2c5c8809f668b5d7e491896700bd2903ae01fd49
4 * Message and Spam Filter Plugin
6 * Copyright (c) 1999-2002 The SquirrelMail Project Team
7 * Licensed under the GNU GPL. For full terms see the file COPYING.
9 * This plugin filters your inbox into different folders based upon given
10 * criteria. It is most useful for people who are subscibed to mailing lists
11 * to help organize their messages. The argument stands that filtering is
12 * not the place of the client, which is why this has been made a plugin for
13 * SquirrelMail. You may be better off using products such as Sieve or
14 * Procmail to do your filtering so it happens even when SquirrelMail isn't
17 * If you need help with this, or see improvements that can be made, please
18 * email me directly at the address above. I definately welcome suggestions
19 * and comments. This plugin, as is the case with all SquirrelMail plugins,
20 * is not directly supported by the developers. Please come to me off the
21 * mailing list if you have trouble with it.
23 * Also view plugins/README.plugins for more information.
28 function filters_SaveCache () {
29 global $data_dir, $SpamFilters_DNScache;
31 if (file_exists($data_dir . "/dnscache")) {
32 $fp = fopen($data_dir . "/dnscache", "r");
39 $fp = fopen($data_dir . "/dnscache", "w+");
41 $fp = fopen($data_dir . "/dnscache", "r");
44 $fp1=fopen($data_dir . "/dnscache", "w+");
46 foreach ($SpamFilters_DNScache as $Key=> $Value) {
47 $tstr = $Key . ',' . $Value['L'] . ',' . $Value['T'] . "\n";
56 function filters_LoadCache () {
57 global $data_dir, $SpamFilters_DNScache;
59 if (file_exists($data_dir . "/dnscache")) {
60 $SpamFilters_DNScache = array();
61 if ($fp = fopen ($data_dir . "/dnscache", "r")) {
63 while ($data=fgetcsv($fp,1024)) {
64 if ($data[2] > time()) {
65 $SpamFilters_DNScache[$data[0]]['L'] = $data[1];
66 $SpamFilters_DNScache[$data[0]]['T'] = $data[2];
75 function filters_bulkquery($filters_spam_scan, $filters, $read) {
76 global $SpamFilters_YourHop, $attachment_dir, $username,
77 $SpamFilters_DNScache, $SpamFilters_BulkQuery,
78 $SpamFilters_CacheTTL;
82 while ($i < count($read)) {
83 // EIMS will give funky results
84 $Chunks = explode(' ', $read[$i]);
85 if ($Chunks[0] != '*') {
94 // Check for normal IMAP servers
95 if ($filters_spam_scan == 'new') {
96 if (is_int(strpos($Chunks[4], '\Seen'))) {
101 // Look through all of the Received headers for IP addresses
102 // Stop when I get ")" on a line
103 // Stop if I get "*" on a line (don't advance)
104 // and above all, stop if $i is bigger than the total # of lines
105 while (($i < count($read)) &&
106 ($read[$i][0] != ')' && $read[$i][0] != '*' &&
107 $read[$i][0] != "\n")) {
108 // Check to see if this line is the right "Received from" line
110 if (is_int(strpos($read[$i], $SpamFilters_YourHop))) {
112 // short-circuit and skip work if we don't scan this one
114 $read[$i] = ereg_replace('[^0-9\.]', ' ', $read[$i]);
115 $elements = explode(' ', $read[$i]);
116 foreach ($elements as $value) {
118 ereg('[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}',
120 $Chunks = explode('.', $value);
121 $IP = $Chunks[3] . '.' . $Chunks[2] . '.' .
122 $Chunks[1] . '.' . $Chunks[0];
123 foreach ($filters as $key => $value) {
124 if ($filters[$key]['enabled'] &&
125 $filters[$key]['dns']) {
126 if (strlen($SpamFilters_DNScache[$IP.'.'.$filters[$key]['dns']]) == 0) {
132 // If we've checked one IP and YourHop is
134 if ($SpamFilters_YourHop == ' ') {
135 break; // don't check any more
145 if (count($IPs) > 0) {
147 foreach ($filters as $key => $value) {
148 if ($filters[$key]['enabled']) {
149 if ($filters[$key]['dns']) {
150 $rbls[$filters[$key]['dns']] = true;
155 $bqfil = $attachment_dir . $username . "-bq.in";
156 $fp = fopen($bqfil, "w");
157 fputs ($fp, $SpamFilters_CacheTTL . "\n");
158 foreach ($rbls as $key => $value) {
159 fputs ($fp, "." . $key . "\n");
161 fputs ($fp, "----------\n");
162 foreach ($IPs as $key => $value) {
163 fputs ($fp, $key . "\n");
167 exec ($SpamFilters_BulkQuery . " < " . $bqfil, $bqout);
168 foreach ($bqout as $value) {
169 $Chunks = explode(',', $value);
170 $SpamFilters_DNScache[$Chunks[0]]['L'] = $Chunks[1];
171 $SpamFilters_DNScache[$Chunks[0]]['T'] = $Chunks[2] +
time();
178 function filters_sqimap_read_data ($imap_stream, $pre, $handle_errors, &$response, &$message) {
179 global $color, $squirrelmail_language, $imap_general_debug;
185 $read = fgets($imap_stream, 9096);
186 if (ereg("^$pre (OK|BAD|NO)(.*)$", $read, $regs)) {
187 break; // found end of reply
190 // Continue if needed for this single line
191 while (strpos($read, "\n") === false) {
192 $read .= fgets($imap_stream, 9096);
197 if (ereg("^\\* [0-9]+ FETCH.*\\{([0-9]+)\\}", $read, $regs)) {
199 if ($imap_general_debug) {
200 echo "<small><tt><font color=\"#CC0000\">Size is $size</font></tt></small><br>\n";
205 $read = fgets($imap_stream, 9096);
206 if ($imap_general_debug) {
207 echo "<small><tt><font color=\"#CC0000\">$read</font></tt></small><br>\n";
211 $total_size +
= strlen($read);
212 } while ($total_size < $size);
216 // For debugging purposes
217 if ($imap_general_debug) {
218 echo "<small><tt><font color=\"#CC0000\">$read</font></tt></small><br>\n";
223 $response = $regs[1];
224 $message = trim($regs[2]);
226 if ($imap_general_debug) {
230 if (!$handle_errors) {
234 if ($response == 'NO') {
235 // ignore this error from m$ exchange, it is not fatal (aka bug)
236 if (strstr($message, 'command resulted in') === false) {
237 set_up_language($squirrelmail_language);
238 echo "<br><b><font color=$color[2]>\n" .
239 _("ERROR : Could not complete request.") .
241 _("Reason Given: ") .
242 $message . "</font><br>\n";
245 } else if ($response == 'BAD') {
246 set_up_language($squirrelmail_language);
247 echo "<br><b><font color=$color[2]>\n" .
248 _("ERROR : Bad or malformed request.") .
250 _("Server responded: ") .
251 $message . "</font><br>\n";
259 function start_filters() {
260 global $mailbox, $username, $key, $imapServerAddress, $imapPort, $imap,
261 $imap_general, $filters, $imap_stream, $imapConnection,
262 $UseSeparateImapConnection, $AllowSpamFilters;
264 # if ($mailbox == 'INBOX') {
265 // Detect if we have already connected to IMAP or not.
266 // Also check if we are forced to use a separate IMAP connection
267 if ((!isset($imap_stream) && !isset($imapConnection)) ||
268 $UseSeparateImapConnection) {
269 $stream = sqimap_login($username, $key, $imapServerAddress,
271 $previously_connected = false;
272 } elseif (isset($imapConnection)) {
273 $stream = $imapConnection;
274 $previously_connected = true;
276 $previously_connected = true;
277 $stream = $imap_stream;
280 if (sqimap_get_num_messages($stream, 'INBOX') > 0) {
281 // Filter spam from inbox before we sort them into folders
282 if ($AllowSpamFilters) {
283 spam_filters($stream);
287 user_filters($stream);
290 if (!$previously_connected) {
291 sqimap_logout($stream);
297 function user_filters($imap_stream) {
298 $filters = load_filters();
299 if (! $filters) return;
301 sqimap_mailbox_select($imap_stream, 'INBOX');
304 for ($i=0; $i < count($filters); $i++
) {
305 // If it is the "combo" rule
306 if ($filters[$i]['where'] == 'To or Cc') {
308 * If it's "TO OR CC", we have to do two searches, one for TO
309 * and the other for CC.
311 filter_search_and_delete($imap_stream, 'TO',
312 $filters[$i]['what'], $filters[$i]['folder']);
313 filter_search_and_delete($imap_stream, 'CC',
314 $filters[$i]['what'], $filters[$i]['folder']);
317 * If it's a normal TO, CC, SUBJECT, or FROM, then handle it
320 filter_search_and_delete($imap_stream, $filters[$i]['where'],
321 $filters[$i]['what'], $filters[$i]['folder']);
324 // Clean out the mailbox whether or not auto_expunge is on
325 // That way it looks like it was redirected properly
326 sqimap_mailbox_expunge($imap_stream, 'INBOX');
329 function filter_search_and_delete($imap, $where, $what, $where_to) {
330 global $languages, $squirrelmail_language;
331 if (isset($languages[$squirrelmail_language]['CHARSET']) &&
332 $languages[$squirrelmail_language]['CHARSET']) {
333 $search_str = "SEARCH CHARSET "
334 . strtoupper($languages[$squirrelmail_language]['CHARSET'])
337 $search_str = "SEARCH CHARSET US-ASCII ALL ";
339 if ($where == "Header") {
340 $what = explode(':', $what);
341 $where = trim($where . ' ' . $what[0]);
342 $what = addslashes(trim($what[1]));
344 $search_str .= $where . ' {' . strlen($what) . "}\r\n" . $what . "\r\n";
346 fputs ($imap, "a001 $search_str");
347 $read = filters_sqimap_read_data ($imap, 'a001', true, $response, $message);
349 // This may have problems with EIMS due to it being goofy
351 for ($r=0; $r < count($read) &&
352 substr($read[$r], 0, 8) != '* SEARCH'; $r++
) {}
353 if ($response == 'OK') {
354 $ids = explode(' ', $read[$r]);
355 if (sqimap_mailbox_exists($imap, $where_to)) {
356 for ($j=2; $j < count($ids); $j++
) {
357 $id = trim($ids[$j]);
358 sqimap_messages_copy ($imap, $id, $id, $where_to);
359 sqimap_messages_flag ($imap, $id, $id, 'Deleted');
365 // These are the spam filters
366 function spam_filters($imap_stream) {
367 global $data_dir, $username;
368 global $SpamFilters_YourHop;
369 global $SpamFilters_DNScache;
370 global $SpamFilters_SharedCache;
371 global $SpamFilters_BulkQuery;
373 $filters_spam_scan = getPref($data_dir, $username, 'filters_spam_scan');
374 $filters_spam_folder = getPref($data_dir, $username, 'filters_spam_folder');
375 $filters = load_spam_filters();
377 if ($SpamFilters_SharedCache) {
383 foreach ($filters as $Key=> $Value) {
384 if ($Value['enabled']) {
394 sqimap_mailbox_select($imap_stream, 'INBOX');
396 // Ask for a big list of all "Received" headers in the inbox with
397 // flags for each message. Kinda big.
398 fputs($imap_stream, 'A3999 FETCH 1:* (FLAGS BODY.PEEK[HEADER.FIELDS ' .
401 $read = filters_sqimap_read_data ($imap_stream, 'A3999', true,
402 $response, $message);
404 if ($response != 'OK') {
408 if (strlen($SpamFilters_BulkQuery) > 0) {
409 filters_bulkquery($filters_spam_scan, $filters, $read);
413 while ($i < count($read)) {
414 // EIMS will give funky results
415 $Chunks = explode(' ', $read[$i]);
416 if ($Chunks[0] != '*') {
420 $MsgNum = $Chunks[1];
427 // Check for normal IMAP servers
428 if ($filters_spam_scan == 'new') {
429 if (is_int(strpos($Chunks[4], '\Seen'))) {
434 // Look through all of the Received headers for IP addresses
435 // Stop when I get ")" on a line
436 // Stop if I get "*" on a line (don't advance)
437 // and above all, stop if $i is bigger than the total # of lines
438 while (($i < count($read)) &&
439 ($read[$i][0] != ')' && $read[$i][0] != '*' &&
440 $read[$i][0] != "\n") && (! $IsSpam)) {
441 // Check to see if this line is the right "Received from" line
443 if (is_int(strpos($read[$i], $SpamFilters_YourHop))) {
445 // short-circuit and skip work if we don't scan this one
447 $read[$i] = ereg_replace('[^0-9\.]', ' ', $read[$i]);
448 $elements = explode(' ', $read[$i]);
449 foreach ($elements as $value) {
451 ereg('[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}',
453 $Chunks = explode('.', $value);
454 if (filters_spam_check_site($Chunks[0],
455 $Chunks[1], $Chunks[2], $Chunks[3],
458 break; // no sense in checking more IPs
460 // If we've checked one IP and YourHop is
462 if ($SpamFilters_YourHop == ' ') {
463 break; // don't check any more
472 // Lookie! It's spam! Yum!
474 if (sqimap_mailbox_exists($imap_stream, $filters_spam_folder)) {
475 sqimap_messages_copy ($imap_stream, $MsgNum, $MsgNum,
476 $filters_spam_folder);
477 sqimap_messages_flag ($imap_stream, $MsgNum, $MsgNum,
484 sqimap_mailbox_expunge($imap_stream, 'INBOX');
486 if ($SpamFilters_SharedCache) {
489 session_register('SpamFilters_DNScache');
494 // Does the loop through each enabled filter for the specified IP address.
495 // IP format: $a.$b.$c.$d
496 function filters_spam_check_site($a, $b, $c, $d, &$filters) {
497 global $SpamFilters_DNScache, $SpamFilters_CacheTTL;
498 foreach ($filters as $key => $value) {
499 if ($filters[$key]['enabled']) {
500 if ($filters[$key]['dns']) {
501 $filter_revip = $d . '.' . $c . '.' . $b . '.' . $a . '.' .
502 $filters[$key]['dns'];
503 if (strlen($SpamFilters_DNScache[$filter_revip]['L']) == 0) {
504 $SpamFilters_DNScache[$filter_revip]['L'] =
505 gethostbyname($filter_revip);
506 $SpamFilters_DNScache[$filter_revip]['T'] =
507 time() +
$SpamFilters_CacheTTL;
509 if ($SpamFilters_DNScache[$filter_revip]['L'] ==
510 $filters[$key]['result']) {
519 function load_filters() {
520 global $data_dir, $username;
522 for ($i=0; $fltr = getPref($data_dir, $username, 'filter' . $i); $i++
) {
523 $ary = explode(',', $fltr);
524 $filters[$i]['where'] = $ary[0];
525 $filters[$i]['what'] = $ary[1];
526 $filters[$i]['folder'] = $ary[2];
531 function load_spam_filters() {
532 global $data_dir, $username, $SpamFilters_ShowCommercial;
534 if ($SpamFilters_ShowCommercial) {
535 $filters['MAPS RBL']['prefname'] = 'filters_spam_maps_rbl';
536 $filters['MAPS RBL']['name'] = 'MAPS Realtime Blackhole List';
537 $filters['MAPS RBL']['link'] = 'http://www.mail-abuse.org/rbl/';
538 $filters['MAPS RBL']['dns'] = 'blackholes.mail-abuse.org';
539 $filters['MAPS RBL']['result'] = '127.0.0.2';
540 $filters['MAPS RBL']['comment'] =
541 _("COMMERCIAL - This list contains servers that are verified spam senders. It is a pretty reliable list to scan spam from.");
543 $filters['MAPS RSS']['prefname'] = 'filters_spam_maps_rss';
544 $filters['MAPS RSS']['name'] = 'MAPS Relay Spam Stopper';
545 $filters['MAPS RSS']['link'] = 'http://www.mail-abuse.org/rss/';
546 $filters['MAPS RSS']['dns'] = 'relays.mail-abuse.org';
547 $filters['MAPS RSS']['result'] = '127.0.0.2';
548 $filters['MAPS RSS']['comment'] =
549 _("COMMERCIAL - Servers that are configured (or misconfigured) to allow spam to be relayed through their system will be banned with this. Another good one to use.");
551 $filters['MAPS DUL']['prefname'] = 'filters_spam_maps_dul';
552 $filters['MAPS DUL']['name'] = 'MAPS Dial-Up List';
553 $filters['MAPS DUL']['link'] = 'http://www.mail-abuse.org/dul/';
554 $filters['MAPS DUL']['dns'] = 'dialups.mail-abuse.org';
555 $filters['MAPS DUL']['result'] = '127.0.0.3';
556 $filters['MAPS DUL']['comment'] =
557 _("COMMERCIAL - Dial-up users are often filtered out since they should use their ISP's mail servers to send mail. Spammers typically get a dial-up account and send spam directly from there.");
559 $filters['MAPS RBLplus-RBL']['prefname'] = 'filters_spam_maps_rblplus_rbl';
560 $filters['MAPS RBLplus-RBL']['name'] = 'MAPS RBL+ RBL List';
561 $filters['MAPS RBLplus-RBL']['link'] = 'http://www.mail-abuse.org/';
562 $filters['MAPS RBLplus-RBL']['dns'] = 'rbl-plus.mail-abuse.org';
563 $filters['MAPS RBLplus-RBL']['result'] = '127.0.0.2';
564 $filters['MAPS RBLplus-RBL']['comment'] =
565 _("COMMERCIAL - RBL+ Blackhole entries.");
567 $filters['MAPS RBLplus-RSS']['prefname'] = 'filters_spam_maps_rblplus_rss';
568 $filters['MAPS RBLplus-RSS']['name'] = 'MAPS RBL+ List RSS entries';
569 $filters['MAPS RBLplus-RSS']['link'] = 'http://www.mail-abuse.org/';
570 $filters['MAPS RBLplus-RSS']['dns'] = 'rbl-plus.mail-abuse.org';
571 $filters['MAPS RBLplus-RSS']['result'] = '127.0.0.2';
572 $filters['MAPS RBLplus-RSS']['comment'] =
573 _("COMMERCIAL - RBL+ OpenRelay entries.");
575 $filters['MAPS RBLplus-DUL']['prefname'] = 'filters_spam_maps_rblplus_dul';
576 $filters['MAPS RBLplus-DUL']['name'] = 'MAPS RBL+ List DUL entries';
577 $filters['MAPS RBLplus-DUL']['link'] = 'http://www.mail-abuse.org/';
578 $filters['MAPS RBLplus-DUL']['dns'] = 'rbl-plus.mail-abuse.org';
579 $filters['MAPS RBLplus-DUL']['result'] = '127.0.0.3';
580 $filters['MAPS RBLplus-DUL']['comment'] =
581 _("COMMERCIAL - RBL+ Dial-up entries.");
584 $filters['Osirusoft Relays']['prefname'] = 'filters_spam_maps_osirusoft_relay';
585 $filters['Osirusoft Relays']['name'] = 'Osirusoft Relay List';
586 $filters['Osirusoft Relays']['link'] = 'http://relays.osirusoft.com/';
587 $filters['Osirusoft Relays']['dns'] = 'relays.osirusoft.com';
588 $filters['Osirusoft Relays']['result'] = '127.0.0.2';
589 $filters['Osirusoft Relays']['comment'] =
590 _("FREE - Osirusoft Relays - Osirusofts list of verified open relays. Seems to include servers used by abuse@uunet.net auto-replies too.");
592 $filters['Osirusoft DUL']['prefname'] = 'filters_spam_maps_osirusoft_dul';
593 $filters['Osirusoft DUL']['name'] = 'Osirusoft Dialup List';
594 $filters['Osirusoft DUL']['link'] = 'http://relays.osirusoft.com/';
595 $filters['Osirusoft DUL']['dns'] = 'relays.osirusoft.com';
596 $filters['Osirusoft DUL']['result'] = '127.0.0.3';
597 $filters['Osirusoft DUL']['comment'] =
598 _("FREE - Osirusoft Dialups - Osirusofts Dialup Spam Source list.");
600 $filters['Osirusoft Spam Source']['prefname'] = 'filters_spam_maps_osirusoft_rc';
601 $filters['Osirusoft Spam Source']['name'] = 'Osirusoft Confirmed Spam Source List';
602 $filters['Osirusoft Spam Source']['link'] = 'http://relays.osirusoft.com/';
603 $filters['Osirusoft Spam Source']['dns'] = 'relays.osirusoft.com';
604 $filters['Osirusoft Spam Source']['result'] = '127.0.0.4';
605 $filters['Osirusoft Spam Source']['comment'] =
606 _("FREE - Osirusoft Confirmed Spam Source - Sites that continually spam and have been manually added after multiple nominations. Use with caution. Seems to catch abuse auto-replies from some ISPs.");
608 $filters['Osirusoft Smart Host']['prefname'] = 'filters_spam_maps_osirusoft_sh';
609 $filters['Osirusoft Smart Host']['name'] = 'Osirusoft Smart Host List';
610 $filters['Osirusoft Smart Host']['link'] = 'http://relays.osirusoft.com/';
611 $filters['Osirusoft Smart Host']['dns'] = 'relays.osirusoft.com';
612 $filters['Osirusoft Smart Host']['result'] = '127.0.0.5';
613 $filters['Osirusoft Smart Host']['comment'] =
614 _("FREE - Osirusoft Smart Hosts - List of hosts that are secure but relay for other mail servers that are not secure.");
616 $filters['Osirusoft SPAMware']['prefname'] = 'filters_spam_maps_osirusoft_ss';
617 $filters['Osirusoft SPAMware']['name'] = 'Osirusoft Spamware Developers List';
618 $filters['Osirusoft SPAMware']['link'] = 'http://relays.osirusoft.com/';
619 $filters['Osirusoft SPAMware']['dns'] = 'relays.osirusoft.com';
620 $filters['Osirusoft SPAMware']['result'] = '127.0.0.6';
621 $filters['Osirusoft SPAMware']['comment'] =
622 _("FREE - Osirusoft Spamware Developers - It is believed that these are IP ranges of companies that are known to produce spam software. Seems to catch abuse auto-replies from some ISPs.");
624 $filters['Osirusoft Unc. OptIn']['prefname'] = 'filters_spam_maps_osirusoft_sl';
625 $filters['Osirusoft Unc. OptIn']['name'] = 'Osirusoft Unconfirmed OptIn Server List';
626 $filters['Osirusoft Unc. OptIn']['link'] = 'http://relays.osirusoft.com/';
627 $filters['Osirusoft Unc. OptIn']['dns'] = 'relays.osirusoft.com';
628 $filters['Osirusoft Unc. OptIn']['result'] = '127.0.0.7';
629 $filters['Osirusoft Unc. OptIn']['comment'] =
630 _("FREE - Osirusoft Unconfirmed OptIn Servers - List of listservers that opt users in without confirmation.");
632 $filters['Osirusoft Insecure Formmail']['prefname'] = 'filters_spam_maps_osirusoft_fm';
633 $filters['Osirusoft Insecure Formmail']['name'] = 'Osirusoft Insecure formmail.cvi Script List';
634 $filters['Osirusoft Insecure Formmail']['link'] = 'http://relays.osirusoft.com/';
635 $filters['Osirusoft Insecure Formmail']['dns'] = 'relays.osirusoft.com';
636 $filters['Osirusoft Insecure Formmail']['result'] = '127.0.0.8';
637 $filters['Osirusoft Insecure Formmail']['comment'] =
638 _("FREE - Osirusoft Insecure formmail.cgi scripts - List of insecure formmail.cgi scripts. (planned).");
640 $filters['Osirusoft Open Proxy']['prefname'] = 'filters_spam_maps_osirusoft_op';
641 $filters['Osirusoft Open Proxy']['name'] = 'Osirusoft Open Proxy Server List';
642 $filters['Osirusoft Open Proxy']['link'] = 'http://relays.osirusoft.com/';
643 $filters['Osirusoft Open Proxy']['dns'] = 'relays.osirusoft.com';
644 $filters['Osirusoft Open Proxy']['result'] = '127.0.0.9';
645 $filters['Osirusoft Open Proxy']['comment'] =
646 _("FREE - Osirusoft Open Proxy Servers - List of Open Proxy Servers.");
648 $filters['ORDB']['prefname'] = 'filters_spam_ordb';
649 $filters['ORDB']['name'] = 'Open Relay Database List';
650 $filters['ORDB']['link'] = 'http://www.ordb.org/';
651 $filters['ORDB']['dns'] = 'relays.ordb.org';
652 $filters['ORDB']['result'] = '127.0.0.2';
653 $filters['ORDB']['comment'] =
654 _("FREE - ORDB was born when ORBS went off the air. It seems to have fewer false positives than ORBS did though.");
656 $filters['FiveTen Direct']['prefname'] = 'filters_spam_fiveten_src';
657 $filters['FiveTen Direct']['name'] = 'Five-Ten-sg.com Direct SPAM Sources';
658 $filters['FiveTen Direct']['link'] = 'http://www.five-ten-sg.com/blackhole.php';
659 $filters['FiveTen Direct']['dns'] = 'blackholes.five-ten-sg.com';
660 $filters['FiveTen Direct']['result'] = '127.0.0.2';
661 $filters['FiveTen Direct']['comment'] =
662 _("FREE - Five-Ten-sg.com - Direct SPAM sources.");
664 $filters['FiveTen DUL']['prefname'] = 'filters_spam_fiveten_dul';
665 $filters['FiveTen DUL']['name'] = 'Five-Ten-sg.com DUL Lists';
666 $filters['FiveTen DUL']['link'] = 'http://www.five-ten-sg.com/blackhole.php';
667 $filters['FiveTen DUL']['dns'] = 'blackholes.five-ten-sg.com';
668 $filters['FiveTen DUL']['result'] = '127.0.0.3';
669 $filters['FiveTen DUL']['comment'] =
670 _("FREE - Five-Ten-sg.com - Dial-up lists - includes some DSL IPs.");
672 $filters['FiveTen Unc. OptIn']['prefname'] = 'filters_spam_fiveten_oi';
673 $filters['FiveTen Unc. OptIn']['name'] = 'Five-Ten-sg.com Unconfirmed OptIn Lists';
674 $filters['FiveTen Unc. OptIn']['link'] = 'http://www.five-ten-sg.com/blackhole.php';
675 $filters['FiveTen Unc. OptIn']['dns'] = 'blackholes.five-ten-sg.com';
676 $filters['FiveTen Unc. OptIn']['result'] = '127.0.0.4';
677 $filters['FiveTen Unc. OptIn']['comment'] =
678 _("FREE - Five-Ten-sg.com - Bulk mailers that do not use confirmed opt-in.");
680 $filters['FiveTen Others']['prefname'] = 'filters_spam_fiveten_oth';
681 $filters['FiveTen Others']['name'] = 'Five-Ten-sg.com Other Misc. Servers';
682 $filters['FiveTen Others']['link'] = 'http://www.five-ten-sg.com/blackhole.php';
683 $filters['FiveTen Others']['dns'] = 'blackholes.five-ten-sg.com';
684 $filters['FiveTen Others']['result'] = '127.0.0.5';
685 $filters['FiveTen Others']['comment'] =
686 _("FREE - Five-Ten-sg.com - Other misc. servers.");
688 $filters['FiveTen Single Stage']['prefname'] = 'filters_spam_fiveten_ss';
689 $filters['FiveTen Single Stage']['name'] = 'Five-Ten-sg.com Single Stage Servers';
690 $filters['FiveTen Single Stage']['link'] = 'http://www.five-ten-sg.com/blackhole.php';
691 $filters['FiveTen Single Stage']['dns'] = 'blackholes.five-ten-sg.com';
692 $filters['FiveTen Single Stage']['result'] = '127.0.0.6';
693 $filters['FiveTen Single Stage']['comment'] =
694 _("FREE - Five-Ten-sg.com - Single Stage servers.");
696 $filters['FiveTen SPAM Support']['prefname'] = 'filters_spam_fiveten_supp';
697 $filters['FiveTen SPAM Support']['name'] = 'Five-Ten-sg.com SPAM Support Servers';
698 $filters['FiveTen SPAM Support']['link'] = 'http://www.five-ten-sg.com/blackhole.php';
699 $filters['FiveTen SPAM Support']['dns'] = 'blackholes.five-ten-sg.com';
700 $filters['FiveTen SPAM Support']['result'] = '127.0.0.7';
701 $filters['FiveTen SPAM Support']['comment'] =
702 _("FREE - Five-Ten-sg.com - SPAM Support servers.");
704 $filters['FiveTen Web forms']['prefname'] = 'filters_spam_fiveten_wf';
705 $filters['FiveTen Web forms']['name'] = 'Five-Ten-sg.com Web Form IPs';
706 $filters['FiveTen Web forms']['link'] = 'http://www.five-ten-sg.com/blackhole.php';
707 $filters['FiveTen Web forms']['dns'] = 'blackholes.five-ten-sg.com';
708 $filters['FiveTen Web forms']['result'] = '127.0.0.8';
709 $filters['FiveTen Web forms']['comment'] =
710 _("FREE - Five-Ten-sg.com - Web Form IPs.");
712 $filters['Dorkslayers']['prefname'] = 'filters_spam_dorks';
713 $filters['Dorkslayers']['name'] = 'Dorkslayers Lists';
714 $filters['Dorkslayers']['link'] = 'http://www.dorkslayers.com';
715 $filters['Dorkslayers']['dns'] = 'orbs.dorkslayers.com';
716 $filters['Dorkslayers']['result'] = '127.0.0.2';
717 $filters['Dorkslayers']['comment'] =
718 _("FREE - Dorkslayers appears to include only really bad open relays outside the US to avoid being sued. Interestingly enough, their website recommends you NOT use their service.");
720 $filters['SPAMhaus']['prefname'] = 'filters_spam_spamhaus';
721 $filters['SPAMhaus']['name'] = 'SPAMhaus Lists';
722 $filters['SPAMhaus']['link'] = 'http://www.spamhaus.org';
723 $filters['SPAMhaus']['dns'] = 'sbl.spamhaus.org';
724 $filters['SPAMhaus']['result'] = '127.0.0.6';
725 $filters['SPAMhaus']['comment'] =
726 _("FREE - SPAMhaus - A list of well-known SPAM sources.");
728 $filters['SPAMcop']['prefname'] = 'filters_spam_spamcop';
729 $filters['SPAMcop']['name'] = 'SPAM Cop Lists';
730 $filters['SPAMcop']['link'] = 'http://spamcop.net/bl.shtml';
731 $filters['SPAMcop']['dns'] = 'bl.spamcop.net';
732 $filters['SPAMcop']['result'] = '127.0.0.2';
733 $filters['SPAMcop']['comment'] =
734 _("FREE, for now - SPAMCOP - An interesting solution that lists servers that have a very high spam to legit email ratio (85% or more).");
736 $filters['dev.null.dk']['prefname'] = 'filters_spam_devnull';
737 $filters['dev.null.dk']['name'] = 'dev.null.dk Lists';
738 $filters['dev.null.dk']['link'] = 'http://dev.null.dk/';
739 $filters['dev.null.dk']['dns'] = 'dev.null.dk';
740 $filters['dev.null.dk']['result'] = '127.0.0.2';
741 $filters['dev.null.dk']['comment'] =
742 _("FREE - dev.null.dk - I don't have any detailed info on this list.");
744 $filters['visi.com']['prefname'] = 'filters_spam_visi';
745 $filters['visi.com']['name'] = 'visi.com Relay Stop List';
746 $filters['visi.com']['link'] = 'http://relays.visi.com';
747 $filters['visi.com']['dns'] = 'relays.visi.com';
748 $filters['visi.com']['result'] = '127.0.0.2';
749 $filters['visi.com']['comment'] =
750 _("FREE - visi.com - Relay Stop List. Very conservative OpenRelay List.");
752 $filters['2mbit.com Open Relays']['prefname'] = 'filters_spam_2mb_or';
753 $filters['2mbit.com Open Relays']['name'] = '2mbit.com Open Relays List';
754 $filters['2mbit.com Open Relays']['link'] = 'http://www.2mbit.com/sbl.php';
755 $filters['2mbit.com Open Relays']['dns'] = 'blackholes.2mbit.com';
756 $filters['2mbit.com Open Relays']['result'] = '127.0.0.2';
757 $filters['2mbit.com Open Relays']['comment'] =
758 _("FREE - 2mbit.com Open Relays - Another list of Open Relays.");
760 $filters['2mbit.com SPAM Source']['prefname'] = 'filters_spam_2mb_ss';
761 $filters['2mbit.com SPAM Source']['name'] = '2mbit.com SPAM Source List';
762 $filters['2mbit.com SPAM Source']['link'] = 'http://www.2mbit.com/sbl.php';
763 $filters['2mbit.com SPAM Source']['dns'] = 'blackholes.2mbit.com';
764 $filters['2mbit.com SPAM Source']['result'] = '127.0.0.4';
765 $filters['2mbit.com SPAM Source']['comment'] =
766 _("FREE - 2mbit.com SPAM Source - List of Direct SPAM Sources.");
768 $filters['2mbit.com SPAM ISPs']['prefname'] = 'filters_spam_2mb_isp';
769 $filters['2mbit.com SPAM ISPs']['name'] = '2mbit.com SPAM-friendly ISP List';
770 $filters['2mbit.com SPAM ISPs']['link'] = 'http://www.2mbit.com/sbl.php';
771 $filters['2mbit.com SPAM ISPs']['dns'] = 'blackholes.2mbit.com';
772 $filters['2mbit.com SPAM ISPs']['result'] = '127.0.0.10';
773 $filters['2mbit.com SPAM ISPs']['comment'] =
774 _("FREE - 2mbit.com SPAM ISPs - List of SPAM-friendly ISPs.");
776 $filters['Leadmon DUL']['prefname'] = 'filters_spam_lm_dul';
777 $filters['Leadmon DUL']['name'] = 'Leadmon.net DUL List';
778 $filters['Leadmon DUL']['link'] = 'http://www.leadmon.net/spamguard/';
779 $filters['Leadmon DUL']['dns'] = 'spamguard.leadmon.net';
780 $filters['Leadmon DUL']['result'] = '127.0.0.2';
781 $filters['Leadmon DUL']['comment'] =
782 _("FREE - Leadmon DUL - Another list of Dial-up or otherwise dynamically assigned IPs.");
784 $filters['Leadmon SPAM Source']['prefname'] = 'filters_spam_lm_ss';
785 $filters['Leadmon SPAM Source']['name'] = 'Leadmon.net SPAM Source List';
786 $filters['Leadmon SPAM Source']['link'] = 'http://www.leadmon.net/spamguard/';
787 $filters['Leadmon SPAM Source']['dns'] = 'spamguard.leadmon.net';
788 $filters['Leadmon SPAM Source']['result'] = '127.0.0.3';
789 $filters['Leadmon SPAM Source']['comment'] =
790 _("FREE - Leadmon SPAM Source - List of IPs Leadmon.net has received SPAM directly from.");
792 $filters['Leadmon Bulk Mailers']['prefname'] = 'filters_spam_lm_bm';
793 $filters['Leadmon Bulk Mailers']['name'] = 'Leadmon.net Bulk Mailers List';
794 $filters['Leadmon Bulk Mailers']['link'] = 'http://www.leadmon.net/spamguard/';
795 $filters['Leadmon Bulk Mailers']['dns'] = 'spamguard.leadmon.net';
796 $filters['Leadmon Bulk Mailers']['result'] = '127.0.0.4';
797 $filters['Leadmon Bulk Mailers']['comment'] =
798 _("FREE - Leadmon Bulk Mailers - Bulk mailers that do not require confirmed opt-in or that have allowed known spammers to become clients and abuse their services.");
800 $filters['Leadmon Open Relays']['prefname'] = 'filters_spam_lm_or';
801 $filters['Leadmon Open Relays']['name'] = 'Leadmon.net Open Relays List';
802 $filters['Leadmon Open Relays']['link'] = 'http://www.leadmon.net/spamguard/';
803 $filters['Leadmon Open Relays']['dns'] = 'spamguard.leadmon.net';
804 $filters['Leadmon Open Relays']['result'] = '127.0.0.5';
805 $filters['Leadmon Open Relays']['comment'] =
806 _("FREE - Leadmon Open Relays - Single Stage Open Relays that are not listed on other active RBLs.");
808 $filters['Leadmon Multi-stage']['prefname'] = 'filters_spam_lm_ms';
809 $filters['Leadmon Multi-stage']['name'] = 'Leadmon.net Multi-Stage Relay List';
810 $filters['Leadmon Multi-stage']['link'] = 'http://www.leadmon.net/spamguard/';
811 $filters['Leadmon Multi-stage']['dns'] = 'spamguard.leadmon.net';
812 $filters['Leadmon Multi-stage']['result'] = '127.0.0.6';
813 $filters['Leadmon Multi-stage']['comment'] =
814 _("FREE - Leadmon Multi-stage - Multi-Stage Open Relays that are not listed on other active RBLs and that have sent SPAM to Leadmon.net.");
816 $filters['Leadmon SpamBlock']['prefname'] = 'filters_spam_lm_sb';
817 $filters['Leadmon SpamBlock']['name'] = 'Leadmon.net SpamBlock Sites List';
818 $filters['Leadmon SpamBlock']['link'] = 'http://www.leadmon.net/spamguard/';
819 $filters['Leadmon SpamBlock']['dns'] = 'spamguard.leadmon.net';
820 $filters['Leadmon SpamBlock']['result'] = '127.0.0.7';
821 $filters['Leadmon SpamBlock']['comment'] =
822 _("FREE - Leadmon SpamBlock - Sites on this listing have sent Leadmon.net direct SPAM from IPs in netblocks where the entire block has no DNS mappings. It's a list of BLOCKS of IPs being used by people who have SPAMmed Leadmon.net.");
824 $filters['NJABL Open Relays']['prefname'] = 'filters_spam_njabl_or';
825 $filters['NJABL Open Relays']['name'] = 'NJABL Open Relay/Direct Spam Source List';
826 $filters['NJABL Open Relays']['link'] = 'http://www.njabl.org/';
827 $filters['NJABL Open Relays']['dns'] = 'dnsbl.njabl.org';
828 $filters['NJABL Open Relays']['result'] = '127.0.0.2';
829 $filters['NJABL Open Relays']['comment'] =
830 _("FREE, for now - Not Just Another Blacklist - Both Open Relays and Direct SPAM Sources.");
832 $filters['NJABL DUL']['prefname'] = 'filters_spam_njabl_dul';
833 $filters['NJABL DUL']['name'] = 'NJABL Dial-ups List';
834 $filters['NJABL DUL']['link'] = 'http://www.njabl.org/';
835 $filters['NJABL DUL']['dns'] = 'dnsbl.njabl.org';
836 $filters['NJABL DUL']['result'] = '127.0.0.3';
837 $filters['NJABL DUL']['comment'] =
838 _("FREE, for now - Not Just Another Blacklist - Dial-up IPs.");
840 foreach ($filters as $Key => $Value) {
841 $filters[$Key]['enabled'] = getPref($data_dir, $username,
842 $filters[$Key]['prefname']);
848 function remove_filter ($id) {
849 global $data_dir, $username;
851 while ($nextFilter = getPref($data_dir, $username, 'filter' .
853 setPref($data_dir, $username, 'filter' . $id, $nextFilter);
857 removePref($data_dir, $username, 'filter' . $id);
860 function filter_swap($id1, $id2) {
861 global $data_dir, $username;
863 $FirstFilter = getPref($data_dir, $username, 'filter' . $id1);
864 $SecondFilter = getPref($data_dir, $username, 'filter' . $id2);
866 if ($FirstFilter && $SecondFilter) {
867 setPref($data_dir, $username, 'filter' . $id2, $FirstFilter);
868 setPref($data_dir, $username, 'filter' . $id1, $SecondFilter);
872 /* This update the filter rules when
873 renaming or deleting folders */
874 function update_for_folder ($args) {
875 $old_folder = $args[0];
876 $new_folder = $args[2];
878 global $plugins, $data_dir, $username;
880 $filters = load_filters();
881 $filter_count = count($filters);
883 for ($i=0;$i<$filter_count;$i++
) {
884 if (!empty($filters)) {
885 if ($old_folder == $filters[$i]['folder']) {
886 if ($action == 'rename') {
887 $filters[$i]['folder'] = $new_folder;
888 setPref($data_dir, $username, 'filter'.$i,
889 $filters[$i]['where'].','.$filters[$i]['what'].','.$new_folder);
891 elseif ($action == 'delete') {