mirrors
/
rspamd
mirror of https://github.com/vstakhov/rspamd.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 159 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
21163 Commits
28 Branches
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
rspamd/utils/cgp_rspamd.pl

cgp_rspamd.pl 10KB
Raw Permalink Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357 
  1. #!/usr/bin/env perl

  2. 

  3. use warnings;

  4. use strict;

  5. use JSON::XS;

  6. use AnyEvent;

  7. use AnyEvent::HTTP;

  8. use AnyEvent::IO;

  9. use EV;

  10. use Pod::Usage;

  11. use Getopt::Long;

  12. use File::stat;

  13. 

  14. my $rspamd_host     = "localhost:11333";

  15. my $man             = 0;

  16. my $help            = 0;

  17. my $local           = 0;

  18. my $header          = "X-Spam: yes";

  19. my $max_size        = 10 * 1024 * 1024;          # 10 MB

  20. my $request_timeout = 15;                        # 15 seconds by default

  21. my $reject_message  = "Spam message rejected";

  22. 

  23. GetOptions(

  24.     "host=s"           => \$rspamd_host,

  25.     "header=s"         => \$header,

  26.     "reject-message=s" => \$reject_message,

  27.     "max-size=i"       => \$max_size,

  28.     "timeout=f"        => \$request_timeout,

  29.     "help|?"           => \$help,

  30.     "man"              => \$man

  31. ) or pod2usage(2);

  32. 

  33. pod2usage(1) if $help;

  34. pod2usage( -exitval => 0, -verbose => 2 ) if $man;

  35. 

  36. my $main_domain = cgp_main_domain();

  37. my $scanned     = 0;

  38. 

  39. # Turn off bufferization as required by CGP

  40. $| = 1;

  41. 

  42. sub cgp_main_domain {

  43.     if ( open( my $fh, 'Settings/Main.settings' ) ) {

  44.         while (<$fh>) {

  45.             if (/^\s+DomainName\s+=\s+([^;]+);/) {

  46.                 return $1;

  47.             }

  48.         }

  49.     }

  50. }

  51. 

  52. sub cgp_string {

  53.     my ($in) = @_;

  54. 

  55.     $in =~ s/\"/\\"/g;

  56.     $in =~ s/\n/\\n/gms;

  57.     $in =~ s/\r/\\r/mgs;

  58.     $in =~ s/\t/  /g;

  59. 

  60.     return "\"$in\"";

  61. }

  62. 

  63. sub rspamd_scan {

  64.     my ( $tag, $file ) = @_;

  65. 

  66.     my $http_callback = sub {

  67.         my ( $body, $hdr ) = @_;

  68. 

  69.         if ( $hdr && $hdr->{Status} =~ /^2/ ) {

  70.             my $js = eval('decode_json($body)');

  71.             $scanned++;

  72. 

  73.             if ( !$js ) {

  74.                 print "* Rspamd: Bad response for $file: invalid JSON: parse error\n";

  75.                 print "$tag FAILURE\n";

  76.             }

  77.             else {

  78.                 my $def     = $js;

  79.                 my $headers = "";

  80. 

  81.                 if ( !$def ) {

  82.                     print "* Rspamd: Bad response for $file: invalid JSON: default is missing\n";

  83.                     print "$tag FAILURE\n";

  84.                 }

  85.                 else {

  86.                     my $action = $def->{'action'};

  87.                     my $id     = $js->{'message-id'};

  88. 

  89.                     my $symbols = "";

  90.                     while ( my ( $k, $s ) = each( %{ $def->{'symbols'} } ) ) {

  91.                         $symbols .= sprintf "%s(%.2f);", $k, $s->{'score'};

  92.                     }

  93. 

  94.                     printf

  95.                       "* Rspamd: Scanned %s; id: <%s>; Score: %.2f / %.2f; Symbols: [%s]\n",

  96.                       $file, $id, $def->{'score'}, $def->{'required_score'}, $symbols;

  97. 

  98.                     if ( $js->{'dkim-signature'} ) {

  99.                         $headers .= "DKIM-Signature: " . $js->{'dkim-signature'};

  100.                     }

  101. 

  102.                     if ( $js->{'milter'} ) {

  103.                         my $block = $js->{'milter'};

  104. 

  105.                         if ( $block->{'add_headers'} ) {

  106.                             while ( my ( $h, $v ) = each( %{ $block->{'add_headers'} } ) ) {

  107.                                 if ( ref($v) eq 'HASH' ) {

  108.                                     if ( $headers eq "" ) {

  109.                                         $headers .= "$h: $v->{value}";

  110.                                     }

  111.                                     else {

  112.                                         $headers .= "\\e$h: $v->{value}";

  113.                                     }

  114.                                 }

  115.                                 else {

  116.                                     if ( $headers eq "" ) {

  117.                                         $headers .= "$h: $v";

  118.                                     }

  119.                                     else {

  120.                                         $headers .= "\\e$h: $v";

  121.                                     }

  122.                                 }

  123.                             }

  124.                         }

  125.                     }

  126. 

  127.                     if ( $action eq 'reject' ) {

  128.                         print "$tag DISCARD\n";

  129.                         return;

  130.                     }

  131.                     elsif ( $action eq 'add header' || $action eq 'rewrite subject' ) {

  132.                         if ( $headers eq "" ) {

  133.                             $headers .= "$header";

  134.                         }

  135.                         else {

  136.                             $headers .= "\\e$header";

  137.                         }

  138.                     }

  139.                     elsif ( $action eq 'soft reject' ) {

  140.                         print "$tag REJECTED Try again later\n";

  141.                         return;

  142.                     }

  143. 

  144.                     if ( $headers eq "" ) {

  145.                         print "$tag OK\n";

  146.                     }

  147.                     else {

  148.                         print "$tag ADDHEADER " . cgp_string($headers) . " OK\n";

  149.                     }

  150.                 }

  151.             }

  152.         }

  153.         else {

  154.             if ($hdr) {

  155.                 print "* Rspamd: Bad response for $file: HTTP error: $hdr->{Status} $hdr->{Reason}\n";

  156.             }

  157.             else {

  158.                 print "* Rspamd: Bad response for $file: IO error: $!\n";

  159.             }

  160.             print "$tag FAILURE\n";

  161.         }

  162.     };

  163. 

  164.     if ($local) {

  165. 

  166.         # Use file scan

  167.         # XXX: not implemented now due to CGP queue format

  168.         http_get(

  169.             "http://$rspamd_host/symbols?file=$file",

  170.             timeout => $request_timeout,

  171.             $http_callback

  172.         );

  173.     }

  174.     else {

  175.         my $sb = stat($file);

  176. 

  177.         if ( !$sb || $sb->size > $max_size ) {

  178.             if ($sb) {

  179.                 print "* File $file is too large: " . $sb->size . "\n$tag FAILURE\n";

  180. 

  181.             }

  182.             else {

  183.                 print "* Cannot stat $file: $!\n$tag FAILURE\n";

  184.             }

  185.             return;

  186.         }

  187.         aio_load(

  188.             $file,

  189.             sub {

  190.                 my ($data) = @_;

  191. 

  192.                 if ( !$data ) {

  193.                     print "* Cannot open $file: $!\n$tag FAILURE\n";

  194.                     return;

  195.                 }

  196. 

  197.                 # Parse CGP format

  198.                 $data =~ s/^((?:[^\n]*\n)*?)\n(.*)$/$2/ms;

  199.                 my @envelope = split /\n/, $1;

  200.                 chomp(@envelope);

  201.                 my $from;

  202.                 my @rcpts;

  203.                 my $ip;

  204.                 my $user;

  205. 

  206.                 foreach my $elt (@envelope) {

  207.                     if ( $elt =~ /^P\s[^<]*(<[^>]*>).*$/ ) {

  208.                         $from = $1;

  209.                     }

  210.                     elsif ( $elt =~ /^R\s[^<]*(<[^>]*>).*$/ ) {

  211.                         push @rcpts, $1;

  212.                     }

  213.                     elsif ( $elt =~ /^S (?:<([^>]+)> )?(?:SMTP|HTTPU?|AIRSYNC|XIMSS) \[([0-9a-f.:]+)\]/ ) {

  214.                         if ($1) {

  215.                             $user = $1;

  216.                         }

  217.                         if ($2) {

  218.                             $ip = $2;

  219.                         }

  220.                     }

  221.                     elsif ( $elt =~ /^S (?:<([^>]+)> )?(?:DSN|GROUP|LIST|PBX|PIPE|RULE) \[0\.0\.0\.0\]/ ) {

  222.                         if ($1) {

  223.                             $user = $1;

  224.                         }

  225.                         $ip = '127.2.4.7';

  226.                     }

  227.                 }

  228. 

  229.                 my $headers = {};

  230.                 if ( $file =~ /\/([^\/.]+)\.msg$/ ) {

  231.                     $headers->{'Queue-ID'} = $1;

  232.                 }

  233.                 if ($from) {

  234.                     $headers->{From} = $from;

  235.                 }

  236.                 if ( scalar(@rcpts) > 0 ) {

  237. 

  238.                     # XXX: Anyevent cannot parse headers with multiple values

  239.                     $headers->{Rcpt} = join( ',', @rcpts );

  240.                 }

  241.                 if ($ip) {

  242.                     $headers->{IP} = $ip;

  243.                 }

  244.                 if ($user) {

  245.                     $headers->{User} = $user;

  246.                 }

  247.                 if ($main_domain) {

  248.                     $headers->{'MTA-Tag'} = $main_domain;

  249.                 }

  250. 

  251.                 http_post(

  252.                     "http://$rspamd_host/checkv2", $data,

  253.                     timeout => $request_timeout,

  254.                     headers => $headers,

  255.                     $http_callback

  256.                 );

  257.             }

  258.         );

  259.     }

  260. }

  261. 

  262. # Show informational message

  263. print "* Rspamd CGP filter has been started\n";

  264. 

  265. my $w = AnyEvent->io(

  266.     fh   => \*STDIN,

  267.     poll => 'r',

  268.     cb   => sub {

  269.         chomp( my $input = <STDIN> );

  270. 

  271.         if ( $input =~ /^(\d+)\s+(\S+)(\s+(\S+)\s*)?$/ ) {

  272.             my $tag = $1;

  273.             my $cmd = $2;

  274. 

  275.             if ( $cmd eq "INTF" ) {

  276.                 print "$input\n";

  277.             }

  278.             elsif ( $cmd eq "FILE" && $4 ) {

  279.                 my $file = $4;

  280.                 print "* Scanning file $file\n";

  281.                 rspamd_scan $tag, $file;

  282.             }

  283.             elsif ( $cmd eq "QUIT" ) {

  284.                 print "* Terminating after scanning of $scanned files\n";

  285.                 print "$tag OK\n";

  286.                 exit 0;

  287.             }

  288.             else {

  289.                 print "* Unknown command $cmd\n";

  290.                 print "$tag FAILURE\n";

  291.             }

  292.         }

  293.     }

  294. );

  295. 

  296. EV::run;

  297. 

  298. __END__

  299. 

  300. =head1 NAME

  301. 

  302. cgp_rspamd - implements Rspamd filter for CommunigatePro MTA

  303. 

  304. =head1 SYNOPSIS

  305. 

  306. cgp_rspamd [options]

  307. 

  308.  Options:

  309.    --host=hostport        Rspamd host to connect (localhost:11333 by default)

  310.    --header               Add specific header for a spam message ("X-Spam: yes" by default)

  311.    --reject-message       Rejection message for spam mail ("Spam message rejected" by default)

  312.    --timeout              Timeout to read response from Rspamd (15 seconds by default)

  313.    --max-size             Maximum size of message to scan (10 megabytes by default)

  314.    --help                 brief help message

  315.    --man                  full documentation

  316. 

  317. =head1 OPTIONS

  318. 

  319. =over 8

  320. 

  321. =item B<--host>

  322. 

  323. Specifies Rspamd host to use for scanning

  324. 

  325. =item B<--header>

  326. 

  327. Specifies the header that should be added when Rspamd action is B<add header> or B<rewrite subject>.

  328. 

  329. =item B<--reject-message>

  330. 

  331. Specifies the rejection message for spam.

  332. 

  333. =item B<--timeout>

  334. 

  335. Sets timeout in seconds for waiting Rspamd reply for a message.

  336. 

  337. =item B<--max-size>

  338. 

  339. Define the maximum messages size to be processed by Rspamd in bytes.

  340. 

  341. =item B<--help>

  342. 

  343. Print a brief help message and exits.

  344. 

  345. =item B<--man>

  346. 

  347. Prints the manual page and exits.

  348. 

  349. =back

  350. 

  351. =head1 DESCRIPTION

  352. 

  353. B<cgp_rspamd> is intended to scan messages processed with B<CommunigatePro> MTA on some Rspamd scanner. It reads

  354. standard input and parses CGP helpers protocol.  On scan requests, this filter can query Rspamd to process a message.

  355. B<cgp_rspamd> can tell CGP to add header or reject SPAM messages depending on Rspamd scan result.

  356. 

  357. =cut