 		i = 0;

  182. 		for (header_p = header_list; header_p != NULL; header_p = header_p->next) {

  183. 			if (header_p->type == '*')

  184. 				continue;

  185. 			headers_v[i].iov_base = header_p->text;

  186. 			headers_v[i].iov_len = header_p->slen;

  187. 			i++;

  188. 			message_size += header_p->slen;

  189. 		}

  190. 		headers_v[i].iov_base = "\n";

  191. 		headers_v[i].iov_len = strlen("\n");

  192. 		message_size += strlen("\n");

  193. #endif

  194. 

  195. 	/* write request to vector */

  196. 	r = 0;

  197. 	r += push_line(request_v, request_p++, "SYMBOLS RSPAMC/1.1\r\n");

  198. 	r += push_line(request_v, request_p++, "Content-length: " OFF_T_FMT "\r\n", message_size);

  199. 	r += push_line(request_v, request_p++, "Queue-Id: %s\r\n", message_id);

  200. 	r += push_line(request_v, request_p++, "From: %s\r\n", sender_address);

  201. 	r += push_line(request_v, request_p++, "Recipient-Number: %d\r\n", recipients_count);

  202. 	for (i = 0; i < recipients_count; i ++)

  203. 		r += push_line(request_v, request_p++, "Rcpt: %s\r\n", recipients_list[i].address);

  204. 	if ((helo = expand_string(US"$sender_helo_name")) != NULL && *helo != '\0')

  205. 		r += push_line(request_v, request_p++, "Helo: %s\r\n", helo);

  206. 	if (sender_host_address != NULL)

  207. 		r += push_line(request_v, request_p++, "IP: %s\r\n", sender_host_address);

  208. 	r += push_line(request_v, request_p++, "\r\n");

  209. 

  210. 	if (r < 0) {

  211. 		close(s);

  212. 		return LOCAL_SCAN_ACCEPT;

  213. 	}

  214. 

  215. 	/* send request */

  216. 	if (writev(s, request_v, request_p) < 0) {

  217. 		close(s);

  218. 		log_write(0, LOG_MAIN, "rspam: can't send request to %s:%d (%d: %s)", daemon_ip, daemon_port, errno, strerror(errno));

  219. 		return LOCAL_SCAN_ACCEPT;

  220. 	}

  221. 

  222. #if "@CMAKE_SYSTEM_NAME@" == "FreeBSD"

  223. 	/* send headers (from iovec) and message body (from file) */

  224. 	if (sendfile(fd, s, SPOOL_DATA_START_OFFSET, 0, &headers_sf, NULL, 0) < 0) {

  225. 		close(s);

  226. 		log_write(0, LOG_MAIN, "rspam: can't send message to %s:%d (%d: %s)", daemon_ip, daemon_port, errno, strerror(errno));

  227. 		return LOCAL_SCAN_ACCEPT;

  228. 	}

  229. #else

  230. 	/* send headers */

  231. 	if (writev(s, headers_v, headers_count) < 0) {

  232. 		close(s);

  233. 		log_write(0, LOG_MAIN, "rspam: can't send headers to %s:%d (%d: %s)", daemon_ip, daemon_port, errno, strerror(errno));

  234. 		return LOCAL_SCAN_ACCEPT;

  235. 	}

  236. 

  237. 	/* Send message */

  238. 	while ((r = read (fd, io_buf, sizeof (io_buf))) > 0) {

  239. 		if (write (s, io_buf, r) < 0) {

  240. 			close(s);

  241. 			log_write(0, LOG_MAIN, "rspam: can't send message to %s:%d (%d: %s)", daemon_ip, daemon_port, errno, strerror(errno));

  242. 			return LOCAL_SCAN_ACCEPT;

  243. 		}	

  244. 	}

  245. #endif

  246. 

  247. 	/* read reply from rspamd */

  248. 	reply_buf[0] = '\0';

  249. 	size = 0;

  250. 	while ((r = read(s, reply_buf + size, sizeof(reply_buf) - size - 1)) > 0 && size < sizeof(reply_buf) - 1) {

  251. 		size += r;

  252. 	}

  253. 

  254. 	if (r < 0) {

  255. 		close(s);

  256. 		log_write(0, LOG_MAIN, "rspam: can't read from %s:%d (%d: %s)", daemon_ip, daemon_port, errno, strerror(errno));

  257. 		return LOCAL_SCAN_ACCEPT;

  258. 	}

  259. 	reply_buf[size] = '\0';

  260. 	close(s);

  261. 

  262. 	if (size >= REPLY_BUF_SIZE - 1) {

  263. 		log_write(0, LOG_MAIN, "rspam: buffer is full, reply may be truncated");

  264. 	}

  265. 

  266. 	/* parse reply */

  267. 	tok_ptr = reply_buf;

  268. 

  269. 	/*

  270. 	 * rspamd can use several metrics, logic implemented here:

  271. 	 * if any metric more than reject_score - will reject

  272. 	 * if any metric true - message will be marked as spam

  273. 	 */

  274. 

  275. 	/* First line is: <PROTOCOL>/<VERSION> <ERROR_CODE> <ERROR_REPLY> */

  276. 	str = strsep(&tok_ptr, "\r\n");

  277. 	if (str != NULL && sscanf(str, "%*s %d %*s", &i) == 1) {

  278. 		if (i != 0) {

  279. 			log_write(0, LOG_MAIN, "rspam: server error: %s", str);

  280. 			return LOCAL_SCAN_ACCEPT;

  281. 		}

  282. 	} else {

  283. 		log_write(0, LOG_MAIN, "rspam: bad reply from server: %s", str);

  284. 		return LOCAL_SCAN_ACCEPT;

  285. 	}

  286. 

  287. 	while ((str = strsep(&tok_ptr, "\r\n")) != NULL) {

  288. 		/* skip empty tockens */

  289. 		if (*str == '\0')

  290. 			continue;

  291. 		if (strncmp(str, "Metric:", strlen("Metric:")) == 0) {

  292. 			/*

  293. 			 * parse line like

  294. 			 * Metric: default; False; 27.00 / 30.00

  295. 			 */

  296. 			if (sscanf(str, "Metric: %s %s %f / %f",

  297. 				mteric, result, &score, &required_score) == 4) {

  298. 				log_write(0, LOG_MAIN, "rspam: metric %s %s %.2f / %.2f",

  299. 					mteric, result, score, required_score);

  300. 				header_add(' ', HEADER_METRIC ": %s %s %.2f / %.2f\n",

  301. 					mteric, result, score, required_score);

  302. 				/* integers score for use in sieve ascii-numeric comparator */

  303. 				if (strcmp(mteric, "default;") == 0)

  304. 					 header_add(' ', HEADER_SCORE ": %d\n",

  305. 						(int)round(score));

  306. 			} else {

  307. 				log_write(0, LOG_MAIN, "rspam: can't parse: %s", str);

  308. 				return LOCAL_SCAN_ACCEPT;

  309. 			}

  310. 		} else if (strncmp(str, "Action:", strlen("Action:")) == 0) {

  311. 			/* line like Action: add header */

  312. 			str += strlen("Action: ");

  313. 			if (strncmp(str, "reject", strlen("reject")) == 0) {

  314. 				is_reject = 1;

  315. 				is_spam = 1;

  316. 			} else if (strncmp(str, "add header", strlen("add header")) == 0) {

  317. 				is_spam = 1;

  318. 			}

  319. 		}

  320. 	}

  321. 

  322. 	/* XXX many allocs by string_sprintf()

  323. 	 * better to sprintf() to single buffer allocated by store_get()

  324. 	 */

  325. 	log_buf = string_sprintf("message to");

  326. 	for (i = 0; i < recipients_count; i ++) {

  327. 		log_buf = string_sprintf("%s %s", log_buf, recipients_list[i].address);

  328. 		if (is_reject && lss_match_address(recipients_list[i].address, want_spam_rcpt_list, TRUE) == OK) {

  329. 			is_reject = 0;

  330. 			log_write(0, LOG_MAIN, "rspam: %s want spam, don't reject this message", recipients_list[i].address);

  331. 		}

  332. 	}

  333. 

  334. 	if (is_reject) {

  335. 		log_write(0, LOG_MAIN, "rspam: reject %s", log_buf);

  336. 		return LOCAL_SCAN_REJECT;

  337. 	}

  338. 

  339. 	header_remove(0, US HEADER_STATUS);

  340. 	if (is_spam) {

  341. 		header_add(' ', HEADER_STATUS ": spam\n");

  342. 		log_write(0, LOG_MAIN, "rspam: message marked as spam");

  343. 	} else {

  344. 		header_add(' ', HEADER_STATUS ": ham\n");

  345. 		log_write(0, LOG_MAIN, "rspam: message marked as ham");

  346. 	}

  347. 

  348. 	return LOCAL_SCAN_ACCEPT;

  349. }

  350. 

  351. int

  352. push_line(struct iovec *iov, const int i, const char *fmt, ...)

  353. {

  354. 	va_list ap;

  355. 	size_t len;

  356. 	char buf[512];

  357. 

  358. 	if (i >= REQUEST_LINES) {

  359. 		log_write(0, LOG_MAIN, "rspam: %s: index out of bounds", __FUNCTION__);

  360. 		return (-1);

  361. 	}

  362. 

  363. 	va_start(ap, fmt);

  364. 	len = vsnprintf(buf, sizeof(buf), fmt, ap);

  365. 	va_end(ap);

  366. 

  367. 	iov[i].iov_base = string_copy(US buf);

  368. 	iov[i].iov_len = len;

  369. 

  370. 	if (len >= sizeof(buf)) {

  371. 		log_write(0, LOG_MAIN, "rspam: %s: error, string was longer than %d", __FUNCTION__, sizeof(buf));

  372. 		return (-1);

  373. 	}

  374. 

  375. 	return 0;

  376. }