Context Navigation

← Previous Revision
Next Revision →
Normal
Revision Log

source: npl/mailserver/transparantspam/amavis2dspam

Last change on this file was c5c522c, checked in by Edwin Eefting <edwin@datux.nl>, 8 years ago
initial commit, transferred from cleaned syn3 svn tree
Property mode set to `100644`
File size: 8.0 KB

Rev	Line
[c5c522c]	1	#!/usr/bin/php
	2	<?
	3	/***
	4	DatuX recipient adress verifier for SYN-3 transparant mail filter.
	5
	6	This will connect the SMPT servers found in qmails smtproutes and verify if the receipient adress really exists. (results are cached)
	7
	8	Mails to nonexisting adresses will be used to train dspam.
	9
	10	*/
	11
	12	require 'Net/SMTP.php';
	13
	14	DEFINE ("CACHEDIR", "/tmp/smtpcheck");
	15	DEFINE ("CACHETIME", 600);
	16	DEFINE ("DSPAM_SOURCE", "corpus");
	17	//DEFINE ("DSPAM_SOURCE", "inoculation");
	18
	19	DEFINE ("BACKUP", "spamfilter@vrieling.nl");
	20
	21	function abort($txt)
	22	{
	23	logError($txt);
	24	exit(111); //always return temporary error
	25	}
	26
	27	function logVerbose($txt)
	28	{
	29	syslog(LOG_MAIL\|LOG_INFO,getmypid().": $txt");
	30	};
	31
	32	function logError($txt)
	33	{
	34	syslog(LOG_MAIL\|LOG_ERR, getmypid().": $txt");
	35	};
	36
	37	define("CHECK_OK", 0); //address exists accoding to server
	38	define("CHECK_REJECT",1); //adresss was rejected by server
	39	define("CHECK_ERROR",2); //some kind of other error occured (dont cache it)
	40
	41	//connects to smtp server to check the receipient is ok
	42	function checkRcpt($host, $port, $from, $rcpt)
	43	{
	44	logVerbose("Connecting to $host to check $rcpt from $from");
	45
	46	/* Create a new Net_SMTP object. */
	47	if (! ($smtp = new Net_SMTP($host,$port)))
	48	{
	49	logError("Unable to instantiate Net_SMTP object");
	50	return (CHECK_ERROR);
	51	}
	52
	53	/* Connect to the SMTP server. */
	54	if (PEAR::isError($e = $smtp->connect(10)))
	55	{
	56	logError($e->getMessage());
	57	return (CHECK_ERROR);
	58	}
	59
	60	/* Send the 'MAIL FROM:' SMTP command. */
	61	if (PEAR::isError($smtp->mailFrom($from)))
	62	{
	63	logError("Unable to set sender to <$from>");
	64	return (CHECK_ERROR);
	65	}
	66
	67	/* Address the message to each of the recipients. */
	68	if (PEAR::isError($res = $smtp->rcptTo($rcpt)))
	69	{
	70	logVerbose("Address REJECTED (" . $res->getMessage().")");
	71	return (CHECK_REJECT);
	72	}
	73
	74	//dont send anything offcourse, just disconnect and assume the adress exists at this point.
	75
	76	/* Disconnect from the SMTP server. */
	77	$smtp->disconnect();
	78
	79	logVerbose("Address OK");
	80
	81	return (CHECK_OK);
	82	}
	83
	84
	85
	86	function cacheGet($id)
	87	{
	88	$cachefile=CACHEDIR."/$id";
	89	$cachedata=array();
	90	if (file_exists($cachefile))
	91	{
	92	$cachedata=unserialize(file_get_contents($cachefile));
	93
	94	//cache entry expired?
	95	if (time()-$cachedata["time"]> CACHETIME)
	96	{
	97	logVerbose("Cache: $id expired");
	98	$cachedata=array();
	99	}
	100	else
	101	{
	102	logVerbose("Cache: $id loaded");
	103	}
	104	}
	105	else
	106	{
	107	logVerbose("Cache: $id not cached yet");
	108	}
	109	return ($cachedata);
	110	}
	111
	112	function cachePut($id, $cachedata)
	113	{
	114	if (!file_exists(CACHEDIR))
	115	mkdir(CACHEDIR);
	116
	117	$cachefile=CACHEDIR."/$id";
	118
	119	$cachedata["time"]=time();
	120	file_put_contents($cachefile, serialize($cachedata));
	121	logVerbose("Cache: stored $id");
	122	}
	123
	124
	125	function cachedCheckRcpt($host, $port, $from, $rcpt)
	126	{
	127	logVerbose("Checking host $host to $rcpt from $from");
	128
	129	$cachedata=cacheGet($rcpt);
	130
	131	//not yet checked or last time was error?
	132	if (!isset($cachedata["checkRcpt"]) \|\| $cachedata["checkRcpt"]==CHECK_ERROR)
	133	{
	134	//check it
	135	$cachedata["checkRcpt"]=checkRcpt($host, $port, $from, $rcpt);
	136	cachePut($rcpt, $cachedata);
	137	}
	138
	139	return ($cachedata["checkRcpt"]);
	140	}
	141
	142	function callDspam($args, $tmpfh)
	143	{
	144	$cmd="/usr/bin/dspam $args";
	145	logVerbose("Executing: $cmd");
	146	$pipes=array();
	147	$proc=proc_open ( $cmd,
	148	array (0=>$tmpfh),
	149	$pipes);
	150	if (!is_resource($proc))
	151	{
	152	logError("Error while executing");
	153	}
	154	return(proc_close($proc));
	155	}
	156
	157
	158
	159
	160	//checks data against all filters and returns descriptive string if a match is found.
	161	$filters=array();
	162	//return: 1=blacklist 0=no match -1=whitelist
	163	function filterCheck($user, $data)
	164	{
	165	global $filters;
	166	if (!$filters)
	167	{
	168	$filters=eval('return '.file_get_contents("/etc/amavis2dspam.filter").';');
	169	}
	170
	171	//check whitelists:
	172	foreach ($filters as $filter)
	173	{
	174	if ($filter["mode"]=="allow")
	175	{
	176	if (strtolower($filter["username"])=="global" \|\| strtolower($filter["username"])==strtolower($user))
	177	{
	178	if (preg_match("/".$filter["regex"]."/im",$data,$matches))
	179	{
	180	logVerbose("FILTER: Whitelisted by user ".$filter["username"].", regex '".$filter["regex"]."' on data: ".$matches[0]);
	181	return -1;
	182	}
	183	}
	184	}
	185	}
	186	//check blacklists
	187	foreach ($filters as $filter)
	188	{
	189	if ($filter["mode"]=="deny")
	190	{
	191	if (strtolower($filter["username"])=="global" \|\| strtolower($filter["username"])==strtolower($user))
	192	{
	193	if (preg_match("/".$filter["regex"]."/im",$data,$matches))
	194	{
	195	logVerbose("FILTER: Blacklisted by user ".$filter["username"].", regex '".$filter["regex"]."' on data: ".$matches[0]);
	196	return 1;
	197	}
	198	}
	199	}
	200	}
	201	return (0);
	202	}
	203
	204	//determine senders and receviers
	205	$sender=$argv[1];
	206	$sender=strtolower($sender);
	207	$sender=str_replace("'","_",$sender);
	208	array_shift($argv);
	209	array_shift($argv);
	210	$rcpts=$argv;
	211
	212	//read qmail smtp routes
	213	$smtproutes=array();
	214	$smtproutelines=file("/var/qmail/control/smtproutes");
	215	foreach ($smtproutelines as $smtprouteline)
	216	{
	217	$fields=explode(":",$smtprouteline);
	218	$smtproutes[strtolower($fields[0])]["host"]=$fields[1];
	219	$smtproutes[strtolower($fields[0])]["port"]=$fields[2];
	220	}
	221	if (!$smtproutes)
	222	abort("error reading smtproutes");
	223
	224
	225	$filtered=array();
	226
	227	//read mail from stdin, into temporary file
	228	$tmpfh=tmpfile();
	229	$firstblock="";
	230	while (!feof(STDIN))
	231	{
	232	$data=fread(STDIN, 65535);
	233	if (is_string($data))
	234	{
	235	if (!$firstblock)
	236	$firstblock=$data;
	237	if (fwrite($tmpfh, $data)!=strlen($data))
	238	{
	239	abort("error while writing mail to temporary file");
	240	}
	241	}
	242	else
	243	{
	244	abort("error while reading mail from input");
	245	}
	246	}
	247
	248
	249	$inoculatedglobal=false;
	250	$inoculateduser=array();
	251	$users_str="";
	252	$rcpts_str="";
	253	$backedup=false;
	254
	255	//traverse all the rcpts
	256	foreach ($rcpts as $rcpt)
	257	{
	258	//filter rcpt
	259	$rcpt=strtolower($rcpt);
	260	$rcpt=str_replace("'","_",$rcpt);
	261	list($bla,$user)=explode("@", $rcpt);
	262
	263	logVerbose("Processing mail from $sender to $rcpt");
	264
	265	//reset tmp file
	266	fseek($tmpfh,0);
	267	unset($pipes);
	268
	269	$smtproute=$smtproutes[$user];
	270	if (!$smtproute)
	271	{
	272	logError("No smtp route found for $user!");
	273	if (!$inoculatedglobal)
	274	{
	275	logError("INOCULATING global filter.");
	276	$inoculatedglobal=(callDspam("--user global --deliver=summary --source=".DSPAM_SOURCE." --class=spam" , $tmpfh)==0);
	277	}
	278	else
	279	{
	280	logError("IGNORING mail.");
	281	}
	282	}
	283	//route exists
	284	else
	285	{
	286	//check filter for this user
	287	$filtered=filtercheck($user, $firstblock);
	288
	289	//whitelisted?
	290	if ($filtered==-1)
	291	{
	292	logVerbose("INOCULATING as ham $rcpt");
	293	callDspam("--user '$user' --deliver=summary --mail-from='$sender' --rcpt-to '$rcpt' --source=".DSPAM_SOURCE." --class=innocent" , $tmpfh);
	294	logVerbose("DELIVERING to $rcpt");
	295	$users_str.="'$user' ";
	296	$rcpts_str.="'$rcpt' ";
	297	}
	298
	299	//is it blacklisted? does the final smtp server reject the mail?
	300	else if ($filtered==1 \|\| cachedCheckRcpt($smtproute["host"], $smtproute["port"], $sender, $rcpt)==CHECK_REJECT)
	301	{
	302	if (!$inoculateduser[$user])
	303	{
	304	logVerbose("INOCULATING as spam $rcpt");
	305	if (callDspam("--user '$user' --deliver=summary --mail-from='$sender' --rcpt-to '$rcpt' --source=".DSPAM_SOURCE." --class=spam" , $tmpfh)==0)
	306	// if (callDspam("--user '$user' --mail-from='$sender' --rcpt-to '$rcpt' --source=".DSPAM_SOURCE." --class=spam" , $tmpfh)==0)
	307	{
	308	$inoculateduser[$user]=true;
	309	}
	310
	311	}
	312	else
	313	{
	314	logVerbose("IGNORING $rcpt ($user already inoculated)");
	315	}
	316
	317	//backup 1 mail to special mailbox to not lose filtered mail:
	318	if (!$backedup)
	319	{
	320	logVerbose("Backing up filtered mail to ".BACKUP);
	321	fseek($tmpfh,0);
	322	unset($pipes);
	323	$pipes=array();
	324	$proc=proc_open ( "/var/qmail/bin/qmail-inject -f '$sender' ".BACKUP,
	325	array (0=>$tmpfh),
	326	$pipes);
	327	if (!is_resource($proc))
	328	{
	329	logError("Error while executing");
	330	}
	331	proc_close($proc);
	332	$backedup=true;
	333	}
	334	}
	335
	336	//normal mail
	337	else
	338	{
	339	logVerbose("DELIVERING to $rcpt");
	340	$users_str.="'$user' ";
	341	$rcpts_str.="'$rcpt' ";
	342	}
	343	}
	344	}
	345
	346	//reset tmp file
	347	fseek($tmpfh,0);
	348	unset($pipes);
	349
	350	//something left to actually try to deliver?
	351	if ($users_str)
	352	{
	353	logVerbose("Calling dspam to deliver mails");
	354	exit(callDspam("--user $users_str --deliver=innocent --mail-from='$sender' --rcpt-to $rcpts_str", $tmpfh));
	355	}
	356	else
	357	{
	358	logVerbose("(No mails left to deliver to dspam)");
	359	exit(0);
	360	}
	361
	362

Note: See TracBrowser for help on using the repository browser.

Download in other formats: