-/* $Cambridge: exim/src/src/spam.c,v 1.2 2004/12/16 15:11:47 tom Exp $ */
-
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
uschar prev_user_name[128] = "";
int spam_ok = 0;
int spam_rc = 0;
+uschar *prev_spamd_address_work = NULL;
-int spam(uschar **listptr) {
+int
+spam(uschar **listptr)
+{
int sep = 0;
uschar *list = *listptr;
uschar *user_name;
uschar user_name_buffer[128];
- unsigned long long mbox_size;
+ unsigned long mbox_size;
FILE *mbox_file;
- int spamd_sock;
+ int spamd_sock = -1;
uschar spamd_buffer[32600];
- int i, j, offset;
+ int i, j, offset, result;
uschar spamd_version[8];
uschar spamd_score_char;
double spamd_threshold, spamd_score;
int spamd_report_offset;
uschar *p,*q;
int override = 0;
+ time_t start;
+ size_t read, wrote;
struct sockaddr_un server;
+#ifndef NO_POLL_H
+ struct pollfd pollfd;
+#else /* Patch posted by Erik ? for OS X */
+ struct timeval select_tv; /* and applied by PH */
+ fd_set select_fd;
+#endif
+ uschar *spamd_address_work;
+ static const char * loglabel = US"spam acl condition:";
+
+ /* stop compiler warning */
+ result = 0;
/* find the username from the option list */
if ((user_name = string_nextinlist(&list, &sep,
user_name_buffer,
- sizeof(user_name_buffer))) == NULL) {
+ sizeof(user_name_buffer))) == NULL)
+ {
/* no username given, this means no scanning should be done */
return FAIL;
- };
+ }
/* if username is "0" or "false", do not scan */
if ( (Ustrcmp(user_name,"0") == 0) ||
- (strcmpic(user_name,US"false") == 0) ) {
+ (strcmpic(user_name,US"false") == 0) )
return FAIL;
- };
/* if there is an additional option, check if it is "true" */
- if (strcmpic(list,US"true") == 0) {
+ if (strcmpic(list,US"true") == 0)
/* in that case, always return true later */
override = 1;
- };
-
- /* if we scanned for this username last time, just return */
- if ( spam_ok && ( Ustrcmp(prev_user_name, user_name) == 0 ) ) {
- if (override)
- return OK;
- else
- return spam_rc;
- };
-
+
+ /* expand spamd_address if needed */
+ if (*spamd_address == '$')
+ {
+ spamd_address_work = expand_string(spamd_address);
+ if (spamd_address_work == NULL)
+ {
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "%s spamd_address starts with $, but expansion failed: %s",
+ loglabel, expand_string_message);
+ return DEFER;
+ }
+ }
+ else
+ spamd_address_work = spamd_address;
+
+ /* check if previous spamd_address was expanded and has changed. dump cached results if so */
+ if ( spam_ok
+ && prev_spamd_address_work != NULL
+ && Ustrcmp(prev_spamd_address_work, spamd_address_work) != 0
+ )
+ spam_ok = 0;
+
+ /* if we scanned for this username last time, just return */
+ if (spam_ok && Ustrcmp(prev_user_name, user_name) == 0)
+ return override ? OK : spam_rc;
+
/* make sure the eml mbox file is spooled up */
- mbox_file = spool_mbox(&mbox_size);
-
- if (mbox_file == NULL) {
+ mbox_file = spool_mbox(&mbox_size, NULL);
+
+ if (mbox_file == NULL)
+ {
/* error while spooling */
log_write(0, LOG_MAIN|LOG_PANIC,
- "spam acl condition: error while creating mbox spool file");
+ "%s error while creating mbox spool file", loglabel);
return DEFER;
- };
+ }
+
+ start = time(NULL);
/* socket does not start with '/' -> network socket */
- if (*spamd_address != '/') {
- time_t now = time(NULL);
+ if (*spamd_address_work != '/')
+ {
int num_servers = 0;
- int current_server = 0;
- int start_server = 0;
+ int current_server;
uschar *address = NULL;
- uschar *spamd_address_list_ptr = spamd_address;
+ uschar *spamd_address_list_ptr = spamd_address_work;
uschar address_buffer[256];
spamd_address_container * spamd_address_vector[32];
and register their addresses */
while ((address = string_nextinlist(&spamd_address_list_ptr, &sep,
address_buffer,
- sizeof(address_buffer))) != NULL) {
-
+ sizeof(address_buffer))) != NULL)
+ {
+
+ /* Potential memory leak as we never free the store. */
spamd_address_container *this_spamd =
(spamd_address_container *)store_get(sizeof(spamd_address_container));
-
+
/* grok spamd address and port */
- if( sscanf(CS address, "%s %u", this_spamd->tcp_addr, &(this_spamd->tcp_port)) != 2 ) {
+ if (sscanf(CS address, "%23s %u", this_spamd->tcp_addr, &this_spamd->tcp_port) != 2)
+ {
log_write(0, LOG_MAIN,
- "spam acl condition: warning - invalid spamd address: '%s'", address);
+ "%s warning - invalid spamd address: '%s'", loglabel, address);
continue;
- };
-
+ }
+
spamd_address_vector[num_servers] = this_spamd;
- num_servers++;
- if (num_servers > 31)
+ if ( ++num_servers
+ >= sizeof(spamd_address_vector)/sizeof(spamd_address_vector[0]))
break;
- };
-
+ }
+
/* check if we have at least one server */
- if (!num_servers) {
+ if (!num_servers)
+ {
log_write(0, LOG_MAIN|LOG_PANIC,
- "spam acl condition: no useable spamd server addresses in spamd_address configuration option.");
- fclose(mbox_file);
+ "%s no useable spamd server addresses in spamd_address configuration option.",
+ loglabel);
+ (void)fclose(mbox_file);
return DEFER;
- };
+ }
- current_server = start_server = (int)now % num_servers;
+ while (num_servers > 0)
+ {
+ int i;
+
+ /* Randomly pick a server to try */
+ current_server = random_number(num_servers);
- while (1) {
-
debug_printf("trying server %s, port %u\n",
spamd_address_vector[current_server]->tcp_addr,
spamd_address_vector[current_server]->tcp_port);
-
+
/* contact a spamd */
- if ( (spamd_sock = ip_socket(SOCK_STREAM, AF_INET)) < 0) {
+ if ((spamd_sock = ip_socket(SOCK_STREAM, AF_INET)) < 0)
+ {
log_write(0, LOG_MAIN|LOG_PANIC,
- "spam acl condition: error creating IP socket for spamd");
- fclose(mbox_file);
- return DEFER;
- };
-
- if (ip_connect( spamd_sock,
- AF_INET,
- spamd_address_vector[current_server]->tcp_addr,
- spamd_address_vector[current_server]->tcp_port,
- 5 ) > -1) {
+ "%s error creating IP socket for spamd", loglabel);
+ (void)fclose(mbox_file);
+ return DEFER;
+ }
+
+ if (ip_connect(spamd_sock,
+ AF_INET,
+ spamd_address_vector[current_server]->tcp_addr,
+ spamd_address_vector[current_server]->tcp_port,
+ 5 ) > -1)
/* connection OK */
break;
- };
-
+
log_write(0, LOG_MAIN|LOG_PANIC,
- "spam acl condition: warning - spamd connection to %s, port %u failed: %s",
+ "%s warning - spamd connection to %s, port %u failed: %s",
+ loglabel,
spamd_address_vector[current_server]->tcp_addr,
spamd_address_vector[current_server]->tcp_port,
strerror(errno));
- current_server++;
- if (current_server >= num_servers)
- current_server = 0;
- if (current_server == start_server) {
- log_write(0, LOG_MAIN|LOG_PANIC, "spam acl condition: all spamd servers failed");
- fclose(mbox_file);
- close(spamd_sock);
- return DEFER;
- };
- };
- }
- else {
+ (void)close(spamd_sock);
+
+ /* Remove the server from the list. XXX We should free the memory */
+ num_servers--;
+ for (i = current_server; i < num_servers; i++)
+ spamd_address_vector[i] = spamd_address_vector[i+1];
+ }
+
+ if (num_servers == 0)
+ {
+ log_write(0, LOG_MAIN|LOG_PANIC, "%s all spamd servers failed", loglabel);
+ (void)fclose(mbox_file);
+ return DEFER;
+ }
+ }
+ else
+ {
/* open the local socket */
- if ((spamd_sock = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) {
+ if ((spamd_sock = socket(AF_UNIX, SOCK_STREAM, 0)) < 0)
+ {
log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: spamd: unable to acquire socket (%s)",
+ "%s spamd: unable to acquire socket (%s)",
+ loglabel,
strerror(errno));
- fclose(mbox_file);
+ (void)fclose(mbox_file);
return DEFER;
- }
+ }
server.sun_family = AF_UNIX;
- Ustrcpy(server.sun_path, spamd_address);
+ Ustrcpy(server.sun_path, spamd_address_work);
- if (connect(spamd_sock, (struct sockaddr *) &server, sizeof(struct sockaddr_un)) < 0) {
+ if (connect(spamd_sock, (struct sockaddr *) &server, sizeof(struct sockaddr_un)) < 0)
+ {
log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: spamd: unable to connect to UNIX socket %s (%s)",
- spamd_address, strerror(errno) );
- fclose(mbox_file);
- close(spamd_sock);
+ "%s spamd: unable to connect to UNIX socket %s (%s)",
+ loglabel,
+ spamd_address_work, strerror(errno) );
+ (void)fclose(mbox_file);
+ (void)close(spamd_sock);
return DEFER;
+ }
}
- }
+ if (spamd_sock == -1)
+ {
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "programming fault, spamd_sock unexpectedly unset");
+ (void)fclose(mbox_file);
+ (void)close(spamd_sock);
+ return DEFER;
+ }
/* now we are connected to spamd on spamd_sock */
- snprintf(CS spamd_buffer,
+ (void)string_format(spamd_buffer,
sizeof(spamd_buffer),
- "REPORT SPAMC/1.2\r\nUser: %s\r\nContent-length: %lld\r\n\r\n",
+ "REPORT SPAMC/1.2\r\nUser: %s\r\nContent-length: %ld\r\n\r\n",
user_name,
mbox_size);
/* send our request */
- if (send(spamd_sock, spamd_buffer, Ustrlen(spamd_buffer), 0) < 0) {
- close(spamd_sock);
+ if (send(spamd_sock, spamd_buffer, Ustrlen(spamd_buffer), 0) < 0)
+ {
+ (void)close(spamd_sock);
log_write(0, LOG_MAIN|LOG_PANIC,
- "spam acl condition: spamd send failed: %s", strerror(errno));
- fclose(mbox_file);
- close(spamd_sock);
+ "%s spamd send failed: %s", loglabel, strerror(errno));
+ (void)fclose(mbox_file);
+ (void)close(spamd_sock);
return DEFER;
- };
+ }
/* now send the file */
- do {
- j = fread(spamd_buffer,1,sizeof(spamd_buffer),mbox_file);
- if (j > 0) {
- i = send(spamd_sock,spamd_buffer,j,0);
- if (i != j) {
- log_write(0, LOG_MAIN|LOG_PANIC,
- "spam acl condition: error/short send to spamd");
- close(spamd_sock);
- fclose(mbox_file);
+ /* spamd sometimes accepts conections but doesn't read data off
+ * the connection. We make the file descriptor non-blocking so
+ * that the write will only write sufficient data without blocking
+ * and we poll the desciptor to make sure that we can write without
+ * blocking. Short writes are gracefully handled and if the whole
+ * trasaction takes too long it is aborted.
+ * Note: poll() is not supported in OSX 10.2 and is reported to be
+ * broken in more recent versions (up to 10.4).
+ */
+#ifndef NO_POLL_H
+ pollfd.fd = spamd_sock;
+ pollfd.events = POLLOUT;
+#endif
+ (void)fcntl(spamd_sock, F_SETFL, O_NONBLOCK);
+ do
+ {
+ read = fread(spamd_buffer,1,sizeof(spamd_buffer),mbox_file);
+ if (read > 0)
+ {
+ offset = 0;
+again:
+#ifndef NO_POLL_H
+ result = poll(&pollfd, 1, 1000);
+
+/* Patch posted by Erik ? for OS X and applied by PH */
+#else
+ select_tv.tv_sec = 1;
+ select_tv.tv_usec = 0;
+ FD_ZERO(&select_fd);
+ FD_SET(spamd_sock, &select_fd);
+ result = select(spamd_sock+1, NULL, &select_fd, NULL, &select_tv);
+#endif
+/* End Erik's patch */
+
+ if (result == -1 && errno == EINTR)
+ goto again;
+ else if (result < 1)
+ {
+ if (result == -1)
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "%s %s on spamd socket", loglabel, strerror(errno));
+ else
+ {
+ if (time(NULL) - start < SPAMD_TIMEOUT)
+ goto again;
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "%s timed out writing spamd socket", loglabel);
+ }
+ (void)close(spamd_sock);
+ (void)fclose(mbox_file);
return DEFER;
- };
- };
- }
- while (j > 0);
+ }
+
+ wrote = send(spamd_sock,spamd_buffer + offset,read - offset,0);
+ if (wrote == -1)
+ {
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "%s %s on spamd socket", loglabel, strerror(errno));
+ (void)close(spamd_sock);
+ (void)fclose(mbox_file);
+ return DEFER;
+ }
+ if (offset + wrote != read)
+ {
+ offset += wrote;
+ goto again;
+ }
+ }
+ }
+ while (!feof(mbox_file) && !ferror(mbox_file));
- fclose(mbox_file);
+ if (ferror(mbox_file))
+ {
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "%s error reading spool file: %s", loglabel, strerror(errno));
+ (void)close(spamd_sock);
+ (void)fclose(mbox_file);
+ return DEFER;
+ }
+
+ (void)fclose(mbox_file);
/* we're done sending, close socket for writing */
shutdown(spamd_sock,SHUT_WR);
-
- /* read spamd response */
+
+ /* read spamd response using what's left of the timeout.
+ */
memset(spamd_buffer, 0, sizeof(spamd_buffer));
offset = 0;
- while((i = ip_recv(spamd_sock,
+ while ((i = ip_recv(spamd_sock,
spamd_buffer + offset,
sizeof(spamd_buffer) - offset - 1,
- SPAMD_READ_TIMEOUT)) > 0 ) {
+ SPAMD_TIMEOUT - time(NULL) + start)) > 0 )
offset += i;
- }
/* error handling */
- if((i <= 0) && (errno != 0)) {
+ if (i <= 0 && errno != 0)
+ {
log_write(0, LOG_MAIN|LOG_PANIC,
- "spam acl condition: error reading from spamd socket: %s", strerror(errno));
- close(spamd_sock);
+ "%s error reading from spamd socket: %s", loglabel, strerror(errno));
+ (void)close(spamd_sock);
return DEFER;
- }
+ }
/* reading done */
- close(spamd_sock);
+ (void)close(spamd_sock);
/* dig in the spamd output and put the report in a multiline header, if requested */
- if( sscanf(CS spamd_buffer,"SPAMD/%s 0 EX_OK\r\nContent-length: %*u\r\n\r\n%lf/%lf\r\n%n",
- spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3 ) {
-
+ if (sscanf(CS spamd_buffer,
+ "SPAMD/%7s 0 EX_OK\r\nContent-length: %*u\r\n\r\n%lf/%lf\r\n%n",
+ spamd_version, &spamd_score, &spamd_threshold,
+ &spamd_report_offset) != 3)
+ {
+
/* try to fall back to pre-2.50 spamd output */
- if( sscanf(CS spamd_buffer,"SPAMD/%s 0 EX_OK\r\nSpam: %*s ; %lf / %lf\r\n\r\n%n",
- spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3 ) {
+ if (sscanf(CS spamd_buffer,
+ "SPAMD/%7s 0 EX_OK\r\nSpam: %*s ; %lf / %lf\r\n\r\n%n",
+ spamd_version, &spamd_score, &spamd_threshold,
+ &spamd_report_offset) != 3 )
+ {
log_write(0, LOG_MAIN|LOG_PANIC,
- "spam acl condition: cannot parse spamd output");
+ "%s cannot parse spamd output", loglabel);
return DEFER;
- };
- };
+ }
+ }
/* Create report. Since this is a multiline string,
we must hack it into shape first */
p = &spamd_buffer[spamd_report_offset];
q = spam_report_buffer;
- while (*p != '\0') {
+ while (*p != '\0')
+ {
/* skip \r */
- if (*p == '\r') {
+ if (*p == '\r')
+ {
p++;
continue;
- };
- *q = *p;
- q++;
- if (*p == '\n') {
- *q = '\t';
- q++;
- /* eat whitespace */
- while( (*p <= ' ') && (*p != '\0') ) {
- p++;
- };
- p--;
- };
- p++;
- };
+ }
+ *q++ = *p;
+ if (*p++ == '\n')
+ {
+ /* add an extra space after the newline to ensure
+ that it is treated as a header continuation line */
+ *q++ = ' ';
+ }
+ }
/* NULL-terminate */
- *q = '\0';
- q--;
+ *q-- = '\0';
/* cut off trailing leftovers */
- while (*q <= ' ') {
- *q = '\0';
- q--;
- };
+ while (*q <= ' ')
+ *q-- = '\0';
+
spam_report = spam_report_buffer;
/* create spam bar */
spamd_score_char = spamd_score > 0 ? '+' : '-';
j = abs((int)(spamd_score));
i = 0;
- if( j != 0 ) {
- while((i < j) && (i <= MAX_SPAM_BAR_CHARS))
+ if (j != 0)
+ while ((i < j) && (i <= MAX_SPAM_BAR_CHARS))
spam_bar_buffer[i++] = spamd_score_char;
- }
- else{
+ else
+ {
spam_bar_buffer[0] = '/';
i = 1;
- }
+ }
spam_bar_buffer[i] = '\0';
spam_bar = spam_bar_buffer;
/* create "float" spam score */
- snprintf(CS spam_score_buffer, sizeof(spam_score_buffer),"%.1f", spamd_score);
+ (void)string_format(spam_score_buffer, sizeof(spam_score_buffer),"%.1f", spamd_score);
spam_score = spam_score_buffer;
/* create "int" spam score */
j = (int)((spamd_score + 0.001)*10);
- snprintf(CS spam_score_int_buffer, sizeof(spam_score_int_buffer), "%d", j);
+ (void)string_format(spam_score_int_buffer, sizeof(spam_score_int_buffer), "%d", j);
spam_score_int = spam_score_int_buffer;
/* compare threshold against score */
- if (spamd_score >= spamd_threshold) {
+ if (spamd_score >= spamd_threshold)
+ {
/* spam as determined by user's threshold */
spam_rc = OK;
- }
- else {
+ }
+ else
+ {
/* not spam */
spam_rc = FAIL;
- };
-
+ }
+
+ /* remember expanded spamd_address if needed */
+ if (spamd_address_work != spamd_address)
+ prev_spamd_address_work = string_copy(spamd_address_work);
+
/* remember user name and "been here" for it */
Ustrcpy(prev_user_name, user_name);
spam_ok = 1;
-
- if (override) {
- /* always return OK, no matter what the score */
+
+ if (override) /* always return OK, no matter what the score */
return OK;
- }
- else {
+ else
return spam_rc;
- };
}
#endif