mirrors
/
rspamd
mirror of https://github.com/vstakhov/rspamd.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 159 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
21173 Commits
28 Branches
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
rspamd/lualib/lua_fuzzy.lua

lua_fuzzy.lua 9.5KB
Raw Permalink Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355 
  1. --[[

  2. Copyright (c) 2022, Vsevolod Stakhov <vsevolod@rspamd.com>

  3. 

  4. Licensed under the Apache License, Version 2.0 (the "License");

  5. you may not use this file except in compliance with the License.

  6. You may obtain a copy of the License at

  7. 

  8.     http://www.apache.org/licenses/LICENSE-2.0

  9. 

  10. Unless required by applicable law or agreed to in writing, software

  11. distributed under the License is distributed on an "AS IS" BASIS,

  12. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13. See the License for the specific language governing permissions and

  14. limitations under the License.

  15. ]]--

  16. 

  17. --[[[

  18. -- @module lua_fuzzy

  19. -- This module contains helper functions for supporting fuzzy check module

  20. --]]

  21. 

  22. 

  23. local N = "lua_fuzzy"

  24. local lua_util = require "lua_util"

  25. local rspamd_regexp = require "rspamd_regexp"

  26. local fun = require "fun"

  27. local rspamd_logger = require "rspamd_logger"

  28. local ts = require("tableshape").types

  29. 

  30. -- Filled by C code, indexed by number in this table

  31. local rules = {}

  32. 

  33. -- Pre-defined rules options

  34. local policies = {

  35.   recommended = {

  36.     min_bytes = 1024,

  37.     min_height = 500,

  38.     min_width = 500,

  39.     min_length = 64,

  40.     text_multiplier = 4.0, -- divide min_bytes by 4 for texts

  41.     mime_types = { "application/*" },

  42.     scan_archives = true,

  43.     short_text_direct_hash = true,

  44.     text_shingles = true,

  45.     skip_images = false,

  46.   }

  47. }

  48. 

  49. local default_policy = policies.recommended

  50. 

  51. local schema_fields = {

  52.   min_bytes = ts.number + ts.string / tonumber,

  53.   min_height = ts.number + ts.string / tonumber,

  54.   min_width = ts.number + ts.string / tonumber,

  55.   min_length = ts.number + ts.string / tonumber,

  56.   text_multiplier = ts.number,

  57.   mime_types = ts.array_of(ts.string),

  58.   scan_archives = ts.boolean,

  59.   short_text_direct_hash = ts.boolean,

  60.   text_shingles = ts.boolean,

  61.   skip_images = ts.boolean,

  62. }

  63. local policy_schema = ts.shape(schema_fields)

  64. 

  65. local policy_schema_open = ts.shape(schema_fields, {

  66.   open = true,

  67. })

  68. 

  69. local exports = {}

  70. 

  71. 

  72. --[[[

  73. -- @function lua_fuzzy.register_policy(name, policy)

  74. -- Adds a new policy with name `name`. Must be valid, checked using policy_schema

  75. --]]

  76. exports.register_policy = function(name, policy)

  77.   if policies[name] then

  78.     rspamd_logger.warnx(rspamd_config, "overriding policy %s", name)

  79.   end

  80. 

  81.   local parsed_policy, err = policy_schema:transform(policy)

  82. 

  83.   if not parsed_policy then

  84.     rspamd_logger.errx(rspamd_config, 'invalid fuzzy rule policy %s: %s',

  85.         name, err)

  86. 

  87.     return

  88.   else

  89.     policies.name = parsed_policy

  90.   end

  91. end

  92. 

  93. --[[[

  94. -- @function lua_fuzzy.process_rule(rule)

  95. -- Processes fuzzy rule (applying policies or defaults if needed). Returns policy id

  96. --]]

  97. exports.process_rule = function(rule)

  98.   local processed_rule = lua_util.shallowcopy(rule)

  99.   local policy = default_policy

  100. 

  101.   if processed_rule.policy then

  102.     policy = policies[processed_rule.policy]

  103.   end

  104. 

  105.   if policy then

  106.     processed_rule = lua_util.override_defaults(policy, processed_rule)

  107. 

  108.     local parsed_policy, err = policy_schema_open:transform(processed_rule)

  109. 

  110.     if not parsed_policy then

  111.       rspamd_logger.errx(rspamd_config, 'invalid fuzzy rule default fields: %s', err)

  112.     else

  113.       processed_rule = parsed_policy

  114.     end

  115.   else

  116.     rspamd_logger.warnx(rspamd_config, "unknown policy %s", processed_rule.policy)

  117.   end

  118. 

  119.   if processed_rule.mime_types then

  120.     processed_rule.mime_types = fun.totable(fun.map(function(gl)

  121.       return rspamd_regexp.import_glob(gl, 'i')

  122.     end, processed_rule.mime_types))

  123.   end

  124. 

  125.   table.insert(rules, processed_rule)

  126.   return #rules

  127. end

  128. 

  129. local function check_length(task, part, rule)

  130.   local bytes = part:get_length()

  131.   local length_ok = bytes > 0

  132. 

  133.   local id = part:get_id()

  134.   lua_util.debugm(N, task, 'check size of part %s', id)

  135. 

  136.   if length_ok and rule.min_bytes > 0 then

  137. 

  138.     local adjusted_bytes = bytes

  139. 

  140.     if part:is_text() then

  141.       -- Fuzzy plugin uses stripped utf content to get an exact hash, that

  142.       -- corresponds to `get_content_oneline()`

  143.       -- However, in the case of empty parts this method returns `nil`, so extra

  144.       -- sanity check is required.

  145.       bytes = #(part:get_text():get_content_oneline() or '')

  146. 

  147.       -- Short hashing algorithm also use subject unless explicitly denied

  148.       if not rule.no_subject then

  149.         local subject = task:get_subject() or ''

  150.         bytes = bytes + #subject

  151.       end

  152. 

  153.       if rule.text_multiplier then

  154.         adjusted_bytes = bytes * rule.text_multiplier

  155.       end

  156.     end

  157. 

  158.     if rule.min_bytes > adjusted_bytes then

  159.       lua_util.debugm(N, task, 'skip part of length %s (%s adjusted) ' ..

  160.           'as it has less than %s bytes',

  161.           bytes, adjusted_bytes, rule.min_bytes)

  162.       length_ok = false

  163.     else

  164.       lua_util.debugm(N, task, 'allow part of length %s (%s adjusted)',

  165.           bytes, adjusted_bytes, rule.min_bytes)

  166.     end

  167.   else

  168.     lua_util.debugm(N, task, 'allow part %s, no length limits', id)

  169.   end

  170. 

  171.   return length_ok

  172. end

  173. 

  174. local function check_text_part(task, part, rule, text)

  175.   local allow_direct, allow_shingles = false, false

  176. 

  177.   local id = part:get_id()

  178.   lua_util.debugm(N, task, 'check text part %s', id)

  179.   local wcnt = text:get_words_count()

  180. 

  181.   if rule.text_shingles then

  182.     -- Check number of words

  183.     local min_words = rule.min_length or 0

  184.     if min_words < 32 then

  185.       min_words = 32 -- Minimum for shingles

  186.     end

  187.     if wcnt < min_words then

  188.       lua_util.debugm(N, task, 'text has less than %s words: %s; disable shingles',

  189.           rule.min_length, wcnt)

  190.       allow_shingles = false

  191.     else

  192.       lua_util.debugm(N, task, 'allow shingles in text %s, %s words',

  193.           id, wcnt)

  194.       allow_shingles = true

  195.     end

  196. 

  197.     if not rule.short_text_direct_hash and not allow_shingles then

  198.       allow_direct = false

  199.     else

  200.       if not allow_shingles then

  201.         lua_util.debugm(N, task,

  202.             'allow direct hash for short text %s, %s words',

  203.             id, wcnt)

  204.         allow_direct = check_length(task, part, rule)

  205.       else

  206.         allow_direct = wcnt > 0

  207.       end

  208.     end

  209.   else

  210.     lua_util.debugm(N, task,

  211.         'disable shingles in text %s', id)

  212.     allow_direct = check_length(task, part, rule)

  213.   end

  214. 

  215.   return allow_direct, allow_shingles

  216. end

  217. 

  218. --local function has_sane_text_parts(task)

  219. --  local text_parts = task:get_text_parts() or {}

  220. --  return fun.any(function(tp) return tp:get_words_count() > 32 end, text_parts)

  221. --end

  222. 

  223. local function check_image_part(task, part, rule, image)

  224.   if rule.skip_images then

  225.     lua_util.debugm(N, task, 'skip image part as images are disabled')

  226.     return false, false

  227.   end

  228. 

  229.   local id = part:get_id()

  230.   lua_util.debugm(N, task, 'check image part %s', id)

  231. 

  232.   if rule.min_width > 0 or rule.min_height > 0 then

  233.     -- Check dimensions

  234.     local min_width = rule.min_width or rule.min_height

  235.     local min_height = rule.min_height or rule.min_width

  236.     local height = image:get_height()

  237.     local width = image:get_width()

  238. 

  239.     if height and width then

  240.       if height < min_height or width < min_width then

  241.         lua_util.debugm(N, task, 'skip image part %s as it does not meet minimum sizes: %sx%s < %sx%s',

  242.             id, width, height, min_width, min_height)

  243.         return false, false

  244.       else

  245.         lua_util.debugm(N, task, 'allow image part %s: %sx%s',

  246.             id, width, height)

  247.       end

  248.     end

  249.   end

  250. 

  251.   return check_length(task, part, rule), false

  252. end

  253. 

  254. local function mime_types_check(task, part, rule)

  255.   local t, st = part:get_type()

  256. 

  257.   if not t then

  258.     return false, false

  259.   end

  260. 

  261.   local ct = string.format('%s/%s', t, st)

  262. 

  263.   local detected_ct

  264.   t, st = part:get_detected_type()

  265.   if t then

  266.     detected_ct = string.format('%s/%s', t, st)

  267.   else

  268.     detected_ct = ct

  269.   end

  270. 

  271.   local id = part:get_id()

  272.   lua_util.debugm(N, task, 'check binary part %s: %s', id, ct)

  273. 

  274.   -- For bad mime parts we implicitly enable fuzzy check

  275.   local mime_trace = (task:get_symbol('MIME_TRACE') or {})[1]

  276.   local opts = {}

  277. 

  278.   if mime_trace then

  279.     opts = mime_trace.options or opts

  280.   end

  281.   opts = fun.tomap(fun.map(function(opt)

  282.     local elts = lua_util.str_split(opt, ':')

  283.     return elts[1], elts[2]

  284.   end, opts))

  285. 

  286.   if opts[id] and opts[id] == '-' then

  287.     lua_util.debugm(N, task, 'explicitly check binary part %s: bad mime type %s', id, ct)

  288.     return check_length(task, part, rule), false

  289.   end

  290. 

  291.   if rule.mime_types then

  292. 

  293.     if fun.any(function(gl_re)

  294.       if gl_re:match(ct) or (detected_ct and gl_re:match(detected_ct)) then

  295.         return true

  296.       else

  297.         return false

  298.       end

  299.     end, rule.mime_types) then

  300.       lua_util.debugm(N, task, 'found mime type match for part %s: %s (%s detected)',

  301.           id, ct, detected_ct)

  302.       return check_length(task, part, rule), false

  303.     end

  304. 

  305.     return false, false

  306.   end

  307. 

  308.   return false, false

  309. end

  310. 

  311. exports.check_mime_part = function(task, part, rule_id)

  312.   local rule = rules[rule_id]

  313. 

  314.   if not rule then

  315.     rspamd_logger.errx(task, 'cannot find rule with id %s', rule_id)

  316. 

  317.     return false, false

  318.   end

  319. 

  320.   if part:is_text() then

  321.     return check_text_part(task, part, rule, part:get_text())

  322.   end

  323. 

  324.   if part:is_image() then

  325.     return check_image_part(task, part, rule, part:get_image())

  326.   end

  327. 

  328.   if part:is_archive() and rule.scan_archives then

  329.     -- Always send archives

  330.     lua_util.debugm(N, task, 'check archive part %s', part:get_id())

  331. 

  332.     return true, false

  333.   end

  334. 

  335.   if part:is_specific() then

  336.     local sp = part:get_specific()

  337. 

  338.     if type(sp) == 'table' and sp.fuzzy_hashes then

  339.       lua_util.debugm(N, task, 'check specific part %s', part:get_id())

  340.       return true, false

  341.     end

  342.   end

  343. 

  344.   if part:is_attachment() then

  345.     return mime_types_check(task, part, rule)

  346.   end

  347. 

  348.   return false, false

  349. end

  350. 

  351. exports.cleanup_rules = function()

  352.   rules = {}

  353. end

  354. 

  355. return exports