You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by fe...@apache.org on 2005/05/07 07:42:40 UTC
svn commit: r169040 - in /spamassassin/trunk:
lib/Mail/SpamAssassin/EvalTests.pm lib/Mail/SpamAssassin/Plugin/AccessDB.pm
rules/20_head_tests.cf rules/50_scores.cf rules/init.pre
Author: felicity
Date: Fri May 6 22:42:39 2005
New Revision: 169040
URL: http://svn.apache.org/viewcvs?rev=169040&view=rev
Log:
move accessdb code out of EvalTests and into its own plugin (off by default)
Added:
spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/AccessDB.pm
Modified:
spamassassin/trunk/lib/Mail/SpamAssassin/EvalTests.pm
spamassassin/trunk/rules/20_head_tests.cf
spamassassin/trunk/rules/50_scores.cf
spamassassin/trunk/rules/init.pre
Modified: spamassassin/trunk/lib/Mail/SpamAssassin/EvalTests.pm
URL: http://svn.apache.org/viewcvs/spamassassin/trunk/lib/Mail/SpamAssassin/EvalTests.pm?rev=169040&r1=169039&r2=169040&view=diff
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/EvalTests.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/EvalTests.pm Fri May 6 22:42:39 2005
@@ -2653,96 +2653,6 @@
$self->{blank_line_ratio}->{$minlines} <= $max));
}
-sub check_access_database {
- my ($self, $path) = @_;
-
- if (!HAS_DB_FILE) {
- return 0;
- }
-
- my %access;
- my %ok = map { $_ => 1 } qw/ OK SKIP /;
- my %bad = map { $_ => 1 } qw/ REJECT ERROR DISCARD /;
-
- $path = $self->{main}->sed_path ($path);
- dbg("accessdb: tie-ing to DB file R/O in $path");
- if (tie %access,"DB_File",$path, O_RDONLY) {
- my @lookfor = ();
-
- # Look for "From:" versions as well!
- foreach my $from ($self->all_from_addrs()) {
- # $user."\@"
- # rotate through $domain and check
- my ($user,$domain) = split(/\@/, $from,2);
- push(@lookfor, "From:$from",$from);
- if ($user) {
- push(@lookfor, "From:$user\@", "$user\@");
- }
- if ($domain) {
- while ($domain =~ /\./) {
- push(@lookfor, "From:$domain", $domain);
- $domain =~ s/^[^.]*\.//;
- }
- push(@lookfor, "From:$domain", $domain);
- }
- }
-
- # we can only match this if we have at least 1 untrusted header
- if ($self->{num_relays_untrusted} > 0) {
- my $lastunt = $self->{relays_untrusted}->[0];
-
- # If there was a reverse lookup, use it in a lookup
- if (! $lastunt->{no_reverse_dns}) {
- my $rdns = $lastunt->{lc_rdns};
- while($rdns =~ /\./) {
- push(@lookfor, "From:$rdns", $rdns);
- $rdns =~ s/^[^.]*\.//;
- }
- push(@lookfor, "From:$rdns", $rdns);
- }
-
- # do both IP and net (rotate over IP)
- my ($ip) = $lastunt->{ip};
- $ip =~ tr/0-9.//cd;
- while($ip =~ /\./) {
- push(@lookfor, "From:$ip", $ip);
- $ip =~ s/\.[^.]*$//;
- }
- push(@lookfor, "From:$ip", $ip);
- }
-
- my $retval = 0;
- my %cache = ();
- foreach (@lookfor) {
- next if ($cache{$_}++);
- dbg("accessdb: looking for $_");
-
- # Some systems put a null at the end of the key, most don't...
- my $result = $access{$_} || $access{"$_\000"} || next;
-
- my ($type) = split(/\W/,$result);
- if (exists $ok{$type}) {
- dbg("accessdb: hit OK: $type, $_");
- $retval = 0;
- last;
- }
- if (exists $bad{$type} || $type =~ /^\d+$/) {
- $retval = 1;
- dbg("accessdb: hit not-OK: $type, $_");
- }
- }
-
- dbg("accessdb: untie-ing DB file $path");
- untie %access;
-
- return $retval;
- }
- else {
- dbg("accessdb: cannot open accessdb $path R/O: $!");
- }
- 0;
-}
-
sub sent_by_applemail {
my ($self) = @_;
Added: spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/AccessDB.pm
URL: http://svn.apache.org/viewcvs/spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/AccessDB.pm?rev=169040&view=auto
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/AccessDB.pm (added)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/AccessDB.pm Fri May 6 22:42:39 2005
@@ -0,0 +1,169 @@
+# <@LICENSE>
+# Copyright 2004 Apache Software Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# </...@LICENSE>
+
+=head1 NAME
+
+Mail::SpamAssassin::Plugin::AccessDB - check message against Access Database
+
+=head1 SYNOPSIS
+
+ loadplugin Mail::SpamAssassin::Plugin::AccessDB
+
+ header ACCESSDB eval:check_access_database('/etc/mail/access.db')
+ describe ACCESSDB Message would have been caught by accessdb
+ tflags ACCESSDB userconf
+ score ACCESSDB 2
+
+=head1 DESCRIPTION
+
+Many MTAs support access databases, such as Sendmail, Postfix, etc.
+This plugin does similar checks to see whether a message would have
+been flagged.
+
+The rule returns false if an entry isn't found, or the entry has a RHS of
+I<OK> or I<SKIP>.
+
+The rule returns true if an entry exists and has a RHS of I<REJECT>, I<ERROR>,
+or I<DISCARD>.
+
+Note: only the first word (split on non-word characters) of the RHS
+is checked, so C<error:5.7.1:...> means C<ERROR>.
+
+B<AccessDB Pointers:>
+
+ http://www.faqs.org/docs/securing/chap22sec178.html
+ http://www.postfix.org/access.5.html
+
+=cut
+
+package Mail::SpamAssassin::Plugin::AccessDB;
+
+use Mail::SpamAssassin::Plugin;
+use Mail::SpamAssassin::Logger;
+use strict;
+use warnings;
+use bytes;
+
+use vars qw(@ISA);
+@ISA = qw(Mail::SpamAssassin::Plugin);
+
+sub new {
+ my $class = shift;
+ my $mailsaobject = shift;
+
+ $class = ref($class) || $class;
+ my $self = $class->SUPER::new($mailsaobject);
+ bless ($self, $class);
+
+ $self->register_eval_rule("check_access_database");
+
+ return $self;
+}
+
+sub check_access_database {
+ my ($self, $path) = @_;
+
+ if (!HAS_DB_FILE) {
+ return 0;
+ }
+
+ my %access;
+ my %ok = map { $_ => 1 } qw/ OK SKIP /;
+ my %bad = map { $_ => 1 } qw/ REJECT ERROR DISCARD /;
+
+ $path = $self->{main}->sed_path ($path);
+ dbg("accessdb: tie-ing to DB file R/O in $path");
+ if (tie %access,"DB_File",$path, O_RDONLY) {
+ my @lookfor = ();
+
+ # Look for "From:" versions as well!
+ foreach my $from ($self->all_from_addrs()) {
+ # $user."\@"
+ # rotate through $domain and check
+ my ($user,$domain) = split(/\@/, $from,2);
+ push(@lookfor, "From:$from",$from);
+ if ($user) {
+ push(@lookfor, "From:$user\@", "$user\@");
+ }
+ if ($domain) {
+ while ($domain =~ /\./) {
+ push(@lookfor, "From:$domain", $domain);
+ $domain =~ s/^[^.]*\.//;
+ }
+ push(@lookfor, "From:$domain", $domain);
+ }
+ }
+
+ # we can only match this if we have at least 1 untrusted header
+ if ($self->{num_relays_untrusted} > 0) {
+ my $lastunt = $self->{relays_untrusted}->[0];
+
+ # If there was a reverse lookup, use it in a lookup
+ if (! $lastunt->{no_reverse_dns}) {
+ my $rdns = $lastunt->{lc_rdns};
+ while($rdns =~ /\./) {
+ push(@lookfor, "From:$rdns", $rdns);
+ $rdns =~ s/^[^.]*\.//;
+ }
+ push(@lookfor, "From:$rdns", $rdns);
+ }
+
+ # do both IP and net (rotate over IP)
+ my ($ip) = $lastunt->{ip};
+ $ip =~ tr/0-9.//cd;
+ while($ip =~ /\./) {
+ push(@lookfor, "From:$ip", $ip);
+ $ip =~ s/\.[^.]*$//;
+ }
+ push(@lookfor, "From:$ip", $ip);
+ }
+
+ my $retval = 0;
+ my %cache = ();
+ foreach (@lookfor) {
+ next if ($cache{$_}++);
+ dbg("accessdb: looking for $_");
+
+ # Some systems put a null at the end of the key, most don't...
+ my $result = $access{$_} || $access{"$_\000"} || next;
+
+ my ($type) = split(/\W/,$result);
+ $type = uc $type;
+
+ if (exists $ok{$type}) {
+ dbg("accessdb: hit OK: $type, $_");
+ $retval = 0;
+ last;
+ }
+ if (exists $bad{$type} || $type =~ /^\d+$/) {
+ $retval = 1;
+ dbg("accessdb: hit not-OK: $type, $_");
+ }
+ }
+
+ dbg("accessdb: untie-ing DB file $path");
+ untie %access;
+
+ return $retval;
+ }
+ else {
+ dbg("accessdb: cannot open accessdb $path R/O: $!");
+ }
+
+ return 0;
+}
+
+1;
Modified: spamassassin/trunk/rules/20_head_tests.cf
URL: http://svn.apache.org/viewcvs/spamassassin/trunk/rules/20_head_tests.cf?rev=169040&r1=169039&r2=169040&view=diff
==============================================================================
--- spamassassin/trunk/rules/20_head_tests.cf (original)
+++ spamassassin/trunk/rules/20_head_tests.cf Fri May 6 22:42:39 2005
@@ -599,13 +599,6 @@
header SUBJ_BUY Subject =~ /^buy/i
describe SUBJ_BUY Subject line starts with Buy or Buying
-# this code uses an access database (sendmail, postfix, etc.)
-# Since you need to actively create an accessdb to use it, the rule is
-# considered userconf and is disabled by default.
-header ACCESSDB eval:check_access_database('/etc/mail/access.db')
-describe ACCESSDB Message would have been caught by accessdb
-tflags ACCESSDB userconf
-
# seems to be ratware
header RCVD_AM_PM Received =~ /; [A-Z][a-z][a-z], \d{1,2} \d{4} \d{1,2}:\d\d:\d\d [AP]M [+-]\d{4}/
describe RCVD_AM_PM Received headers forged (AM/PM)
Modified: spamassassin/trunk/rules/50_scores.cf
URL: http://svn.apache.org/viewcvs/spamassassin/trunk/rules/50_scores.cf?rev=169040&r1=169039&r2=169040&view=diff
==============================================================================
--- spamassassin/trunk/rules/50_scores.cf (original)
+++ spamassassin/trunk/rules/50_scores.cf Fri May 6 22:42:39 2005
@@ -578,9 +578,6 @@
score HTML_CHARSET_FARAWAY 0.500
score MIME_CHARSET_FARAWAY 2.450
-# accessdb lookups
-score ACCESSDB 0
-
# rescore never changes the whitelist/blacklist scores
score USER_IN_BLACKLIST 100.000
score USER_IN_WHITELIST -100.000
Modified: spamassassin/trunk/rules/init.pre
URL: http://svn.apache.org/viewcvs/spamassassin/trunk/rules/init.pre?rev=169040&r1=169039&r2=169040&view=diff
==============================================================================
--- spamassassin/trunk/rules/init.pre (original)
+++ spamassassin/trunk/rules/init.pre Fri May 6 22:42:39 2005
@@ -68,6 +68,10 @@
#
#loadplugin Mail::SpamAssassin::Plugin::TextCat
+# AccessDB - lookup from-addresses in access database
+#
+#loadplugin Mail::SpamAssassin::Plugin::AccessDB
+
###########################################################################
# experimental plugins