.endd
-.section "Scanning with SpamAssassin and Rspamd" "SECTscanspamass"
+.section "Scanning with SpamAssassin" "SECTscanspamass"
.cindex "content scanning" "for spam"
.cindex "spam scanning"
.cindex "SpamAssassin"
-.cindex "Rspamd"
The &%spam%& ACL condition calls SpamAssassin's &%spamd%& daemon to get a spam
-score and a report for the message.
-Support is also provided for Rspamd.
-
-For more information about installation and configuration of SpamAssassin or
-Rspamd refer to their respective websites at
-&url(http://spamassassin.apache.org) and &url(http://www.rspamd.com)
-
-SpamAssassin can be installed with CPAN by running:
+score and a report for the message. You can get SpamAssassin at
+&url(http://www.spamassassin.org), or, if you have a working Perl
+installation, you can use CPAN by running:
.code
perl -MCPAN -e 'install Mail::SpamAssassin'
.endd
connection tracking may consider your half-closed connection as dead too
soon.
-
-To use Rspamd (which by default listens on all local addresses
-on TCP port 11333)
-you should add &%variant=rspamd%& after the address/port pair, for example:
-.code
-spamd_address = 127.0.0.1 11333 variant=rspamd
-.endd
-
As of version 2.60, &%SpamAssassin%& also supports communication over UNIX
sockets. If you want to us these, supply &%spamd_address%& with an absolute
file name instead of an address/port pair:
relevant if you have set up multiple SpamAssassin profiles. If you do not want
to scan using a specific profile, but rather use the SpamAssassin system-wide
default profile, you can scan for an unknown name, or simply use &"nobody"&.
-Rspamd does not use this setting. However, you must put something on the
-right-hand side.
+However, you must put something on the right-hand side.
The name allows you to use per-domain or per-user antispam profiles in
principle, but this is not straightforward in practice, because a message may
unencoded in headers.
.vitem &$spam_action$&
-For SpamAssassin either 'reject' or 'no action' depending on the
+Either 'reject' or 'no action' depending on the
spam score versus threshold.
-For Rspamd, the recommended action.
-
.endlist
The &%spam%& condition caches its results unless expansion in
explicitly pass a context around. This enables future use of TLS for
connections to service-daemons (eg. malware scanning) while a client smtp
connection is using TLS; with cutthrough connections this is quite likely.
+JH/15 Support for Rspamd, as a variant of the "spam" ACL condition used for
+ connecting to a SpamAssassain "spamd" daemon for content scanning, is
+ removed. Following changes to the protocol used for communication with
+ Rspamd it was apparently inoperable.
JH/16 Fix ARC verification to do AS checks in reverse order.
JH/16 Support a "tls" option on the ${readsocket } expansion item.
is limited to one retry unless the (new) config option dns_cname_loops
is changed.
+ * Support for Rspamd has been removed.
+
Exim version 4.91
-----------------
uschar spam_score_buffer[16];
uschar spam_score_int_buffer[16];
uschar spam_bar_buffer[128];
-uschar spam_action_buffer[32];
+uschar * spam_action_buffer;
uschar spam_report_buffer[32600];
uschar prev_user_name[128] = "";
int spam_ok = 0;
spamd_param_init(spamd_address_container *spamd)
{
/* default spamd server weight, time and priority value */
-spamd->is_rspamd = FALSE;
spamd->is_failed = FALSE;
spamd->weight = SPAMD_WEIGHT;
spamd->timeout = SPAMD_TIMEOUT;
return 0; /* OK */
}
-if (Ustrcmp(param, "variant=rspamd") == 0)
- {
- spamd->is_rspamd = TRUE;
- return 0;
- }
-
if (Ustrncmp(param, "tmo=", 4) == 0)
{
int sec = readconf_readtime((s = param+4), '\0', FALSE);
}
(void)fcntl(spamd_cctx.sock, F_SETFL, O_NONBLOCK);
-/* now we are connected to spamd on spamd_cctx.sock */
-if (sd->is_rspamd)
- {
- gstring * req_str;
- const uschar * s;
-
- req_str = string_append(NULL, 8,
- "CHECK RSPAMC/1.3\r\nContent-length: ", string_sprintf("%lu\r\n", mbox_size),
- "Queue-Id: ", message_id,
- "\r\nFrom: <", sender_address,
- ">\r\nRecipient-Number: ", string_sprintf("%d\r\n", recipients_count));
-
- for (i = 0; i < recipients_count; i ++)
- req_str = string_append(req_str, 3,
- "Rcpt: <", recipients_list[i].address, ">\r\n");
- if ((s = expand_string(US"$sender_helo_name")) && *s)
- req_str = string_append(req_str, 3, "Helo: ", s, "\r\n");
- if ((s = expand_string(US"$sender_host_name")) && *s)
- req_str = string_append(req_str, 3, "Hostname: ", s, "\r\n");
- if (sender_host_address)
- req_str = string_append(req_str, 3, "IP: ", sender_host_address, "\r\n");
- if ((s = expand_string(US"$authenticated_id")) && *s)
- req_str = string_append(req_str, 3, "User: ", s, "\r\n");
- req_str = string_catn(req_str, US"\r\n", 2);
- wrote = send(spamd_cctx.sock, req_str->s, req_str->ptr, 0);
- }
-else
- { /* spamassassin variant */
- (void)string_format(spamd_buffer,
- sizeof(spamd_buffer),
- "REPORT SPAMC/1.2\r\nUser: %s\r\nContent-length: %ld\r\n\r\n",
- user_name,
- mbox_size);
- /* send our request */
- wrote = send(spamd_cctx.sock, spamd_buffer, Ustrlen(spamd_buffer), 0);
- }
+/* now we are connected to spamd on spamd_sock */
+
+(void)string_format(spamd_buffer,
+ sizeof(spamd_buffer),
+ "REPORT SPAMC/1.2\r\nUser: %s\r\nContent-length: %ld\r\n\r\n",
+ user_name,
+ mbox_size);
+/* send our request */
+wrote = send(spamd_cctx.sock, spamd_buffer, Ustrlen(spamd_buffer), 0);
if (wrote == -1)
{
pollfd.fd = spamd_cctx.sock;
pollfd.events = POLLOUT;
#endif
-(void)fcntl(spamd_cctx.sock, F_SETFL, O_NONBLOCK);
do
{
read = fread(spamd_buffer,1,sizeof(spamd_buffer),mbox_file);
(void)fclose(mbox_file);
/* we're done sending, close socket for writing */
-if (!sd->is_rspamd)
- shutdown(spamd_cctx.sock,SHUT_WR);
+shutdown(spamd_cctx.sock, SHUT_WR);
/* read spamd response using what's left of the timeout. */
memset(spamd_buffer, 0, sizeof(spamd_buffer));
/* reading done */
(void)close(spamd_cctx.sock);
-if (sd->is_rspamd)
- { /* rspamd variant of reply */
- int r;
- if ( (r = sscanf(CS spamd_buffer,
- "RSPAMD/%7s 0 EX_OK\r\nMetric: default; %7s %lf / %lf / %lf\r\n%n",
- spamd_version, spamd_short_result, &spamd_score, &spamd_threshold,
- &spamd_reject_score, &spamd_report_offset)) != 5
- || spamd_report_offset >= offset /* verify within buffer */
- )
- {
- log_write(0, LOG_MAIN|LOG_PANIC,
- "%s cannot parse spamd %s, output: %d", loglabel, callout_address, r);
- return DEFER;
- }
- /* now parse action */
- p = &spamd_buffer[spamd_report_offset];
-
- if (Ustrncmp(p, "Action: ", sizeof("Action: ") - 1) == 0)
- {
- p += sizeof("Action: ") - 1;
- q = &spam_action_buffer[0];
- while (*p && *p != '\r' && (q - spam_action_buffer) < sizeof(spam_action_buffer) - 1)
- *q++ = *p++;
- *q = '\0';
- }
- }
-else
{ /* spamassassin */
/* dig in the spamd output and put the report in a multiline header,
if requested */
}
}
- Ustrcpy(spam_action_buffer,
- spamd_score >= spamd_threshold ? "reject" : "no action");
+ spam_action_buffer = spamd_score >= spamd_threshold ? US"reject" : US"no action";
}
/* Create report. Since this is a multiline string,
typedef struct spamd_address_container
{
uschar * hostspec;
- int is_rspamd:1;
int is_failed:1;
unsigned int weight;
unsigned int timeout;
+++ /dev/null
-# Exim test configuration 4003
-# Content-scan: rspamd interface
-
-.include DIR/aux-var/std_conf_prefix
-
-log_selector = +subject
-primary_hostname = myhost.test.ex
-
-spamd_address = 127.0.0.1 11333 variant=rspamd
-
-# ----- Main settings -----
-
-acl_smtp_rcpt = accept
-acl_smtp_data = c_data
-
-begin acl
-
-c_data:
- warn
- spam = nobody
- warn
- log_message = $spam_action $spam_report
- accept
-
-# ----- Routers -----
-
-begin routers
-
-r:
- driver = redirect
- data = :blackhole:
-
-# End
# Exim test configuration 4008
-# Content-scan: cmsline interface
+# Content-scan: cmdline interface
.include DIR/aux-var/std_conf_prefix
+++ /dev/null
-1999-03-02 09:44:33 10HmaX-0005vi-00 U=CALLER Warning: reject Action: reject\n Symbol: FAKE_SYMBOL_A(15.00)\n Symbol: FAKE_SYMBOL_B(0.00)\n Message-ID: undef
-1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss
-1999-03-02 09:44:33 10HmaX-0005vi-00 => :blackhole: <userx@test.ex> R=r
-1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
+++ /dev/null
-# content scan interface: rspamd
-#
-# The spooled file for scanning includes the test-runner's user name
-# hence size varies. Munge that.
-munge scanfile_size
-#
-server 11333
-<CHECK RSPAMC/1.3
-<Content-length:
-<Queue-Id:
-<From:
-<Recipient-Number: 1
-<Rcpt:
-<Helo:
-<User:
-<
-<From
-<X-Envelope-From
-<X-Envelope-To
-<Received:
-< by
-< (envelope
-< id
-< for
-<From:
-<Content-type: text/plain
-<Message-Id:
-<Sender:
-<Date:
-<
-<test
->RSPAMD/1.3 0 EX_OK
->Metric: default; True; 15.00 / 15.00 / 0.0
->Action: reject
->Symbol: FAKE_SYMBOL_A(15.00)
->Symbol: FAKE_SYMBOL_B(0.00)
->Message-ID: undef
-*eof
-****
-exim -odi -bs
-ehlo test.ex
-mail from:<>
-rcpt to:<userx@test.ex>
-data
-From: MAILER_DAEMON <>
-Content-type: text/plain
-
-test
-.
-quit
-****
for (count = 0; count < connection_count; count++)
{
- struct {
- int left;
- BOOL in_use;
- } content_length = { 0, FALSE };
-
alarm(timeout);
if (port <= 0)
{
alarm(timeout);
n = read(dup_accept_socket, CS buffer+offset, s->len - offset);
- if (content_length.in_use) content_length.left -= n;
if (n == 0)
{
printf("%sxpected EOF read from client\n",
if (data) do
{
n = (read(dup_accept_socket, &c, 1) == 1 && c == '.');
- if (content_length.in_use) content_length.left--;
while (c != '\n' && read(dup_accept_socket, &c, 1) == 1)
- if (content_length.in_use) content_length.left--;
+ ;
} while (!n);
else if (memcmp(ss, buffer, n) != 0)
{
goto END_OFF;
}
alarm(0);
- n = strlen(CS buffer);
- if (content_length.in_use) content_length.left -= (n - offset);
+ n = (int)strlen(CS buffer);
while (n > 0 && isspace(buffer[n-1])) n--;
buffer[n] = 0;
printf("%s\n", buffer);
break;
}
}
-
- if (sscanf(CCS buffer, "<Content-length: %d", &content_length.left))
- content_length.in_use = TRUE;
- if (content_length.in_use && content_length.left <= 0)
- shutdown(dup_accept_socket, SHUT_RD);
}
}
+++ /dev/null
-220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
-250-myhost.test.ex Hello CALLER at test.ex\r
-250-SIZE 52428800\r
-250-8BITMIME\r
-250-PIPELINING\r
-250 HELP\r
-250 OK\r
-250 Accepted\r
-354 Enter message, ending with "." on a line by itself\r
-250 OK id=10HmaX-0005vi-00\r
-221 myhost.test.ex closing connection\r
-
-******** SERVER ********
-Listening on port 11333 ...
-Connection request from [127.0.0.1]
-<CHECK RSPAMC/1.3
-<Content-length: ddd
-<Queue-Id: 10HmaX-0005vi-00
-<From: <CALLER@myhost.test.ex>
-<Recipient-Number: 1
-<Rcpt: <userx@test.ex>
-<Helo: test.ex
-<User: CALLER
-<
-<From MAILER-DAEMON Tue Mar 02 09:44:33 1999
-<X-Envelope-From: <CALLER@myhost.test.ex>
-<X-Envelope-To: userx@test.ex
-<Received: from CALLER (helo=test.ex)
-< by myhost.test.ex with local-esmtp (Exim x.yz)
-< (envelope-from <CALLER@myhost.test.ex>)
-< id 10HmaX-0005vi-00
-< for userx@test.ex; Tue, 2 Mar 1999 09:44:33 +0000
-<From: MAILER_DAEMON <>
-<Content-type: text/plain
-<Message-Id: <E10HmaX-0005vi-00@myhost.test.ex>
-<Sender: CALLER_NAME <CALLER@myhost.test.ex>
-<Date: Tue, 2 Mar 1999 09:44:33 +0000
-<
-<test
->RSPAMD/1.3 0 EX_OK
->Metric: default; True; 15.00 / 15.00 / 0.0
->Action: reject
->Symbol: FAKE_SYMBOL_A(15.00)
->Symbol: FAKE_SYMBOL_B(0.00)
->Message-ID: undef
-Expected EOF read from client
-End of script