diff -ru exim-4.70.orig/src/expand.c exim-4.70/src/expand.c --- exim-4.70.orig/src/expand.c 2016-04-09 13:42:00.227625074 +0200 +++ exim-4.70/src/expand.c 2016-04-09 13:42:37.183633096 +0200 @@ -578,6 +578,7 @@ { "sn8", vtype_filter_int, &filter_sn[8] }, { "sn9", vtype_filter_int, &filter_sn[9] }, #ifdef WITH_CONTENT_SCAN + { "spam_action", vtype_stringptr, &spam_action }, { "spam_bar", vtype_stringptr, &spam_bar }, { "spam_report", vtype_stringptr, &spam_report }, { "spam_score", vtype_stringptr, &spam_score }, diff -ru exim-4.70.orig/src/globals.c exim-4.70/src/globals.c --- exim-4.70.orig/src/globals.c 2016-04-09 13:42:00.219625073 +0200 +++ exim-4.70/src/globals.c 2016-04-09 13:42:37.187633096 +0200 @@ -1136,6 +1136,7 @@ uschar *spamd_address = US"127.0.0.1 783"; uschar *spam_bar = NULL; uschar *spam_report = NULL; +uschar *spam_action = NULL; uschar *spam_score = NULL; uschar *spam_score_int = NULL; #endif diff -ru exim-4.70.orig/src/globals.h exim-4.70/src/globals.h --- exim-4.70.orig/src/globals.h 2016-04-09 13:42:00.219625073 +0200 +++ exim-4.70/src/globals.h 2016-04-09 13:42:37.187633096 +0200 @@ -703,6 +703,7 @@ extern uschar *spamd_address; /* address for the spamassassin daemon */ extern uschar *spam_bar; /* the spam "bar" (textual representation of spam_score) */ extern uschar *spam_report; /* the spamd report (multiline) */ +extern uschar *spam_action; /* the spamd action */ extern uschar *spam_score; /* the spam score (float) */ extern uschar *spam_score_int; /* spam_score * 10 (int) */ #endif diff -ru exim-4.70.orig/src/spam.c exim-4.70/src/spam.c --- exim-4.70.orig/src/spam.c 2016-04-09 13:42:00.231625075 +0200 +++ exim-4.70/src/spam.c 2016-04-09 13:43:43.927647677 +0200 @@ -16,6 +16,7 @@ uschar spam_score_buffer[16]; uschar spam_score_int_buffer[16]; uschar spam_bar_buffer[128]; +uschar spam_action_buffer[32]; uschar spam_report_buffer[32600]; uschar prev_user_name[128] = ""; int spam_ok = 0; @@ -31,9 +32,11 @@ int spamd_sock; uschar spamd_buffer[32600]; int i, j, offset, result; + BOOL is_rspamd; uschar spamd_version[8]; + uschar spamd_short_result[8]; uschar spamd_score_char; - double spamd_threshold, spamd_score; + double spamd_threshold, spamd_score, spamd_reject_score; int spamd_report_offset; uschar *p,*q; int override = 0; @@ -122,8 +125,15 @@ spamd_address_container *this_spamd = (spamd_address_container *)store_get(sizeof(spamd_address_container)); + /* Check for spamd variant */ + if( Ustrstr(address, "variant=rspamd") != NULL ) { + this_spamd->is_rspamd = TRUE; + } + else { + this_spamd->is_rspamd = FALSE; + } /* grok spamd address and port */ - if( sscanf(CS address, "%s %u", this_spamd->tcp_addr, &(this_spamd->tcp_port)) != 2 ) { + if( sscanf(CS address, "%23s %hu", this_spamd->tcp_addr, &(this_spamd->tcp_port)) != 2 ) { log_write(0, LOG_MAIN, "spam acl condition: warning - invalid spamd address: '%s'", address); continue; @@ -165,6 +175,7 @@ spamd_address_vector[current_server]->tcp_port, 5 ) > -1) { /* connection OK */ + is_rspamd = spamd_address_vector[current_server]->is_rspamd; break; }; @@ -197,12 +208,28 @@ } server.sun_family = AF_UNIX; - Ustrcpy(server.sun_path, spamd_address_work); + p = Ustrstr(spamd_address_work, "variant=rspamd"); + if( p != NULL ) { + is_rspamd = TRUE; + /* strip spaces */ + p --; + while (p > spamd_address_work && isspace (*p)) { + p --; + } + Ustrncpy(server.sun_path, spamd_address_work, p - spamd_address_work + 1); + /* zero terminate */ + server.sun_path[p - spamd_address_work + 1] = 0; + } + else { + is_rspamd = FALSE; + Ustrcpy(server.sun_path, spamd_address_work); + } + if (connect(spamd_sock, (struct sockaddr *) &server, sizeof(struct sockaddr_un)) < 0) { log_write(0, LOG_MAIN|LOG_PANIC, "malware acl condition: spamd: unable to connect to UNIX socket %s (%s)", - spamd_address_work, strerror(errno) ); + server.sun_path, strerror(errno) ); (void)fclose(mbox_file); (void)close(spamd_sock); return DEFER; @@ -210,22 +237,50 @@ } + (void)fcntl(spamd_sock, F_SETFL, O_NONBLOCK); /* now we are connected to spamd on spamd_sock */ - (void)string_format(spamd_buffer, - sizeof(spamd_buffer), - "REPORT SPAMC/1.2\r\nUser: %s\r\nContent-length: %ld\r\n\r\n", - user_name, - mbox_size); - - /* send our request */ - if (send(spamd_sock, spamd_buffer, Ustrlen(spamd_buffer), 0) < 0) { + if (is_rspamd) { + /* rspamd variant */ + const char *helo; + const char *fcrdns; + const char *authid; + uschar *req_str; + + req_str = string_sprintf("CHECK RSPAMC/1.3\r\nContent-length: %lu\r\n" + "Queue-Id: %s\r\nFrom: <%s>\r\nRecipient-Number: %d\r\n", mbox_size, + message_id, sender_address, recipients_count); + for (i = 0; i < recipients_count; i ++) + req_str = string_sprintf("%sRcpt: <%s>\r\n", req_str, recipients_list[i].address); + if ((helo = expand_string(US"$sender_helo_name")) != NULL && *helo != '\0') + req_str = string_sprintf("%sHelo: %s\r\n", req_str, helo); + if ((fcrdns = expand_string(US"$sender_host_name")) != NULL && *fcrdns != '\0') + req_str = string_sprintf("%sHostname: %s\r\n", req_str, fcrdns); + if (sender_host_address != NULL) + req_str = string_sprintf("%sIP: %s\r\n", req_str, sender_host_address); + if ((authid = expand_string(US"$authenticated_id")) != NULL && *authid != '\0') + req_str = string_sprintf("%sUser: %s\r\n", req_str, authid); + req_str = string_sprintf("%s\r\n", req_str); + wrote = send(spamd_sock, req_str, Ustrlen(req_str), 0); + } + else { + /* spamassassin variant */ + (void)string_format(spamd_buffer, + sizeof(spamd_buffer), + "REPORT SPAMC/1.2\r\nUser: %s\r\nContent-length: %ld\r\n\r\n", + user_name, + mbox_size); + /* send our request */ + wrote = send(spamd_sock, spamd_buffer, Ustrlen(spamd_buffer), 0); + } + if(wrote == -1) + { (void)close(spamd_sock); log_write(0, LOG_MAIN|LOG_PANIC, - "spam acl condition: spamd send failed: %s", strerror(errno)); + "spam acl condition: spamd send failed: %s", strerror(errno)); (void)fclose(mbox_file); (void)close(spamd_sock); return DEFER; - }; + } /* now send the file */ /* spamd sometimes accepts conections but doesn't read data off @@ -304,7 +359,9 @@ (void)fclose(mbox_file); /* we're done sending, close socket for writing */ - shutdown(spamd_sock,SHUT_WR); + if (!is_rspamd) { + shutdown(spamd_sock,SHUT_WR); + } /* read spamd response using what's left of the timeout. */ @@ -328,60 +385,93 @@ /* reading done */ (void)close(spamd_sock); - /* dig in the spamd output and put the report in a multiline header, if requested */ - if( sscanf(CS spamd_buffer,"SPAMD/%7s 0 EX_OK\r\nContent-length: %*u\r\n\r\n%lf/%lf\r\n%n", - spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3 ) { - - /* try to fall back to pre-2.50 spamd output */ - if( sscanf(CS spamd_buffer,"SPAMD/%7s 0 EX_OK\r\nSpam: %*s ; %lf / %lf\r\n\r\n%n", - spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3 ) { + if (!is_rspamd) { + /* dig in the spamd output and put the report in a multiline header, if requested */ + if( sscanf(CS spamd_buffer,"SPAMD/%7s 0 EX_OK\r\nContent-length: %*u\r\n\r\n%lf/%lf\r\n%n", + spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3 ) { + + /* try to fall back to pre-2.50 spamd output */ + if( sscanf(CS spamd_buffer,"SPAMD/%7s 0 EX_OK\r\nSpam: %*s ; %lf / %lf\r\n\r\n%n", + spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3 ) { + log_write(0, LOG_MAIN|LOG_PANIC, + "spam acl condition: cannot parse spamd output"); + return DEFER; + }; + }; + + if( spamd_score >= spamd_threshold ) { + Ustrcpy(spam_action_buffer, "reject"); + } + else { + Ustrcpy(spam_action_buffer, "no action"); + } + } + else { + /* rspamd variant of reply */ + int r; + if( (r = sscanf(CS spamd_buffer,"RSPAMD/%7s 0 EX_OK\r\nMetric: default; %7s %lf / %lf / %lf\r\n%n", + spamd_version,spamd_short_result,&spamd_score,&spamd_threshold,&spamd_reject_score,&spamd_report_offset)) != 5 ) { log_write(0, LOG_MAIN|LOG_PANIC, - "spam acl condition: cannot parse spamd output"); + "spam acl condition: cannot parse spamd output: %d", r); return DEFER; }; - }; + /* now parse action */ + p = &spamd_buffer[spamd_report_offset]; + + if( Ustrncmp(p, "Action: ", sizeof("Action: ") - 1) == 0 ) { + p += sizeof("Action: ") - 1; + q = &spam_action_buffer[0]; + while (*p && *p != '\r' && (q - spam_action_buffer) < sizeof(spam_action_buffer) - 1) { + *q++ = *p++; + } + *q = '\0'; + } + } /* Create report. Since this is a multiline string, we must hack it into shape first */ p = &spamd_buffer[spamd_report_offset]; q = spam_report_buffer; while (*p != '\0') { - /* skip \r */ - if (*p == '\r') { - p++; - continue; - }; - *q = *p; - q++; - if (*p == '\n') { - /* add an extra space after the newline to ensure - that it is treated as a header continuation line */ - *q = ' '; - q++; - }; - p++; + /* skip \r */ + if (*p == '\r') { + p++; + continue; + }; + *q = *p; + q++; + if (*p == '\n') { + /* add an extra space after the newline to ensure + that it is treated as a header continuation line */ + *q = ' '; + q++; + }; + p++; }; /* NULL-terminate */ *q = '\0'; q--; /* cut off trailing leftovers */ while (*q <= ' ') { - *q = '\0'; - q--; + *q = '\0'; + q--; }; + + /* common spamd actions */ spam_report = spam_report_buffer; + spam_action = spam_action_buffer; /* create spam bar */ spamd_score_char = spamd_score > 0 ? '+' : '-'; j = abs((int)(spamd_score)); i = 0; if( j != 0 ) { - while((i < j) && (i <= MAX_SPAM_BAR_CHARS)) - spam_bar_buffer[i++] = spamd_score_char; + while((i < j) && (i <= MAX_SPAM_BAR_CHARS)) + spam_bar_buffer[i++] = spamd_score_char; } else{ - spam_bar_buffer[0] = '/'; - i = 1; + spam_bar_buffer[0] = '/'; + i = 1; } spam_bar_buffer[i] = '\0'; spam_bar = spam_bar_buffer; @@ -397,12 +487,12 @@ /* compare threshold against score */ if (spamd_score >= spamd_threshold) { - /* spam as determined by user's threshold */ - spam_rc = OK; + /* spam as determined by user's threshold */ + spam_rc = OK; } else { - /* not spam */ - spam_rc = FAIL; + /* not spam */ + spam_rc = FAIL; }; /* remember user name and "been here" for it unless spamd_socket was expanded */ diff -ru exim-4.70.orig/src/spam.h exim-4.70/src/spam.h --- exim-4.70.orig/src/spam.h 2016-04-09 13:42:00.235625076 +0200 +++ exim-4.70/src/spam.h 2016-04-09 13:42:37.187633096 +0200 @@ -24,7 +24,8 @@ typedef struct spamd_address_container { uschar tcp_addr[24]; - unsigned int tcp_port; + unsigned short int tcp_port; + int is_rspamd:1; } spamd_address_container; #endif