mirrors
/
rspamd
mirror of https://github.com/vstakhov/rspamd.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 159 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
19322 Commits
28 Branches
Tree: 79417a5f81
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '79417a5f81'
${ noResults }
rspamd/src/plugins/lua/asn.lua

asn.lua 4.6KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167 
  1. --[[

  2. Copyright (c) 2022, Vsevolod Stakhov <vsevolod@rspamd.com>

  3. Copyright (c) 2016, Andrew Lewis <nerf@judo.za.org>

  4. 

  5. Licensed under the Apache License, Version 2.0 (the "License");

  6. you may not use this file except in compliance with the License.

  7. You may obtain a copy of the License at

  8. 

  9.     http://www.apache.org/licenses/LICENSE-2.0

  10. 

  11. Unless required by applicable law or agreed to in writing, software

  12. distributed under the License is distributed on an "AS IS" BASIS,

  13. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  14. See the License for the specific language governing permissions and

  15. limitations under the License.

  16. ]]--

  17. 

  18. local rspamd_logger = require "rspamd_logger"

  19. local rspamd_regexp = require "rspamd_regexp"

  20. local lua_util = require "lua_util"

  21. local N = "asn"

  22. 

  23. if confighelp then

  24.   return

  25. end

  26. 

  27. local options = {

  28.   provider_type = 'rspamd',

  29.   provider_info = {

  30.     ip4 = 'asn.rspamd.com',

  31.     ip6 = 'asn6.rspamd.com',

  32.   },

  33.   symbol = 'ASN',

  34.   check_local = false,

  35. }

  36. 

  37. local rspamd_re = rspamd_regexp.create_cached("[\\|\\s]")

  38. 

  39. local function asn_check(task)

  40. 

  41.   local function asn_set(asn, ipnet, country)

  42.     local descr_t = {}

  43.     local mempool = task:get_mempool()

  44.     if asn then

  45.       if tonumber(asn) ~= nil then

  46.         mempool:set_variable("asn", asn)

  47.         table.insert(descr_t, "asn:" .. asn)

  48.       else

  49.         rspamd_logger.errx(task, 'malformed ASN "%s" for ip %s', asn, task:get_from_ip())

  50.       end

  51.     end

  52.     if ipnet then

  53.       mempool:set_variable("ipnet", ipnet)

  54.       table.insert(descr_t, "ipnet:" .. ipnet)

  55.     end

  56.     if country then

  57.       mempool:set_variable("country", country)

  58.       table.insert(descr_t, "country:" .. country)

  59.     end

  60.     if options['symbol'] then

  61.       task:insert_result(options['symbol'], 0.0, table.concat(descr_t, ', '))

  62.     end

  63.   end

  64. 

  65.   local asn_check_func = {}

  66.   asn_check_func.rspamd = function(ip)

  67.     local dnsbl = options['provider_info']['ip' .. ip:get_version()]

  68.     local req_name = string.format("%s.%s",

  69.         table.concat(ip:inversed_str_octets(), '.'), dnsbl)

  70.     local function rspamd_dns_cb(_, _, results, dns_err, _, _, serv)

  71.       if dns_err and (dns_err ~= 'requested record is not found' and dns_err ~= 'no records with this name') then

  72.         rspamd_logger.errx(task, 'error querying dns "%s" on %s: %s',

  73.             req_name, serv, dns_err)

  74.         task:insert_result(options['symbol_fail'], 0, string.format('%s:%s', req_name, dns_err))

  75.         return

  76.       end

  77.       if not results or not results[1] then

  78.         rspamd_logger.infox(task, 'cannot query ip %s on %s: no results',

  79.             req_name, serv)

  80.         return

  81.       end

  82. 

  83.       lua_util.debugm(N, task, 'got reply from %s when requesting %s: %s',

  84.         serv, req_name, results[1])

  85. 

  86.       local parts = rspamd_re:split(results[1])

  87.       -- "15169 | 8.8.8.0/24 | US | arin |" for 8.8.8.8

  88.       asn_set(parts[1], parts[2], parts[3])

  89.     end

  90. 

  91.     task:get_resolver():resolve_txt({

  92.       task = task,

  93.       name = req_name,

  94.       callback = rspamd_dns_cb

  95.     })

  96.   end

  97. 

  98.   local ip = task:get_from_ip()

  99.   if not (ip and ip:is_valid()) or

  100.       (not options.check_local and ip:is_local()) then

  101.     return

  102.   end

  103. 

  104.   asn_check_func[options['provider_type']](ip)

  105. end

  106. 

  107. -- Configuration options

  108. local configure_asn_module = function()

  109.   local opts =  rspamd_config:get_all_opt('asn')

  110.   if opts then

  111.     for k,v in pairs(opts) do

  112.       options[k] = v

  113.     end

  114.   end

  115. 

  116.   local auth_and_local_conf = lua_util.config_check_local_or_authed(rspamd_config, N,

  117.       false, true)

  118.   options.check_local = auth_and_local_conf[1]

  119.   options.check_authed = auth_and_local_conf[2]

  120. 

  121.   if options['provider_type'] == 'rspamd' then

  122.     if not options['provider_info'] and options['provider_info']['ip4'] and

  123.         options['provider_info']['ip6'] then

  124.       rspamd_logger.errx("Missing required provider_info for rspamd")

  125.       return false

  126.     end

  127.   else

  128.     rspamd_logger.errx("Unknown provider_type: %s", options['provider_type'])

  129.     return false

  130.   end

  131. 

  132.   if options['symbol'] then

  133.     options['symbol_fail'] = options['symbol'] .. '_FAIL'

  134.   else

  135.     options['symbol_fail'] = 'ASN_FAIL'

  136.   end

  137. 

  138.   return true

  139. end

  140. 

  141. if configure_asn_module() then

  142.   local id = rspamd_config:register_symbol({

  143.     name = 'ASN_CHECK',

  144.     type = 'prefilter',

  145.     callback = asn_check,

  146.     priority = 8,

  147.     flags = 'empty,nostat',

  148.   })

  149.   if options['symbol'] then

  150.     rspamd_config:register_symbol({

  151.       name = options['symbol'],

  152.       parent = id,

  153.       type = 'virtual',

  154.       flags = 'empty,nostat',

  155.       score = 0,

  156.     })

  157.   end

  158.   rspamd_config:register_symbol{

  159.     name = options['symbol_fail'],

  160.     parent = id,

  161.     type = 'virtual',

  162.     flags = 'empty,nostat',

  163.     score = 0,

  164.   }

  165. else

  166.   lua_util.disable_module(N, 'config')

  167. end