mirror of
https://github.com/mailcow/mailcow-dockerized.git
synced 2024-12-25 02:29:32 +02:00
Add mraptor to rspamd
This commit is contained in:
parent
f6241619df
commit
f13df1ec46
@ -12,12 +12,14 @@ RUN dpkg-divert --local --rename --add /sbin/initctl \
|
||||
RUN apt-key adv --fetch-keys http://rspamd.com/apt-stable/gpg.key \
|
||||
&& echo "deb http://rspamd.com/apt-stable/ xenial main" > /etc/apt/sources.list.d/rspamd.list \
|
||||
&& apt-get update \
|
||||
&& apt-get -y install rspamd ca-certificates
|
||||
&& apt-get -y install rspamd ca-certificates python-pip
|
||||
|
||||
RUN echo '.include $LOCAL_CONFDIR/local.d/rspamd.conf.local' > /etc/rspamd/rspamd.conf.local
|
||||
# "Hardcoded" - we need them
|
||||
RUN echo 'settings = "http://nginx:8081/settings.php";' > /etc/rspamd/modules.d/settings.conf
|
||||
|
||||
RUN pip install -U oletools
|
||||
|
||||
CMD ["/usr/bin/rspamd","-f", "-u", "_rspamd", "-g", "_rspamd"]
|
||||
|
||||
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
||||
|
@ -74,3 +74,39 @@ rspamd_config.ADD_DELIMITER_TAG = {
|
||||
return false
|
||||
end
|
||||
}
|
||||
|
||||
rspamd_config.MRAPTOR = {
|
||||
callback = function(task)
|
||||
local parts = task:get_parts()
|
||||
local rspamd_logger = require "rspamd_logger"
|
||||
local rspamd_regexp = require "rspamd_regexp"
|
||||
|
||||
if parts then
|
||||
for _,p in ipairs(parts) do
|
||||
local mtype,subtype = p:get_type()
|
||||
local re = rspamd_regexp.create_cached('/(office|word|excel)/i')
|
||||
if re:match(subtype) then
|
||||
local content = tostring(p:get_content())
|
||||
local filename = p:get_filename()
|
||||
|
||||
local file = os.tmpname()
|
||||
f = io.open(file, "a+")
|
||||
f:write(content)
|
||||
f:close()
|
||||
|
||||
local scan = assert(io.popen('PATH=/usr/bin:/usr/local/bin mraptor ' .. file .. '> /dev/null 2>&1; echo $?', 'r'))
|
||||
local result = scan:read('*all')
|
||||
local exit_code = string.match(result, "%d+")
|
||||
rspamd_logger.infox(exit_code)
|
||||
scan:close()
|
||||
|
||||
if exit_code == "20" then
|
||||
rspamd_logger.infox("Reject dangerous macro in office file " .. filename)
|
||||
task:set_pre_result(rspamd_actions['reject'], 'Dangerous macro in office file ' .. filename)
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user