2016-12-09 21:39:02 +02:00
|
|
|
rspamd_config.MAILCOW_AUTH = {
|
|
|
|
callback = function(task)
|
|
|
|
local uname = task:get_user()
|
|
|
|
if uname then
|
|
|
|
return 1
|
|
|
|
end
|
|
|
|
end
|
|
|
|
}
|
|
|
|
|
2016-12-10 01:39:27 +02:00
|
|
|
rspamd_config.MAILCOW_MOO = function (task)
|
|
|
|
return true
|
|
|
|
end
|
2017-01-09 12:05:33 +02:00
|
|
|
|
2017-03-03 16:39:12 +02:00
|
|
|
modify_subject_map = rspamd_config:add_map({
|
2017-02-16 20:55:07 +02:00
|
|
|
url = 'http://172.22.1.251:8081/tags.php',
|
2017-01-09 12:05:33 +02:00
|
|
|
type = 'map',
|
|
|
|
description = 'Map of users to use subject tags for'
|
|
|
|
})
|
|
|
|
|
2017-03-03 16:39:12 +02:00
|
|
|
auth_domain_map = rspamd_config:add_map({
|
2017-02-16 20:55:07 +02:00
|
|
|
url = 'http://172.22.1.251:8081/authoritative.php',
|
2017-01-09 12:05:33 +02:00
|
|
|
type = 'map',
|
|
|
|
description = 'Map of domains we are authoritative for'
|
|
|
|
})
|
|
|
|
|
2017-03-16 14:42:56 +02:00
|
|
|
rspamd_config:register_symbol({
|
|
|
|
name = 'TAG_MOO',
|
|
|
|
type = 'postfilter',
|
|
|
|
callback = function(task)
|
|
|
|
local util = require("rspamd_util")
|
|
|
|
local rspamd_logger = require "rspamd_logger"
|
2017-03-12 15:38:20 +02:00
|
|
|
|
2017-03-16 14:42:56 +02:00
|
|
|
local tagged_rcpt = task:get_symbol("TAGGED_RCPT")
|
|
|
|
local user = task:get_recipients(0)[1]['user']
|
|
|
|
local domain = task:get_recipients(0)[1]['domain']
|
|
|
|
local rcpt = user .. '@' .. domain
|
|
|
|
local authdomain = auth_domain_map:get_key(domain)
|
2017-03-08 18:58:00 +02:00
|
|
|
|
2017-03-16 14:42:56 +02:00
|
|
|
if tagged_rcpt then
|
|
|
|
local tag = tagged_rcpt[1].options[1]
|
|
|
|
rspamd_logger.infox("found tag: %s", tag)
|
|
|
|
local action = task:get_metric_action('default')
|
|
|
|
rspamd_logger.infox("metric action now: %s", action)
|
2017-03-12 15:38:20 +02:00
|
|
|
|
2017-03-16 14:42:56 +02:00
|
|
|
if action ~= 'no action' and action ~= 'greylist' then
|
|
|
|
rspamd_logger.infox("skipping tag handler for action: %s", action)
|
|
|
|
task:set_metric_action('default', action)
|
|
|
|
end
|
2017-03-12 15:38:20 +02:00
|
|
|
|
2017-03-16 14:42:56 +02:00
|
|
|
if authdomain then
|
|
|
|
rspamd_logger.infox("found mailcow domain %s", domain)
|
|
|
|
rspamd_logger.infox("querying tag settings for user %s", rcpt)
|
2017-01-09 12:05:33 +02:00
|
|
|
|
2017-03-16 14:42:56 +02:00
|
|
|
if modify_subject_map:get_key(rcpt) then
|
|
|
|
rspamd_logger.infox("user wants subject modified for tagged mail")
|
|
|
|
local sbj = task:get_header('Subject')
|
|
|
|
new_sbj = '=?UTF-8?B?' .. tostring(util.encode_base64('[' .. tag .. '] ' .. sbj)) .. '?='
|
|
|
|
task:set_rmilter_reply({
|
|
|
|
remove_headers = {['Subject'] = 1},
|
|
|
|
add_headers = {['Subject'] = new_sbj}
|
|
|
|
})
|
|
|
|
else
|
|
|
|
rspamd_logger.infox("Add X-Moo-Tag header")
|
|
|
|
task:set_rmilter_reply({
|
|
|
|
add_headers = {['X-Moo-Tag'] = 'YES'}
|
|
|
|
})
|
|
|
|
end
|
2017-03-12 15:38:20 +02:00
|
|
|
else
|
2017-03-16 14:42:56 +02:00
|
|
|
rspamd_logger.infox("skip delimiter handling for unknown domain")
|
2017-03-12 15:38:20 +02:00
|
|
|
end
|
2017-03-16 14:42:56 +02:00
|
|
|
return false
|
2017-01-09 12:05:33 +02:00
|
|
|
end
|
2017-03-16 14:42:56 +02:00
|
|
|
end,
|
|
|
|
priority = 10
|
|
|
|
})
|
2017-03-08 18:58:00 +02:00
|
|
|
|
2017-02-18 21:29:15 +02:00
|
|
|
rspamd_config.MRAPTOR = {
|
|
|
|
callback = function(task)
|
|
|
|
local parts = task:get_parts()
|
|
|
|
local rspamd_logger = require "rspamd_logger"
|
|
|
|
local rspamd_regexp = require "rspamd_regexp"
|
|
|
|
|
|
|
|
if parts then
|
|
|
|
for _,p in ipairs(parts) do
|
|
|
|
local mtype,subtype = p:get_type()
|
|
|
|
local re = rspamd_regexp.create_cached('/(office|word|excel)/i')
|
|
|
|
if re:match(subtype) then
|
|
|
|
local content = tostring(p:get_content())
|
|
|
|
local filename = p:get_filename()
|
|
|
|
|
|
|
|
local file = os.tmpname()
|
|
|
|
f = io.open(file, "a+")
|
|
|
|
f:write(content)
|
|
|
|
f:close()
|
|
|
|
|
|
|
|
local scan = assert(io.popen('PATH=/usr/bin:/usr/local/bin mraptor ' .. file .. '> /dev/null 2>&1; echo $?', 'r'))
|
|
|
|
local result = scan:read('*all')
|
|
|
|
local exit_code = string.match(result, "%d+")
|
|
|
|
rspamd_logger.infox(exit_code)
|
|
|
|
scan:close()
|
|
|
|
|
|
|
|
if exit_code == "20" then
|
|
|
|
rspamd_logger.infox("Reject dangerous macro in office file " .. filename)
|
|
|
|
task:set_pre_result(rspamd_actions['reject'], 'Dangerous macro in office file ' .. filename)
|
|
|
|
end
|
|
|
|
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
}
|