small fix for spamd_address expansion - thanks to Warren Baker
[exim.git] / src / src / spam.c
1 /* $Cambridge: exim/src/src/spam.c,v 1.16 2008/01/28 13:14:48 tom Exp $ */
2
3 /*************************************************
4 * Exim - an Internet mail transport agent *
5 *************************************************/
6
7 /* Copyright (c) Tom Kistner <tom@duncanthrax.net> 2003-???? */
8 /* License: GPL */
9
10 /* Code for calling spamassassin's spamd. Called from acl.c. */
11
12 #include "exim.h"
13 #ifdef WITH_CONTENT_SCAN
14 #include "spam.h"
15
16 uschar spam_score_buffer[16];
17 uschar spam_score_int_buffer[16];
18 uschar spam_bar_buffer[128];
19 uschar spam_report_buffer[32600];
20 uschar prev_user_name[128] = "";
21 int spam_ok = 0;
22 int spam_rc = 0;
23
24 int spam(uschar **listptr) {
25 int sep = 0;
26 uschar *list = *listptr;
27 uschar *user_name;
28 uschar user_name_buffer[128];
29 unsigned long mbox_size;
30 FILE *mbox_file;
31 int spamd_sock;
32 uschar spamd_buffer[32600];
33 int i, j, offset, result;
34 uschar spamd_version[8];
35 uschar spamd_score_char;
36 double spamd_threshold, spamd_score;
37 int spamd_report_offset;
38 uschar *p,*q;
39 int override = 0;
40 time_t start;
41 size_t read, wrote;
42 struct sockaddr_un server;
43 #ifndef NO_POLL_H
44 struct pollfd pollfd;
45 #else /* Patch posted by Erik ? for OS X */
46 struct timeval select_tv; /* and applied by PH */
47 fd_set select_fd;
48 #endif
49 uschar *spamd_address_work;
50
51 /* stop compiler warning */
52 result = 0;
53
54 /* find the username from the option list */
55 if ((user_name = string_nextinlist(&list, &sep,
56 user_name_buffer,
57 sizeof(user_name_buffer))) == NULL) {
58 /* no username given, this means no scanning should be done */
59 return FAIL;
60 };
61
62 /* if username is "0" or "false", do not scan */
63 if ( (Ustrcmp(user_name,"0") == 0) ||
64 (strcmpic(user_name,US"false") == 0) ) {
65 return FAIL;
66 };
67
68 /* if there is an additional option, check if it is "true" */
69 if (strcmpic(list,US"true") == 0) {
70 /* in that case, always return true later */
71 override = 1;
72 };
73
74 /* if we scanned for this username last time, just return */
75 if ( spam_ok && ( Ustrcmp(prev_user_name, user_name) == 0 ) ) {
76 if (override)
77 return OK;
78 else
79 return spam_rc;
80 };
81
82 /* make sure the eml mbox file is spooled up */
83 mbox_file = spool_mbox(&mbox_size);
84
85 if (mbox_file == NULL) {
86 /* error while spooling */
87 log_write(0, LOG_MAIN|LOG_PANIC,
88 "spam acl condition: error while creating mbox spool file");
89 return DEFER;
90 };
91
92 start = time(NULL);
93
94 if (*spamd_address == '$') {
95 spamd_address_work = expand_string(spamd_address);
96 if (spamd_address_work == NULL) {
97 log_write(0, LOG_MAIN|LOG_PANIC,
98 "spamassassin acl condition: spamd_address starts with $, but expansion failed: %s", expand_string_message);
99 return DEFER;
100 }
101 }
102 else
103 spamd_address_work = spamd_address;
104
105 /* socket does not start with '/' -> network socket */
106 if (*spamd_address_work != '/') {
107 time_t now = time(NULL);
108 int num_servers = 0;
109 int current_server = 0;
110 int start_server = 0;
111 uschar *address = NULL;
112 uschar *spamd_address_list_ptr = spamd_address_work;
113 uschar address_buffer[256];
114 spamd_address_container * spamd_address_vector[32];
115
116 /* Check how many spamd servers we have
117 and register their addresses */
118 while ((address = string_nextinlist(&spamd_address_list_ptr, &sep,
119 address_buffer,
120 sizeof(address_buffer))) != NULL) {
121
122 spamd_address_container *this_spamd =
123 (spamd_address_container *)store_get(sizeof(spamd_address_container));
124
125 /* grok spamd address and port */
126 if( sscanf(CS address, "%s %u", this_spamd->tcp_addr, &(this_spamd->tcp_port)) != 2 ) {
127 log_write(0, LOG_MAIN,
128 "spam acl condition: warning - invalid spamd address: '%s'", address);
129 continue;
130 };
131
132 spamd_address_vector[num_servers] = this_spamd;
133 num_servers++;
134 if (num_servers > 31)
135 break;
136 };
137
138 /* check if we have at least one server */
139 if (!num_servers) {
140 log_write(0, LOG_MAIN|LOG_PANIC,
141 "spam acl condition: no useable spamd server addresses in spamd_address configuration option.");
142 (void)fclose(mbox_file);
143 return DEFER;
144 };
145
146 current_server = start_server = (int)now % num_servers;
147
148 while (1) {
149
150 debug_printf("trying server %s, port %u\n",
151 spamd_address_vector[current_server]->tcp_addr,
152 spamd_address_vector[current_server]->tcp_port);
153
154 /* contact a spamd */
155 if ( (spamd_sock = ip_socket(SOCK_STREAM, AF_INET)) < 0) {
156 log_write(0, LOG_MAIN|LOG_PANIC,
157 "spam acl condition: error creating IP socket for spamd");
158 (void)fclose(mbox_file);
159 return DEFER;
160 };
161
162 if (ip_connect( spamd_sock,
163 AF_INET,
164 spamd_address_vector[current_server]->tcp_addr,
165 spamd_address_vector[current_server]->tcp_port,
166 5 ) > -1) {
167 /* connection OK */
168 break;
169 };
170
171 log_write(0, LOG_MAIN|LOG_PANIC,
172 "spam acl condition: warning - spamd connection to %s, port %u failed: %s",
173 spamd_address_vector[current_server]->tcp_addr,
174 spamd_address_vector[current_server]->tcp_port,
175 strerror(errno));
176 current_server++;
177 if (current_server >= num_servers)
178 current_server = 0;
179 if (current_server == start_server) {
180 log_write(0, LOG_MAIN|LOG_PANIC, "spam acl condition: all spamd servers failed");
181 (void)fclose(mbox_file);
182 (void)close(spamd_sock);
183 return DEFER;
184 };
185 };
186
187 }
188 else {
189 /* open the local socket */
190
191 if ((spamd_sock = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) {
192 log_write(0, LOG_MAIN|LOG_PANIC,
193 "malware acl condition: spamd: unable to acquire socket (%s)",
194 strerror(errno));
195 (void)fclose(mbox_file);
196 return DEFER;
197 }
198
199 server.sun_family = AF_UNIX;
200 Ustrcpy(server.sun_path, spamd_address_work);
201
202 if (connect(spamd_sock, (struct sockaddr *) &server, sizeof(struct sockaddr_un)) < 0) {
203 log_write(0, LOG_MAIN|LOG_PANIC,
204 "malware acl condition: spamd: unable to connect to UNIX socket %s (%s)",
205 spamd_address_work, strerror(errno) );
206 (void)fclose(mbox_file);
207 (void)close(spamd_sock);
208 return DEFER;
209 }
210
211 }
212
213 /* now we are connected to spamd on spamd_sock */
214 (void)string_format(spamd_buffer,
215 sizeof(spamd_buffer),
216 "REPORT SPAMC/1.2\r\nUser: %s\r\nContent-length: %ld\r\n\r\n",
217 user_name,
218 mbox_size);
219
220 /* send our request */
221 if (send(spamd_sock, spamd_buffer, Ustrlen(spamd_buffer), 0) < 0) {
222 (void)close(spamd_sock);
223 log_write(0, LOG_MAIN|LOG_PANIC,
224 "spam acl condition: spamd send failed: %s", strerror(errno));
225 (void)fclose(mbox_file);
226 (void)close(spamd_sock);
227 return DEFER;
228 };
229
230 /* now send the file */
231 /* spamd sometimes accepts conections but doesn't read data off
232 * the connection. We make the file descriptor non-blocking so
233 * that the write will only write sufficient data without blocking
234 * and we poll the desciptor to make sure that we can write without
235 * blocking. Short writes are gracefully handled and if the whole
236 * trasaction takes too long it is aborted.
237 * Note: poll() is not supported in OSX 10.2 and is reported to be
238 * broken in more recent versions (up to 10.4).
239 */
240 #ifndef NO_POLL_H
241 pollfd.fd = spamd_sock;
242 pollfd.events = POLLOUT;
243 #endif
244 (void)fcntl(spamd_sock, F_SETFL, O_NONBLOCK);
245 do {
246 read = fread(spamd_buffer,1,sizeof(spamd_buffer),mbox_file);
247 if (read > 0) {
248 offset = 0;
249 again:
250 #ifndef NO_POLL_H
251 result = poll(&pollfd, 1, 1000);
252
253 /* Patch posted by Erik ? for OS X and applied by PH */
254 #else
255 select_tv.tv_sec = 1;
256 select_tv.tv_usec = 0;
257 FD_ZERO(&select_fd);
258 FD_SET(spamd_sock, &select_fd);
259 result = select(spamd_sock+1, NULL, &select_fd, NULL, &select_tv);
260 #endif
261 /* End Erik's patch */
262
263 if (result == -1 && errno == EINTR)
264 goto again;
265 else if (result < 1) {
266 if (result == -1)
267 log_write(0, LOG_MAIN|LOG_PANIC,
268 "spam acl condition: %s on spamd socket", strerror(errno));
269 else {
270 if (time(NULL) - start < SPAMD_TIMEOUT)
271 goto again;
272 log_write(0, LOG_MAIN|LOG_PANIC,
273 "spam acl condition: timed out writing spamd socket");
274 }
275 (void)close(spamd_sock);
276 (void)fclose(mbox_file);
277 return DEFER;
278 }
279
280 wrote = send(spamd_sock,spamd_buffer + offset,read - offset,0);
281 if (wrote == -1)
282 {
283 log_write(0, LOG_MAIN|LOG_PANIC,
284 "spam acl condition: %s on spamd socket", strerror(errno));
285 (void)close(spamd_sock);
286 (void)fclose(mbox_file);
287 return DEFER;
288 }
289 if (offset + wrote != read) {
290 offset += wrote;
291 goto again;
292 }
293 }
294 }
295 while (!feof(mbox_file) && !ferror(mbox_file));
296 if (ferror(mbox_file)) {
297 log_write(0, LOG_MAIN|LOG_PANIC,
298 "spam acl condition: error reading spool file: %s", strerror(errno));
299 (void)close(spamd_sock);
300 (void)fclose(mbox_file);
301 return DEFER;
302 }
303
304 (void)fclose(mbox_file);
305
306 /* we're done sending, close socket for writing */
307 shutdown(spamd_sock,SHUT_WR);
308
309 /* read spamd response using what's left of the timeout.
310 */
311 memset(spamd_buffer, 0, sizeof(spamd_buffer));
312 offset = 0;
313 while((i = ip_recv(spamd_sock,
314 spamd_buffer + offset,
315 sizeof(spamd_buffer) - offset - 1,
316 SPAMD_TIMEOUT - time(NULL) + start)) > 0 ) {
317 offset += i;
318 }
319
320 /* error handling */
321 if((i <= 0) && (errno != 0)) {
322 log_write(0, LOG_MAIN|LOG_PANIC,
323 "spam acl condition: error reading from spamd socket: %s", strerror(errno));
324 (void)close(spamd_sock);
325 return DEFER;
326 }
327
328 /* reading done */
329 (void)close(spamd_sock);
330
331 /* dig in the spamd output and put the report in a multiline header, if requested */
332 if( sscanf(CS spamd_buffer,"SPAMD/%7s 0 EX_OK\r\nContent-length: %*u\r\n\r\n%lf/%lf\r\n%n",
333 spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3 ) {
334
335 /* try to fall back to pre-2.50 spamd output */
336 if( sscanf(CS spamd_buffer,"SPAMD/%7s 0 EX_OK\r\nSpam: %*s ; %lf / %lf\r\n\r\n%n",
337 spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3 ) {
338 log_write(0, LOG_MAIN|LOG_PANIC,
339 "spam acl condition: cannot parse spamd output");
340 return DEFER;
341 };
342 };
343
344 /* Create report. Since this is a multiline string,
345 we must hack it into shape first */
346 p = &spamd_buffer[spamd_report_offset];
347 q = spam_report_buffer;
348 while (*p != '\0') {
349 /* skip \r */
350 if (*p == '\r') {
351 p++;
352 continue;
353 };
354 *q = *p;
355 q++;
356 if (*p == '\n') {
357 *q = '\t';
358 q++;
359 /* eat whitespace */
360 while( (*p <= ' ') && (*p != '\0') ) {
361 p++;
362 };
363 p--;
364 };
365 p++;
366 };
367 /* NULL-terminate */
368 *q = '\0';
369 q--;
370 /* cut off trailing leftovers */
371 while (*q <= ' ') {
372 *q = '\0';
373 q--;
374 };
375 spam_report = spam_report_buffer;
376
377 /* create spam bar */
378 spamd_score_char = spamd_score > 0 ? '+' : '-';
379 j = abs((int)(spamd_score));
380 i = 0;
381 if( j != 0 ) {
382 while((i < j) && (i <= MAX_SPAM_BAR_CHARS))
383 spam_bar_buffer[i++] = spamd_score_char;
384 }
385 else{
386 spam_bar_buffer[0] = '/';
387 i = 1;
388 }
389 spam_bar_buffer[i] = '\0';
390 spam_bar = spam_bar_buffer;
391
392 /* create "float" spam score */
393 (void)string_format(spam_score_buffer, sizeof(spam_score_buffer),"%.1f", spamd_score);
394 spam_score = spam_score_buffer;
395
396 /* create "int" spam score */
397 j = (int)((spamd_score + 0.001)*10);
398 (void)string_format(spam_score_int_buffer, sizeof(spam_score_int_buffer), "%d", j);
399 spam_score_int = spam_score_int_buffer;
400
401 /* compare threshold against score */
402 if (spamd_score >= spamd_threshold) {
403 /* spam as determined by user's threshold */
404 spam_rc = OK;
405 }
406 else {
407 /* not spam */
408 spam_rc = FAIL;
409 };
410
411 /* remember user name and "been here" for it unless spamd_socket was expanded */
412 if (spamd_address_work == spamd_address) {
413 Ustrcpy(prev_user_name, user_name);
414 spam_ok = 1;
415 }
416
417 if (override) {
418 /* always return OK, no matter what the score */
419 return OK;
420 }
421 else {
422 return spam_rc;
423 };
424 }
425
426 #endif