Support Rspamd. Patch from Andrew Lewis, lightly editorialised
[exim.git] / src / src / spam.c
CommitLineData
8523533c
TK
1/*************************************************
2* Exim - an Internet mail transport agent *
3*************************************************/
4
5/* Copyright (c) Tom Kistner <tom@duncanthrax.net> 2003-???? */
6/* License: GPL */
7
8/* Code for calling spamassassin's spamd. Called from acl.c. */
9
10#include "exim.h"
11#ifdef WITH_CONTENT_SCAN
12#include "spam.h"
13
14uschar spam_score_buffer[16];
15uschar spam_score_int_buffer[16];
16uschar spam_bar_buffer[128];
c5f280e2 17uschar spam_action_buffer[32];
8523533c
TK
18uschar spam_report_buffer[32600];
19uschar prev_user_name[128] = "";
20int spam_ok = 0;
21int spam_rc = 0;
f7274286 22uschar *prev_spamd_address_work = NULL;
8523533c 23
c007c974
JH
24int
25spam(uschar **listptr)
26{
8523533c
TK
27 int sep = 0;
28 uschar *list = *listptr;
29 uschar *user_name;
30 uschar user_name_buffer[128];
f7b63901 31 unsigned long mbox_size;
8523533c 32 FILE *mbox_file;
0f501486 33 int spamd_sock = -1;
8523533c 34 uschar spamd_buffer[32600];
cfe75fc3 35 int i, j, offset, result;
c5f280e2 36 BOOL is_rspamd;
8523533c 37 uschar spamd_version[8];
c5f280e2 38 uschar spamd_short_result[8];
8523533c 39 uschar spamd_score_char;
c5f280e2 40 double spamd_threshold, spamd_score, spamd_reject_score;
8523533c
TK
41 int spamd_report_offset;
42 uschar *p,*q;
43 int override = 0;
cfe75fc3
PH
44 time_t start;
45 size_t read, wrote;
8523533c 46 struct sockaddr_un server;
f452e07e 47#ifndef NO_POLL_H
cfe75fc3 48 struct pollfd pollfd;
25257489
PH
49#else /* Patch posted by Erik ? for OS X */
50 struct timeval select_tv; /* and applied by PH */
51 fd_set select_fd;
f452e07e 52#endif
b6e6e716 53 uschar *spamd_address_work;
b6fbf22d 54 static const uschar * loglabel = US"spam acl condition:";
8523533c 55
5614ee86 56 /* stop compiler warning */
91ecef39 57 result = 0;
5614ee86 58
8523533c
TK
59 /* find the username from the option list */
60 if ((user_name = string_nextinlist(&list, &sep,
61 user_name_buffer,
ddcf2b5f
JH
62 sizeof(user_name_buffer))) == NULL)
63 {
8523533c
TK
64 /* no username given, this means no scanning should be done */
65 return FAIL;
ddcf2b5f 66 }
8523533c
TK
67
68 /* if username is "0" or "false", do not scan */
69 if ( (Ustrcmp(user_name,"0") == 0) ||
ddcf2b5f 70 (strcmpic(user_name,US"false") == 0) )
8523533c 71 return FAIL;
8523533c
TK
72
73 /* if there is an additional option, check if it is "true" */
ddcf2b5f 74 if (strcmpic(list,US"true") == 0)
8523533c
TK
75 /* in that case, always return true later */
76 override = 1;
8523533c 77
f7274286 78 /* expand spamd_address if needed */
ddcf2b5f
JH
79 if (*spamd_address == '$')
80 {
f7274286 81 spamd_address_work = expand_string(spamd_address);
ddcf2b5f
JH
82 if (spamd_address_work == NULL)
83 {
f7274286 84 log_write(0, LOG_MAIN|LOG_PANIC,
a56cc2b8
JH
85 "%s spamd_address starts with $, but expansion failed: %s",
86 loglabel, expand_string_message);
f7274286 87 return DEFER;
ddcf2b5f 88 }
f7274286 89 }
f7274286
PP
90 else
91 spamd_address_work = spamd_address;
92
93 /* check if previous spamd_address was expanded and has changed. dump cached results if so */
ddcf2b5f
JH
94 if ( spam_ok
95 && prev_spamd_address_work != NULL
96 && Ustrcmp(prev_spamd_address_work, spamd_address_work) != 0
97 )
f7274286 98 spam_ok = 0;
f7274286 99
8e669ac1 100 /* if we scanned for this username last time, just return */
e8bc7fca
JH
101 if (spam_ok && Ustrcmp(prev_user_name, user_name) == 0)
102 return override ? OK : spam_rc;
8e669ac1 103
8523533c 104 /* make sure the eml mbox file is spooled up */
8544e77a 105 mbox_file = spool_mbox(&mbox_size, NULL);
8e669ac1 106
ddcf2b5f
JH
107 if (mbox_file == NULL)
108 {
8523533c
TK
109 /* error while spooling */
110 log_write(0, LOG_MAIN|LOG_PANIC,
a56cc2b8 111 "%s error while creating mbox spool file", loglabel);
8523533c 112 return DEFER;
ddcf2b5f 113 }
8523533c 114
cfe75fc3 115 start = time(NULL);
b6e6e716 116
8523533c 117 /* socket does not start with '/' -> network socket */
ddcf2b5f
JH
118 if (*spamd_address_work != '/')
119 {
8523533c 120 int num_servers = 0;
29cfeb94 121 int current_server;
8523533c 122 uschar *address = NULL;
e1e7cfcb 123 uschar *spamd_address_list_ptr = spamd_address_work;
8523533c
TK
124 uschar address_buffer[256];
125 spamd_address_container * spamd_address_vector[32];
126
127 /* Check how many spamd servers we have
128 and register their addresses */
129 while ((address = string_nextinlist(&spamd_address_list_ptr, &sep,
130 address_buffer,
ddcf2b5f
JH
131 sizeof(address_buffer))) != NULL)
132 {
8e669ac1 133
29cfeb94 134 /* Potential memory leak as we never free the store. */
8523533c
TK
135 spamd_address_container *this_spamd =
136 (spamd_address_container *)store_get(sizeof(spamd_address_container));
8e669ac1 137
c5f280e2
AL
138 /* Check for spamd variant */
139 this_spamd->is_rspamd = Ustrstr(address, "variant=rspamd") != NULL;
140
8523533c 141 /* grok spamd address and port */
c5f280e2 142 if (sscanf(CS address, "%23s %hu", this_spamd->tcp_addr, &this_spamd->tcp_port) != 2)
e252eb8c 143 {
8523533c 144 log_write(0, LOG_MAIN,
a56cc2b8 145 "%s warning - invalid spamd address: '%s'", loglabel, address);
8523533c 146 continue;
ddcf2b5f 147 }
8e669ac1 148
8523533c 149 spamd_address_vector[num_servers] = this_spamd;
a56cc2b8
JH
150 if ( ++num_servers
151 >= sizeof(spamd_address_vector)/sizeof(spamd_address_vector[0]))
8523533c 152 break;
ddcf2b5f 153 }
8e669ac1 154
8523533c 155 /* check if we have at least one server */
ddcf2b5f
JH
156 if (!num_servers)
157 {
8523533c 158 log_write(0, LOG_MAIN|LOG_PANIC,
a56cc2b8
JH
159 "%s no useable spamd server addresses in spamd_address configuration option.",
160 loglabel);
f1e894f3 161 (void)fclose(mbox_file);
8523533c 162 return DEFER;
ddcf2b5f 163 }
8523533c 164
a56cc2b8 165 while (num_servers > 0)
ddcf2b5f 166 {
2e64baa9 167 int i;
8523533c 168
29cfeb94 169 /* Randomly pick a server to try */
a56cc2b8 170 current_server = random_number(num_servers);
8e669ac1 171
8523533c
TK
172 debug_printf("trying server %s, port %u\n",
173 spamd_address_vector[current_server]->tcp_addr,
174 spamd_address_vector[current_server]->tcp_port);
8e669ac1 175
8523533c 176 /* contact a spamd */
a56cc2b8 177 if ((spamd_sock = ip_socket(SOCK_STREAM, AF_INET)) < 0)
ddcf2b5f 178 {
8523533c 179 log_write(0, LOG_MAIN|LOG_PANIC,
a56cc2b8 180 "%s error creating IP socket for spamd", loglabel);
f1e894f3 181 (void)fclose(mbox_file);
8e669ac1 182 return DEFER;
ddcf2b5f 183 }
8e669ac1 184
a56cc2b8
JH
185 if (ip_connect(spamd_sock,
186 AF_INET,
187 spamd_address_vector[current_server]->tcp_addr,
188 spamd_address_vector[current_server]->tcp_port,
189 5 ) > -1)
c5f280e2 190 {
8523533c 191 /* connection OK */
c5f280e2 192 is_rspamd = spamd_address_vector[current_server]->is_rspamd;
8523533c 193 break;
c5f280e2 194 }
8e669ac1 195
8523533c 196 log_write(0, LOG_MAIN|LOG_PANIC,
a56cc2b8
JH
197 "%s warning - spamd connection to %s, port %u failed: %s",
198 loglabel,
8523533c
TK
199 spamd_address_vector[current_server]->tcp_addr,
200 spamd_address_vector[current_server]->tcp_port,
201 strerror(errno));
29cfeb94
PP
202
203 (void)close(spamd_sock);
204
205 /* Remove the server from the list. XXX We should free the memory */
206 num_servers--;
a56cc2b8 207 for (i = current_server; i < num_servers; i++)
29cfeb94 208 spamd_address_vector[i] = spamd_address_vector[i+1];
ddcf2b5f 209 }
29cfeb94 210
a56cc2b8 211 if (num_servers == 0)
ddcf2b5f 212 {
a56cc2b8 213 log_write(0, LOG_MAIN|LOG_PANIC, "%s all spamd servers failed", loglabel);
29cfeb94
PP
214 (void)fclose(mbox_file);
215 return DEFER;
ddcf2b5f 216 }
29cfeb94 217 }
ddcf2b5f
JH
218 else
219 {
8523533c
TK
220 /* open the local socket */
221
ddcf2b5f
JH
222 if ((spamd_sock = socket(AF_UNIX, SOCK_STREAM, 0)) < 0)
223 {
8523533c 224 log_write(0, LOG_MAIN|LOG_PANIC,
a56cc2b8
JH
225 "%s spamd: unable to acquire socket (%s)",
226 loglabel,
8523533c 227 strerror(errno));
f1e894f3 228 (void)fclose(mbox_file);
8523533c 229 return DEFER;
ddcf2b5f 230 }
8523533c
TK
231
232 server.sun_family = AF_UNIX;
c5f280e2
AL
233
234 is_rspamd = (p = Ustrstr(spamd_address_work, "variant=rspamd")) != NULL;
235 if (is_rspamd)
236 {
237 /* strip spaces */
238 p--;
239 while (p > spamd_address_work && isspace (*p))
240 p--;
241 Ustrncpy(server.sun_path, spamd_address_work, p - spamd_address_work + 1);
242 /* zero terminate */
243 server.sun_path[p - spamd_address_work + 1] = 0;
244 }
245 else
246 Ustrcpy(server.sun_path, spamd_address_work);
8523533c 247
ddcf2b5f
JH
248 if (connect(spamd_sock, (struct sockaddr *) &server, sizeof(struct sockaddr_un)) < 0)
249 {
8523533c 250 log_write(0, LOG_MAIN|LOG_PANIC,
a56cc2b8
JH
251 "%s spamd: unable to connect to UNIX socket %s (%s)",
252 loglabel,
c5f280e2 253 server.sun_path, strerror(errno) );
f1e894f3
PH
254 (void)fclose(mbox_file);
255 (void)close(spamd_sock);
8523533c 256 return DEFER;
ddcf2b5f 257 }
8523533c
TK
258 }
259
ddcf2b5f
JH
260 if (spamd_sock == -1)
261 {
0f501486
PP
262 log_write(0, LOG_MAIN|LOG_PANIC,
263 "programming fault, spamd_sock unexpectedly unset");
264 (void)fclose(mbox_file);
265 (void)close(spamd_sock);
266 return DEFER;
ddcf2b5f 267 }
0f501486 268
c5f280e2 269 (void)fcntl(spamd_sock, F_SETFL, O_NONBLOCK);
8523533c 270 /* now we are connected to spamd on spamd_sock */
c5f280e2
AL
271 if (is_rspamd)
272 { /* rspamd variant */
273 uschar *req_str;
274 const char *helo;
275 const char *fcrdns;
276
277 req_str = string_sprintf("CHECK RSPAMC/1.3\r\nContent-length: %lu\r\n"
278 "Queue-Id: %s\r\nFrom: <%s>\r\nRecipient-Number: %d\r\n", mbox_size,
279 message_id, sender_address, recipients_count);
280 for (i = 0; i < recipients_count; i ++)
281 req_str = string_sprintf("%sRcpt: <%s>\r\n", req_str, recipients_list[i].address);
282 if ((helo = expand_string(US"$sender_helo_name")) != NULL && *helo != '\0')
283 req_str = string_sprintf("%sHelo: %s\r\n", req_str, helo);
284 if ((fcrdns = expand_string(US"$sender_host_name")) != NULL && *fcrdns != '\0')
285 req_str = string_sprintf("%sHostname: %s\r\n", req_str, fcrdns);
286 if (sender_host_address != NULL)
287 req_str = string_sprintf("%sIP: %s\r\n", req_str, sender_host_address);
288 req_str = string_sprintf("%s\r\n", req_str);
289 wrote = send(spamd_sock, req_str, Ustrlen(req_str), 0);
290 }
291 else
292 { /* spamassassin variant */
293 (void)string_format(spamd_buffer,
294 sizeof(spamd_buffer),
295 "REPORT SPAMC/1.2\r\nUser: %s\r\nContent-length: %ld\r\n\r\n",
296 user_name,
297 mbox_size);
298 /* send our request */
299 wrote = send(spamd_sock, spamd_buffer, Ustrlen(spamd_buffer), 0);
300 }
301 if (wrote == -1)
ddcf2b5f 302 {
f1e894f3 303 (void)close(spamd_sock);
8523533c 304 log_write(0, LOG_MAIN|LOG_PANIC,
a56cc2b8 305 "%s spamd send failed: %s", loglabel, strerror(errno));
f1e894f3
PH
306 (void)fclose(mbox_file);
307 (void)close(spamd_sock);
8523533c 308 return DEFER;
ddcf2b5f 309 }
8523533c
TK
310
311 /* now send the file */
cfe75fc3
PH
312 /* spamd sometimes accepts conections but doesn't read data off
313 * the connection. We make the file descriptor non-blocking so
314 * that the write will only write sufficient data without blocking
315 * and we poll the desciptor to make sure that we can write without
316 * blocking. Short writes are gracefully handled and if the whole
317 * trasaction takes too long it is aborted.
25257489
PH
318 * Note: poll() is not supported in OSX 10.2 and is reported to be
319 * broken in more recent versions (up to 10.4).
cfe75fc3 320 */
f452e07e 321#ifndef NO_POLL_H
cfe75fc3
PH
322 pollfd.fd = spamd_sock;
323 pollfd.events = POLLOUT;
f452e07e 324#endif
ff790e47 325 (void)fcntl(spamd_sock, F_SETFL, O_NONBLOCK);
ddcf2b5f
JH
326 do
327 {
cfe75fc3 328 read = fread(spamd_buffer,1,sizeof(spamd_buffer),mbox_file);
ddcf2b5f
JH
329 if (read > 0)
330 {
cfe75fc3
PH
331 offset = 0;
332again:
f452e07e 333#ifndef NO_POLL_H
cfe75fc3 334 result = poll(&pollfd, 1, 1000);
25257489
PH
335
336/* Patch posted by Erik ? for OS X and applied by PH */
337#else
338 select_tv.tv_sec = 1;
339 select_tv.tv_usec = 0;
340 FD_ZERO(&select_fd);
341 FD_SET(spamd_sock, &select_fd);
342 result = select(spamd_sock+1, NULL, &select_fd, NULL, &select_tv);
343#endif
344/* End Erik's patch */
345
cfe75fc3 346 if (result == -1 && errno == EINTR)
25257489 347 goto again;
ddcf2b5f
JH
348 else if (result < 1)
349 {
cfe75fc3
PH
350 if (result == -1)
351 log_write(0, LOG_MAIN|LOG_PANIC,
a56cc2b8 352 "%s %s on spamd socket", loglabel, strerror(errno));
ddcf2b5f
JH
353 else
354 {
cfe75fc3 355 if (time(NULL) - start < SPAMD_TIMEOUT)
c007c974 356 goto again;
cfe75fc3 357 log_write(0, LOG_MAIN|LOG_PANIC,
a56cc2b8 358 "%s timed out writing spamd socket", loglabel);
ddcf2b5f 359 }
f1e894f3
PH
360 (void)close(spamd_sock);
361 (void)fclose(mbox_file);
8523533c 362 return DEFER;
ddcf2b5f 363 }
25257489 364
cfe75fc3 365 wrote = send(spamd_sock,spamd_buffer + offset,read - offset,0);
8d7d227d 366 if (wrote == -1)
ddcf2b5f
JH
367 {
368 log_write(0, LOG_MAIN|LOG_PANIC,
a56cc2b8 369 "%s %s on spamd socket", loglabel, strerror(errno));
f1e894f3
PH
370 (void)close(spamd_sock);
371 (void)fclose(mbox_file);
8d7d227d 372 return DEFER;
ddcf2b5f
JH
373 }
374 if (offset + wrote != read)
375 {
cfe75fc3
PH
376 offset += wrote;
377 goto again;
ddcf2b5f 378 }
cfe75fc3
PH
379 }
380 }
cfe75fc3 381 while (!feof(mbox_file) && !ferror(mbox_file));
ddcf2b5f
JH
382
383 if (ferror(mbox_file))
384 {
cfe75fc3 385 log_write(0, LOG_MAIN|LOG_PANIC,
a56cc2b8 386 "%s error reading spool file: %s", loglabel, strerror(errno));
f1e894f3
PH
387 (void)close(spamd_sock);
388 (void)fclose(mbox_file);
cfe75fc3 389 return DEFER;
ddcf2b5f 390 }
8523533c 391
f1e894f3 392 (void)fclose(mbox_file);
8523533c
TK
393
394 /* we're done sending, close socket for writing */
395 shutdown(spamd_sock,SHUT_WR);
8e669ac1 396
cfe75fc3
PH
397 /* read spamd response using what's left of the timeout.
398 */
8523533c
TK
399 memset(spamd_buffer, 0, sizeof(spamd_buffer));
400 offset = 0;
ddcf2b5f 401 while ((i = ip_recv(spamd_sock,
8523533c
TK
402 spamd_buffer + offset,
403 sizeof(spamd_buffer) - offset - 1,
ddcf2b5f 404 SPAMD_TIMEOUT - time(NULL) + start)) > 0 )
8523533c 405 offset += i;
8523533c
TK
406
407 /* error handling */
ddcf2b5f
JH
408 if (i <= 0 && errno != 0)
409 {
8523533c 410 log_write(0, LOG_MAIN|LOG_PANIC,
a56cc2b8 411 "%s error reading from spamd socket: %s", loglabel, strerror(errno));
f1e894f3 412 (void)close(spamd_sock);
8523533c 413 return DEFER;
ddcf2b5f 414 }
8523533c
TK
415
416 /* reading done */
f1e894f3 417 (void)close(spamd_sock);
8523533c 418
c5f280e2
AL
419 if (is_rspamd)
420 { /* rspamd variant of reply */
421 int r;
422 if ((r = sscanf(CS spamd_buffer,
423 "RSPAMD/%7s 0 EX_OK\r\nMetric: default; %7s %lf / %lf / %lf\r\n%n",
424 spamd_version, spamd_short_result, &spamd_score, &spamd_threshold,
425 &spamd_reject_score, &spamd_report_offset)) != 5)
426 {
427 log_write(0, LOG_MAIN|LOG_PANIC,
428 "%s cannot parse spamd output: %d", loglabel, r);
429 return DEFER;
430 }
431 /* now parse action */
432 p = &spamd_buffer[spamd_report_offset];
8e669ac1 433
c5f280e2
AL
434 if (Ustrncmp(p, "Action: ", sizeof("Action: ") - 1) == 0)
435 {
436 p += sizeof("Action: ") - 1;
437 q = &spam_action_buffer[0];
438 while (*p && *p != '\r' && (q - spam_action_buffer) < sizeof(spam_action_buffer) - 1)
439 *q++ = *p++;
440 *q = '\0';
441 }
442 }
443 else
444 { /* spamassassin */
445 /* dig in the spamd output and put the report in a multiline header,
446 if requested */
ddcf2b5f 447 if (sscanf(CS spamd_buffer,
c5f280e2
AL
448 "SPAMD/%7s 0 EX_OK\r\nContent-length: %*u\r\n\r\n%lf/%lf\r\n%n",
449 spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3)
ddcf2b5f 450 {
c5f280e2
AL
451 /* try to fall back to pre-2.50 spamd output */
452 if (sscanf(CS spamd_buffer,
453 "SPAMD/%7s 0 EX_OK\r\nSpam: %*s ; %lf / %lf\r\n\r\n%n",
454 spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3)
455 {
456 log_write(0, LOG_MAIN|LOG_PANIC,
457 "%s cannot parse spamd output", loglabel);
458 return DEFER;
459 }
ddcf2b5f 460 }
c5f280e2
AL
461
462 Ustrcpy(spam_action_buffer,
463 spamd_score >= spamd_threshold ? "reject" : "no action");
ddcf2b5f 464 }
8523533c
TK
465
466 /* Create report. Since this is a multiline string,
467 we must hack it into shape first */
468 p = &spamd_buffer[spamd_report_offset];
469 q = spam_report_buffer;
ddcf2b5f
JH
470 while (*p != '\0')
471 {
8523533c 472 /* skip \r */
ddcf2b5f
JH
473 if (*p == '\r')
474 {
8523533c
TK
475 p++;
476 continue;
ddcf2b5f
JH
477 }
478 *q++ = *p;
479 if (*p++ == '\n')
480 {
89dec7b6
TF
481 /* add an extra space after the newline to ensure
482 that it is treated as a header continuation line */
ddcf2b5f
JH
483 *q++ = ' ';
484 }
485 }
8523533c 486 /* NULL-terminate */
ddcf2b5f 487 *q-- = '\0';
8523533c 488 /* cut off trailing leftovers */
ddcf2b5f
JH
489 while (*q <= ' ')
490 *q-- = '\0';
491
8523533c 492 spam_report = spam_report_buffer;
c5f280e2 493 spam_action = spam_action_buffer;
8523533c
TK
494
495 /* create spam bar */
496 spamd_score_char = spamd_score > 0 ? '+' : '-';
497 j = abs((int)(spamd_score));
498 i = 0;
ddcf2b5f
JH
499 if (j != 0)
500 while ((i < j) && (i <= MAX_SPAM_BAR_CHARS))
8523533c 501 spam_bar_buffer[i++] = spamd_score_char;
ddcf2b5f
JH
502 else
503 {
8523533c
TK
504 spam_bar_buffer[0] = '/';
505 i = 1;
ddcf2b5f 506 }
8523533c
TK
507 spam_bar_buffer[i] = '\0';
508 spam_bar = spam_bar_buffer;
509
510 /* create "float" spam score */
c5f280e2
AL
511 (void)string_format(spam_score_buffer, sizeof(spam_score_buffer),
512 "%.1f", spamd_score);
8523533c
TK
513 spam_score = spam_score_buffer;
514
515 /* create "int" spam score */
516 j = (int)((spamd_score + 0.001)*10);
c5f280e2
AL
517 (void)string_format(spam_score_int_buffer, sizeof(spam_score_int_buffer),
518 "%d", j);
8523533c
TK
519 spam_score_int = spam_score_int_buffer;
520
521 /* compare threshold against score */
c5f280e2
AL
522 spam_rc = spamd_score >= spamd_threshold
523 ? OK /* spam as determined by user's threshold */
524 : FAIL; /* not spam */
8e669ac1 525
f7274286 526 /* remember expanded spamd_address if needed */
ddcf2b5f 527 if (spamd_address_work != spamd_address)
f7274286 528 prev_spamd_address_work = string_copy(spamd_address_work);
ddcf2b5f 529
f7274286
PP
530 /* remember user name and "been here" for it */
531 Ustrcpy(prev_user_name, user_name);
532 spam_ok = 1;
8e669ac1 533
c5f280e2
AL
534 return override
535 ? OK /* always return OK, no matter what the score */
536 : spam_rc;
8523533c
TK
537}
538
539#endif