| 1 | /************************************************* |
| 2 | * Exim - an Internet mail transport agent * |
| 3 | *************************************************/ |
| 4 | |
| 5 | /* Copyright (c) Tom Kistner <tom@duncanthrax.net> 2003 - 2015 |
| 6 | * License: GPL |
| 7 | * Copyright (c) The Exim Maintainers 2016 - 2018 |
| 8 | */ |
| 9 | |
| 10 | /* Code for calling spamassassin's spamd. Called from acl.c. */ |
| 11 | |
| 12 | #include "exim.h" |
| 13 | #ifdef WITH_CONTENT_SCAN |
| 14 | #include "spam.h" |
| 15 | |
| 16 | uschar spam_score_buffer[16]; |
| 17 | uschar spam_score_int_buffer[16]; |
| 18 | uschar spam_bar_buffer[128]; |
| 19 | uschar spam_action_buffer[32]; |
| 20 | uschar spam_report_buffer[32600]; |
| 21 | uschar prev_user_name[128] = ""; |
| 22 | int spam_ok = 0; |
| 23 | int spam_rc = 0; |
| 24 | uschar *prev_spamd_address_work = NULL; |
| 25 | |
| 26 | static const uschar * loglabel = US"spam acl condition:"; |
| 27 | |
| 28 | |
| 29 | static int |
| 30 | spamd_param_init(spamd_address_container *spamd) |
| 31 | { |
| 32 | /* default spamd server weight, time and priority value */ |
| 33 | spamd->is_rspamd = FALSE; |
| 34 | spamd->is_failed = FALSE; |
| 35 | spamd->weight = SPAMD_WEIGHT; |
| 36 | spamd->timeout = SPAMD_TIMEOUT; |
| 37 | spamd->retry = 0; |
| 38 | spamd->priority = 1; |
| 39 | return 0; |
| 40 | } |
| 41 | |
| 42 | |
| 43 | static int |
| 44 | spamd_param(const uschar * param, spamd_address_container * spamd) |
| 45 | { |
| 46 | static int timesinceday = -1; |
| 47 | const uschar * s; |
| 48 | const uschar * name; |
| 49 | |
| 50 | /*XXX more clever parsing could discard embedded spaces? */ |
| 51 | |
| 52 | if (sscanf(CCS param, "pri=%u", &spamd->priority)) |
| 53 | return 0; /* OK */ |
| 54 | |
| 55 | if (sscanf(CCS param, "weight=%u", &spamd->weight)) |
| 56 | { |
| 57 | if (spamd->weight == 0) /* this server disabled: skip it */ |
| 58 | return 1; |
| 59 | return 0; /* OK */ |
| 60 | } |
| 61 | |
| 62 | if (Ustrncmp(param, "time=", 5) == 0) |
| 63 | { |
| 64 | unsigned int start_h = 0, start_m = 0, start_s = 0; |
| 65 | unsigned int end_h = 24, end_m = 0, end_s = 0; |
| 66 | unsigned int time_start, time_end; |
| 67 | const uschar * end_string; |
| 68 | |
| 69 | name = US"time"; |
| 70 | s = param+5; |
| 71 | if ((end_string = Ustrchr(s, '-'))) |
| 72 | { |
| 73 | end_string++; |
| 74 | if ( sscanf(CS end_string, "%u.%u.%u", &end_h, &end_m, &end_s) == 0 |
| 75 | || sscanf(CS s, "%u.%u.%u", &start_h, &start_m, &start_s) == 0 |
| 76 | ) |
| 77 | goto badval; |
| 78 | } |
| 79 | else |
| 80 | goto badval; |
| 81 | |
| 82 | if (timesinceday < 0) |
| 83 | { |
| 84 | time_t now = time(NULL); |
| 85 | struct tm *tmp = localtime(&now); |
| 86 | timesinceday = tmp->tm_hour*3600 + tmp->tm_min*60 + tmp->tm_sec; |
| 87 | } |
| 88 | |
| 89 | time_start = start_h*3600 + start_m*60 + start_s; |
| 90 | time_end = end_h*3600 + end_m*60 + end_s; |
| 91 | |
| 92 | if (timesinceday < time_start || timesinceday >= time_end) |
| 93 | return 1; /* skip spamd server */ |
| 94 | |
| 95 | return 0; /* OK */ |
| 96 | } |
| 97 | |
| 98 | if (Ustrcmp(param, "variant=rspamd") == 0) |
| 99 | { |
| 100 | spamd->is_rspamd = TRUE; |
| 101 | return 0; |
| 102 | } |
| 103 | |
| 104 | if (Ustrncmp(param, "tmo=", 4) == 0) |
| 105 | { |
| 106 | int sec = readconf_readtime((s = param+4), '\0', FALSE); |
| 107 | name = US"timeout"; |
| 108 | if (sec < 0) |
| 109 | goto badval; |
| 110 | spamd->timeout = sec; |
| 111 | return 0; |
| 112 | } |
| 113 | |
| 114 | if (Ustrncmp(param, "retry=", 6) == 0) |
| 115 | { |
| 116 | int sec = readconf_readtime((s = param+6), '\0', FALSE); |
| 117 | name = US"retry"; |
| 118 | if (sec < 0) |
| 119 | goto badval; |
| 120 | spamd->retry = sec; |
| 121 | return 0; |
| 122 | } |
| 123 | |
| 124 | log_write(0, LOG_MAIN, "%s warning - invalid spamd parameter: '%s'", |
| 125 | loglabel, param); |
| 126 | return -1; /* syntax error */ |
| 127 | |
| 128 | badval: |
| 129 | log_write(0, LOG_MAIN, |
| 130 | "%s warning - invalid spamd %s value: '%s'", loglabel, name, s); |
| 131 | return -1; /* syntax error */ |
| 132 | } |
| 133 | |
| 134 | |
| 135 | static int |
| 136 | spamd_get_server(spamd_address_container ** spamds, int num_servers) |
| 137 | { |
| 138 | unsigned int i; |
| 139 | spamd_address_container * sd; |
| 140 | long rnd, weights; |
| 141 | unsigned pri; |
| 142 | static BOOL srandomed = FALSE; |
| 143 | |
| 144 | /* speedup, if we have only 1 server */ |
| 145 | if (num_servers == 1) |
| 146 | return (spamds[0]->is_failed ? -1 : 0); |
| 147 | |
| 148 | /* init ranmod */ |
| 149 | if (!srandomed) |
| 150 | { |
| 151 | struct timeval tv; |
| 152 | gettimeofday(&tv, NULL); |
| 153 | srandom((unsigned int)(tv.tv_usec/1000)); |
| 154 | srandomed = TRUE; |
| 155 | } |
| 156 | |
| 157 | /* scan for highest pri */ |
| 158 | for (pri = 0, i = 0; i < num_servers; i++) |
| 159 | { |
| 160 | sd = spamds[i]; |
| 161 | if (!sd->is_failed && sd->priority > pri) pri = sd->priority; |
| 162 | } |
| 163 | |
| 164 | /* get sum of weights */ |
| 165 | for (weights = 0, i = 0; i < num_servers; i++) |
| 166 | { |
| 167 | sd = spamds[i]; |
| 168 | if (!sd->is_failed && sd->priority == pri) weights += sd->weight; |
| 169 | } |
| 170 | if (weights == 0) /* all servers failed */ |
| 171 | return -1; |
| 172 | |
| 173 | for (rnd = random() % weights, i = 0; i < num_servers; i++) |
| 174 | { |
| 175 | sd = spamds[i]; |
| 176 | if (!sd->is_failed && sd->priority == pri) |
| 177 | if ((rnd -= sd->weight) <= 0) |
| 178 | return i; |
| 179 | } |
| 180 | |
| 181 | log_write(0, LOG_MAIN|LOG_PANIC, |
| 182 | "%s unknown error (memory/cpu corruption?)", loglabel); |
| 183 | return -1; |
| 184 | } |
| 185 | |
| 186 | |
| 187 | int |
| 188 | spam(const uschar **listptr) |
| 189 | { |
| 190 | int sep = 0; |
| 191 | const uschar *list = *listptr; |
| 192 | uschar *user_name; |
| 193 | uschar user_name_buffer[128]; |
| 194 | unsigned long mbox_size; |
| 195 | FILE *mbox_file; |
| 196 | client_conn_ctx spamd_cctx = {.sock = -1}; |
| 197 | uschar spamd_buffer[32600]; |
| 198 | int i, j, offset, result; |
| 199 | uschar spamd_version[8]; |
| 200 | uschar spamd_short_result[8]; |
| 201 | uschar spamd_score_char; |
| 202 | double spamd_threshold, spamd_score, spamd_reject_score; |
| 203 | int spamd_report_offset; |
| 204 | uschar *p,*q; |
| 205 | int override = 0; |
| 206 | time_t start; |
| 207 | size_t read, wrote; |
| 208 | #ifndef NO_POLL_H |
| 209 | struct pollfd pollfd; |
| 210 | #else /* Patch posted by Erik ? for OS X */ |
| 211 | struct timeval select_tv; /* and applied by PH */ |
| 212 | fd_set select_fd; |
| 213 | #endif |
| 214 | uschar *spamd_address_work; |
| 215 | spamd_address_container * sd; |
| 216 | |
| 217 | /* stop compiler warning */ |
| 218 | result = 0; |
| 219 | |
| 220 | /* find the username from the option list */ |
| 221 | if ((user_name = string_nextinlist(&list, &sep, |
| 222 | user_name_buffer, |
| 223 | sizeof(user_name_buffer))) == NULL) |
| 224 | { |
| 225 | /* no username given, this means no scanning should be done */ |
| 226 | return FAIL; |
| 227 | } |
| 228 | |
| 229 | /* if username is "0" or "false", do not scan */ |
| 230 | if ( (Ustrcmp(user_name,"0") == 0) || |
| 231 | (strcmpic(user_name,US"false") == 0) ) |
| 232 | return FAIL; |
| 233 | |
| 234 | /* if there is an additional option, check if it is "true" */ |
| 235 | if (strcmpic(list,US"true") == 0) |
| 236 | /* in that case, always return true later */ |
| 237 | override = 1; |
| 238 | |
| 239 | /* expand spamd_address if needed */ |
| 240 | if (*spamd_address == '$') |
| 241 | { |
| 242 | spamd_address_work = expand_string(spamd_address); |
| 243 | if (spamd_address_work == NULL) |
| 244 | { |
| 245 | log_write(0, LOG_MAIN|LOG_PANIC, |
| 246 | "%s spamd_address starts with $, but expansion failed: %s", |
| 247 | loglabel, expand_string_message); |
| 248 | return DEFER; |
| 249 | } |
| 250 | } |
| 251 | else |
| 252 | spamd_address_work = spamd_address; |
| 253 | |
| 254 | DEBUG(D_acl) debug_printf_indent("spamd: addrlist '%s'\n", spamd_address_work); |
| 255 | |
| 256 | /* check if previous spamd_address was expanded and has changed. dump cached results if so */ |
| 257 | if ( spam_ok |
| 258 | && prev_spamd_address_work != NULL |
| 259 | && Ustrcmp(prev_spamd_address_work, spamd_address_work) != 0 |
| 260 | ) |
| 261 | spam_ok = 0; |
| 262 | |
| 263 | /* if we scanned for this username last time, just return */ |
| 264 | if (spam_ok && Ustrcmp(prev_user_name, user_name) == 0) |
| 265 | return override ? OK : spam_rc; |
| 266 | |
| 267 | /* make sure the eml mbox file is spooled up */ |
| 268 | |
| 269 | if (!(mbox_file = spool_mbox(&mbox_size, NULL, NULL))) |
| 270 | { /* error while spooling */ |
| 271 | log_write(0, LOG_MAIN|LOG_PANIC, |
| 272 | "%s error while creating mbox spool file", loglabel); |
| 273 | return DEFER; |
| 274 | } |
| 275 | |
| 276 | start = time(NULL); |
| 277 | |
| 278 | { |
| 279 | int num_servers = 0; |
| 280 | int current_server; |
| 281 | uschar * address; |
| 282 | const uschar * spamd_address_list_ptr = spamd_address_work; |
| 283 | spamd_address_container * spamd_address_vector[32]; |
| 284 | |
| 285 | /* Check how many spamd servers we have |
| 286 | and register their addresses */ |
| 287 | sep = 0; /* default colon-sep */ |
| 288 | while ((address = string_nextinlist(&spamd_address_list_ptr, &sep, NULL, 0))) |
| 289 | { |
| 290 | const uschar * sublist; |
| 291 | int sublist_sep = -(int)' '; /* default space-sep */ |
| 292 | unsigned args; |
| 293 | uschar * s; |
| 294 | |
| 295 | DEBUG(D_acl) debug_printf_indent("spamd: addr entry '%s'\n", address); |
| 296 | sd = (spamd_address_container *)store_get(sizeof(spamd_address_container)); |
| 297 | |
| 298 | for (sublist = address, args = 0, spamd_param_init(sd); |
| 299 | (s = string_nextinlist(&sublist, &sublist_sep, NULL, 0)); |
| 300 | args++ |
| 301 | ) |
| 302 | { |
| 303 | DEBUG(D_acl) debug_printf_indent("spamd: addr parm '%s'\n", s); |
| 304 | switch (args) |
| 305 | { |
| 306 | case 0: sd->hostspec = s; |
| 307 | if (*s == '/') args++; /* local; no port */ |
| 308 | break; |
| 309 | case 1: sd->hostspec = string_sprintf("%s %s", sd->hostspec, s); |
| 310 | break; |
| 311 | default: spamd_param(s, sd); |
| 312 | break; |
| 313 | } |
| 314 | } |
| 315 | if (args < 2) |
| 316 | { |
| 317 | log_write(0, LOG_MAIN, |
| 318 | "%s warning - invalid spamd address: '%s'", loglabel, address); |
| 319 | continue; |
| 320 | } |
| 321 | |
| 322 | spamd_address_vector[num_servers] = sd; |
| 323 | if (++num_servers > 31) |
| 324 | break; |
| 325 | } |
| 326 | |
| 327 | /* check if we have at least one server */ |
| 328 | if (!num_servers) |
| 329 | { |
| 330 | log_write(0, LOG_MAIN|LOG_PANIC, |
| 331 | "%s no useable spamd server addresses in spamd_address configuration option.", |
| 332 | loglabel); |
| 333 | goto defer; |
| 334 | } |
| 335 | |
| 336 | current_server = spamd_get_server(spamd_address_vector, num_servers); |
| 337 | sd = spamd_address_vector[current_server]; |
| 338 | for(;;) |
| 339 | { |
| 340 | uschar * errstr; |
| 341 | |
| 342 | DEBUG(D_acl) debug_printf_indent("spamd: trying server %s\n", sd->hostspec); |
| 343 | |
| 344 | for (;;) |
| 345 | { |
| 346 | /*XXX could potentially use TFO early-data here */ |
| 347 | if ( (spamd_cctx.sock = ip_streamsocket(sd->hostspec, &errstr, 5)) >= 0 |
| 348 | || sd->retry <= 0 |
| 349 | ) |
| 350 | break; |
| 351 | DEBUG(D_acl) debug_printf_indent("spamd: server %s: retry conn\n", sd->hostspec); |
| 352 | while (sd->retry > 0) sd->retry = sleep(sd->retry); |
| 353 | } |
| 354 | if (spamd_cctx.sock >= 0) |
| 355 | break; |
| 356 | |
| 357 | log_write(0, LOG_MAIN, "%s spamd: %s", loglabel, errstr); |
| 358 | sd->is_failed = TRUE; |
| 359 | |
| 360 | current_server = spamd_get_server(spamd_address_vector, num_servers); |
| 361 | if (current_server < 0) |
| 362 | { |
| 363 | log_write(0, LOG_MAIN|LOG_PANIC, "%s all spamd servers failed", loglabel); |
| 364 | goto defer; |
| 365 | } |
| 366 | sd = spamd_address_vector[current_server]; |
| 367 | } |
| 368 | } |
| 369 | |
| 370 | (void)fcntl(spamd_cctx.sock, F_SETFL, O_NONBLOCK); |
| 371 | /* now we are connected to spamd on spamd_cctx.sock */ |
| 372 | if (sd->is_rspamd) |
| 373 | { |
| 374 | gstring * req_str; |
| 375 | const uschar * s; |
| 376 | |
| 377 | req_str = string_append(NULL, 8, |
| 378 | "CHECK RSPAMC/1.3\r\nContent-length: ", string_sprintf("%lu\r\n", mbox_size), |
| 379 | "Queue-Id: ", message_id, |
| 380 | "\r\nFrom: <", sender_address, |
| 381 | ">\r\nRecipient-Number: ", string_sprintf("%d\r\n", recipients_count)); |
| 382 | |
| 383 | for (i = 0; i < recipients_count; i ++) |
| 384 | req_str = string_append(req_str, 3, |
| 385 | "Rcpt: <", recipients_list[i].address, ">\r\n"); |
| 386 | if ((s = expand_string(US"$sender_helo_name")) && *s) |
| 387 | req_str = string_append(req_str, 3, "Helo: ", s, "\r\n"); |
| 388 | if ((s = expand_string(US"$sender_host_name")) && *s) |
| 389 | req_str = string_append(req_str, 3, "Hostname: ", s, "\r\n"); |
| 390 | if (sender_host_address) |
| 391 | req_str = string_append(req_str, 3, "IP: ", sender_host_address, "\r\n"); |
| 392 | if ((s = expand_string(US"$authenticated_id")) && *s) |
| 393 | req_str = string_append(req_str, 3, "User: ", s, "\r\n"); |
| 394 | req_str = string_catn(req_str, US"\r\n", 2); |
| 395 | wrote = send(spamd_cctx.sock, req_str->s, req_str->ptr, 0); |
| 396 | } |
| 397 | else |
| 398 | { /* spamassassin variant */ |
| 399 | (void)string_format(spamd_buffer, |
| 400 | sizeof(spamd_buffer), |
| 401 | "REPORT SPAMC/1.2\r\nUser: %s\r\nContent-length: %ld\r\n\r\n", |
| 402 | user_name, |
| 403 | mbox_size); |
| 404 | /* send our request */ |
| 405 | wrote = send(spamd_cctx.sock, spamd_buffer, Ustrlen(spamd_buffer), 0); |
| 406 | } |
| 407 | |
| 408 | if (wrote == -1) |
| 409 | { |
| 410 | (void)close(spamd_cctx.sock); |
| 411 | log_write(0, LOG_MAIN|LOG_PANIC, |
| 412 | "%s spamd %s send failed: %s", loglabel, callout_address, strerror(errno)); |
| 413 | goto defer; |
| 414 | } |
| 415 | |
| 416 | /* now send the file */ |
| 417 | /* spamd sometimes accepts connections but doesn't read data off |
| 418 | * the connection. We make the file descriptor non-blocking so |
| 419 | * that the write will only write sufficient data without blocking |
| 420 | * and we poll the descriptor to make sure that we can write without |
| 421 | * blocking. Short writes are gracefully handled and if the whole |
| 422 | * transaction takes too long it is aborted. |
| 423 | * Note: poll() is not supported in OSX 10.2 and is reported to be |
| 424 | * broken in more recent versions (up to 10.4). |
| 425 | */ |
| 426 | #ifndef NO_POLL_H |
| 427 | pollfd.fd = spamd_cctx.sock; |
| 428 | pollfd.events = POLLOUT; |
| 429 | #endif |
| 430 | (void)fcntl(spamd_cctx.sock, F_SETFL, O_NONBLOCK); |
| 431 | do |
| 432 | { |
| 433 | read = fread(spamd_buffer,1,sizeof(spamd_buffer),mbox_file); |
| 434 | if (read > 0) |
| 435 | { |
| 436 | offset = 0; |
| 437 | again: |
| 438 | #ifndef NO_POLL_H |
| 439 | result = poll(&pollfd, 1, 1000); |
| 440 | |
| 441 | /* Patch posted by Erik ? for OS X and applied by PH */ |
| 442 | #else |
| 443 | select_tv.tv_sec = 1; |
| 444 | select_tv.tv_usec = 0; |
| 445 | FD_ZERO(&select_fd); |
| 446 | FD_SET(spamd_cctx.sock, &select_fd); |
| 447 | result = select(spamd_cctx.sock+1, NULL, &select_fd, NULL, &select_tv); |
| 448 | #endif |
| 449 | /* End Erik's patch */ |
| 450 | |
| 451 | if (result == -1 && errno == EINTR) |
| 452 | goto again; |
| 453 | else if (result < 1) |
| 454 | { |
| 455 | if (result == -1) |
| 456 | log_write(0, LOG_MAIN|LOG_PANIC, |
| 457 | "%s %s on spamd %s socket", loglabel, callout_address, strerror(errno)); |
| 458 | else |
| 459 | { |
| 460 | if (time(NULL) - start < sd->timeout) |
| 461 | goto again; |
| 462 | log_write(0, LOG_MAIN|LOG_PANIC, |
| 463 | "%s timed out writing spamd %s, socket", loglabel, callout_address); |
| 464 | } |
| 465 | (void)close(spamd_cctx.sock); |
| 466 | goto defer; |
| 467 | } |
| 468 | |
| 469 | wrote = send(spamd_cctx.sock,spamd_buffer + offset,read - offset,0); |
| 470 | if (wrote == -1) |
| 471 | { |
| 472 | log_write(0, LOG_MAIN|LOG_PANIC, |
| 473 | "%s %s on spamd %s socket", loglabel, callout_address, strerror(errno)); |
| 474 | (void)close(spamd_cctx.sock); |
| 475 | goto defer; |
| 476 | } |
| 477 | if (offset + wrote != read) |
| 478 | { |
| 479 | offset += wrote; |
| 480 | goto again; |
| 481 | } |
| 482 | } |
| 483 | } |
| 484 | while (!feof(mbox_file) && !ferror(mbox_file)); |
| 485 | |
| 486 | if (ferror(mbox_file)) |
| 487 | { |
| 488 | log_write(0, LOG_MAIN|LOG_PANIC, |
| 489 | "%s error reading spool file: %s", loglabel, strerror(errno)); |
| 490 | (void)close(spamd_cctx.sock); |
| 491 | goto defer; |
| 492 | } |
| 493 | |
| 494 | (void)fclose(mbox_file); |
| 495 | |
| 496 | /* we're done sending, close socket for writing */ |
| 497 | if (!sd->is_rspamd) |
| 498 | shutdown(spamd_cctx.sock,SHUT_WR); |
| 499 | |
| 500 | /* read spamd response using what's left of the timeout. */ |
| 501 | memset(spamd_buffer, 0, sizeof(spamd_buffer)); |
| 502 | offset = 0; |
| 503 | while ((i = ip_recv(&spamd_cctx, |
| 504 | spamd_buffer + offset, |
| 505 | sizeof(spamd_buffer) - offset - 1, |
| 506 | sd->timeout - time(NULL) + start)) > 0) |
| 507 | offset += i; |
| 508 | spamd_buffer[offset] = '\0'; /* guard byte */ |
| 509 | |
| 510 | /* error handling */ |
| 511 | if (i <= 0 && errno != 0) |
| 512 | { |
| 513 | log_write(0, LOG_MAIN|LOG_PANIC, |
| 514 | "%s error reading from spamd %s, socket: %s", loglabel, callout_address, strerror(errno)); |
| 515 | (void)close(spamd_cctx.sock); |
| 516 | return DEFER; |
| 517 | } |
| 518 | |
| 519 | /* reading done */ |
| 520 | (void)close(spamd_cctx.sock); |
| 521 | |
| 522 | if (sd->is_rspamd) |
| 523 | { /* rspamd variant of reply */ |
| 524 | int r; |
| 525 | if ( (r = sscanf(CS spamd_buffer, |
| 526 | "RSPAMD/%7s 0 EX_OK\r\nMetric: default; %7s %lf / %lf / %lf\r\n%n", |
| 527 | spamd_version, spamd_short_result, &spamd_score, &spamd_threshold, |
| 528 | &spamd_reject_score, &spamd_report_offset)) != 5 |
| 529 | || spamd_report_offset >= offset /* verify within buffer */ |
| 530 | ) |
| 531 | { |
| 532 | log_write(0, LOG_MAIN|LOG_PANIC, |
| 533 | "%s cannot parse spamd %s, output: %d", loglabel, callout_address, r); |
| 534 | return DEFER; |
| 535 | } |
| 536 | /* now parse action */ |
| 537 | p = &spamd_buffer[spamd_report_offset]; |
| 538 | |
| 539 | if (Ustrncmp(p, "Action: ", sizeof("Action: ") - 1) == 0) |
| 540 | { |
| 541 | p += sizeof("Action: ") - 1; |
| 542 | q = &spam_action_buffer[0]; |
| 543 | while (*p && *p != '\r' && (q - spam_action_buffer) < sizeof(spam_action_buffer) - 1) |
| 544 | *q++ = *p++; |
| 545 | *q = '\0'; |
| 546 | } |
| 547 | } |
| 548 | else |
| 549 | { /* spamassassin */ |
| 550 | /* dig in the spamd output and put the report in a multiline header, |
| 551 | if requested */ |
| 552 | if (sscanf(CS spamd_buffer, |
| 553 | "SPAMD/%7s 0 EX_OK\r\nContent-length: %*u\r\n\r\n%lf/%lf\r\n%n", |
| 554 | spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3) |
| 555 | { |
| 556 | /* try to fall back to pre-2.50 spamd output */ |
| 557 | if (sscanf(CS spamd_buffer, |
| 558 | "SPAMD/%7s 0 EX_OK\r\nSpam: %*s ; %lf / %lf\r\n\r\n%n", |
| 559 | spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3) |
| 560 | { |
| 561 | log_write(0, LOG_MAIN|LOG_PANIC, |
| 562 | "%s cannot parse spamd %s output", loglabel, callout_address); |
| 563 | return DEFER; |
| 564 | } |
| 565 | } |
| 566 | |
| 567 | Ustrcpy(spam_action_buffer, |
| 568 | spamd_score >= spamd_threshold ? "reject" : "no action"); |
| 569 | } |
| 570 | |
| 571 | /* Create report. Since this is a multiline string, |
| 572 | we must hack it into shape first */ |
| 573 | p = &spamd_buffer[spamd_report_offset]; |
| 574 | q = spam_report_buffer; |
| 575 | while (*p != '\0') |
| 576 | { |
| 577 | /* skip \r */ |
| 578 | if (*p == '\r') |
| 579 | { |
| 580 | p++; |
| 581 | continue; |
| 582 | } |
| 583 | *q++ = *p; |
| 584 | if (*p++ == '\n') |
| 585 | { |
| 586 | /* add an extra space after the newline to ensure |
| 587 | that it is treated as a header continuation line */ |
| 588 | *q++ = ' '; |
| 589 | } |
| 590 | } |
| 591 | /* NULL-terminate */ |
| 592 | *q-- = '\0'; |
| 593 | /* cut off trailing leftovers */ |
| 594 | while (*q <= ' ') |
| 595 | *q-- = '\0'; |
| 596 | |
| 597 | spam_report = spam_report_buffer; |
| 598 | spam_action = spam_action_buffer; |
| 599 | |
| 600 | /* create spam bar */ |
| 601 | spamd_score_char = spamd_score > 0 ? '+' : '-'; |
| 602 | j = abs((int)(spamd_score)); |
| 603 | i = 0; |
| 604 | if (j != 0) |
| 605 | while ((i < j) && (i <= MAX_SPAM_BAR_CHARS)) |
| 606 | spam_bar_buffer[i++] = spamd_score_char; |
| 607 | else |
| 608 | { |
| 609 | spam_bar_buffer[0] = '/'; |
| 610 | i = 1; |
| 611 | } |
| 612 | spam_bar_buffer[i] = '\0'; |
| 613 | spam_bar = spam_bar_buffer; |
| 614 | |
| 615 | /* create "float" spam score */ |
| 616 | (void)string_format(spam_score_buffer, sizeof(spam_score_buffer), |
| 617 | "%.1f", spamd_score); |
| 618 | spam_score = spam_score_buffer; |
| 619 | |
| 620 | /* create "int" spam score */ |
| 621 | j = (int)((spamd_score + 0.001)*10); |
| 622 | (void)string_format(spam_score_int_buffer, sizeof(spam_score_int_buffer), |
| 623 | "%d", j); |
| 624 | spam_score_int = spam_score_int_buffer; |
| 625 | |
| 626 | /* compare threshold against score */ |
| 627 | spam_rc = spamd_score >= spamd_threshold |
| 628 | ? OK /* spam as determined by user's threshold */ |
| 629 | : FAIL; /* not spam */ |
| 630 | |
| 631 | /* remember expanded spamd_address if needed */ |
| 632 | if (spamd_address_work != spamd_address) |
| 633 | prev_spamd_address_work = string_copy(spamd_address_work); |
| 634 | |
| 635 | /* remember user name and "been here" for it */ |
| 636 | Ustrcpy(prev_user_name, user_name); |
| 637 | spam_ok = 1; |
| 638 | |
| 639 | return override |
| 640 | ? OK /* always return OK, no matter what the score */ |
| 641 | : spam_rc; |
| 642 | |
| 643 | defer: |
| 644 | (void)fclose(mbox_file); |
| 645 | return DEFER; |
| 646 | } |
| 647 | |
| 648 | #endif |
| 649 | /* vi: aw ai sw=2 |
| 650 | */ |