From a7df7986ae0bda408d16ecee8cfba9ea50e20aff Mon Sep 17 00:00:00 2001 From: SJ Date: Thu, 26 Jan 2012 14:35:51 +0100 Subject: [PATCH] added spam result detection support --- etc/example.conf | 16 ++++++++++++++++ src/cfg.c | 1 + src/cfg.h | 2 ++ src/defs.h | 1 + src/message.c | 2 +- src/misc.c | 2 ++ src/parser.c | 4 ++++ src/test.c | 2 ++ util/db-mysql.sql | 6 ++++++ 9 files changed, 35 insertions(+), 1 deletion(-) diff --git a/etc/example.conf b/etc/example.conf index 0ef94470..94783222 100644 --- a/etc/example.conf +++ b/etc/example.conf @@ -48,6 +48,22 @@ piler_header_field=X-piler: piler already archived this email ; the direction of the given email mydomains= + +; if piler detects this line in the mail header, then it will assume +; the message is a spam. You should include your own antispam solution's +; specific line. +; +; If you use SpamAssassin you may use +; +; spam_header_line=X-Spam-Status: Yes +; +; OR +; +; spam_header_line=X-Spam-Level: ******** +; +; The default value is empty. +spam_header_line= + ; ; memcached stuff ; diff --git a/src/cfg.c b/src/cfg.c index d8f8564a..5db63168 100644 --- a/src/cfg.c +++ b/src/cfg.c @@ -85,6 +85,7 @@ struct _parse_rule config_parse_rules[] = { "piler_header_field", "string", (void*) string_parser, offsetof(struct __config, piler_header_field), "", MAXVAL-1}, { "queuedir", "string", (void*) string_parser, offsetof(struct __config, queuedir), QUEUE_DIR, MAXVAL-1}, { "session_timeout", "integer", (void*) int_parser, offsetof(struct __config, session_timeout), "420", sizeof(int)}, + { "spam_header_line", "string", (void*) string_parser, offsetof(struct __config, spam_header_line), "", MAXVAL-1}, { "sqlite3_pragma", "string", (void*) string_parser, offsetof(struct __config, sqlite3_pragma), "", MAXVAL-1}, { "update_counters_to_memcached", "integer", (void*) int_parser, offsetof(struct __config, update_counters_to_memcached), "0", sizeof(int)}, { "username", "string", (void*) string_parser, offsetof(struct __config, username), "piler", MAXVAL-1}, diff --git a/src/cfg.h b/src/cfg.h index 3c44d1cb..491af6e8 100644 --- a/src/cfg.h +++ b/src/cfg.h @@ -45,6 +45,8 @@ struct __config { char mydomains[MAXVAL]; + char spam_header_line[MAXVAL]; + // mysql stuff char mysqlhost[MAXVAL]; diff --git a/src/defs.h b/src/defs.h index f8d5402d..10bc90cc 100644 --- a/src/defs.h +++ b/src/defs.h @@ -156,6 +156,7 @@ struct session_data { char attachments[SMALLBUFSIZE]; char internal_sender, internal_recipient, external_recipient; int direction; + int spam_message; int fd, hdr_len, tot_len, num_of_rcpt_to, rav; int need_scan; float __acquire, __parsed, __av, __store, __compress, __encrypt; diff --git a/src/message.c b/src/message.c index 2561b064..8596d675 100644 --- a/src/message.c +++ b/src/message.c @@ -293,7 +293,7 @@ int store_meta_data(struct session_data *sdata, struct _state *state, struct __c digest_string(s, &vcode[0]); - snprintf(s, MAXBUFSIZE-1, "INSERT INTO %s (`from`,`fromdomain`,`subject`,`arrived`,`sent`,`size`,`hlen`,`direction`,`attachments`,`piler_id`,`message_id`,`digest`,`bodydigest`,`vcode`) VALUES(?,?,?,%ld,%ld,%d,%d,%d,%d,'%s',?,'%s','%s','%s')", SQL_METADATA_TABLE, sdata->now, sdata->sent, sdata->tot_len, sdata->hdr_len, sdata->direction, state->n_attachments, sdata->ttmpfile, sdata->digest, sdata->bodydigest, vcode); + snprintf(s, MAXBUFSIZE-1, "INSERT INTO %s (`from`,`fromdomain`,`subject`,`spam`,`arrived`,`sent`,`size`,`hlen`,`direction`,`attachments`,`piler_id`,`message_id`,`digest`,`bodydigest`,`vcode`) VALUES(?,?,?,%d,%ld,%ld,%d,%d,%d,%d,'%s',?,'%s','%s','%s')", SQL_METADATA_TABLE, sdata->spam_message, sdata->now, sdata->sent, sdata->tot_len, sdata->hdr_len, sdata->direction, state->n_attachments, sdata->ttmpfile, sdata->digest, sdata->bodydigest, vcode); if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: meta sql: *%s*", sdata->ttmpfile, s); diff --git a/src/misc.c b/src/misc.c index 0b897415..537694fc 100644 --- a/src/misc.c +++ b/src/misc.c @@ -397,6 +397,8 @@ void init_session_data(struct session_data *sdata){ sdata->rav = AVIR_OK; + sdata->spam_message = 0; + sdata->__acquire = sdata->__parsed = sdata->__av = sdata->__store = sdata->__compress = sdata->__encrypt = 0; diff --git a/src/parser.c b/src/parser.c index c279adc0..2b986ece 100644 --- a/src/parser.c +++ b/src/parser.c @@ -106,6 +106,10 @@ int parse_line(char *buf, struct _state *state, struct session_data *sdata, stru sdata->restored_copy = 1; } + if(state->is_1st_header == 1 && *(cfg->spam_header_line) != '\0' && strncmp(buf, cfg->spam_header_line, strlen(cfg->spam_header_line)) == 0){ + sdata->spam_message = 1; + } + //printf("buf: %s", buf); if(state->message_rfc822 == 0 && (buf[0] == '\r' || buf[0] == '\n') ){ diff --git a/src/test.c b/src/test.c index e26bac0b..80928644 100644 --- a/src/test.c +++ b/src/test.c @@ -97,6 +97,8 @@ int main(int argc, char **argv){ printf("direction: %d\n", sdata.direction); + printf("spam: %d\n", sdata.spam_message); + printf("\n\n"); mysql_close(&(sdata.mysql)); diff --git a/util/db-mysql.sql b/util/db-mysql.sql index f75b80d6..e4a859c5 100644 --- a/util/db-mysql.sql +++ b/util/db-mysql.sql @@ -35,6 +35,7 @@ create table if not exists `metadata` ( `from` char(255) not null, `fromdomain` char(48) not null, `subject` text(512) default null, + `spam` tinyint(1) default 0, `arrived` int not null, `sent` int not null, `deleted` tinyint(1) default 0, @@ -221,3 +222,8 @@ create table if not exists `audit` ( primary key (`id`) ) ENGINE=InnoDB; +create index `audit_idx` on `audit`(`email`); +create index `audit_idx2` on `audit`(`action`); +create index `audit_idx3` on `audit`(`ipaddr`); +create index `audit_idx4` on `audit`(`ts`); +