diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-10 21:30:40 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-10 21:30:40 +0000 |
| commit | 133a45c109da5310add55824db21af5239951f93 (patch) | |
| tree | ba6ac4c0a950a0dda56451944315d66409923918 /contrib/exim/patch-exim-src_spam.c.diff | |
| parent | Initial commit. (diff) | |
| download | rspamd-133a45c109da5310add55824db21af5239951f93.tar.xz rspamd-133a45c109da5310add55824db21af5239951f93.zip | |
Adding upstream version 3.8.1.upstream/3.8.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'contrib/exim/patch-exim-src_spam.c.diff')
| -rw-r--r-- | contrib/exim/patch-exim-src_spam.c.diff | 338 |
1 files changed, 338 insertions, 0 deletions
diff --git a/contrib/exim/patch-exim-src_spam.c.diff b/contrib/exim/patch-exim-src_spam.c.diff new file mode 100644 index 0000000..f3ac788 --- /dev/null +++ b/contrib/exim/patch-exim-src_spam.c.diff @@ -0,0 +1,338 @@ +diff -ru exim-4.70.orig/src/expand.c exim-4.70/src/expand.c +--- exim-4.70.orig/src/expand.c 2016-04-09 13:42:00.227625074 +0200 ++++ exim-4.70/src/expand.c 2016-04-09 13:42:37.183633096 +0200 +@@ -578,6 +578,7 @@ + { "sn8", vtype_filter_int, &filter_sn[8] }, + { "sn9", vtype_filter_int, &filter_sn[9] }, + #ifdef WITH_CONTENT_SCAN ++ { "spam_action", vtype_stringptr, &spam_action }, + { "spam_bar", vtype_stringptr, &spam_bar }, + { "spam_report", vtype_stringptr, &spam_report }, + { "spam_score", vtype_stringptr, &spam_score }, +diff -ru exim-4.70.orig/src/globals.c exim-4.70/src/globals.c +--- exim-4.70.orig/src/globals.c 2016-04-09 13:42:00.219625073 +0200 ++++ exim-4.70/src/globals.c 2016-04-09 13:42:37.187633096 +0200 +@@ -1136,6 +1136,7 @@ + uschar *spamd_address = US"127.0.0.1 783"; + uschar *spam_bar = NULL; + uschar *spam_report = NULL; ++uschar *spam_action = NULL; + uschar *spam_score = NULL; + uschar *spam_score_int = NULL; + #endif +diff -ru exim-4.70.orig/src/globals.h exim-4.70/src/globals.h +--- exim-4.70.orig/src/globals.h 2016-04-09 13:42:00.219625073 +0200 ++++ exim-4.70/src/globals.h 2016-04-09 13:42:37.187633096 +0200 +@@ -703,6 +703,7 @@ + extern uschar *spamd_address; /* address for the spamassassin daemon */ + extern uschar *spam_bar; /* the spam "bar" (textual representation of spam_score) */ + extern uschar *spam_report; /* the spamd report (multiline) */ ++extern uschar *spam_action; /* the spamd action */ + extern uschar *spam_score; /* the spam score (float) */ + extern uschar *spam_score_int; /* spam_score * 10 (int) */ + #endif +diff -ru exim-4.70.orig/src/spam.c exim-4.70/src/spam.c +--- exim-4.70.orig/src/spam.c 2016-04-09 13:42:00.231625075 +0200 ++++ exim-4.70/src/spam.c 2016-04-09 13:43:43.927647677 +0200 +@@ -16,6 +16,7 @@ + uschar spam_score_buffer[16]; + uschar spam_score_int_buffer[16]; + uschar spam_bar_buffer[128]; ++uschar spam_action_buffer[32]; + uschar spam_report_buffer[32600]; + uschar prev_user_name[128] = ""; + int spam_ok = 0; +@@ -31,9 +32,11 @@ + int spamd_sock; + uschar spamd_buffer[32600]; + int i, j, offset, result; ++ BOOL is_rspamd; + uschar spamd_version[8]; ++ uschar spamd_short_result[8]; + uschar spamd_score_char; +- double spamd_threshold, spamd_score; ++ double spamd_threshold, spamd_score, spamd_reject_score; + int spamd_report_offset; + uschar *p,*q; + int override = 0; +@@ -122,8 +125,15 @@ + spamd_address_container *this_spamd = + (spamd_address_container *)store_get(sizeof(spamd_address_container)); + ++ /* Check for spamd variant */ ++ if( Ustrstr(address, "variant=rspamd") != NULL ) { ++ this_spamd->is_rspamd = TRUE; ++ } ++ else { ++ this_spamd->is_rspamd = FALSE; ++ } + /* grok spamd address and port */ +- if( sscanf(CS address, "%s %u", this_spamd->tcp_addr, &(this_spamd->tcp_port)) != 2 ) { ++ if( sscanf(CS address, "%23s %hu", this_spamd->tcp_addr, &(this_spamd->tcp_port)) != 2 ) { + log_write(0, LOG_MAIN, + "spam acl condition: warning - invalid spamd address: '%s'", address); + continue; +@@ -165,6 +175,7 @@ + spamd_address_vector[current_server]->tcp_port, + 5 ) > -1) { + /* connection OK */ ++ is_rspamd = spamd_address_vector[current_server]->is_rspamd; + break; + }; + +@@ -197,12 +208,28 @@ + } + + server.sun_family = AF_UNIX; +- Ustrcpy(server.sun_path, spamd_address_work); ++ p = Ustrstr(spamd_address_work, "variant=rspamd"); ++ if( p != NULL ) { ++ is_rspamd = TRUE; ++ /* strip spaces */ ++ p --; ++ while (p > spamd_address_work && isspace (*p)) { ++ p --; ++ } ++ Ustrncpy(server.sun_path, spamd_address_work, p - spamd_address_work + 1); ++ /* zero terminate */ ++ server.sun_path[p - spamd_address_work + 1] = 0; ++ } ++ else { ++ is_rspamd = FALSE; ++ Ustrcpy(server.sun_path, spamd_address_work); ++ } ++ + + if (connect(spamd_sock, (struct sockaddr *) &server, sizeof(struct sockaddr_un)) < 0) { + log_write(0, LOG_MAIN|LOG_PANIC, + "malware acl condition: spamd: unable to connect to UNIX socket %s (%s)", +- spamd_address_work, strerror(errno) ); ++ server.sun_path, strerror(errno) ); + (void)fclose(mbox_file); + (void)close(spamd_sock); + return DEFER; +@@ -210,22 +237,50 @@ + + } + ++ (void)fcntl(spamd_sock, F_SETFL, O_NONBLOCK); + /* now we are connected to spamd on spamd_sock */ +- (void)string_format(spamd_buffer, +- sizeof(spamd_buffer), +- "REPORT SPAMC/1.2\r\nUser: %s\r\nContent-length: %ld\r\n\r\n", +- user_name, +- mbox_size); +- +- /* send our request */ +- if (send(spamd_sock, spamd_buffer, Ustrlen(spamd_buffer), 0) < 0) { ++ if (is_rspamd) { ++ /* rspamd variant */ ++ const char *helo; ++ const char *fcrdns; ++ const char *authid; ++ uschar *req_str; ++ ++ req_str = string_sprintf("CHECK RSPAMC/1.3\r\nContent-length: %lu\r\n" ++ "Queue-Id: %s\r\nFrom: <%s>\r\nRecipient-Number: %d\r\n", mbox_size, ++ message_id, sender_address, recipients_count); ++ for (i = 0; i < recipients_count; i ++) ++ req_str = string_sprintf("%sRcpt: <%s>\r\n", req_str, recipients_list[i].address); ++ if ((helo = expand_string(US"$sender_helo_name")) != NULL && *helo != '\0') ++ req_str = string_sprintf("%sHelo: %s\r\n", req_str, helo); ++ if ((fcrdns = expand_string(US"$sender_host_name")) != NULL && *fcrdns != '\0') ++ req_str = string_sprintf("%sHostname: %s\r\n", req_str, fcrdns); ++ if (sender_host_address != NULL) ++ req_str = string_sprintf("%sIP: %s\r\n", req_str, sender_host_address); ++ if ((authid = expand_string(US"$authenticated_id")) != NULL && *authid != '\0') ++ req_str = string_sprintf("%sUser: %s\r\n", req_str, authid); ++ req_str = string_sprintf("%s\r\n", req_str); ++ wrote = send(spamd_sock, req_str, Ustrlen(req_str), 0); ++ } ++ else { ++ /* spamassassin variant */ ++ (void)string_format(spamd_buffer, ++ sizeof(spamd_buffer), ++ "REPORT SPAMC/1.2\r\nUser: %s\r\nContent-length: %ld\r\n\r\n", ++ user_name, ++ mbox_size); ++ /* send our request */ ++ wrote = send(spamd_sock, spamd_buffer, Ustrlen(spamd_buffer), 0); ++ } ++ if(wrote == -1) ++ { + (void)close(spamd_sock); + log_write(0, LOG_MAIN|LOG_PANIC, +- "spam acl condition: spamd send failed: %s", strerror(errno)); ++ "spam acl condition: spamd send failed: %s", strerror(errno)); + (void)fclose(mbox_file); + (void)close(spamd_sock); + return DEFER; +- }; ++ } + + /* now send the file */ + /* spamd sometimes accepts connections but doesn't read data off +@@ -304,7 +359,9 @@ + (void)fclose(mbox_file); + + /* we're done sending, close socket for writing */ +- shutdown(spamd_sock,SHUT_WR); ++ if (!is_rspamd) { ++ shutdown(spamd_sock,SHUT_WR); ++ } + + /* read spamd response using what's left of the timeout. + */ +@@ -328,60 +385,93 @@ + /* reading done */ + (void)close(spamd_sock); + +- /* dig in the spamd output and put the report in a multiline header, if requested */ +- if( sscanf(CS spamd_buffer,"SPAMD/%7s 0 EX_OK\r\nContent-length: %*u\r\n\r\n%lf/%lf\r\n%n", +- spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3 ) { +- +- /* try to fall back to pre-2.50 spamd output */ +- if( sscanf(CS spamd_buffer,"SPAMD/%7s 0 EX_OK\r\nSpam: %*s ; %lf / %lf\r\n\r\n%n", +- spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3 ) { ++ if (!is_rspamd) { ++ /* dig in the spamd output and put the report in a multiline header, if requested */ ++ if( sscanf(CS spamd_buffer,"SPAMD/%7s 0 EX_OK\r\nContent-length: %*u\r\n\r\n%lf/%lf\r\n%n", ++ spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3 ) { ++ ++ /* try to fall back to pre-2.50 spamd output */ ++ if( sscanf(CS spamd_buffer,"SPAMD/%7s 0 EX_OK\r\nSpam: %*s ; %lf / %lf\r\n\r\n%n", ++ spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3 ) { ++ log_write(0, LOG_MAIN|LOG_PANIC, ++ "spam acl condition: cannot parse spamd output"); ++ return DEFER; ++ }; ++ }; ++ ++ if( spamd_score >= spamd_threshold ) { ++ Ustrcpy(spam_action_buffer, "reject"); ++ } ++ else { ++ Ustrcpy(spam_action_buffer, "no action"); ++ } ++ } ++ else { ++ /* rspamd variant of reply */ ++ int r; ++ if( (r = sscanf(CS spamd_buffer,"RSPAMD/%7s 0 EX_OK\r\nMetric: default; %7s %lf / %lf / %lf\r\n%n", ++ spamd_version,spamd_short_result,&spamd_score,&spamd_threshold,&spamd_reject_score,&spamd_report_offset)) != 5 ) { + log_write(0, LOG_MAIN|LOG_PANIC, +- "spam acl condition: cannot parse spamd output"); ++ "spam acl condition: cannot parse spamd output: %d", r); + return DEFER; + }; +- }; ++ /* now parse action */ ++ p = &spamd_buffer[spamd_report_offset]; ++ ++ if( Ustrncmp(p, "Action: ", sizeof("Action: ") - 1) == 0 ) { ++ p += sizeof("Action: ") - 1; ++ q = &spam_action_buffer[0]; ++ while (*p && *p != '\r' && (q - spam_action_buffer) < sizeof(spam_action_buffer) - 1) { ++ *q++ = *p++; ++ } ++ *q = '\0'; ++ } ++ } + + /* Create report. Since this is a multiline string, + we must hack it into shape first */ + p = &spamd_buffer[spamd_report_offset]; + q = spam_report_buffer; + while (*p != '\0') { +- /* skip \r */ +- if (*p == '\r') { +- p++; +- continue; +- }; +- *q = *p; +- q++; +- if (*p == '\n') { +- /* add an extra space after the newline to ensure +- that it is treated as a header continuation line */ +- *q = ' '; +- q++; +- }; +- p++; ++ /* skip \r */ ++ if (*p == '\r') { ++ p++; ++ continue; ++ }; ++ *q = *p; ++ q++; ++ if (*p == '\n') { ++ /* add an extra space after the newline to ensure ++ that it is treated as a header continuation line */ ++ *q = ' '; ++ q++; ++ }; ++ p++; + }; + /* NULL-terminate */ + *q = '\0'; + q--; + /* cut off trailing leftovers */ + while (*q <= ' ') { +- *q = '\0'; +- q--; ++ *q = '\0'; ++ q--; + }; ++ ++ /* common spamd actions */ + spam_report = spam_report_buffer; ++ spam_action = spam_action_buffer; + + /* create spam bar */ + spamd_score_char = spamd_score > 0 ? '+' : '-'; + j = abs((int)(spamd_score)); + i = 0; + if( j != 0 ) { +- while((i < j) && (i <= MAX_SPAM_BAR_CHARS)) +- spam_bar_buffer[i++] = spamd_score_char; ++ while((i < j) && (i <= MAX_SPAM_BAR_CHARS)) ++ spam_bar_buffer[i++] = spamd_score_char; + } + else{ +- spam_bar_buffer[0] = '/'; +- i = 1; ++ spam_bar_buffer[0] = '/'; ++ i = 1; + } + spam_bar_buffer[i] = '\0'; + spam_bar = spam_bar_buffer; +@@ -397,12 +487,12 @@ + + /* compare threshold against score */ + if (spamd_score >= spamd_threshold) { +- /* spam as determined by user's threshold */ +- spam_rc = OK; ++ /* spam as determined by user's threshold */ ++ spam_rc = OK; + } + else { +- /* not spam */ +- spam_rc = FAIL; ++ /* not spam */ ++ spam_rc = FAIL; + }; + + /* remember user name and "been here" for it unless spamd_socket was expanded */ +diff -ru exim-4.70.orig/src/spam.h exim-4.70/src/spam.h +--- exim-4.70.orig/src/spam.h 2016-04-09 13:42:00.235625076 +0200 ++++ exim-4.70/src/spam.h 2016-04-09 13:42:37.187633096 +0200 +@@ -24,7 +24,8 @@ + + typedef struct spamd_address_container { + uschar tcp_addr[24]; +- unsigned int tcp_port; ++ unsigned short int tcp_port; ++ int is_rspamd:1; + } spamd_address_container; + + #endif |