X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=plugins%2Ffilters%2Ffilters.php;h=2086c2cdae2ae34590c665b5ef45534703cbdafd;hb=9ae70b623b5bda18ee4b60d9481d49d057b2f508;hp=f10e0646bb267b737e86d4f2399325f71b7c4ecd;hpb=2128bbc6c5a178906d5d7b925bcd6d0652f47f52;p=squirrelmail.git diff --git a/plugins/filters/filters.php b/plugins/filters/filters.php index f10e0646..2086c2cd 100644 --- a/plugins/filters/filters.php +++ b/plugins/filters/filters.php @@ -3,7 +3,7 @@ /** * Message and Spam Filter Plugin - Filtering Functions * - * @copyright © 1999-2006 The SquirrelMail Project Team + * @copyright 1999-2014 The SquirrelMail Project Team * @license http://opensource.org/licenses/gpl-license.php GNU Public License * @version $Id$ * @package plugins @@ -13,8 +13,7 @@ /** * do not allow to call this file directly */ -if ((isset($_SERVER['SCRIPT_FILENAME']) && $_SERVER['SCRIPT_FILENAME'] == __FILE__) || - (isset($HTTP_SERVER_SERVER['SCRIPT_FILENAME']) && $HTTP_SERVER_SERVER['SCRIPT_FILENAME'] == __FILE__) ) { +if (isset($_SERVER['SCRIPT_FILENAME']) && $_SERVER['SCRIPT_FILENAME'] == __FILE__) { header("Location: ../../src/login.php"); die(); } @@ -26,7 +25,7 @@ global $UseSeparateImapConnection, $SpamFilters_CacheTTL; /** - * load required functions. Plugin depends on IMAP functions and they are not + * load required functions. Plugin depends on IMAP functions and they are not * loaded in src/webmail.php */ include_once (SM_PATH . 'functions/imap.php'); @@ -143,7 +142,7 @@ function filters_LoadCache () { /** * Uses the BulkQuery executable to query all the RBLs at once - * @param array $filters Array of SPAM Fitlers + * @param array $filters Array of SPAM Filters * @param array $IPs Array of IP Addresses * @access private */ @@ -191,9 +190,9 @@ function filters_bulkquery($filters, $IPs) { * @access private */ function start_filters($hook_args) { - global $imapServerAddress, $imapPort, $imap_stream, $imapConnection, - $UseSeparateImapConnection, $AllowSpamFilters, $filter_inbox_count, - $username; + global $imapServerAddress, $imapPort, $imapSslOptions, $imap_stream, + $imapConnection, $UseSeparateImapConnection, $AllowSpamFilters, + $filter_inbox_count, $username; /** * check hook that calls filtering. If filters are called by right_main_after_header, @@ -211,14 +210,15 @@ function start_filters($hook_args) { $spamfilters = load_spam_filters(); $AllowSpamFilters = false; - foreach($spamfilters as $filterskey=>$value) { - if ($value['enabled'] == 'yes') { + foreach($spamfilters as $value) { + if ($value['enabled'] == SMPREF_ON) { $AllowSpamFilters = true; break; } } } + // No user filters, and no spam filters, no need to continue // if (!$AllowSpamFilters && empty($filters)) { return; } @@ -229,7 +229,7 @@ function start_filters($hook_args) { if ((!isset($imap_stream) && !isset($imapConnection)) || $UseSeparateImapConnection ) { $stream = sqimap_login($username, false, $imapServerAddress, - $imapPort, 10); + $imapPort, 10, $imapSslOptions); $previously_connected = false; } else if (isset($imapConnection)) { $stream = $imapConnection; @@ -312,12 +312,12 @@ function user_filters($imap_stream) { /** * Creates and runs the IMAP command to filter messages + * @param string $imap_stream TODO: Document this parameter * @param string $where Which part of the message to search (TO, CC, SUBJECT, etc...) * @param string $what String to search for * @param string $where_to Folder it will move to * @param string $user_scan Whether to search all or just unseen * @param string $should_expunge - * @param boolean $where Which part of location to search * @access private */ function filter_search_and_delete($imap_stream, $where, $what, $where_to, $user_scan, @@ -355,7 +355,7 @@ function filter_search_and_delete($imap_stream, $where, $what, $where_to, $user_ // see comments in squirrelmail sqimap_search function if ($imap_server_type == 'macosx' || $imap_server_type == 'hmailserver') { - $search_str .= ' ' . $where . ' ' . $what; + $search_str .= ' ' . $where . ' ' . $what; /* read data back from IMAP */ $read = sqimap_run_command($imap_stream, $search_str, true, $response, $message, TRUE); } else { @@ -382,7 +382,7 @@ function filter_search_and_delete($imap_stream, $where, $what, $where_to, $user_ $ids = array(); for ($i = 0, $iCnt = count($read); $i < $iCnt; ++$i) { if (preg_match("/^\* SEARCH (.+)$/", $read[$i], $regs)) { - $ids += preg_split("/ /", trim($regs[1])); + $ids += explode(' ', trim($regs[1])); } } if ($response == 'OK' && count($ids)) { @@ -430,7 +430,7 @@ function spam_filters($imap_stream) { $run = false; - foreach ($filters as $Key => $Value) { + foreach ($filters as $Value) { if ($Value['enabled']) { $run = true; break; @@ -451,8 +451,8 @@ function spam_filters($imap_stream) { if (isset($read[0])) { for ($i = 0, $iCnt = count($read); $i < $iCnt; ++$i) { if (preg_match("/^\* SEARCH (.+)$/", $read[$i], $regs)) { - $search_array = preg_split("/ /", trim($regs[1])); - break; + $search_array = explode(' ', trim($regs[1])); + break; } } } @@ -493,14 +493,15 @@ function spam_filters($imap_stream) { $aSpamIds[] = $MsgNum; $isspam = true; } + if ($bulkquery) { array_shift($aMatch); - $IP = explode('.',$aMatch); + $IP = explode('.', $aMatch); foreach ($filters as $key => $value) { if ($filters[$key]['enabled'] && $filters[$key]['dns']) { if (strlen($SpamFilters_DNScache[$IP.'.'.$filters[$key]['dns']]) == 0) { - $IPs[$IP] = true; - break; + $IPs[$IP] = true; + break; } } } @@ -517,7 +518,7 @@ function spam_filters($imap_stream) { } // Lookie! It's spam! Yum! if (count($aSpamIds) && sqimap_mailbox_exists($imap_stream, $filters_spam_folder)) { - sqimap_msgs_list_move ($imap_stream, $aSpamIds, $filters_spam_folder); + sqimap_msgs_list_move($imap_stream, $aSpamIds, $filters_spam_folder); sqimap_mailbox_expunge($imap_stream, 'INBOX'); } @@ -548,8 +549,14 @@ function filters_spam_check_site($a, $b, $c, $d, &$filters) { foreach ($filters as $key => $value) { if ($filters[$key]['enabled']) { if ($filters[$key]['dns']) { + + /** + * RFC allows . on end of hostname to force domain lookup to + * not use search domain from resolv.conf, i.e. to ensure + * search domain isn't used if no hostname is found + */ $filter_revip = $d . '.' . $c . '.' . $b . '.' . $a . '.' . - $filters[$key]['dns']; + $filters[$key]['dns'] . '.'; if(!isset($SpamFilters_DNScache[$filter_revip]['L'])) $SpamFilters_DNScache[$filter_revip]['L'] = ''; @@ -563,8 +570,12 @@ function filters_spam_check_site($a, $b, $c, $d, &$filters) { $SpamFilters_DNScache[$filter_revip]['T'] = time() + $SpamFilters_CacheTTL; } - if ($SpamFilters_DNScache[$filter_revip]['L'] == - $filters[$key]['result']) { + + /** + * gethostbyname returns ip if resolved, or returns original + * host supplied to function if there is no resolution + */ + if ($SpamFilters_DNScache[$filter_revip]['L'] != $filter_revip) { return 1; } } @@ -585,7 +596,7 @@ function load_filters() { for ($i = 0; $fltr = getPref($data_dir, $username, 'filter' . $i); $i++) { $ary = explode(',', $fltr); $filters[$i]['where'] = $ary[0]; - $filters[$i]['what'] = $ary[1]; + $filters[$i]['what'] = str_replace('###COMMA###', ',', $ary[1]); $filters[$i]['folder'] = $ary[2]; } return $filters; @@ -649,14 +660,6 @@ function load_spam_filters() { _("COMMERCIAL - RBL+ Dial-up entries."); } - $filters['ORDB']['prefname'] = 'filters_spam_ordb'; - $filters['ORDB']['name'] = 'Open Relay Database List'; - $filters['ORDB']['link'] = 'http://www.ordb.org/'; - $filters['ORDB']['dns'] = 'relays.ordb.org'; - $filters['ORDB']['result'] = '127.0.0.2'; - $filters['ORDB']['comment'] = - _("FREE - ORDB was born when ORBS went off the air. It seems to have fewer false positives than ORBS did though."); - $filters['FiveTen Direct']['prefname'] = 'filters_spam_fiveten_src'; $filters['FiveTen Direct']['name'] = 'Five-Ten-sg.com Direct SPAM Sources'; $filters['FiveTen Direct']['link'] = 'http://www.five-ten-sg.com/blackhole.php'; @@ -725,7 +728,7 @@ function load_spam_filters() { $filters['SPAMhaus']['name'] = 'SPAMhaus Lists'; $filters['SPAMhaus']['link'] = 'http://www.spamhaus.org'; $filters['SPAMhaus']['dns'] = 'sbl.spamhaus.org'; - $filters['SPAMhaus']['result'] = '127.0.0.6'; + $filters['SPAMhaus']['result'] = '127.0.0.2'; $filters['SPAMhaus']['comment'] = _("FREE - SPAMhaus - A list of well-known SPAM sources."); @@ -841,32 +844,8 @@ function load_spam_filters() { $filters['NJABL DUL']['comment'] = _("FREE, for now - Not Just Another Blacklist - Dial-up IPs."); - $filters['Conf DSBL.ORG Relay']['prefname'] = 'filters_spam_dsbl_conf_ss'; - $filters['Conf DSBL.ORG Relay']['name'] = 'DSBL.org Confirmed Relay List'; - $filters['Conf DSBL.ORG Relay']['link'] = 'http://www.dsbl.org/'; - $filters['Conf DSBL.ORG Relay']['dns'] = 'list.dsbl.org'; - $filters['Conf DSBL.ORG Relay']['result'] = '127.0.0.2'; - $filters['Conf DSBL.ORG Relay']['comment'] = - _("FREE - Distributed Sender Boycott List - Confirmed Relays"); - - $filters['Conf DSBL.ORG Multi-Stage']['prefname'] = 'filters_spam_dsbl_conf_ms'; - $filters['Conf DSBL.ORG Multi-Stage']['name'] = 'DSBL.org Confirmed Multi-Stage Relay List'; - $filters['Conf DSBL.ORG Multi-Stage']['link'] = 'http://www.dsbl.org/'; - $filters['Conf DSBL.ORG Multi-Stage']['dns'] = 'multihop.dsbl.org'; - $filters['Conf DSBL.ORG Multi-Stage']['result'] = '127.0.0.2'; - $filters['Conf DSBL.ORG Multi-Stage']['comment'] = - _("FREE - Distributed Sender Boycott List - Confirmed Multi-stage Relays"); - - $filters['UN-Conf DSBL.ORG']['prefname'] = 'filters_spam_dsbl_unc'; - $filters['UN-Conf DSBL.ORG']['name'] = 'DSBL.org UN-Confirmed Relay List'; - $filters['UN-Conf DSBL.ORG']['link'] = 'http://www.dsbl.org/'; - $filters['UN-Conf DSBL.ORG']['dns'] = 'unconfirmed.dsbl.org'; - $filters['UN-Conf DSBL.ORG']['result'] = '127.0.0.2'; - $filters['UN-Conf DSBL.ORG']['comment'] = - _("FREE - Distributed Sender Boycott List - UN-Confirmed Relays"); - foreach ($filters as $Key => $Value) { - $filters[$Key]['enabled'] = getPref($data_dir, $username, $filters[$Key]['prefname']); + $filters[$Key]['enabled'] = (bool)getPref($data_dir, $username, $filters[$Key]['prefname']); } return $filters; @@ -912,7 +891,6 @@ function filter_swap($id1, $id2) { * @access private */ function update_for_folder ($args) { - $old_folder = $args[0]; $new_folder = $args[2]; $action = $args[1];