1 /*************************************************
2 * Exim - an Internet mail transport agent *
3 *************************************************/
5 /* Copyright (c) Tom Kistner <tom@duncanthrax.net> 2003-???? */
8 /* Code for calling spamassassin's spamd. Called from acl.c. */
11 #ifdef WITH_CONTENT_SCAN
14 uschar spam_score_buffer
[16];
15 uschar spam_score_int_buffer
[16];
16 uschar spam_bar_buffer
[128];
17 uschar spam_action_buffer
[32];
18 uschar spam_report_buffer
[32600];
19 uschar prev_user_name
[128] = "";
22 uschar
*prev_spamd_address_work
= NULL
;
25 spam(uschar
**listptr
)
28 uschar
*list
= *listptr
;
30 uschar user_name_buffer
[128];
31 unsigned long mbox_size
;
34 uschar spamd_buffer
[32600];
35 int i
, j
, offset
, result
;
37 uschar spamd_version
[8];
38 uschar spamd_short_result
[8];
39 uschar spamd_score_char
;
40 double spamd_threshold
, spamd_score
, spamd_reject_score
;
41 int spamd_report_offset
;
46 struct sockaddr_un server
;
49 #else /* Patch posted by Erik ? for OS X */
50 struct timeval select_tv
; /* and applied by PH */
53 uschar
*spamd_address_work
;
54 static const uschar
* loglabel
= US
"spam acl condition:";
56 /* stop compiler warning */
59 /* find the username from the option list */
60 if ((user_name
= string_nextinlist(&list
, &sep
,
62 sizeof(user_name_buffer
))) == NULL
)
64 /* no username given, this means no scanning should be done */
68 /* if username is "0" or "false", do not scan */
69 if ( (Ustrcmp(user_name
,"0") == 0) ||
70 (strcmpic(user_name
,US
"false") == 0) )
73 /* if there is an additional option, check if it is "true" */
74 if (strcmpic(list
,US
"true") == 0)
75 /* in that case, always return true later */
78 /* expand spamd_address if needed */
79 if (*spamd_address
== '$')
81 spamd_address_work
= expand_string(spamd_address
);
82 if (spamd_address_work
== NULL
)
84 log_write(0, LOG_MAIN
|LOG_PANIC
,
85 "%s spamd_address starts with $, but expansion failed: %s",
86 loglabel
, expand_string_message
);
91 spamd_address_work
= spamd_address
;
93 /* check if previous spamd_address was expanded and has changed. dump cached results if so */
95 && prev_spamd_address_work
!= NULL
96 && Ustrcmp(prev_spamd_address_work
, spamd_address_work
) != 0
100 /* if we scanned for this username last time, just return */
101 if (spam_ok
&& Ustrcmp(prev_user_name
, user_name
) == 0)
102 return override
? OK
: spam_rc
;
104 /* make sure the eml mbox file is spooled up */
105 mbox_file
= spool_mbox(&mbox_size
, NULL
);
107 if (mbox_file
== NULL
)
109 /* error while spooling */
110 log_write(0, LOG_MAIN
|LOG_PANIC
,
111 "%s error while creating mbox spool file", loglabel
);
117 /* socket does not start with '/' -> network socket */
118 if (*spamd_address_work
!= '/')
122 uschar
*address
= NULL
;
123 uschar
*spamd_address_list_ptr
= spamd_address_work
;
124 uschar address_buffer
[256];
125 spamd_address_container
* spamd_address_vector
[32];
127 /* Check how many spamd servers we have
128 and register their addresses */
129 while ((address
= string_nextinlist(&spamd_address_list_ptr
, &sep
,
131 sizeof(address_buffer
))) != NULL
)
134 /* Potential memory leak as we never free the store. */
135 spamd_address_container
*this_spamd
=
136 (spamd_address_container
*)store_get(sizeof(spamd_address_container
));
138 /* Check for spamd variant */
139 this_spamd
->is_rspamd
= Ustrstr(address
, "variant=rspamd") != NULL
;
141 /* grok spamd address and port */
142 if (sscanf(CS address
, "%23s %hu", this_spamd
->tcp_addr
, &this_spamd
->tcp_port
) != 2)
144 log_write(0, LOG_MAIN
,
145 "%s warning - invalid spamd address: '%s'", loglabel
, address
);
149 spamd_address_vector
[num_servers
] = this_spamd
;
151 >= sizeof(spamd_address_vector
)/sizeof(spamd_address_vector
[0]))
155 /* check if we have at least one server */
158 log_write(0, LOG_MAIN
|LOG_PANIC
,
159 "%s no useable spamd server addresses in spamd_address configuration option.",
161 (void)fclose(mbox_file
);
165 while (num_servers
> 0)
169 /* Randomly pick a server to try */
170 current_server
= random_number(num_servers
);
172 debug_printf("trying server %s, port %u\n",
173 spamd_address_vector
[current_server
]->tcp_addr
,
174 spamd_address_vector
[current_server
]->tcp_port
);
176 /* contact a spamd */
177 if ((spamd_sock
= ip_socket(SOCK_STREAM
, AF_INET
)) < 0)
179 log_write(0, LOG_MAIN
|LOG_PANIC
,
180 "%s error creating IP socket for spamd", loglabel
);
181 (void)fclose(mbox_file
);
185 if (ip_connect(spamd_sock
,
187 spamd_address_vector
[current_server
]->tcp_addr
,
188 spamd_address_vector
[current_server
]->tcp_port
,
192 is_rspamd
= spamd_address_vector
[current_server
]->is_rspamd
;
196 log_write(0, LOG_MAIN
|LOG_PANIC
,
197 "%s warning - spamd connection to %s, port %u failed: %s",
199 spamd_address_vector
[current_server
]->tcp_addr
,
200 spamd_address_vector
[current_server
]->tcp_port
,
203 (void)close(spamd_sock
);
205 /* Remove the server from the list. XXX We should free the memory */
207 for (i
= current_server
; i
< num_servers
; i
++)
208 spamd_address_vector
[i
] = spamd_address_vector
[i
+1];
211 if (num_servers
== 0)
213 log_write(0, LOG_MAIN
|LOG_PANIC
, "%s all spamd servers failed", loglabel
);
214 (void)fclose(mbox_file
);
220 /* open the local socket */
222 if ((spamd_sock
= socket(AF_UNIX
, SOCK_STREAM
, 0)) < 0)
224 log_write(0, LOG_MAIN
|LOG_PANIC
,
225 "%s spamd: unable to acquire socket (%s)",
228 (void)fclose(mbox_file
);
232 server
.sun_family
= AF_UNIX
;
234 is_rspamd
= (p
= Ustrstr(spamd_address_work
, "variant=rspamd")) != NULL
;
239 while (p
> spamd_address_work
&& isspace (*p
))
241 Ustrncpy(server
.sun_path
, spamd_address_work
, p
- spamd_address_work
+ 1);
243 server
.sun_path
[p
- spamd_address_work
+ 1] = 0;
246 Ustrcpy(server
.sun_path
, spamd_address_work
);
248 if (connect(spamd_sock
, (struct sockaddr
*) &server
, sizeof(struct sockaddr_un
)) < 0)
250 log_write(0, LOG_MAIN
|LOG_PANIC
,
251 "%s spamd: unable to connect to UNIX socket %s (%s)",
253 server
.sun_path
, strerror(errno
) );
254 (void)fclose(mbox_file
);
255 (void)close(spamd_sock
);
260 if (spamd_sock
== -1)
262 log_write(0, LOG_MAIN
|LOG_PANIC
,
263 "programming fault, spamd_sock unexpectedly unset");
264 (void)fclose(mbox_file
);
265 (void)close(spamd_sock
);
269 (void)fcntl(spamd_sock
, F_SETFL
, O_NONBLOCK
);
270 /* now we are connected to spamd on spamd_sock */
272 { /* rspamd variant */
277 req_str
= string_sprintf("CHECK RSPAMC/1.3\r\nContent-length: %lu\r\n"
278 "Queue-Id: %s\r\nFrom: <%s>\r\nRecipient-Number: %d\r\n", mbox_size
,
279 message_id
, sender_address
, recipients_count
);
280 for (i
= 0; i
< recipients_count
; i
++)
281 req_str
= string_sprintf("%sRcpt: <%s>\r\n", req_str
, recipients_list
[i
].address
);
282 if ((helo
= expand_string(US
"$sender_helo_name")) != NULL
&& *helo
!= '\0')
283 req_str
= string_sprintf("%sHelo: %s\r\n", req_str
, helo
);
284 if ((fcrdns
= expand_string(US
"$sender_host_name")) != NULL
&& *fcrdns
!= '\0')
285 req_str
= string_sprintf("%sHostname: %s\r\n", req_str
, fcrdns
);
286 if (sender_host_address
!= NULL
)
287 req_str
= string_sprintf("%sIP: %s\r\n", req_str
, sender_host_address
);
288 req_str
= string_sprintf("%s\r\n", req_str
);
289 wrote
= send(spamd_sock
, req_str
, Ustrlen(req_str
), 0);
292 { /* spamassassin variant */
293 (void)string_format(spamd_buffer
,
294 sizeof(spamd_buffer
),
295 "REPORT SPAMC/1.2\r\nUser: %s\r\nContent-length: %ld\r\n\r\n",
298 /* send our request */
299 wrote
= send(spamd_sock
, spamd_buffer
, Ustrlen(spamd_buffer
), 0);
303 (void)close(spamd_sock
);
304 log_write(0, LOG_MAIN
|LOG_PANIC
,
305 "%s spamd send failed: %s", loglabel
, strerror(errno
));
306 (void)fclose(mbox_file
);
307 (void)close(spamd_sock
);
311 /* now send the file */
312 /* spamd sometimes accepts conections but doesn't read data off
313 * the connection. We make the file descriptor non-blocking so
314 * that the write will only write sufficient data without blocking
315 * and we poll the desciptor to make sure that we can write without
316 * blocking. Short writes are gracefully handled and if the whole
317 * trasaction takes too long it is aborted.
318 * Note: poll() is not supported in OSX 10.2 and is reported to be
319 * broken in more recent versions (up to 10.4).
322 pollfd
.fd
= spamd_sock
;
323 pollfd
.events
= POLLOUT
;
325 (void)fcntl(spamd_sock
, F_SETFL
, O_NONBLOCK
);
328 read
= fread(spamd_buffer
,1,sizeof(spamd_buffer
),mbox_file
);
334 result
= poll(&pollfd
, 1, 1000);
336 /* Patch posted by Erik ? for OS X and applied by PH */
338 select_tv
.tv_sec
= 1;
339 select_tv
.tv_usec
= 0;
341 FD_SET(spamd_sock
, &select_fd
);
342 result
= select(spamd_sock
+1, NULL
, &select_fd
, NULL
, &select_tv
);
344 /* End Erik's patch */
346 if (result
== -1 && errno
== EINTR
)
351 log_write(0, LOG_MAIN
|LOG_PANIC
,
352 "%s %s on spamd socket", loglabel
, strerror(errno
));
355 if (time(NULL
) - start
< SPAMD_TIMEOUT
)
357 log_write(0, LOG_MAIN
|LOG_PANIC
,
358 "%s timed out writing spamd socket", loglabel
);
360 (void)close(spamd_sock
);
361 (void)fclose(mbox_file
);
365 wrote
= send(spamd_sock
,spamd_buffer
+ offset
,read
- offset
,0);
368 log_write(0, LOG_MAIN
|LOG_PANIC
,
369 "%s %s on spamd socket", loglabel
, strerror(errno
));
370 (void)close(spamd_sock
);
371 (void)fclose(mbox_file
);
374 if (offset
+ wrote
!= read
)
381 while (!feof(mbox_file
) && !ferror(mbox_file
));
383 if (ferror(mbox_file
))
385 log_write(0, LOG_MAIN
|LOG_PANIC
,
386 "%s error reading spool file: %s", loglabel
, strerror(errno
));
387 (void)close(spamd_sock
);
388 (void)fclose(mbox_file
);
392 (void)fclose(mbox_file
);
394 /* we're done sending, close socket for writing */
395 shutdown(spamd_sock
,SHUT_WR
);
397 /* read spamd response using what's left of the timeout.
399 memset(spamd_buffer
, 0, sizeof(spamd_buffer
));
401 while ((i
= ip_recv(spamd_sock
,
402 spamd_buffer
+ offset
,
403 sizeof(spamd_buffer
) - offset
- 1,
404 SPAMD_TIMEOUT
- time(NULL
) + start
)) > 0 )
408 if (i
<= 0 && errno
!= 0)
410 log_write(0, LOG_MAIN
|LOG_PANIC
,
411 "%s error reading from spamd socket: %s", loglabel
, strerror(errno
));
412 (void)close(spamd_sock
);
417 (void)close(spamd_sock
);
420 { /* rspamd variant of reply */
422 if ((r
= sscanf(CS spamd_buffer
,
423 "RSPAMD/%7s 0 EX_OK\r\nMetric: default; %7s %lf / %lf / %lf\r\n%n",
424 spamd_version
, spamd_short_result
, &spamd_score
, &spamd_threshold
,
425 &spamd_reject_score
, &spamd_report_offset
)) != 5)
427 log_write(0, LOG_MAIN
|LOG_PANIC
,
428 "%s cannot parse spamd output: %d", loglabel
, r
);
431 /* now parse action */
432 p
= &spamd_buffer
[spamd_report_offset
];
434 if (Ustrncmp(p
, "Action: ", sizeof("Action: ") - 1) == 0)
436 p
+= sizeof("Action: ") - 1;
437 q
= &spam_action_buffer
[0];
438 while (*p
&& *p
!= '\r' && (q
- spam_action_buffer
) < sizeof(spam_action_buffer
) - 1)
445 /* dig in the spamd output and put the report in a multiline header,
447 if (sscanf(CS spamd_buffer
,
448 "SPAMD/%7s 0 EX_OK\r\nContent-length: %*u\r\n\r\n%lf/%lf\r\n%n",
449 spamd_version
,&spamd_score
,&spamd_threshold
,&spamd_report_offset
) != 3)
451 /* try to fall back to pre-2.50 spamd output */
452 if (sscanf(CS spamd_buffer
,
453 "SPAMD/%7s 0 EX_OK\r\nSpam: %*s ; %lf / %lf\r\n\r\n%n",
454 spamd_version
,&spamd_score
,&spamd_threshold
,&spamd_report_offset
) != 3)
456 log_write(0, LOG_MAIN
|LOG_PANIC
,
457 "%s cannot parse spamd output", loglabel
);
462 Ustrcpy(spam_action_buffer
,
463 spamd_score
>= spamd_threshold
? "reject" : "no action");
466 /* Create report. Since this is a multiline string,
467 we must hack it into shape first */
468 p
= &spamd_buffer
[spamd_report_offset
];
469 q
= spam_report_buffer
;
481 /* add an extra space after the newline to ensure
482 that it is treated as a header continuation line */
488 /* cut off trailing leftovers */
492 spam_report
= spam_report_buffer
;
493 spam_action
= spam_action_buffer
;
495 /* create spam bar */
496 spamd_score_char
= spamd_score
> 0 ? '+' : '-';
497 j
= abs((int)(spamd_score
));
500 while ((i
< j
) && (i
<= MAX_SPAM_BAR_CHARS
))
501 spam_bar_buffer
[i
++] = spamd_score_char
;
504 spam_bar_buffer
[0] = '/';
507 spam_bar_buffer
[i
] = '\0';
508 spam_bar
= spam_bar_buffer
;
510 /* create "float" spam score */
511 (void)string_format(spam_score_buffer
, sizeof(spam_score_buffer
),
512 "%.1f", spamd_score
);
513 spam_score
= spam_score_buffer
;
515 /* create "int" spam score */
516 j
= (int)((spamd_score
+ 0.001)*10);
517 (void)string_format(spam_score_int_buffer
, sizeof(spam_score_int_buffer
),
519 spam_score_int
= spam_score_int_buffer
;
521 /* compare threshold against score */
522 spam_rc
= spamd_score
>= spamd_threshold
523 ? OK
/* spam as determined by user's threshold */
524 : FAIL
; /* not spam */
526 /* remember expanded spamd_address if needed */
527 if (spamd_address_work
!= spamd_address
)
528 prev_spamd_address_work
= string_copy(spamd_address_work
);
530 /* remember user name and "been here" for it */
531 Ustrcpy(prev_user_name
, user_name
);
535 ? OK
/* always return OK, no matter what the score */