[Qmail-scanner-general]qmail scanner + bogofilter (patch attached)
AV/content filter for Qmail
Brought to you by:
jhaar
From: <alt...@pm...> - 2003-07-30 15:36:03
|
I was looking for a way to make qmail-scanner to work togheter with bogofilter, so i decided to wrote the thing on myself. The code is derived from sub-spamassissin.pl . It is currently under test on my mail server and works correctly. Probably there is something else that need to be added (like help in configure script for the --bogofilter-dir option used to tell bogofilter where to store database). May be that someone find this patch useful... Sandro ----------------------- CUT HERE ------------------------- diff -Nur qmail-scanner-1.16/SYSDEF qmail-scanner-1.16+bogofilter/SYSDEF --- qmail-scanner-1.16/SYSDEF Thu Jan 1 00:00:00 1970 +++ qmail-scanner-1.16+bogofilter/SYSDEF Wed Jul 30 14:45:30 2003 @@ -0,0 +1,21 @@ + + +qmail-scanner-queue.pl + +Version: 1.16 + +Perl: Summary of my perl5 (5.0 patchlevel 5 subversion 3) configuration: + +Scanners: perlscanner, sweep_scanner, bogofilter + +Scanner versioning: sweep: 2.6/3.50. + +Operating System: FreeBSD, 4.3-RELEASE +Hardware: i386 + + + +Configuration information: + +./configure --spooldir /var/spool/qmailscan --qmaildir /var/qmail --bindir /var/qmail/bin --qmail-queue-binary /var/qmail/bin/qmail-queue --admin root --domain emaze.net --notify sender,admin,recips --local-domains emaze.net --silent-viruses auto --lang en_GB --debug 1 --unzip 1 --add-dscr-hdrs 0 --archive 1 --redundant 0 --log-details 0 --fix-mime 1 --scanners "auto" + diff -Nur qmail-scanner-1.16/configure qmail-scanner-1.16+bogofilter/configure --- qmail-scanner-1.16/configure Mon Feb 10 21:03:37 2003 +++ qmail-scanner-1.16+bogofilter/configure Wed Jul 30 14:40:07 2003 @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/sh # #Pipe into bash if it's present @@ -34,7 +34,7 @@ VERSION=`grep '^# Version: ' qmail-scanner-queue.template` VERSION=`echo $VERSION|awk '{print $NF}'` -SUPPORTED_SCANNERS="sweep,sophie,vscan,trophie,uvscan,csav,antivir,kavscanner,AvpLinux,kavdaemon,AvpDaemonClient,fsav,fprot,inocucmd,ravlin,clamscan,verbose_spamassassin,fast_spamassassin" +SUPPORTED_SCANNERS="sweep,sophie,vscan,trophie,uvscan,csav,antivir,kavscanner,AvpLinux,kavdaemon,AvpDaemonClient,fsav,fprot,inocucmd,ravlin,clamscan,verbose_spamassassin,fast_spamassassin,bogofilter" SILENT_VIRUSES="klez,bugbear,hybris,yaha,braid,nimda,tanatos,sobig,winevar" @@ -109,6 +109,7 @@ --qmail-queue-binary) if [ "$2" != "" ] ; then shift ; fi ; QMAILQUEUE_BIN="$1" ;; --mime-unpacker) if [ "$2" != "" ] ; then shift ; fi ; MIME_UNPACKER="$1" ;; --install) INSTALLIT="1" ; if [ "$2" != "" -a "`echo $2|grep '\-'`" = "" ] ; then shift ; fi ;; + --bogofilter-dir) if [ "$2" != "" ] ; then shift ; fi ; BOGOFILTER_DIR="$1" ;; *) cat <<EOF >&2 invalid option: $1 valid options: @@ -796,6 +797,17 @@ fi fi fi + if [ "`echo $FIND_SCANNERS|grep bogofilter`" != "" ]; then + if test -x $dir/bogofilter + then + BOGOFILTER_BINARY="$dir/bogofilter" + BOGOFILTER_OPTIONS="-p -v -e" + if test -n $BOGOFILTER_DIR + then + BOGOFILTER_OPTIONS="$BOGOFILTER_OPTIONS -d $BOGOFILTER_DIR" + fi + fi + fi if test -x $dir/find then FIND="${FIND:-$dir/find}" @@ -1182,6 +1194,11 @@ fi fi +if [ "$BOGOFILTER_BINARY" != "" ]; then + echo "bogofilter=$BOGOFILTER_BINARY"; + SCANNER_ARRAY="$SCANNER_ARRAY,\"bogofilter\"" +fi + USERNAME=${USERNAME:-$LOGNAME} SCANNER_ARRAY=`echo $SCANNER_ARRAY|sed 's/^,//g'` @@ -1360,6 +1377,9 @@ s?SPAMC_BINARY?$SPAMC_BINARY?g; s?SPAMC_OPTIONS?$SPAMC_OPTIONS?g; s?SPAMC_SUBJECT?$SPAMC_SUBJECT?g; +s?BOGOFILTER_BINARY?$BOGOFILTER_BINARY?g; +s?BOGOFILTER_OPTIONS?$BOGOFILTER_OPTIONS?g; +s?BOGOFILTER_SUBJECT?$BOGOFILTER_SUBJECT?g; s?USERNAME?$USERNAME?g; s?FQDN?$FQDN?g; s?MAILDOMAIN?$MAILDOMAIN?g; diff -Nur qmail-scanner-1.16/qmail-scanner-queue.template qmail-scanner-1.16+bogofilter/qmail-scanner-queue.template --- qmail-scanner-1.16/qmail-scanner-queue.template Mon Feb 3 02:07:23 2003 +++ qmail-scanner-1.16+bogofilter/qmail-scanner-queue.template Wed Jul 30 14:07:32 2003 @@ -192,7 +192,10 @@ my $spamc_options='SPAMC_OPTIONS'; my $spamc_subject='SPAMC_SUBJECT'; my $spamassassin_binary='SPAMASSASSIN_BINARY'; -my ($sa_comment,$tag_score); +my $bogofilter_binary='BOGOFILTER_BINARY'; +my $bogofilter_options='BOGOFILTER_OPTIONS'; +my $bogofilter_subject='BOGOFILTER_SUBJECT'; +my ($bf_comment, $sa_comment,$tag_score); $ENV{'PATH'}='/bin:/usr/bin'; @@ -854,6 +857,7 @@ print QMQ " ($SCANINFO Clear:$tag_score. \n"; print QMQ " Processed in $elapsed_time secs); $findate\n"; print QMQ "X-Spam-Status: $sa_comment\n" if ($sa_comment ne ""); + print QMQ "X-Spam-Status: $bf_comment\n" if ($bf_comment ne ""); if ( $descriptive_hdrs ) { print QMQ "${V_HEADER}-Mail-From: $returnpath via $hostname\n"; print QMQ "${V_HEADER}-Rcpt-To: $recips\n" if ($descriptive_hdrs eq "2"); @@ -863,7 +867,7 @@ while (<STDIN>) { if ($still_headers) { #remove any X-Spam-Status IFF we've set a SA value ourselves - if ($sa_comment ne "" && /^X-Spam-Status:/i) { + if (($bf_comment ne "" || $sa_comment ne "") && /^X-Spam-Status:/i) { #Hmm, better get rid of any other continuation headers to this! while (<STDIN>) { $still_headers=0 if (/^(\r|\r\n|\n)$/); @@ -874,7 +878,7 @@ } } } - if ($sa_comment =~ /^yes/i && /^(Subject):(\s?)([^\n]+)\n/i && $spamc_subject ne "" ) { + if (($bf_comment = ~ /^yes/i || $sa_comment =~ /^yes/i) && /^(Subject):(\s?)([^\n]+)\n/i && ($spamc_subject ne "" || $bogofilter_subject ne "")) { $altered_subject="$1: $spamc_subject $3"; if ($altered_subject !~ /^: \Q$spamc_subject\E/) { &debug("altering subject line to $altered_subject"); diff -Nur qmail-scanner-1.16/sub-bogofilter.pl qmail-scanner-1.16+bogofilter/sub-bogofilter.pl --- qmail-scanner-1.16/sub-bogofilter.pl Thu Jan 1 00:00:00 1970 +++ qmail-scanner-1.16+bogofilter/sub-bogofilter.pl Wed Jul 30 14:44:57 2003 @@ -0,0 +1,50 @@ +sub bogofilter { + #Only run BF if mail is from a "remote" SMTP client, or QS_BOGOFILTER + #is defined via tcpserver... + return if (defined($ENV{'RELAYCLIENT'}) && !defined($ENV{'QS_BOGOFILTER'})); + #bogofilter + my ($bogofilter_found); + my ($start_bogofilter_time)=[gettimeofday]; + my ($DD,$bogofilter_status,$stop_bogofilter_time,$bogofilter_time); + my ($bf_status)=0; + my ($bf_score)=0; my ($bf_max)=0; + my ($bf_version); + &debug("BF: run $bogofilter_binary $bogofilter_options < $scandir/$wmaildir/new/$file_id"); + open(BF,"$bogofilter_binary $bogofilter_options < $scandir/$wmaildir/new/$file_id|")||&tempfail("cannot run $bogofilter_binary < $scandir/$wmaildir/new/$file_id - $!"); + open(SOUT,">$scandir/$wmaildir/new/$file_id.bogof")||&tempfail("cannot open for write $scandir/$wmaildir/new/$file_id.bogof - $!"); + while (<BF>) { + if (/^X-Bogosity: (Yes|No), tests=bogofilter, spamicity=(.*), version=(.*)/) { + $bf_status=1 if ($1 eq "Yes"); + $bf_score=$2;$bf_version=$3; + } + print SOUT; + } + close(SA); + $bogofilter_status=($? >> 8); + $bf_status = $bogofilter_status if ($bogofilter_options !~ /\-e/); + close(SOUT); + + $bf_score='0' if (!$bf_score); + + if ($bogofilter_options =~ /\-e/ && -s "$scandir/$wmaildir/new/$file_id.bogof" && $bogofilter_status == 0) { + &debug("BF: overwriting $scandir/$wmaildir/new/$file_id with $scandir/$wmaildir/new/$file_id.bogof"); + rename ("$scandir/$wmaildir/new/$file_id.bogof","$scandir/$wmaildir/new/$file_id"); + } else { + unlink("$scandir/$wmaildir/new/$file_id.bogof"); + } + &debug("BF: bf_status=$bf_status, options=$bogofilter_options"); + if ($bf_status == 0) { + $tag_score .= "BF:0($bf_score):"; + $bf_comment = "No, score too low ($bf_score)" if ($bogofilter_options =~ /\-v/); + &debug("BF: no SPAM ($bf_comment)"); + } else { + $tag_score .= "BF:1($bf_score):"; + $bf_comment = "Yes, score is $bf_score" if ($bogofilter_options =~ /\-v/); + &debug("BF: yup, this smells like SPAM"); + } + $stop_bogofilter_time=[gettimeofday]; + $bogofilter_time = tv_interval ($start_bogofilter_time, $stop_bogofilter_time); + &debug("bogofilter: finished scan of dir \"$scandir/$file_id\" in $bogofilter_time secs"); +} + + ----------------------- CUT HERE ------------------------- |