mirrors
/
rspamd
zrcadlo https://github.com/vstakhov/rspamd.git
Sledovat 1
Oblíbit 0
Rozštěpit 0
Zdrojový kód Úkoly 0 Vydání 159 Wiki Aktivita
Nelze vybrat více než 25 témat Téma musí začínat písmenem nebo číslem, může obsahovat pomlčky („-“) a může být dlouhé až 35 znaků.
21210 Revize
28 Větve
Větev: master
Větve Značky
${ item.name }
Vytvořit větev ${ searchTerm }
z „master“
${ noResults }
rspamd/lualib/rspamadm/dns_tool.lua

dns_tool.lua 6.0KB
Surový Trvalý odkaz Blame Historie

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232 
  1. --[[

  2. Copyright (c) 2022, Vsevolod Stakhov <vsevolod@rspamd.com>

  3. 

  4. Licensed under the Apache License, Version 2.0 (the "License");

  5. you may not use this file except in compliance with the License.

  6. You may obtain a copy of the License at

  7. 

  8.     http://www.apache.org/licenses/LICENSE-2.0

  9. 

  10. Unless required by applicable law or agreed to in writing, software

  11. distributed under the License is distributed on an "AS IS" BASIS,

  12. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13. See the License for the specific language governing permissions and

  14. limitations under the License.

  15. ]]--

  16. 

  17. 

  18. local argparse = require "argparse"

  19. local rspamd_logger = require "rspamd_logger"

  20. local ansicolors = require "ansicolors"

  21. local bit = require "bit"

  22. 

  23. local parser = argparse()

  24.     :name "rspamadm dnstool"

  25.     :description "DNS tools provided by Rspamd"

  26.     :help_description_margin(30)

  27.     :command_target("command")

  28.     :require_command(true)

  29. 

  30. parser:option "-c --config"

  31.       :description "Path to config file"

  32.       :argname("<cfg>")

  33.       :default(rspamd_paths["CONFDIR"] .. "/" .. "rspamd.conf")

  34. 

  35. local spf = parser:command "spf"

  36.                   :description "Extracts spf records"

  37. spf:mutex(

  38.     spf:option "-d --domain"

  39.        :description "Domain to use"

  40.        :argname("<domain>"),

  41.     spf:option "-f --from"

  42.        :description "SMTP from to use"

  43.        :argname("<from>")

  44. )

  45. 

  46. spf:option "-i --ip"

  47.    :description "Source IP address to use"

  48.    :argname("<ip>")

  49. spf:flag "-a --all"

  50.    :description "Print all records"

  51. 

  52. local function printf(fmt, ...)

  53.   if fmt then

  54.     io.write(string.format(fmt, ...))

  55.   end

  56.   io.write('\n')

  57. end

  58. 

  59. local function highlight(str)

  60.   return ansicolors.white .. str .. ansicolors.reset

  61. end

  62. 

  63. local function green(str)

  64.   return ansicolors.green .. str .. ansicolors.reset

  65. end

  66. 

  67. local function red(str)

  68.   return ansicolors.red .. str .. ansicolors.reset

  69. end

  70. 

  71. local function load_config(opts)

  72.   local _r, err = rspamd_config:load_ucl(opts['config'])

  73. 

  74.   if not _r then

  75.     rspamd_logger.errx('cannot parse %s: %s', opts['config'], err)

  76.     os.exit(1)

  77.   end

  78. 

  79.   _r, err = rspamd_config:parse_rcl({ 'logging', 'worker' })

  80.   if not _r then

  81.     rspamd_logger.errx('cannot process %s: %s', opts['config'], err)

  82.     os.exit(1)

  83.   end

  84. end

  85. 

  86. local function spf_handler(opts)

  87.   local rspamd_spf = require "rspamd_spf"

  88.   local rspamd_task = require "rspamd_task"

  89.   local rspamd_ip = require "rspamd_ip"

  90. 

  91.   local task = rspamd_task:create(rspamd_config, rspamadm_ev_base)

  92.   task:set_session(rspamadm_session)

  93.   task:set_resolver(rspamadm_dns_resolver)

  94. 

  95.   if opts.ip then

  96.     opts.ip = rspamd_ip.fromstring(opts.ip)

  97.     task:set_from_ip(opts.ip)

  98.   else

  99.     opts.all = true

  100.   end

  101. 

  102.   if opts.from then

  103.     local rspamd_parsers = require "rspamd_parsers"

  104.     local addr_parsed = rspamd_parsers.parse_mail_address(opts.from)

  105.     if addr_parsed then

  106.       task:set_from('smtp', addr_parsed[1])

  107.     else

  108.       io.stderr:write('Invalid from addr\n')

  109.       os.exit(1)

  110.     end

  111.   elseif opts.domain then

  112.     task:set_from('smtp', { user = 'user', domain = opts.domain })

  113.   else

  114.     io.stderr:write('Neither domain nor from specified\n')

  115.     os.exit(1)

  116.   end

  117. 

  118.   local function flag_to_str(fl)

  119.     if bit.band(fl, rspamd_spf.flags.temp_fail) ~= 0 then

  120.       return "temporary failure"

  121.     elseif bit.band(fl, rspamd_spf.flags.perm_fail) ~= 0 then

  122.       return "permanent failure"

  123.     elseif bit.band(fl, rspamd_spf.flags.na) ~= 0 then

  124.       return "no spf record"

  125.     end

  126. 

  127.     return "unknown flag: " .. tostring(fl)

  128.   end

  129. 

  130.   local function display_spf_results(elt, colored)

  131.     local dec = function(e)

  132.       return e

  133.     end

  134.     local policy_decode = function(e)

  135.       if e == rspamd_spf.policy.fail then

  136.         return 'reject'

  137.       elseif e == rspamd_spf.policy.pass then

  138.         return 'pass'

  139.       elseif e == rspamd_spf.policy.soft_fail then

  140.         return 'soft fail'

  141.       elseif e == rspamd_spf.policy.neutral then

  142.         return 'neutral'

  143.       end

  144. 

  145.       return 'unknown'

  146.     end

  147. 

  148.     if colored then

  149.       dec = function(e)

  150.         return highlight(e)

  151.       end

  152. 

  153.       if elt.result == rspamd_spf.policy.pass then

  154.         dec = function(e)

  155.           return green(e)

  156.         end

  157.       elseif elt.result == rspamd_spf.policy.fail then

  158.         dec = function(e)

  159.           return red(e)

  160.         end

  161.       end

  162. 

  163.     end

  164.     printf('%s: %s', highlight('Policy'), dec(policy_decode(elt.result)))

  165.     printf('%s: %s', highlight('Network'), dec(elt.addr))

  166. 

  167.     if elt.str then

  168.       printf('%s: %s', highlight('Original'), elt.str)

  169.     end

  170.   end

  171. 

  172.   local function cb(record, flags, err)

  173.     if record then

  174.       local result, flag_or_policy, error_or_addr

  175.       if opts.ip then

  176.         result, flag_or_policy, error_or_addr = record:check_ip(opts.ip)

  177.       elseif opts.all then

  178.         result = true

  179.       end

  180.       if opts.ip and not opts.all then

  181.         if result then

  182.           display_spf_results(error_or_addr, true)

  183.         else

  184.           printf('Not matched: %s', error_or_addr)

  185.         end

  186. 

  187.         os.exit(0)

  188.       end

  189. 

  190.       if result then

  191.         printf('SPF record for %s; digest: %s',

  192.             highlight(opts.domain or opts.from), highlight(record:get_digest()))

  193.         for _, elt in ipairs(record:get_elts()) do

  194.           if result and error_or_addr and elt.str and elt.str == error_or_addr.str then

  195.             printf("%s", highlight('*** Matched ***'))

  196.             display_spf_results(elt, true)

  197.             printf('------')

  198.           else

  199.             display_spf_results(elt, false)

  200.             printf('------')

  201.           end

  202.         end

  203.       else

  204.         printf('Error getting SPF record: %s (%s flag)', err,

  205.             flag_to_str(flag_or_policy or flags))

  206.       end

  207.     else

  208.       printf('Cannot get SPF record: %s', err)

  209.     end

  210.   end

  211.   rspamd_spf.resolve(task, cb)

  212. end

  213. 

  214. local function handler(args)

  215.   local opts = parser:parse(args)

  216.   load_config(opts)

  217. 

  218.   local command = opts.command

  219. 

  220.   if command == 'spf' then

  221.     spf_handler(opts)

  222.   else

  223.     parser:error('command %s is not implemented', command)

  224.   end

  225. end

  226. 

  227. return {

  228.   name = 'dnstool',

  229.   aliases = { 'dns', 'dns_tool' },

  230.   handler = handler,

  231.   description = parser._description

  232. }