You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@james.apache.org by bt...@apache.org on 2022/08/23 09:19:59 UTC
[james-project] 05/06: JAMES-3775 Move ClamAV stuff to dedicated `third-party/clamav` module
This is an automated email from the ASF dual-hosted git repository.
btellier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/james-project.git
commit b52582412505716e38520a9b1d046fb69d5c46e8
Author: Quan Tran <hq...@linagora.com>
AuthorDate: Fri Aug 19 13:06:09 2022 +0700
JAMES-3775 Move ClamAV stuff to dedicated `third-party/clamav` module
---
third-party/clamav/README.md | 30 ++++
third-party/clamav/docker-compose.yml | 60 +++++++
third-party/clamav/pom.xml | 82 ++++++++++
.../sample-configuration/mailetcontainer.xml | 175 +++++++++++++++++++++
.../java/org/apache/james/clamav}/ClamAVScan.java | 2 +-
.../org/apache/james/clamav}/ClamAVScanTest.java | 6 +-
.../org/apache/james/clamav}/DockerClamAV.java | 2 +-
.../attachment/inlineNonVirusTextAttachment.eml | 0
.../attachment/inlineVirusTextAttachment.eml | 0
third-party/pom.xml | 1 +
10 files changed, 353 insertions(+), 5 deletions(-)
diff --git a/third-party/clamav/README.md b/third-party/clamav/README.md
new file mode 100644
index 0000000000..fe1043b0d3
--- /dev/null
+++ b/third-party/clamav/README.md
@@ -0,0 +1,30 @@
+# James' extensions for ClamAV
+
+This module is for developing and delivering extensions to James for the [ClamAV](https://www.clamav.net/) (the antivirus engine) integration.
+
+Currently, this module provides `ClamAVScan` mailet that talks directly with ClamAV via unix socket to scan virus for every
+incoming mail. Upon having virus, mail will be redirected to `virus` processor with configurable behavior for further processing.
+
+E.g:
+```xml
+ <processor state="local-delivery" enableJmx="true">
+ <mailet match="All" class="org.apache.james.clamav.ClamAVScan">
+ <host>clamav</host>
+ <port>3310</port>
+ <onMailetException>ignore</onMailetException>
+ </mailet>
+ <!-- If infected go to virus processor -->
+ <mailet match="HasMailAttributeWithValue=org.apache.james.infected, true" class="ToProcessor">
+ <processor>virus</processor>
+ </mailet>
+ </processor>
+
+ <processor state="virus" enableJmx="false">
+ <mailet match="All" class="ToRepository">
+ <repositoryPath>cassandra://var/mail/virus/</repositoryPath>
+ </mailet>
+ </processor>
+```
+
+To run James with this ClamAV integration, please use James's jar extension mechanism.
+We also provide a sample [docker-compose.yml](docker-compose.yml) on how to setup the James <-> ClamAV integration.
\ No newline at end of file
diff --git a/third-party/clamav/docker-compose.yml b/third-party/clamav/docker-compose.yml
new file mode 100644
index 0000000000..1754d3a91f
--- /dev/null
+++ b/third-party/clamav/docker-compose.yml
@@ -0,0 +1,60 @@
+version: '3'
+
+services:
+
+ james:
+ depends_on:
+ - elasticsearch
+ - cassandra
+ - tika
+ - rabbitmq
+ - s3
+ - clamav
+ image: apache/james:distributed-latest
+ container_name: james
+ hostname: james.local
+ volumes:
+ - $PWD/target/apache-james-clamav-3.8.0-SNAPSHOT-jar-with-dependencies.jar:/root/extensions-jars/james-server-clamav.jar
+ - $PWD/sample-configuration/keystore:/root/conf/keystore
+ - $PWD/sample-configuration/mailetcontainer.xml:/root/conf/mailetcontainer.xml
+ ports:
+ - "80:80"
+ - "25:25"
+ - "110:110"
+ - "143:143"
+ - "465:465"
+ - "587:587"
+ - "993:993"
+ - "8000:8000"
+
+ opensearch:
+ image: opensearchproject/opensearch:2.1.0
+ environment:
+ - discovery.type=single-node
+
+ cassandra:
+ image: cassandra:3.11.10
+ ports:
+ - "9042:9042"
+
+ tika:
+ image: apache/tika:1.26
+
+ rabbitmq:
+ image: rabbitmq:3.8.18-management
+ ports:
+ - "5672:5672"
+ - "15672:15672"
+
+ s3:
+ image: zenko/cloudserver:8.2.6
+ container_name: s3.docker.test
+ environment:
+ - SCALITY_ACCESS_KEY_ID=accessKey1
+ - SCALITY_SECRET_ACCESS_KEY=secretKey1
+ - S3BACKEND=mem
+ - LOG_LEVEL=trace
+ - REMOTE_MANAGEMENT_DISABLE=1
+
+ clamav:
+ image: clamav/clamav:0.105
\ No newline at end of file
diff --git a/third-party/clamav/pom.xml b/third-party/clamav/pom.xml
new file mode 100644
index 0000000000..bbddb71d0f
--- /dev/null
+++ b/third-party/clamav/pom.xml
@@ -0,0 +1,82 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.apache.james</groupId>
+ <artifactId>third-party</artifactId>
+ <version>3.8.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>apache-james-clamav</artifactId>
+ <name>Apache James :: Third Party :: ClamAV</name>
+ <description>ClamAV mailet and testing utilities</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>${james.groupId}</groupId>
+ <artifactId>apache-mailet-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>${james.groupId}</groupId>
+ <artifactId>apache-mailet-base</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>${james.groupId}</groupId>
+ <artifactId>apache-mailet-test</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>${james.groupId}</groupId>
+ <artifactId>james-server-core</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>${james.groupId}</groupId>
+ <artifactId>testing-base</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.testcontainers</groupId>
+ <artifactId>testcontainers</artifactId>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <plugins>
+ <plugin>
+ <artifactId>maven-assembly-plugin</artifactId>
+ <configuration>
+ <descriptorRefs>
+ <descriptorRef>jar-with-dependencies</descriptorRef>
+ </descriptorRefs>
+ </configuration>
+ <executions>
+ <execution>
+ <goals>
+ <goal>single</goal>
+ </goals>
+ <phase>compile</phase>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+</project>
diff --git a/third-party/clamav/sample-configuration/mailetcontainer.xml b/third-party/clamav/sample-configuration/mailetcontainer.xml
new file mode 100644
index 0000000000..976a3d900e
--- /dev/null
+++ b/third-party/clamav/sample-configuration/mailetcontainer.xml
@@ -0,0 +1,175 @@
+<?xml version="1.0"?>
+
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+ -->
+
+<!-- Read https://james.apache.org/server/config-mailetcontainer.html for further details -->
+
+<mailetcontainer enableJmx="true">
+
+ <context>
+ <!-- When the domain part of the postmaster mailAddress is missing, the default domain is appended.
+ You can configure it to (for example) <postmaster>postmaster@myDomain.com</postmaster> -->
+ <postmaster>postmaster</postmaster>
+ </context>
+
+ <spooler>
+ <threads>20</threads>
+ <errorRepository>memory://var/mail/error/</errorRepository>
+ </spooler>
+
+ <processors>
+ <processor state="root" enableJmx="true">
+ <mailet match="All" class="PostmasterAlias"/>
+ <mailet match="RelayLimit=30" class="Null"/>
+ <mailet match="All" class="ToProcessor">
+ <processor>transport</processor>
+ </mailet>
+ </processor>
+
+ <processor state="error" enableJmx="true">
+ <mailet match="All" class="MetricsMailet">
+ <metricName>mailetContainerErrors</metricName>
+ </mailet>
+ <mailet match="All" class="Bounce">
+ <onMailetException>ignore</onMailetException>
+ </mailet>
+ <mailet match="All" class="ToRepository">
+ <repositoryPath>memory://var/mail/error/</repositoryPath>
+ <onMailetException>propagate</onMailetException>
+ </mailet>
+ </processor>
+
+ <processor state="transport" enableJmx="true">
+ <matcher name="relay-allowed" match="org.apache.james.mailetcontainer.impl.matchers.Or">
+ <matcher match="SMTPAuthSuccessful"/>
+ <matcher match="SMTPIsAuthNetwork"/>
+ <matcher match="SentByMailet"/>
+ <matcher match="org.apache.james.jmap.mailet.SentByJmap"/>
+ </matcher>
+
+ <mailet match="All" class="RemoveMimeHeader">
+ <name>bcc</name>
+ <onMailetException>ignore</onMailetException>
+ </mailet>
+ <mailet match="All" class="RecipientRewriteTable">
+ <errorProcessor>rrt-error</errorProcessor>
+ </mailet>
+ <mailet match="RecipientIsLocal" class="ToProcessor">
+ <processor>local-delivery</processor>
+ </mailet>
+ <mailet match="HostIsLocal" class="ToProcessor">
+ <processor>local-address-error</processor>
+ <notice>550 - Requested action not taken: no such user here</notice>
+ </mailet>
+ <mailet match="relay-allowed" class="ToProcessor">
+ <processor>relay</processor>
+ </mailet>
+ <mailet match="All" class="ToProcessor">
+ <processor>relay-denied</processor>
+ </mailet>
+ </processor>
+
+ <processor state="local-delivery" enableJmx="true">
+ <mailet match="All" class="org.apache.james.clamav.ClamAVScan">
+ <host>clamav</host>
+ <port>3310</port>
+ <onMailetException>ignore</onMailetException>
+ </mailet>
+ <!-- If infected go to virus processor -->
+ <mailet match="HasMailAttributeWithValue=org.apache.james.infected, true" class="ToProcessor">
+ <processor>virus</processor>
+ </mailet>
+ <mailet match="All" class="VacationMailet">
+ <onMailetException>ignore</onMailetException>
+ </mailet>
+ <mailet match="All" class="Sieve">
+ <onMailetException>ignore</onMailetException>
+ </mailet>
+ <mailet match="All" class="AddDeliveredToHeader"/>
+ <mailet match="All" class="org.apache.james.jmap.mailet.filter.JMAPFiltering">
+ <onMailetException>ignore</onMailetException>
+ </mailet>
+ <mailet match="All" class="LocalDelivery"/>
+ </processor>
+
+ <processor state="relay" enableJmx="true">
+ <mailet match="All" class="RemoteDelivery">
+ <outgoingQueue>outgoing</outgoingQueue>
+ <delayTime>5000, 100000, 500000</delayTime>
+ <maxRetries>3</maxRetries>
+ <maxDnsProblemRetries>0</maxDnsProblemRetries>
+ <deliveryThreads>10</deliveryThreads>
+ <sendpartial>true</sendpartial>
+ <bounceProcessor>bounces</bounceProcessor>
+ </mailet>
+ </processor>
+
+ <processor state="local-address-error" enableJmx="true">
+ <mailet match="All" class="MetricsMailet">
+ <metricName>mailetContainerLocalAddressError</metricName>
+ </mailet>
+ <mailet match="All" class="Bounce">
+ <attachment>none</attachment>
+ </mailet>
+ <mailet match="All" class="ToRepository">
+ <repositoryPath>memory://var/mail/address-error/</repositoryPath>
+ </mailet>
+ </processor>
+
+ <processor state="relay-denied" enableJmx="true">
+ <mailet match="All" class="MetricsMailet">
+ <metricName>mailetContainerRelayDenied</metricName>
+ </mailet>
+ <mailet match="All" class="Bounce">
+ <attachment>none</attachment>
+ </mailet>
+ <mailet match="All" class="ToRepository">
+ <repositoryPath>memory://var/mail/relay-denied/</repositoryPath>
+ <notice>Warning: You are sending an e-mail to a remote server. You must be authenticated to perform such an operation</notice>
+ </mailet>
+ </processor>
+
+ <processor state="bounces" enableJmx="true">
+ <mailet match="All" class="MetricsMailet">
+ <metricName>bounces</metricName>
+ </mailet>
+ <mailet match="All" class="DSNBounce">
+ <passThrough>false</passThrough>
+ </mailet>
+ </processor>
+
+ <processor state="rrt-error" enableJmx="false">
+ <mailet match="All" class="ToRepository">
+ <repositoryPath>memory://var/mail/rrt-error/</repositoryPath>
+ <passThrough>true</passThrough>
+ </mailet>
+ <mailet match="IsSenderInRRTLoop" class="Null"/>
+ <mailet match="All" class="Bounce"/>
+ </processor>
+
+ <processor state="virus" enableJmx="false">
+ <mailet match="All" class="ToRepository">
+ <repositoryPath>cassandra://var/mail/virus/</repositoryPath>
+ </mailet>
+ </processor>
+
+ </processors>
+
+</mailetcontainer>
diff --git a/mailet/standard/src/main/java/org/apache/james/transport/mailets/ClamAVScan.java b/third-party/clamav/src/main/java/org/apache/james/clamav/ClamAVScan.java
similarity index 99%
rename from mailet/standard/src/main/java/org/apache/james/transport/mailets/ClamAVScan.java
rename to third-party/clamav/src/main/java/org/apache/james/clamav/ClamAVScan.java
index 0cac62d690..ec7aee5a7c 100644
--- a/mailet/standard/src/main/java/org/apache/james/transport/mailets/ClamAVScan.java
+++ b/third-party/clamav/src/main/java/org/apache/james/clamav/ClamAVScan.java
@@ -18,7 +18,7 @@
****************************************************************/
-package org.apache.james.transport.mailets;
+package org.apache.james.clamav;
import java.io.BufferedOutputStream;
import java.io.BufferedReader;
diff --git a/mailet/standard/src/test/java/org/apache/james/transport/mailets/ClamAVScanTest.java b/third-party/clamav/src/test/java/org/apache/james/clamav/ClamAVScanTest.java
similarity index 96%
rename from mailet/standard/src/test/java/org/apache/james/transport/mailets/ClamAVScanTest.java
rename to third-party/clamav/src/test/java/org/apache/james/clamav/ClamAVScanTest.java
index e3eb776949..3a3326edfb 100644
--- a/mailet/standard/src/test/java/org/apache/james/transport/mailets/ClamAVScanTest.java
+++ b/third-party/clamav/src/test/java/org/apache/james/clamav/ClamAVScanTest.java
@@ -17,10 +17,10 @@
* under the License. *
****************************************************************/
-package org.apache.james.transport.mailets;
+package org.apache.james.clamav;
-import static org.apache.james.transport.mailets.ClamAVScan.INFECTED_HEADER_NAME;
-import static org.apache.james.transport.mailets.ClamAVScan.INFECTED_MAIL_ATTRIBUTE_NAME;
+import static org.apache.james.clamav.ClamAVScan.INFECTED_HEADER_NAME;
+import static org.apache.james.clamav.ClamAVScan.INFECTED_MAIL_ATTRIBUTE_NAME;
import static org.assertj.core.api.Assertions.assertThat;
import java.io.InputStream;
diff --git a/mailet/standard/src/test/java/org/apache/james/transport/mailets/DockerClamAV.java b/third-party/clamav/src/test/java/org/apache/james/clamav/DockerClamAV.java
similarity index 97%
rename from mailet/standard/src/test/java/org/apache/james/transport/mailets/DockerClamAV.java
rename to third-party/clamav/src/test/java/org/apache/james/clamav/DockerClamAV.java
index 164dd4a6e4..cc0042c50f 100644
--- a/mailet/standard/src/test/java/org/apache/james/transport/mailets/DockerClamAV.java
+++ b/third-party/clamav/src/test/java/org/apache/james/clamav/DockerClamAV.java
@@ -17,7 +17,7 @@
* under the License. *
****************************************************************/
-package org.apache.james.transport.mailets;
+package org.apache.james.clamav;
import org.testcontainers.containers.GenericContainer;
import org.testcontainers.utility.DockerImageName;
diff --git a/mailet/standard/src/test/resources/attachment/inlineNonVirusTextAttachment.eml b/third-party/clamav/src/test/resources/attachment/inlineNonVirusTextAttachment.eml
similarity index 100%
rename from mailet/standard/src/test/resources/attachment/inlineNonVirusTextAttachment.eml
rename to third-party/clamav/src/test/resources/attachment/inlineNonVirusTextAttachment.eml
diff --git a/mailet/standard/src/test/resources/attachment/inlineVirusTextAttachment.eml b/third-party/clamav/src/test/resources/attachment/inlineVirusTextAttachment.eml
similarity index 100%
rename from mailet/standard/src/test/resources/attachment/inlineVirusTextAttachment.eml
rename to third-party/clamav/src/test/resources/attachment/inlineVirusTextAttachment.eml
diff --git a/third-party/pom.xml b/third-party/pom.xml
index 49e33e340d..4478dd96e0 100644
--- a/third-party/pom.xml
+++ b/third-party/pom.xml
@@ -33,6 +33,7 @@
<inceptionYear>2018</inceptionYear>
<modules>
+ <module>clamav</module>
<module>linshare</module>
<module>rspamd</module>
<module>spamassassin</module>
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@james.apache.org
For additional commands, e-mail: notifications-help@james.apache.org