Compare commits
No commits in common. "c8" and "imports/c8/spamassassin-3.4.2-7.el8" have entirely different histories.
c8
...
imports/c8
4
.gitignore
vendored
4
.gitignore
vendored
@ -1,2 +1,2 @@
|
|||||||
SOURCES/Mail-SpamAssassin-3.4.6.tar.bz2
|
SOURCES/Mail-SpamAssassin-3.4.2.tar.bz2
|
||||||
SOURCES/Mail-SpamAssassin-rules-3.4.6.r1888502.tgz
|
SOURCES/Mail-SpamAssassin-rules-3.4.2.r1840640.tgz
|
||||||
|
@ -1,2 +1,2 @@
|
|||||||
26390aa8c9176c7d280252e4f01defe031373d32 SOURCES/Mail-SpamAssassin-3.4.6.tar.bz2
|
9d3128dfe943be5e429edbd77883179138f40536 SOURCES/Mail-SpamAssassin-3.4.2.tar.bz2
|
||||||
bc4a64ed49f6df75d6bce8396fa476548a66d755 SOURCES/Mail-SpamAssassin-rules-3.4.6.r1888502.tgz
|
c93006e1572297f816a0e186a98cbbae246a4945 SOURCES/Mail-SpamAssassin-rules-3.4.2.r1840640.tgz
|
||||||
|
44
SOURCES/0001-Drop-the-ResourceLimits-plugin.patch
Normal file
44
SOURCES/0001-Drop-the-ResourceLimits-plugin.patch
Normal file
@ -0,0 +1,44 @@
|
|||||||
|
diff --git a/MANIFEST b/MANIFEST
|
||||||
|
index 95e2af5..d1aa471 100644
|
||||||
|
--- a/MANIFEST
|
||||||
|
+++ b/MANIFEST
|
||||||
|
@@ -100,7 +100,6 @@ lib/Mail/SpamAssassin/Plugin/Pyzor.pm
|
||||||
|
lib/Mail/SpamAssassin/Plugin/Razor2.pm
|
||||||
|
lib/Mail/SpamAssassin/Plugin/RelayCountry.pm
|
||||||
|
lib/Mail/SpamAssassin/Plugin/RelayEval.pm
|
||||||
|
-lib/Mail/SpamAssassin/Plugin/ResourceLimits.pm
|
||||||
|
lib/Mail/SpamAssassin/Plugin/ReplaceTags.pm
|
||||||
|
lib/Mail/SpamAssassin/Plugin/Reuse.pm
|
||||||
|
lib/Mail/SpamAssassin/Plugin/Rule2XSBody.pm
|
||||||
|
diff --git a/lib/Mail/SpamAssassin/Util/DependencyInfo.pm b/lib/Mail/SpamAssassin/Util/DependencyInfo.pm
|
||||||
|
index 7467744..3d92c7d 100644
|
||||||
|
--- a/lib/Mail/SpamAssassin/Util/DependencyInfo.pm
|
||||||
|
+++ b/lib/Mail/SpamAssassin/Util/DependencyInfo.pm
|
||||||
|
@@ -257,12 +257,6 @@ our @OPTIONAL_MODULES = (
|
||||||
|
check for both Net::DNS and Net::DNS::Nameserver. However,
|
||||||
|
Net::DNS::Nameserver is only used in make test as of June 2014.',
|
||||||
|
},
|
||||||
|
-{
|
||||||
|
- module => 'BSD::Resource',
|
||||||
|
- version => 0,
|
||||||
|
- desc => 'BSD::Resource provides BSD process resource limit and priority
|
||||||
|
- functions. It is used by the optional ResourceLimits Plugin.',
|
||||||
|
-},
|
||||||
|
);
|
||||||
|
|
||||||
|
our @BINARIES = ();
|
||||||
|
diff --git a/rules/v342.pre b/rules/v342.pre
|
||||||
|
index 4ab7736..9b425fd 100644
|
||||||
|
--- a/rules/v342.pre
|
||||||
|
+++ b/rules/v342.pre
|
||||||
|
@@ -19,10 +19,6 @@
|
||||||
|
# HashBL - Use EBL email blocklist
|
||||||
|
# loadplugin Mail::SpamAssassin::Plugin::HashBL
|
||||||
|
|
||||||
|
-# ResourceLimits - assure your spamd child processes
|
||||||
|
-# do not exceed specified CPU or memory limit
|
||||||
|
-# loadplugin Mail::SpamAssassin::Plugin::ResourceLimits
|
||||||
|
-
|
||||||
|
|
||||||
|
# FromNameSpoof - help stop spam that tries to spoof other domains using
|
||||||
|
# the from name
|
@ -26,6 +26,9 @@ override the daemon check in /etc/sysconfig/sa-update
|
|||||||
All sa-update channels are defined in files contained in this directory.
|
All sa-update channels are defined in files contained in this directory.
|
||||||
See the existing config files as examples for writing your own config file.
|
See the existing config files as examples for writing your own config file.
|
||||||
|
|
||||||
|
4) SOUGHT Anti-Fraud Rule Channel is Enabled by Default
|
||||||
|
http://wiki.apache.org/spamassassin/SoughtRules
|
||||||
|
|
||||||
General Warnings
|
General Warnings
|
||||||
================
|
================
|
||||||
* DO NOT USE SARE or OpenProtect rules. They are old and outdated, and
|
* DO NOT USE SARE or OpenProtect rules. They are old and outdated, and
|
||||||
|
47
SOURCES/sought.conf
Normal file
47
SOURCES/sought.conf
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
# http://wiki.apache.org/spamassassin/SoughtRules
|
||||||
|
CHANNELURL=sought.rules.yerp.org
|
||||||
|
KEYID=6C6191E3
|
||||||
|
# Ignore everything below.
|
||||||
|
return 0
|
||||||
|
|
||||||
|
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||||
|
Version: GnuPG v1.4.1 (GNU/Linux)
|
||||||
|
|
||||||
|
mQGiBEa/l+YRBACC+uJfIThEoEWrNxdDD/1tAwb5L8v7H3gGt+LtuOwwn5ZU7XsT
|
||||||
|
s1DOok1oZVRnTQJYdlth7QlU9wqijwLEVzW1LDWnxXXKwPmlTlkcdGoBcb+cBbYI
|
||||||
|
miJ/TlAetvbprcZdROS4Ey31GjPRmWPPnVE2Xcwy+e4+RmnhqfZBmOaE7wCgo1GG
|
||||||
|
pkik2OPD1le4LGGOGHL5HiED/0TyvTiSS3NnUtoDFQAPrnezOCjxv8zMjYEnJs/I
|
||||||
|
h7uyIgHRsbB75cD2O1LWyO8Vz8r/snVuG35zcZagPf/7Tc9AJoaxVmCIk9DEmWZp
|
||||||
|
iuvqpMhwHAbNvY3jY2oKsDl1rNx0IIctoJwjXia99kvNTHK/Yz/HqhIyLModhiMB
|
||||||
|
aYYZA/wIdPOHGHaP5vjlbWBwGlRR9m0Rf4ob5sul8MjCyehOYcRVLwfOEfzX308v
|
||||||
|
0enOGnbbBKXU2QvA0Z068aBmJkJaaPhlIjZApQJDsb7pt6k8jMPj/Xpr779wAFQ8
|
||||||
|
IZC7Tw21OtqkjrUb3dZlEljrTwWNc6FVxuIidBBg7HCdP24WKLRESnVzdGluIE1h
|
||||||
|
c29uIFNpZ25pbmcgS2V5IChDb2RlIFNpZ25pbmcgT25seSkgPHNpZ25pbmdrZXlA
|
||||||
|
am1hc29uLm9yZz6IZAQTEQIAJAUCRr+X5gIbAwUJEswDAAYLCQgHAwIDFQIDAxYC
|
||||||
|
AQIeAQIXgAAKCRDchTQfbGGR4/GJAKCC6X6AF8nM+H00b/XeZl9vYihXBgCcDYuU
|
||||||
|
AtXjWWxndkneakmbnD0O4Z25BA0ERr+YdxAQAIYYUQHMzVsRAzpIRLfni0aeczrr
|
||||||
|
armwXMJ8y5p74lVLbJyQOjkQyIJWP80twrN8SjNyUFBr/52SlOPOuAbGZY1ZKpux
|
||||||
|
vkbsug2wWvkoj8xGjnexrSDahRgpNhf/otLRNTyUFZTM6mjZt0ItnYDl6xszY4kd
|
||||||
|
O5rVzjQuivNB4BsHcd8qQ7zVo9+VZ5R77iM4dtk6t5ycpXlAom5pD8qLb7ZzTVe0
|
||||||
|
SuhzOeynF51rwjS+wa3hzZisvJqZA5uJcAyYslgP1UTW+2e5wutSktSZmL/XnlEF
|
||||||
|
p86GPjAgDPL2Q0TgzVL6sPt0blNCyzOJrcBqBHrgZfraYgqtmGepLpk72q4VD23c
|
||||||
|
aV2wTqjnfJAsNR3y8jgVNwF8LpXtlbxrBByFRwEqsc/gzdMEnJ728XBDqT2IhZLY
|
||||||
|
maL/WxiDKNWD/Mae69HTyInIYgrfT7nJKDeKQA81+e5+UmqBVoi5/AICMlDm1DgR
|
||||||
|
gG6bbOXGhLVPh+gHjGG4Jdd/ZLedncUsjW9KyK261sqM3tSDSfgnF99w2/32ToFu
|
||||||
|
ChN8JOfQ6VZ7QbL1BWRtQWZ3tyauUUXmsrYDv1w1nx51MqxQdlitnmTRWaRW0GmD
|
||||||
|
b5XapJfSK+FiGXaynl3HHxHHpcUauX9zBa/LRp8oXiGPLfJEWmjWcGCyGZawASj3
|
||||||
|
pTTJUnbkYs0fUyUXAAQND/42mh8f3mTA+24I3lY4K8mxH9GSFgOkLoYwok8xL5Md
|
||||||
|
OUJAyvs34ixqvM2u560YJkegEO/xzg2abddfoqL8eNnjfvG3bI7KOCT+m+mM/5Cg
|
||||||
|
ul8XFSnHIEivuOXNtc/x/dwYSidKM8atkdpKtv++psd6hVbJQMfLlzf0S2QyiaGk
|
||||||
|
yXur/pM3A97lvkjAgvIKQt8NbJ/sITFlrN2TFxcbE8OED7LC4nBo54TJ1AxVsHlT
|
||||||
|
LB5XPKU8pBv0fABZrNKxf6a2iXx9jT9sSYdnb0y+hBjnoWZUNbhxo6jpAqt1quUy
|
||||||
|
buGWugvG8J75JvT6X+lwEEkg1lplmm+HuaFtegOqTUTKmffKduY+E00le+3Kh8gW
|
||||||
|
bLR8P1qp/xnxQxZJYcQ+mT4QsYpj6Pkcj0ON3NQO5wP6dr2UGhGcSzS2Cxv8TERN
|
||||||
|
7HSdFbFXQWPCekx+i7OjeRSY/XTUf2zYquPNP2oU0MjgnXhnkHq+6EaQPpM59fMd
|
||||||
|
MyLeOiUMOxpPOkeaAC8Ku0Oj2aZU/eyizuBDnhq1PAxBprSW5SSkxP4kz9BnA42x
|
||||||
|
tkMKMzzPohdfMIRI6zSu0chr76w2UeoViSsMtmWnR6qAXbQvzR+HHxhhB/Rzp6Gc
|
||||||
|
u9gybrv58IBkybn5ztST6NqgIgcQ/E7XIsB0Eooohfw+QiPlCdoghSxspbzwqcEZ
|
||||||
|
B4hPBBgRAgAPBQJGv5h3AhsMBQkSzAMAAAoJENyFNB9sYZHjUh0AnA3u5TNYHGLQ
|
||||||
|
DXLPP0qWHkTeOz8dAJ4wkrLBTaXz3CPCjoTdoBiQsNt3fw==
|
||||||
|
=nK43
|
||||||
|
-----END PGP PUBLIC KEY BLOCK-----
|
@ -1,8 +1,20 @@
|
|||||||
|
From cab335f2c6b096f847402c35ee896a3f3d82958c Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= <jskarvad@redhat.com>
|
||||||
|
Date: Mon, 23 Jul 2018 13:28:39 +0200
|
||||||
|
Subject: [PATCH] Dropped GeoIP and optional plugins requiring it
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Namely URILocalBL and RelayCountry.
|
||||||
|
|
||||||
|
Signed-off-by: Jaroslav Škarvada <jskarvad@redhat.com>
|
||||||
|
|
||||||
diff --git a/MANIFEST b/MANIFEST
|
diff --git a/MANIFEST b/MANIFEST
|
||||||
index 7b1bab2..e16e0da 100644
|
index 2b1b291..a6bbcdb 100644
|
||||||
--- a/MANIFEST
|
--- a/MANIFEST
|
||||||
+++ b/MANIFEST
|
+++ b/MANIFEST
|
||||||
@@ -118,7 +118,6 @@ lib/Mail/SpamAssassin/Plugin/VBounce.pm
|
@@ -117,7 +117,6 @@ lib/Mail/SpamAssassin/Plugin/VBounce.pm
|
||||||
lib/Mail/SpamAssassin/Plugin/WLBLEval.pm
|
lib/Mail/SpamAssassin/Plugin/WLBLEval.pm
|
||||||
lib/Mail/SpamAssassin/Plugin/WhiteListSubject.pm
|
lib/Mail/SpamAssassin/Plugin/WhiteListSubject.pm
|
||||||
lib/Mail/SpamAssassin/PluginHandler.pm
|
lib/Mail/SpamAssassin/PluginHandler.pm
|
||||||
@ -12,10 +24,10 @@ index 7b1bab2..e16e0da 100644
|
|||||||
lib/Mail/SpamAssassin/SQLBasedAddrList.pm
|
lib/Mail/SpamAssassin/SQLBasedAddrList.pm
|
||||||
diff --git a/lib/Mail/SpamAssassin/Plugin/RelayCountry.pm b/lib/Mail/SpamAssassin/Plugin/RelayCountry.pm
|
diff --git a/lib/Mail/SpamAssassin/Plugin/RelayCountry.pm b/lib/Mail/SpamAssassin/Plugin/RelayCountry.pm
|
||||||
deleted file mode 100644
|
deleted file mode 100644
|
||||||
index 38ec1e3..0000000
|
index 2e172f3..0000000
|
||||||
--- a/lib/Mail/SpamAssassin/Plugin/RelayCountry.pm
|
--- a/lib/Mail/SpamAssassin/Plugin/RelayCountry.pm
|
||||||
+++ /dev/null
|
+++ /dev/null
|
||||||
@@ -1,407 +0,0 @@
|
@@ -1,280 +0,0 @@
|
||||||
-# <@LICENSE>
|
-# <@LICENSE>
|
||||||
-# Licensed to the Apache Software Foundation (ASF) under one or more
|
-# Licensed to the Apache Software Foundation (ASF) under one or more
|
||||||
-# contributor license agreements. See the NOTICE file distributed with
|
-# contributor license agreements. See the NOTICE file distributed with
|
||||||
@ -45,29 +57,8 @@ index 38ec1e3..0000000
|
|||||||
-
|
-
|
||||||
-The RelayCountry plugin attempts to determine the domain country codes
|
-The RelayCountry plugin attempts to determine the domain country codes
|
||||||
-of each relay used in the delivery path of messages and add that information
|
-of each relay used in the delivery path of messages and add that information
|
||||||
-to the message metadata.
|
-to the message metadata as "X-Relay-Countries", or the C<_RELAYCOUNTRY_>
|
||||||
-
|
-header markup.
|
||||||
-Following metadata headers and tags are added:
|
|
||||||
-
|
|
||||||
- X-Relay-Countries _RELAYCOUNTRY_
|
|
||||||
- All untrusted relays. Contains all relays starting from the
|
|
||||||
- trusted_networks border. This method has been used by default since
|
|
||||||
- early SA versions.
|
|
||||||
-
|
|
||||||
- X-Relay-Countries-External _RELAYCOUNTRYEXT_
|
|
||||||
- All external relays. Contains all relays starting from the
|
|
||||||
- internal_networks border. Could be useful in some cases when
|
|
||||||
- trusted/msa_networks extend beyond the internal border and those
|
|
||||||
- need to be checked too.
|
|
||||||
-
|
|
||||||
- X-Relay-Countries-All _RELAYCOUNTRYALL_
|
|
||||||
- All possible relays (internal + external).
|
|
||||||
-
|
|
||||||
- X-Relay-Countries-Auth _RELAYCOUNTRYAUTH_
|
|
||||||
- Auth will contain all relays starting from the first relay that used
|
|
||||||
- authentication. For example, this could be used to check for hacked
|
|
||||||
- local users coming in from unexpected countries. If there are no
|
|
||||||
- authenticated relays, this will be empty.
|
|
||||||
-
|
-
|
||||||
-=head1 REQUIREMENT
|
-=head1 REQUIREMENT
|
||||||
-
|
-
|
||||||
@ -90,6 +81,11 @@ index 38ec1e3..0000000
|
|||||||
-
|
-
|
||||||
-our @ISA = qw(Mail::SpamAssassin::Plugin);
|
-our @ISA = qw(Mail::SpamAssassin::Plugin);
|
||||||
-
|
-
|
||||||
|
-my $db;
|
||||||
|
-my $dbv6;
|
||||||
|
-my $db_info; # will hold database info
|
||||||
|
-my $db_type; # will hold database type
|
||||||
|
-
|
||||||
-# constructor: register the eval rule
|
-# constructor: register the eval rule
|
||||||
-sub new {
|
-sub new {
|
||||||
- my $class = shift;
|
- my $class = shift;
|
||||||
@ -131,9 +127,10 @@ index 38ec1e3..0000000
|
|||||||
- type => $Mail::SpamAssassin::Conf::CONF_TYPE_STRING,
|
- type => $Mail::SpamAssassin::Conf::CONF_TYPE_STRING,
|
||||||
- code => sub {
|
- code => sub {
|
||||||
- my ($self, $key, $value, $line) = @_;
|
- my ($self, $key, $value, $line) = @_;
|
||||||
- if ($value !~ /^(?:GeoIP|GeoIP2|DB_File|Fast)$/) {
|
- if ( $value !~ /GeoIP|GeoIP2|DB_File|Fast/) {
|
||||||
- return $Mail::SpamAssassin::Conf::INVALID_VALUE;
|
- return $Mail::SpamAssassin::Conf::INVALID_VALUE;
|
||||||
- }
|
- }
|
||||||
|
-
|
||||||
- $self->{country_db_type} = $value;
|
- $self->{country_db_type} = $value;
|
||||||
- }
|
- }
|
||||||
- });
|
- });
|
||||||
@ -144,15 +141,6 @@ index 38ec1e3..0000000
|
|||||||
-
|
-
|
||||||
-This option tells SpamAssassin where to find MaxMind GeoIP2 or IP::Country::DB_File database.
|
-This option tells SpamAssassin where to find MaxMind GeoIP2 or IP::Country::DB_File database.
|
||||||
-
|
-
|
||||||
-If not defined, GeoIP2 default search includes:
|
|
||||||
- /usr/local/share/GeoIP/GeoIP2-Country.mmdb
|
|
||||||
- /usr/share/GeoIP/GeoIP2-Country.mmdb
|
|
||||||
- /var/lib/GeoIP/GeoIP2-Country.mmdb
|
|
||||||
- /usr/local/share/GeoIP/GeoLite2-Country.mmdb
|
|
||||||
- /usr/share/GeoIP/GeoLite2-Country.mmdb
|
|
||||||
- /var/lib/GeoIP/GeoLite2-Country.mmdb
|
|
||||||
- (and same paths again for -City.mmdb, which also has country functionality)
|
|
||||||
-
|
|
||||||
-=back
|
-=back
|
||||||
-
|
-
|
||||||
-=cut
|
-=cut
|
||||||
@ -166,186 +154,84 @@ index 38ec1e3..0000000
|
|||||||
- if (!defined $value || !length $value) {
|
- if (!defined $value || !length $value) {
|
||||||
- return $Mail::SpamAssassin::Conf::MISSING_REQUIRED_VALUE;
|
- return $Mail::SpamAssassin::Conf::MISSING_REQUIRED_VALUE;
|
||||||
- }
|
- }
|
||||||
- if (!-e $value) {
|
- if (!-f $value) {
|
||||||
- info("config: country_db_path \"$value\" is not accessible");
|
- info("config: country_db_path \"$value\" is not accessible");
|
||||||
- $self->{country_db_path} = $value;
|
- $self->{country_db_path} = $value;
|
||||||
- return $Mail::SpamAssassin::Conf::INVALID_VALUE;
|
- return $Mail::SpamAssassin::Conf::INVALID_VALUE;
|
||||||
- }
|
- }
|
||||||
- $self->{country_db_path} = $value;
|
|
||||||
- }
|
|
||||||
- });
|
|
||||||
-
|
-
|
||||||
- push (@cmds, {
|
- $self->{country_db_path} = $value;
|
||||||
- setting => 'geoip2_default_db_path',
|
|
||||||
- default => [
|
|
||||||
- '/usr/local/share/GeoIP/GeoIP2-Country.mmdb',
|
|
||||||
- '/usr/share/GeoIP/GeoIP2-Country.mmdb',
|
|
||||||
- '/var/lib/GeoIP/GeoIP2-Country.mmdb',
|
|
||||||
- '/usr/local/share/GeoIP/GeoLite2-Country.mmdb',
|
|
||||||
- '/usr/share/GeoIP/GeoLite2-Country.mmdb',
|
|
||||||
- '/var/lib/GeoIP/GeoLite2-Country.mmdb',
|
|
||||||
- '/usr/local/share/GeoIP/GeoIP2-City.mmdb',
|
|
||||||
- '/usr/share/GeoIP/GeoIP2-City.mmdb',
|
|
||||||
- '/var/lib/GeoIP/GeoIP2-City.mmdb',
|
|
||||||
- '/usr/local/share/GeoIP/GeoLite2-City.mmdb',
|
|
||||||
- '/usr/share/GeoIP/GeoLite2-City.mmdb',
|
|
||||||
- '/var/lib/GeoIP/GeoLite2-City.mmdb',
|
|
||||||
- ],
|
|
||||||
- type => $Mail::SpamAssassin::Conf::CONF_TYPE_STRINGLIST,
|
|
||||||
- code => sub {
|
|
||||||
- my ($self, $key, $value, $line) = @_;
|
|
||||||
- if ($value eq '') {
|
|
||||||
- return $Mail::SpamAssassin::Conf::MISSING_REQUIRED_VALUE;
|
|
||||||
- }
|
|
||||||
- push(@{$self->{geoip2_default_db_path}}, split(/\s+/, $value));
|
|
||||||
- }
|
- }
|
||||||
- });
|
- });
|
||||||
-
|
-
|
||||||
- $conf->{parser}->register_commands(\@cmds);
|
- $conf->{parser}->register_commands(\@cmds);
|
||||||
-}
|
-}
|
||||||
-
|
-
|
||||||
-sub get_country {
|
|
||||||
- my ($self, $ip, $db, $dbv6, $country_db_type) = @_;
|
|
||||||
- my $cc;
|
|
||||||
- my $IP_PRIVATE = IP_PRIVATE;
|
|
||||||
- my $IPV4_ADDRESS = IPV4_ADDRESS;
|
|
||||||
-
|
|
||||||
- # Private IPs will always be returned as '**'
|
|
||||||
- if ($ip =~ /^$IP_PRIVATE$/o) {
|
|
||||||
- $cc = "**";
|
|
||||||
- }
|
|
||||||
- elsif ($country_db_type eq "GeoIP") {
|
|
||||||
- if ($ip =~ /^$IPV4_ADDRESS$/o) {
|
|
||||||
- $cc = $db->country_code_by_addr($ip);
|
|
||||||
- } elsif (defined $dbv6) {
|
|
||||||
- $cc = $dbv6->country_code_by_addr_v6($ip);
|
|
||||||
- }
|
|
||||||
- }
|
|
||||||
- elsif ($country_db_type eq "GeoIP2") {
|
|
||||||
- my ($country, $country_rec);
|
|
||||||
- eval {
|
|
||||||
- if (index($db->metadata()->description()->{en}, 'City') != -1) {
|
|
||||||
- $country = $db->city( ip => $ip );
|
|
||||||
- } else {
|
|
||||||
- $country = $db->country( ip => $ip );
|
|
||||||
- }
|
|
||||||
- $country_rec = $country->country();
|
|
||||||
- $cc = $country_rec->iso_code();
|
|
||||||
- 1;
|
|
||||||
- } or do {
|
|
||||||
- $@ =~ s/\s+Trace begun.*//s;
|
|
||||||
- dbg("metadata: RelayCountry: GeoIP2 failed: $@");
|
|
||||||
- }
|
|
||||||
- }
|
|
||||||
- elsif ($country_db_type eq "DB_File") {
|
|
||||||
- if ($ip =~ /^$IPV4_ADDRESS$/o ) {
|
|
||||||
- $cc = $db->inet_atocc($ip);
|
|
||||||
- } else {
|
|
||||||
- $cc = $db->inet6_atocc($ip);
|
|
||||||
- }
|
|
||||||
- }
|
|
||||||
- elsif ($country_db_type eq "Fast") {
|
|
||||||
- $cc = $db->inet_atocc($ip);
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
- $cc ||= 'XX';
|
|
||||||
-
|
|
||||||
- return $cc;
|
|
||||||
-}
|
|
||||||
-
|
|
||||||
-sub extract_metadata {
|
-sub extract_metadata {
|
||||||
- my ($self, $opts) = @_;
|
- my ($self, $opts) = @_;
|
||||||
- my $pms = $opts->{permsgstatus};
|
- my $geo;
|
||||||
|
- my $cc;
|
||||||
-
|
-
|
||||||
- my $db;
|
- my $conf_country_db_type = $self->{'main'}{'resolver'}{'conf'}->{country_db_type};
|
||||||
- my $dbv6;
|
- my $conf_country_db_path = $self->{'main'}{'resolver'}{'conf'}->{country_db_path};
|
||||||
- my $db_info; # will hold database info
|
|
||||||
- my $db_type; # will hold database type
|
|
||||||
-
|
-
|
||||||
- my $country_db_type = $opts->{conf}->{country_db_type};
|
- if ( $conf_country_db_type eq "GeoIP") {
|
||||||
- my $country_db_path = $opts->{conf}->{country_db_path};
|
|
||||||
-
|
|
||||||
- if ($country_db_type eq "GeoIP") {
|
|
||||||
- eval {
|
- eval {
|
||||||
- require Geo::IP;
|
- require Geo::IP;
|
||||||
- $db = Geo::IP->open_type(Geo::IP->GEOIP_COUNTRY_EDITION, Geo::IP->GEOIP_STANDARD);
|
- $db = Geo::IP->open_type(Geo::IP->GEOIP_COUNTRY_EDITION, Geo::IP->GEOIP_STANDARD);
|
||||||
- die "GeoIP.dat not found" unless $db;
|
- die "GeoIP.dat not found" unless $db;
|
||||||
- # IPv6 requires version Geo::IP 1.39+ with GeoIP C API 1.4.7+
|
- # IPv6 requires version Geo::IP 1.39+ with GeoIP C API 1.4.7+
|
||||||
- if (Geo::IP->VERSION >= 1.39 && Geo::IP->api eq 'CAPI') {
|
- if (Geo::IP->VERSION >= 1.39 && Geo::IP->api eq 'CAPI') {
|
||||||
- $dbv6 = Geo::IP->open_type(Geo::IP->GEOIP_COUNTRY_EDITION_V6, Geo::IP->GEOIP_STANDARD);
|
- $dbv6 = Geo::IP->open_type(Geo::IP->GEOIP_COUNTRY_EDITION_V6, Geo::IP->GEOIP_STANDARD);
|
||||||
- if (!$dbv6) {
|
- if (!$dbv6) {
|
||||||
- dbg("metadata: RelayCountry: GeoIP: IPv6 support not enabled, GeoIPv6.dat not found");
|
- dbg("metadata: RelayCountry: IPv6 support not enabled, GeoIPv6.dat not found");
|
||||||
- }
|
- }
|
||||||
|
- $db_info = sub { return "Geo::IP " . ($db->database_info || '?') };
|
||||||
- } else {
|
- } else {
|
||||||
- dbg("metadata: RelayCountry: GeoIP: IPv6 support not enabled, versions Geo::IP 1.39, GeoIP C API 1.4.7 required");
|
- dbg("metadata: RelayCountry: IPv6 support not enabled, versions Geo::IP 1.39, GeoIP C API 1.4.7 required");
|
||||||
- }
|
- }
|
||||||
- $db_info = sub { return "Geo::IP IPv4: " . ($db->database_info || '?')." / IPv6: ".($dbv6 ? $dbv6->database_info || '?' : '?') };
|
- } or do {
|
||||||
|
- # Fallback to IP::Country::Fast
|
||||||
|
- dbg("metadata: RelayCountry: GeoIP.dat not found, IP::Country::Fast enabled as fallback");
|
||||||
|
- $conf_country_db_type = "Fast";
|
||||||
|
- }
|
||||||
|
- } elsif ( $conf_country_db_type eq "GeoIP2" ) {
|
||||||
|
- if ( -f $conf_country_db_path ) {
|
||||||
|
- eval {
|
||||||
|
- require GeoIP2::Database::Reader;
|
||||||
|
- $db = GeoIP2::Database::Reader->new(
|
||||||
|
- file => $conf_country_db_path,
|
||||||
|
- locales => [ 'en' ]
|
||||||
|
- );
|
||||||
|
- die "${conf_country_db_path} not found" unless $db;
|
||||||
|
- $db_info = sub { return "GeoIP2 " . ($db->metadata()->description()->{en} || '?') };
|
||||||
|
- 1;
|
||||||
|
- } or do {
|
||||||
|
- # Fallback to IP::Country::Fast
|
||||||
|
- dbg("metadata: RelayCountry: ${conf_country_db_path} not found, IP::Country::Fast enabled as fallback");
|
||||||
|
- $conf_country_db_type = "Fast";
|
||||||
|
- }
|
||||||
|
- } else {
|
||||||
|
- # Fallback to IP::Country::Fast
|
||||||
|
- dbg("metadata: RelayCountry: ${conf_country_db_path} not found, IP::Country::Fast enabled as fallback");
|
||||||
|
- $conf_country_db_type = "Fast";
|
||||||
|
- }
|
||||||
|
- } elsif ( $conf_country_db_type eq "DB_File") {
|
||||||
|
- if ( -f $conf_country_db_path ) {
|
||||||
|
- require IP::Country::DB_File;
|
||||||
|
- $db = IP::Country::DB_File->new($conf_country_db_path);
|
||||||
|
- die "Country db not found, please see build_ipcc.pl(1)" unless $db;
|
||||||
|
- $db_info = sub { return "IP::Country::DB_File ".localtime($db->db_time()); };
|
||||||
- 1;
|
- 1;
|
||||||
- } or do {
|
|
||||||
- # Fallback to IP::Country::Fast
|
|
||||||
- dbg("metadata: RelayCountry: GeoIP: GeoIP.dat not found, trying IP::Country::Fast as fallback");
|
|
||||||
- $country_db_type = "Fast";
|
|
||||||
- }
|
|
||||||
- }
|
|
||||||
- elsif ($country_db_type eq "GeoIP2") {
|
|
||||||
- if (!$country_db_path) {
|
|
||||||
- # Try some default locations
|
|
||||||
- foreach (@{$opts->{conf}->{geoip2_default_db_path}}) {
|
|
||||||
- if (-f $_) {
|
|
||||||
- $country_db_path = $_;
|
|
||||||
- last;
|
|
||||||
- }
|
|
||||||
- }
|
|
||||||
- }
|
|
||||||
- if (-f $country_db_path) {
|
|
||||||
- eval {
|
|
||||||
- require GeoIP2::Database::Reader;
|
|
||||||
- $db = GeoIP2::Database::Reader->new(
|
|
||||||
- file => $country_db_path,
|
|
||||||
- locales => [ 'en' ]
|
|
||||||
- );
|
|
||||||
- die "unknown error" unless $db;
|
|
||||||
- $db_info = sub {
|
|
||||||
- my $m = $db->metadata();
|
|
||||||
- return "GeoIP2 ".$m->description()->{en}." / ".localtime($m->build_epoch());
|
|
||||||
- };
|
|
||||||
- 1;
|
|
||||||
- } or do {
|
|
||||||
- # Fallback to IP::Country::Fast
|
|
||||||
- $@ =~ s/\s+Trace begun.*//s;
|
|
||||||
- dbg("metadata: RelayCountry: GeoIP2: ${country_db_path} load failed: $@, trying IP::Country::Fast as fallback");
|
|
||||||
- $country_db_type = "Fast";
|
|
||||||
- }
|
|
||||||
- } else {
|
- } else {
|
||||||
- # Fallback to IP::Country::Fast
|
- # Fallback to IP::Country::Fast
|
||||||
- my $err = $country_db_path ?
|
- dbg("metadata: RelayCountry: ${conf_country_db_path} not found, IP::Country::Fast enabled as fallback");
|
||||||
- "$country_db_path not found" : "database not found from default locations";
|
- $conf_country_db_type = "Fast";
|
||||||
- dbg("metadata: RelayCountry: GeoIP2: $err, trying IP::Country::Fast as fallback");
|
|
||||||
- $country_db_type = "Fast";
|
|
||||||
- }
|
- }
|
||||||
- }
|
- }
|
||||||
- elsif ($country_db_type eq "DB_File") {
|
- if( $conf_country_db_type eq "Fast") {
|
||||||
- if (-f $country_db_path) {
|
|
||||||
- eval {
|
|
||||||
- require IP::Country::DB_File;
|
|
||||||
- $db = IP::Country::DB_File->new($country_db_path);
|
|
||||||
- die "unknown error" unless $db;
|
|
||||||
- $db_info = sub { return "IP::Country::DB_File ".localtime($db->db_time()); };
|
|
||||||
- 1;
|
|
||||||
- } or do {
|
|
||||||
- # Fallback to IP::Country::Fast
|
|
||||||
- dbg("metadata: RelayCountry: DB_File: ${country_db_path} load failed: $@, trying IP::Country::Fast as fallback");
|
|
||||||
- $country_db_type = "Fast";
|
|
||||||
- }
|
|
||||||
- } else {
|
|
||||||
- # Fallback to IP::Country::Fast
|
|
||||||
- dbg("metadata: RelayCountry: DB_File: ${country_db_path} not found, trying IP::Country::Fast as fallback");
|
|
||||||
- $country_db_type = "Fast";
|
|
||||||
- }
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
- if ($country_db_type eq "Fast") {
|
|
||||||
- my $eval_stat = $@ ne '' ? $@ : "errno=$!"; chomp $eval_stat;
|
- my $eval_stat = $@ ne '' ? $@ : "errno=$!"; chomp $eval_stat;
|
||||||
|
- # Try IP::Country::Fast as backup
|
||||||
- eval {
|
- eval {
|
||||||
- require IP::Country::Fast;
|
- require IP::Country::Fast;
|
||||||
- $db = IP::Country::Fast->new();
|
- $db = IP::Country::Fast->new();
|
||||||
@ -355,80 +241,79 @@ index 38ec1e3..0000000
|
|||||||
- my $eval_stat = $@ ne '' ? $@ : "errno=$!"; chomp $eval_stat;
|
- my $eval_stat = $@ ne '' ? $@ : "errno=$!"; chomp $eval_stat;
|
||||||
- dbg("metadata: RelayCountry: failed to load 'IP::Country::Fast', skipping: $eval_stat");
|
- dbg("metadata: RelayCountry: failed to load 'IP::Country::Fast', skipping: $eval_stat");
|
||||||
- return 1;
|
- return 1;
|
||||||
- }
|
- };
|
||||||
- }
|
- };
|
||||||
-
|
-
|
||||||
- if (!$db) {
|
- return 1 unless $db;
|
||||||
- return 1;
|
|
||||||
- }
|
|
||||||
-
|
-
|
||||||
- dbg("metadata: RelayCountry: Using database: ".$db_info->());
|
- dbg("metadata: RelayCountry: Using database: ".$db_info->());
|
||||||
- my $msg = $opts->{msg};
|
- my $msg = $opts->{msg};
|
||||||
-
|
-
|
||||||
- my @cc_untrusted;
|
- my $countries = '';
|
||||||
|
- my $IP_PRIVATE = IP_PRIVATE;
|
||||||
|
- my $IPV4_ADDRESS = IPV4_ADDRESS;
|
||||||
- foreach my $relay (@{$msg->{metadata}->{relays_untrusted}}) {
|
- foreach my $relay (@{$msg->{metadata}->{relays_untrusted}}) {
|
||||||
- my $ip = $relay->{ip};
|
- my $ip = $relay->{ip};
|
||||||
- my $cc = $self->get_country($ip, $db, $dbv6, $country_db_type);
|
- # Private IPs will always be returned as '**'
|
||||||
- push @cc_untrusted, $cc;
|
- if ( $conf_country_db_type eq "GeoIP" ) {
|
||||||
- }
|
- if ( $ip !~ /^$IPV4_ADDRESS$/o ) {
|
||||||
-
|
- if ( defined $dbv6 ) {
|
||||||
- my @cc_external;
|
- $geo = $dbv6->country_code_by_addr_v6($ip) || "XX";
|
||||||
- foreach my $relay (@{$msg->{metadata}->{relays_external}}) {
|
- } else {
|
||||||
- my $ip = $relay->{ip};
|
- $geo = "XX";
|
||||||
- my $cc = $self->get_country($ip, $db, $dbv6, $country_db_type);
|
- }
|
||||||
- push @cc_external, $cc;
|
- } else {
|
||||||
- }
|
- $geo = $db->country_code_by_addr($ip) || "XX";
|
||||||
-
|
- }
|
||||||
- my @cc_auth;
|
- } elsif ($conf_country_db_type eq "GeoIP2" ) {
|
||||||
- my $found_auth;
|
- if ( $ip !~ /^$IP_PRIVATE$/o ) {
|
||||||
- foreach my $relay (@{$msg->{metadata}->{relays_trusted}}) {
|
- my $country = $db->country( ip => $ip );
|
||||||
- if ($relay->{auth}) {
|
- my $country_rec = $country->country();
|
||||||
- $found_auth = 1;
|
- $geo = $country_rec->iso_code() || "XX";
|
||||||
- }
|
- $cc = $ip =~ /^$IP_PRIVATE$/o ? '**' : $geo;
|
||||||
- if ($found_auth) {
|
- } else {
|
||||||
- my $ip = $relay->{ip};
|
- $cc = '**';
|
||||||
- my $cc = $self->get_country($ip, $db, $dbv6, $country_db_type);
|
- }
|
||||||
- push @cc_auth, $cc;
|
- } elsif ( $conf_country_db_type eq "DB_File" ) {
|
||||||
|
- if ( $ip !~ /^$IPV4_ADDRESS$/o ) {
|
||||||
|
- $geo = $db->inet6_atocc($ip) || "XX";
|
||||||
|
- } else {
|
||||||
|
- $geo = $db->inet_atocc($ip) || "XX";
|
||||||
|
- }
|
||||||
|
- } elsif ( $conf_country_db_type eq "Fast" ) {
|
||||||
|
- $geo = $db->inet_atocc($ip) || "XX";
|
||||||
- }
|
- }
|
||||||
|
- $cc = $ip =~ /^$IP_PRIVATE$/o ? '**' : $geo;
|
||||||
|
- $countries .= $cc." ";
|
||||||
- }
|
- }
|
||||||
-
|
-
|
||||||
- my @cc_all;
|
- chop $countries;
|
||||||
- foreach my $relay (@{$msg->{metadata}->{relays_internal}}, @{$msg->{metadata}->{relays_external}}) {
|
- $msg->put_metadata("X-Relay-Countries", $countries);
|
||||||
- my $ip = $relay->{ip};
|
- dbg("metadata: X-Relay-Countries: $countries");
|
||||||
- my $cc = $self->get_country($ip, $db, $dbv6, $country_db_type);
|
|
||||||
- push @cc_all, $cc;
|
|
||||||
- }
|
|
||||||
-
|
-
|
||||||
- my $ccstr = join(' ', @cc_untrusted);
|
- return 1;
|
||||||
- $msg->put_metadata("X-Relay-Countries", $ccstr);
|
-}
|
||||||
- dbg("metadata: X-Relay-Countries: $ccstr");
|
|
||||||
- $pms->set_tag("RELAYCOUNTRY", @cc_untrusted == 1 ? $cc_untrusted[0] : \@cc_untrusted);
|
|
||||||
-
|
-
|
||||||
- $ccstr = join(' ', @cc_external);
|
-sub parsed_metadata {
|
||||||
- $msg->put_metadata("X-Relay-Countries-External", $ccstr);
|
- my ($self, $opts) = @_;
|
||||||
- dbg("metadata: X-Relay-Countries-External: $ccstr");
|
|
||||||
- $pms->set_tag("RELAYCOUNTRYEXT", @cc_external == 1 ? $cc_external[0] : \@cc_external);
|
|
||||||
-
|
-
|
||||||
- $ccstr = join(' ', @cc_auth);
|
- return 1 unless $db;
|
||||||
- $msg->put_metadata("X-Relay-Countries-Auth", $ccstr);
|
|
||||||
- dbg("metadata: X-Relay-Countries-Auth: $ccstr");
|
|
||||||
- $pms->set_tag("RELAYCOUNTRYAUTH", @cc_auth == 1 ? $cc_auth[0] : \@cc_auth);
|
|
||||||
-
|
|
||||||
- $ccstr = join(' ', @cc_all);
|
|
||||||
- $msg->put_metadata("X-Relay-Countries-All", $ccstr);
|
|
||||||
- dbg("metadata: X-Relay-Countries-All: $ccstr");
|
|
||||||
- $pms->set_tag("RELAYCOUNTRYALL", @cc_all == 1 ? $cc_all[0] : \@cc_all);
|
|
||||||
-
|
-
|
||||||
|
- my $countries =
|
||||||
|
- $opts->{permsgstatus}->get_message->get_metadata('X-Relay-Countries');
|
||||||
|
- my @c_list = split(' ', $countries);
|
||||||
|
- $opts->{permsgstatus}->set_tag("RELAYCOUNTRY",
|
||||||
|
- @c_list == 1 ? $c_list[0] : \@c_list);
|
||||||
- return 1;
|
- return 1;
|
||||||
-}
|
-}
|
||||||
-
|
-
|
||||||
-1;
|
-1;
|
||||||
diff --git a/lib/Mail/SpamAssassin/Plugin/URILocalBL.pm b/lib/Mail/SpamAssassin/Plugin/URILocalBL.pm
|
diff --git a/lib/Mail/SpamAssassin/Plugin/URILocalBL.pm b/lib/Mail/SpamAssassin/Plugin/URILocalBL.pm
|
||||||
deleted file mode 100644
|
deleted file mode 100644
|
||||||
index 4def393..0000000
|
index e190fab..0000000
|
||||||
--- a/lib/Mail/SpamAssassin/Plugin/URILocalBL.pm
|
--- a/lib/Mail/SpamAssassin/Plugin/URILocalBL.pm
|
||||||
+++ /dev/null
|
+++ /dev/null
|
||||||
@@ -1,705 +0,0 @@
|
@@ -1,658 +0,0 @@
|
||||||
-# <@LICENSE>
|
-# <@LICENSE>
|
||||||
-# Licensed to the Apache Software Foundation (ASF) under one or more
|
-# Licensed to the Apache Software Foundation (ASF) under one or more
|
||||||
-# contributor license agreements. See the NOTICE file distributed with
|
-# contributor license agreements. See the NOTICE file distributed with
|
||||||
@ -532,9 +417,9 @@ index 4def393..0000000
|
|||||||
-package Mail::SpamAssassin::Plugin::URILocalBL;
|
-package Mail::SpamAssassin::Plugin::URILocalBL;
|
||||||
-use Mail::SpamAssassin::Plugin;
|
-use Mail::SpamAssassin::Plugin;
|
||||||
-use Mail::SpamAssassin::Logger;
|
-use Mail::SpamAssassin::Logger;
|
||||||
-use Mail::SpamAssassin::Constants qw(:ip);
|
|
||||||
-use Mail::SpamAssassin::Util qw(untaint_var);
|
-use Mail::SpamAssassin::Util qw(untaint_var);
|
||||||
-
|
-
|
||||||
|
-use Net::CIDR::Lite;
|
||||||
-use Socket;
|
-use Socket;
|
||||||
-
|
-
|
||||||
-use strict;
|
-use strict;
|
||||||
@ -547,7 +432,6 @@ index 4def393..0000000
|
|||||||
-
|
-
|
||||||
-use constant HAS_GEOIP => eval { require Geo::IP; };
|
-use constant HAS_GEOIP => eval { require Geo::IP; };
|
||||||
-use constant HAS_GEOIP2 => eval { require GeoIP2::Database::Reader; };
|
-use constant HAS_GEOIP2 => eval { require GeoIP2::Database::Reader; };
|
||||||
-use constant HAS_CIDR => eval { require Net::CIDR::Lite; };
|
|
||||||
-
|
-
|
||||||
-# constructor
|
-# constructor
|
||||||
-sub new {
|
-sub new {
|
||||||
@ -579,7 +463,6 @@ index 4def393..0000000
|
|||||||
-
|
-
|
||||||
- push (@cmds, {
|
- push (@cmds, {
|
||||||
- setting => 'uri_block_cc',
|
- setting => 'uri_block_cc',
|
||||||
- type => $Mail::SpamAssassin::Conf::CONF_TYPE_HASH_KEY_VALUE,
|
|
||||||
- is_priv => 1,
|
- is_priv => 1,
|
||||||
- code => sub {
|
- code => sub {
|
||||||
- my ($self, $key, $value, $line) = @_;
|
- my ($self, $key, $value, $line) = @_;
|
||||||
@ -621,7 +504,6 @@ index 4def393..0000000
|
|||||||
-
|
-
|
||||||
- push (@cmds, {
|
- push (@cmds, {
|
||||||
- setting => 'uri_block_cont',
|
- setting => 'uri_block_cont',
|
||||||
- type => $Mail::SpamAssassin::Conf::CONF_TYPE_HASH_KEY_VALUE,
|
|
||||||
- is_priv => 1,
|
- is_priv => 1,
|
||||||
- code => sub {
|
- code => sub {
|
||||||
- my ($self, $key, $value, $line) = @_;
|
- my ($self, $key, $value, $line) = @_;
|
||||||
@ -663,7 +545,6 @@ index 4def393..0000000
|
|||||||
-
|
-
|
||||||
- push (@cmds, {
|
- push (@cmds, {
|
||||||
- setting => 'uri_block_isp',
|
- setting => 'uri_block_isp',
|
||||||
- type => $Mail::SpamAssassin::Conf::CONF_TYPE_HASH_KEY_VALUE,
|
|
||||||
- is_priv => 1,
|
- is_priv => 1,
|
||||||
- code => sub {
|
- code => sub {
|
||||||
- my ($self, $key, $value, $line) = @_;
|
- my ($self, $key, $value, $line) = @_;
|
||||||
@ -703,16 +584,10 @@ index 4def393..0000000
|
|||||||
-
|
-
|
||||||
- push (@cmds, {
|
- push (@cmds, {
|
||||||
- setting => 'uri_block_cidr',
|
- setting => 'uri_block_cidr',
|
||||||
- type => $Mail::SpamAssassin::Conf::CONF_TYPE_HASH_KEY_VALUE,
|
|
||||||
- is_priv => 1,
|
- is_priv => 1,
|
||||||
- code => sub {
|
- code => sub {
|
||||||
- my ($self, $key, $value, $line) = @_;
|
- my ($self, $key, $value, $line) = @_;
|
||||||
-
|
-
|
||||||
- if (!HAS_CIDR) {
|
|
||||||
- warn "config: uri_block_cidr not supported, required module Net::CIDR::Lite missing\n";
|
|
||||||
- return $Mail::SpamAssassin::Conf::INVALID_VALUE;
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
- if ($value !~ /^(\S+)\s+(.+)$/) {
|
- if ($value !~ /^(\S+)\s+(.+)$/) {
|
||||||
- return $Mail::SpamAssassin::Conf::INVALID_VALUE;
|
- return $Mail::SpamAssassin::Conf::INVALID_VALUE;
|
||||||
- }
|
- }
|
||||||
@ -754,7 +629,6 @@ index 4def393..0000000
|
|||||||
-
|
-
|
||||||
- push (@cmds, {
|
- push (@cmds, {
|
||||||
- setting => 'uri_block_exclude',
|
- setting => 'uri_block_exclude',
|
||||||
- type => $Mail::SpamAssassin::Conf::CONF_TYPE_HASH_KEY_VALUE,
|
|
||||||
- is_priv => 1,
|
- is_priv => 1,
|
||||||
- code => sub {
|
- code => sub {
|
||||||
- my ($self, $key, $value, $line) = @_;
|
- my ($self, $key, $value, $line) = @_;
|
||||||
@ -799,7 +673,7 @@ index 4def393..0000000
|
|||||||
-=item uri_country_db_path STRING
|
-=item uri_country_db_path STRING
|
||||||
-
|
-
|
||||||
-This option tells SpamAssassin where to find the MaxMind country GeoIP2
|
-This option tells SpamAssassin where to find the MaxMind country GeoIP2
|
||||||
-database. Country or City database are both supported.
|
-database.
|
||||||
-
|
-
|
||||||
-=back
|
-=back
|
||||||
-
|
-
|
||||||
@ -871,7 +745,6 @@ index 4def393..0000000
|
|||||||
- # If country_db_path is set I am using GeoIP2 api
|
- # If country_db_path is set I am using GeoIP2 api
|
||||||
- if ( HAS_GEOIP2 and ( ( defined $conf_country_db_path ) or ( defined $conf_country_db_isp_path ) ) ) {
|
- if ( HAS_GEOIP2 and ( ( defined $conf_country_db_path ) or ( defined $conf_country_db_isp_path ) ) ) {
|
||||||
-
|
-
|
||||||
- eval {
|
|
||||||
- $self->{geoip} = GeoIP2::Database::Reader->new(
|
- $self->{geoip} = GeoIP2::Database::Reader->new(
|
||||||
- file => $conf_country_db_path,
|
- file => $conf_country_db_path,
|
||||||
- locales => [ 'en' ]
|
- locales => [ 'en' ]
|
||||||
@ -889,13 +762,6 @@ index 4def393..0000000
|
|||||||
- warn "$conf_country_db_isp_path not found" unless $self->{geoisp};
|
- warn "$conf_country_db_isp_path not found" unless $self->{geoisp};
|
||||||
- }
|
- }
|
||||||
- $self->{use_geoip2} = 1;
|
- $self->{use_geoip2} = 1;
|
||||||
- };
|
|
||||||
- if ($@ || !($self->{geoip} || $self->{geoisp})) {
|
|
||||||
- $@ =~ s/\s+Trace begun.*//s;
|
|
||||||
- warn "URILocalBL: GeoIP2 load failed: $@\n";
|
|
||||||
- return 0;
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
- } elsif ( HAS_GEOIP ) {
|
- } elsif ( HAS_GEOIP ) {
|
||||||
- BEGIN {
|
- BEGIN {
|
||||||
- Geo::IP->import( qw(GEOIP_MEMORY_CACHE GEOIP_CHECK_CACHE GEOIP_ISP_EDITION) );
|
- Geo::IP->import( qw(GEOIP_MEMORY_CACHE GEOIP_CHECK_CACHE GEOIP_ISP_EDITION) );
|
||||||
@ -909,32 +775,20 @@ index 4def393..0000000
|
|||||||
-
|
-
|
||||||
- # this code burps an ugly message if it fails, but that's redirected elsewhere
|
- # this code burps an ugly message if it fails, but that's redirected elsewhere
|
||||||
- my $flags = 0;
|
- my $flags = 0;
|
||||||
- my $flag_isp = 0;
|
- eval '$flags = Geo::IP::GEOIP_SILENCE' if ($gip_wanted >= $gip_have);
|
||||||
- my $flag_silent = 0;
|
|
||||||
- eval '$flags = GEOIP_MEMORY_CACHE | GEOIP_CHECK_CACHE' if ($gip_have >= $gip_wanted);
|
|
||||||
- eval '$flag_silent = GEOIP_SILENCE' if ($gip_have >= $gip_wanted);
|
|
||||||
- eval '$flag_isp = GEOIP_ISP_EDITION' if ($gip_have >= $gip_wanted);
|
|
||||||
-
|
-
|
||||||
- eval {
|
- if ($flags && $gic_wanted >= $gic_have) {
|
||||||
- if ($flag_silent && $gic_have >= $gic_wanted) {
|
- $self->{geoip} = Geo::IP->new(GEOIP_MEMORY_CACHE | GEOIP_CHECK_CACHE | $flags);
|
||||||
- $self->{geoip} = Geo::IP->new($flags | $flag_silent);
|
- $self->{geoisp} = Geo::IP->open_type(GEOIP_ISP_EDITION, GEOIP_MEMORY_CACHE | GEOIP_CHECK_CACHE | $flags);
|
||||||
- $self->{geoisp} = Geo::IP->open_type($flag_isp, $flag_silent | $flags);
|
|
||||||
- } else {
|
- } else {
|
||||||
- open(OLDERR, ">&STDERR");
|
- open(OLDERR, ">&STDERR");
|
||||||
- open(STDERR, ">", "/dev/null");
|
- open(STDERR, ">", "/dev/null");
|
||||||
- $self->{geoip} = Geo::IP->new($flags);
|
- $self->{geoip} = Geo::IP->new(GEOIP_MEMORY_CACHE | GEOIP_CHECK_CACHE);
|
||||||
- $self->{geoisp} = Geo::IP->open_type($flag_isp);
|
- $self->{geoisp} = Geo::IP->open_type(GEOIP_ISP_EDITION, GEOIP_MEMORY_CACHE | GEOIP_CHECK_CACHE);
|
||||||
- open(STDERR, ">&OLDERR");
|
- open(STDERR, ">&OLDERR");
|
||||||
- close(OLDERR);
|
- close(OLDERR);
|
||||||
- }
|
- }
|
||||||
- };
|
- $db_info = sub { return "Geo::IP " . ($self->{geoip}->database_info || '?') };
|
||||||
- if ($@ || !($self->{geoip} || $self->{geoisp})) {
|
|
||||||
- $@ =~ s/\s+Trace begun.*//s;
|
|
||||||
- warn "URILocalBL: GeoIP load failed: $@\n";
|
|
||||||
- return 0;
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
- $db_info = sub { return "Geo::IP " . ($self->{geoip}->database_info || '?') };
|
|
||||||
- } else {
|
- } else {
|
||||||
- dbg("No GeoIP module available");
|
- dbg("No GeoIP module available");
|
||||||
- return 0;
|
- return 0;
|
||||||
@ -946,8 +800,6 @@ index 4def393..0000000
|
|||||||
-
|
-
|
||||||
- my %hit_tests;
|
- my %hit_tests;
|
||||||
- my $got_hit = 0;
|
- my $got_hit = 0;
|
||||||
- my @addrs;
|
|
||||||
- my $IP_ADDRESS = IP_ADDRESS;
|
|
||||||
-
|
-
|
||||||
- if ( defined $self->{geoip} ) {
|
- if ( defined $self->{geoip} ) {
|
||||||
- dbg("check: uri_local_bl evaluating rule %s using database %s\n", $test, $db_info->());
|
- dbg("check: uri_local_bl evaluating rule %s using database %s\n", $test, $db_info->());
|
||||||
@ -955,14 +807,12 @@ index 4def393..0000000
|
|||||||
- dbg("check: uri_local_bl evaluating rule %s\n", $test);
|
- dbg("check: uri_local_bl evaluating rule %s\n", $test);
|
||||||
- }
|
- }
|
||||||
-
|
-
|
||||||
- my $dns_available = $permsg->is_dns_available();
|
|
||||||
-
|
|
||||||
- while (my ($raw, $info) = each %uri_detail) {
|
- while (my ($raw, $info) = each %uri_detail) {
|
||||||
-
|
-
|
||||||
- next unless $info->{hosts};
|
- next unless $info->{hosts};
|
||||||
-
|
-
|
||||||
- # look for W3 links only
|
- # look for W3 links only
|
||||||
- next unless (defined $info->{types}->{a} || defined $info->{types}->{parsed});
|
- next unless (defined $info->{types}->{a});
|
||||||
-
|
-
|
||||||
- while (my($host, $domain) = each %{$info->{hosts}}) {
|
- while (my($host, $domain) = each %{$info->{hosts}}) {
|
||||||
-
|
-
|
||||||
@ -972,18 +822,11 @@ index 4def393..0000000
|
|||||||
- next;
|
- next;
|
||||||
- }
|
- }
|
||||||
-
|
-
|
||||||
- if($host !~ /^$IP_ADDRESS$/) {
|
- # this would be best cached from prior lookups
|
||||||
- if (!$dns_available) {
|
- my @addrs = gethostbyname($host);
|
||||||
- dbg("check: uri_local_bl skipping $host, dns not available");
|
-
|
||||||
- next;
|
- # convert to string values address list
|
||||||
- }
|
- @addrs = map { inet_ntoa($_); } @addrs[4..$#addrs];
|
||||||
- # this would be best cached from prior lookups
|
|
||||||
- @addrs = gethostbyname($host);
|
|
||||||
- # convert to string values address list
|
|
||||||
- @addrs = map { inet_ntoa($_); } @addrs[4..$#addrs];
|
|
||||||
- } else {
|
|
||||||
- @addrs = ($host);
|
|
||||||
- }
|
|
||||||
-
|
-
|
||||||
- dbg("check: uri_local_bl %s addrs %s\n", $host, join(', ', @addrs));
|
- dbg("check: uri_local_bl %s addrs %s\n", $host, join(', ', @addrs));
|
||||||
-
|
-
|
||||||
@ -998,12 +841,7 @@ index 4def393..0000000
|
|||||||
- dbg("check: uri_local_bl countries %s\n", join(' ', sort keys %{$rule->{countries}}));
|
- dbg("check: uri_local_bl countries %s\n", join(' ', sort keys %{$rule->{countries}}));
|
||||||
-
|
-
|
||||||
- if ( $self->{use_geoip2} == 1 ) {
|
- if ( $self->{use_geoip2} == 1 ) {
|
||||||
- my $country;
|
- my $country = $self->{geoip}->country( ip => $ip );
|
||||||
- if (index($self->{geoip}->metadata()->description()->{en}, 'City') != -1) {
|
|
||||||
- $country = $self->{geoip}->city( ip => $ip );
|
|
||||||
- } else {
|
|
||||||
- $country = $self->{geoip}->country( ip => $ip );
|
|
||||||
- }
|
|
||||||
- my $country_rec = $country->country();
|
- my $country_rec = $country->country();
|
||||||
- $cc = $country_rec->iso_code();
|
- $cc = $country_rec->iso_code();
|
||||||
- } else {
|
- } else {
|
||||||
@ -1135,22 +973,14 @@ index 4def393..0000000
|
|||||||
-1;
|
-1;
|
||||||
-
|
-
|
||||||
diff --git a/lib/Mail/SpamAssassin/Util/DependencyInfo.pm b/lib/Mail/SpamAssassin/Util/DependencyInfo.pm
|
diff --git a/lib/Mail/SpamAssassin/Util/DependencyInfo.pm b/lib/Mail/SpamAssassin/Util/DependencyInfo.pm
|
||||||
index e55c863..b5b05cf 100644
|
index 8127595..17aacbc 100644
|
||||||
--- a/lib/Mail/SpamAssassin/Util/DependencyInfo.pm
|
--- a/lib/Mail/SpamAssassin/Util/DependencyInfo.pm
|
||||||
+++ b/lib/Mail/SpamAssassin/Util/DependencyInfo.pm
|
+++ b/lib/Mail/SpamAssassin/Util/DependencyInfo.pm
|
||||||
@@ -125,46 +125,6 @@ our @OPTIONAL_MODULES = (
|
@@ -124,30 +124,6 @@ our @OPTIONAL_MODULES = (
|
||||||
desc => 'Used to check DNS Sender Policy Framework (SPF) records to fight email
|
desc => 'Used to check DNS Sender Policy Framework (SPF) records to fight email
|
||||||
address forgery and make it easier to identify spams.',
|
address forgery and make it easier to identify spams.',
|
||||||
},
|
},
|
||||||
-{
|
-{
|
||||||
- module => 'GeoIP2::Database::Reader',
|
|
||||||
- version => 0,
|
|
||||||
- desc => 'Used by the RelayCountry plugin (not enabled by default) to
|
|
||||||
- determine the domain country codes of each relay in the path of an email.
|
|
||||||
- Also used by the URILocalBL plugin (not enabled by default) to provide ISP
|
|
||||||
- and Country code based filtering.',
|
|
||||||
-},
|
|
||||||
-{
|
|
||||||
- module => 'Geo::IP',
|
- module => 'Geo::IP',
|
||||||
- version => 0,
|
- version => 0,
|
||||||
- desc => 'Used by the RelayCountry plugin (not enabled by default) to determine
|
- desc => 'Used by the RelayCountry plugin (not enabled by default) to determine
|
||||||
@ -1158,14 +988,6 @@ index e55c863..b5b05cf 100644
|
|||||||
- the URILocalBL plugin to provide ISP and Country code based filtering.',
|
- the URILocalBL plugin to provide ISP and Country code based filtering.',
|
||||||
-},
|
-},
|
||||||
-{
|
-{
|
||||||
- module => 'IP::Country::DB_File',
|
|
||||||
- version => 0,
|
|
||||||
- desc => 'Used by the RelayCountry plugin (not enabled by default) to
|
|
||||||
- determine the domain country codes of each relay in the path of an email.
|
|
||||||
- Also used by the URILocalBL plugin (not enabled by default) to provide
|
|
||||||
- Country code based filtering.',
|
|
||||||
-},
|
|
||||||
-{
|
|
||||||
- module => 'Net::CIDR::Lite',
|
- module => 'Net::CIDR::Lite',
|
||||||
- version => 0,
|
- version => 0,
|
||||||
- desc => 'Used by the URILocalBL plugin to process IP address ranges.',
|
- desc => 'Used by the URILocalBL plugin to process IP address ranges.',
|
||||||
@ -1186,7 +1008,7 @@ index e55c863..b5b05cf 100644
|
|||||||
# module => 'Net::Ident',
|
# module => 'Net::Ident',
|
||||||
# version => 0,
|
# version => 0,
|
||||||
diff --git a/rules/init.pre b/rules/init.pre
|
diff --git a/rules/init.pre b/rules/init.pre
|
||||||
index f9ee06a..0539b29 100644
|
index a330bad..6313a03 100644
|
||||||
--- a/rules/init.pre
|
--- a/rules/init.pre
|
||||||
+++ b/rules/init.pre
|
+++ b/rules/init.pre
|
||||||
@@ -14,13 +14,6 @@
|
@@ -14,13 +14,6 @@
|
||||||
@ -1219,10 +1041,10 @@ index 489dd4c..7ff8e84 100644
|
|||||||
# PDFInfo - Use several methods to detect a PDF file's ham/spam traits
|
# PDFInfo - Use several methods to detect a PDF file's ham/spam traits
|
||||||
# loadplugin Mail::SpamAssassin::Plugin::PDFInfo
|
# loadplugin Mail::SpamAssassin::Plugin::PDFInfo
|
||||||
diff --git a/spamassassin.raw b/spamassassin.raw
|
diff --git a/spamassassin.raw b/spamassassin.raw
|
||||||
index 4b52ef9..959297a 100755
|
index 9d03d4f..443e154 100755
|
||||||
--- a/spamassassin.raw
|
--- a/spamassassin.raw
|
||||||
+++ b/spamassassin.raw
|
+++ b/spamassassin.raw
|
||||||
@@ -872,9 +872,6 @@ from the SpamAssassin distribution.
|
@@ -881,9 +881,6 @@ from the SpamAssassin distribution.
|
||||||
Mail::SpamAssassin::Plugin::Hashcash
|
Mail::SpamAssassin::Plugin::Hashcash
|
||||||
perform hashcash verification tests
|
perform hashcash verification tests
|
||||||
|
|
||||||
@ -1232,3 +1054,6 @@ index 4b52ef9..959297a 100755
|
|||||||
Mail::SpamAssassin::Plugin::SPF
|
Mail::SpamAssassin::Plugin::SPF
|
||||||
perform SPF verification tests
|
perform SPF verification tests
|
||||||
|
|
||||||
|
--
|
||||||
|
2.14.4
|
||||||
|
|
18
SOURCES/spamassassin-3.4.2-fix-file-handle-leaks.patch
Normal file
18
SOURCES/spamassassin-3.4.2-fix-file-handle-leaks.patch
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
--- a/spamc/spamc.c 2018/10/02 16:54:17 1842644
|
||||||
|
+++ b/spamc/spamc.c 2018/10/02 17:40:43 1842645
|
||||||
|
@@ -616,6 +616,7 @@
|
||||||
|
fprintf(stderr,"Exceeded max line size (%d) in %s\n",
|
||||||
|
CONFIG_MAX_LINE_SIZE-2, config_file);
|
||||||
|
}
|
||||||
|
+ fclose(config);
|
||||||
|
return EX_CONFIG;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -629,6 +630,7 @@
|
||||||
|
if (*combo_argc >= COMBO_ARGV_SIZE) {
|
||||||
|
fprintf(stderr,"Exceeded max number of arguments (%d) in %s\n",
|
||||||
|
COMBO_ARGV_SIZE, config_file);
|
||||||
|
+ fclose(config);
|
||||||
|
return EX_CONFIG;
|
||||||
|
}
|
||||||
|
combo_argv[*combo_argc] = strdup(tok);
|
@ -0,0 +1,63 @@
|
|||||||
|
--- a/lib/Mail/SpamAssassin/Conf.pm 2019/08/01 12:28:38 1864149
|
||||||
|
+++ b/lib/Mail/SpamAssassin/Conf.pm 2019/08/08 08:11:36 1864686
|
||||||
|
@@ -3066,12 +3066,19 @@
|
||||||
|
as per the header tests, C<#> must be escaped (C<\#>) or else it is considered
|
||||||
|
the beginning of a comment.
|
||||||
|
|
||||||
|
-The 'body' in this case is the textual parts of the message body;
|
||||||
|
-any non-text MIME parts are stripped, and the message decoded from
|
||||||
|
-Quoted-Printable or Base-64-encoded format if necessary. The message
|
||||||
|
-Subject header is considered part of the body and becomes the first
|
||||||
|
-paragraph when running the rules. All HTML tags and line breaks will
|
||||||
|
-be removed before matching.
|
||||||
|
+The 'body' in this case is the textual parts of the message body; any
|
||||||
|
+non-text MIME parts are stripped, and the message decoded from
|
||||||
|
+Quoted-Printable or Base-64-encoded format if necessary. Parts declared as
|
||||||
|
+text/html will be rendered from HTML to text.
|
||||||
|
+
|
||||||
|
+All body paragraphs (double-newline-separated blocks text) are turned into a
|
||||||
|
+line breaks removed, whitespace normalized single line. Any lines longer
|
||||||
|
+than 2kB are split into shorter separate lines (from a boundary when
|
||||||
|
+possible), this may unexpectedly prevent pattern from matching. Patterns
|
||||||
|
+are matched independently against each of these lines.
|
||||||
|
+
|
||||||
|
+Note that the message Subject header is considered part of the body and
|
||||||
|
+becomes the first line when running the rules.
|
||||||
|
|
||||||
|
=item body SYMBOLIC_TEST_NAME eval:name_of_eval_method([args])
|
||||||
|
|
||||||
|
@@ -3152,6 +3159,10 @@
|
||||||
|
tags and line breaks will still be present. Multiline expressions will
|
||||||
|
need to be used to match strings that are broken by line breaks.
|
||||||
|
|
||||||
|
+Note that the text is split into 2-4kB chunks (from a word boundary when
|
||||||
|
+possible), this may unexpectedly prevent pattern from matching. Patterns
|
||||||
|
+are matched independently against each of these chunks.
|
||||||
|
+
|
||||||
|
=item rawbody SYMBOLIC_TEST_NAME eval:name_of_eval_method([args])
|
||||||
|
|
||||||
|
Define a raw-body eval test. See above.
|
||||||
|
--- a/lib/Mail/SpamAssassin/PerMsgStatus.pm 2019/08/03 13:55:00 1864336
|
||||||
|
+++ b/lib/Mail/SpamAssassin/PerMsgStatus.pm 2019/08/08 08:11:36 1864686
|
||||||
|
@@ -1769,8 +1769,10 @@
|
||||||
|
Returns the message body, with B<base64> or B<quoted-printable> encodings
|
||||||
|
decoded, and non-text parts or non-inline attachments stripped.
|
||||||
|
|
||||||
|
-It is returned as an array of strings, with each string representing
|
||||||
|
-one newline-separated line of the body.
|
||||||
|
+This is the same result text as used in 'rawbody' rules.
|
||||||
|
+
|
||||||
|
+It is returned as an array of strings, with each string being a 2-4kB chunk
|
||||||
|
+of the body, split from boundaries if possible.
|
||||||
|
|
||||||
|
=cut
|
||||||
|
|
||||||
|
@@ -1784,6 +1786,8 @@
|
||||||
|
get_decoded_body_text_array()), with HTML rendered, and with whitespace
|
||||||
|
normalized.
|
||||||
|
|
||||||
|
+This is the same result text as used in 'body' rules.
|
||||||
|
+
|
||||||
|
It will always render text/html, and will use a heuristic to determine if other
|
||||||
|
text/* parts should be considered text/html.
|
||||||
|
|
10
SOURCES/spamassassin-3.4.2-fix-use-after-free.patch
Normal file
10
SOURCES/spamassassin-3.4.2-fix-use-after-free.patch
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
--- a/spamc/getopt.c 2018/09/20 06:52:49 1841432
|
||||||
|
+++ b/spamc/getopt.c 2018/09/20 07:18:53 1841433
|
||||||
|
@@ -274,7 +274,6 @@
|
||||||
|
} else if(longopts[i].has_arg == optional_argument) {
|
||||||
|
if(((spamc_optind < argc) && (argv[spamc_optind]) && (argv[spamc_optind][0] != '-')) ||
|
||||||
|
(opt != NULL)) {
|
||||||
|
- free(opt);
|
||||||
|
if(opt != NULL) {
|
||||||
|
spamc_optarg = opt;
|
||||||
|
} else {
|
@ -1,193 +0,0 @@
|
|||||||
diff --git a/MANIFEST b/MANIFEST
|
|
||||||
index e16e0da..601f886 100644
|
|
||||||
--- a/MANIFEST
|
|
||||||
+++ b/MANIFEST
|
|
||||||
@@ -101,7 +101,6 @@ lib/Mail/SpamAssassin/Plugin/Pyzor.pm
|
|
||||||
lib/Mail/SpamAssassin/Plugin/Razor2.pm
|
|
||||||
lib/Mail/SpamAssassin/Plugin/RelayCountry.pm
|
|
||||||
lib/Mail/SpamAssassin/Plugin/RelayEval.pm
|
|
||||||
-lib/Mail/SpamAssassin/Plugin/ResourceLimits.pm
|
|
||||||
lib/Mail/SpamAssassin/Plugin/ReplaceTags.pm
|
|
||||||
lib/Mail/SpamAssassin/Plugin/Reuse.pm
|
|
||||||
lib/Mail/SpamAssassin/Plugin/Rule2XSBody.pm
|
|
||||||
diff --git a/lib/Mail/SpamAssassin/Plugin/ResourceLimits.pm b/lib/Mail/SpamAssassin/Plugin/ResourceLimits.pm
|
|
||||||
deleted file mode 100644
|
|
||||||
index 9179b93..0000000
|
|
||||||
--- a/lib/Mail/SpamAssassin/Plugin/ResourceLimits.pm
|
|
||||||
+++ /dev/null
|
|
||||||
@@ -1,143 +0,0 @@
|
|
||||||
-# <@LICENSE>
|
|
||||||
-# Licensed to the Apache Software Foundation (ASF) under one or more
|
|
||||||
-# contributor license agreements. See the NOTICE file distributed with
|
|
||||||
-# this work for additional information regarding copyright ownership.
|
|
||||||
-# The ASF licenses this file to you under the Apache License, Version 2.0
|
|
||||||
-# (the "License"); you may not use this file except in compliance with
|
|
||||||
-# the License. You may obtain a copy of the License at:
|
|
||||||
-#
|
|
||||||
-# http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
-#
|
|
||||||
-# Unless required by applicable law or agreed to in writing, software
|
|
||||||
-# distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
-# See the License for the specific language governing permissions and
|
|
||||||
-# limitations under the License.
|
|
||||||
-# </@LICENSE>
|
|
||||||
-
|
|
||||||
-=head1 NAME
|
|
||||||
-
|
|
||||||
-Mail::SpamAssassin::Plugin::ResourceLimits - Limit the memory and/or CPU of child spamd processes
|
|
||||||
-
|
|
||||||
-=head1 SYNOPSIS
|
|
||||||
-
|
|
||||||
- # This plugin is for admin only and cannot be specified in user config.
|
|
||||||
- loadplugin Mail::SpamAssassin::Plugin::ResourceLimits
|
|
||||||
-
|
|
||||||
- # Sets to RLIMIT_CPU from BSD::Resource. The quota is based on max CPU Time seconds.
|
|
||||||
- resource_limit_cpu 120
|
|
||||||
-
|
|
||||||
- # Sets to RLIMIT_RSS and RLIMIT_AS via BSD::Resource.
|
|
||||||
- resource_limit_cpu 536870912
|
|
||||||
-
|
|
||||||
-=head1 DESCRIPTION
|
|
||||||
-
|
|
||||||
-This module leverages BSD::Resource to assure your spamd child processes do not exceed
|
|
||||||
-specified CPU or memory limit. If this happens, the child process will die.
|
|
||||||
-See the L<BSD::Resource> for more details.
|
|
||||||
-
|
|
||||||
-NOTE: Because this plugin uses BSD::Resource, it will not function on Windows.
|
|
||||||
-
|
|
||||||
-=head1 ADMINISTRATOR SETTINGS
|
|
||||||
-
|
|
||||||
-=over 4
|
|
||||||
-
|
|
||||||
-=item resource_limit_cpu 120 (default: 0 or no limit)
|
|
||||||
-
|
|
||||||
-How many cpu cycles are allowed on this process before it dies.
|
|
||||||
-
|
|
||||||
-=item resource_limit_mem 536870912 (default: 0 or no limit)
|
|
||||||
-
|
|
||||||
-The maximum number of bytes of memory allowed both for:
|
|
||||||
-
|
|
||||||
-=over
|
|
||||||
-
|
|
||||||
-=item *
|
|
||||||
-
|
|
||||||
-(virtual) address space bytes
|
|
||||||
-
|
|
||||||
-=item *
|
|
||||||
-
|
|
||||||
-resident set size
|
|
||||||
-
|
|
||||||
-=back
|
|
||||||
-
|
|
||||||
-=back
|
|
||||||
-
|
|
||||||
-=cut
|
|
||||||
-
|
|
||||||
-package Mail::SpamAssassin::Plugin::ResourceLimits;
|
|
||||||
-
|
|
||||||
-use Mail::SpamAssassin::Plugin ();
|
|
||||||
-use Mail::SpamAssassin::Logger ();
|
|
||||||
-use Mail::SpamAssassin::Util ();
|
|
||||||
-use Mail::SpamAssassin::Constants qw(:sa);
|
|
||||||
-
|
|
||||||
-use strict;
|
|
||||||
-use warnings;
|
|
||||||
-
|
|
||||||
-use BSD::Resource qw(RLIMIT_RSS RLIMIT_AS RLIMIT_CPU);
|
|
||||||
-
|
|
||||||
-our @ISA = qw(Mail::SpamAssassin::Plugin);
|
|
||||||
-
|
|
||||||
-sub new {
|
|
||||||
- my $class = shift;
|
|
||||||
- my $mailsaobject = shift;
|
|
||||||
-
|
|
||||||
- $class = ref($class) || $class;
|
|
||||||
- my $self = $class->SUPER::new($mailsaobject);
|
|
||||||
- bless( $self, $class );
|
|
||||||
-
|
|
||||||
- $self->set_config( $mailsaobject->{conf} );
|
|
||||||
- return $self;
|
|
||||||
-}
|
|
||||||
-
|
|
||||||
-sub set_config {
|
|
||||||
- my ( $self, $conf ) = @_;
|
|
||||||
- my @cmds = ();
|
|
||||||
-
|
|
||||||
- push(
|
|
||||||
- @cmds,
|
|
||||||
- {
|
|
||||||
- setting => 'resource_limit_mem',
|
|
||||||
- is_admin => 1,
|
|
||||||
- default => '0',
|
|
||||||
- type => $Mail::SpamAssassin::Conf::CONF_TYPE_NUMERIC
|
|
||||||
- }
|
|
||||||
- );
|
|
||||||
-
|
|
||||||
- push(
|
|
||||||
- @cmds,
|
|
||||||
- {
|
|
||||||
- setting => 'resource_limit_cpu',
|
|
||||||
- is_admin => 1,
|
|
||||||
- default => '0',
|
|
||||||
- type => $Mail::SpamAssassin::Conf::CONF_TYPE_NUMERIC
|
|
||||||
- }
|
|
||||||
- );
|
|
||||||
-
|
|
||||||
- $conf->{parser}->register_commands( \@cmds );
|
|
||||||
-}
|
|
||||||
-
|
|
||||||
-sub spamd_child_init {
|
|
||||||
- my ($self) = @_;
|
|
||||||
-
|
|
||||||
- # Set CPU Resource limits if they were specified.
|
|
||||||
- Mail::SpamAssassin::Util::dbg("resourcelimitplugin: In spamd_child_init");
|
|
||||||
- Mail::SpamAssassin::Util::dbg( "resourcelimitplugin: cpu limit: " . $self->{main}->{conf}->{resource_limit_cpu} );
|
|
||||||
- if ( $self->{main}->{conf}->{resource_limit_cpu} ) {
|
|
||||||
- BSD::Resource::setrlimit( RLIMIT_CPU, $self->{main}->{conf}->{resource_limit_cpu}, $self->{main}->{conf}->{resource_limit_cpu} )
|
|
||||||
- || info("resourcelimitplugin: Unable to set RLIMIT_CPU");
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
- # Set Resource limits if they were specified.
|
|
||||||
- Mail::SpamAssassin::Util::dbg( "resourcelimitplugin: mem limit: " . $self->{main}->{conf}->{resource_limit_mem} );
|
|
||||||
- if ( $self->{main}->{conf}->{resource_limit_mem} ) {
|
|
||||||
- BSD::Resource::setrlimit( RLIMIT_RSS, $self->{main}->{conf}->{resource_limit_mem}, $self->{main}->{conf}->{resource_limit_mem} )
|
|
||||||
- || info("resourcelimitplugin: Unable to set RLIMIT_RSS");
|
|
||||||
- BSD::Resource::setrlimit( RLIMIT_AS, $self->{main}->{conf}->{resource_limit_mem}, $self->{main}->{conf}->{resource_limit_mem} )
|
|
||||||
- || info("resourcelimitplugin: Unable to set RLIMIT_AS");
|
|
||||||
- }
|
|
||||||
-}
|
|
||||||
-
|
|
||||||
-1;
|
|
||||||
diff --git a/lib/Mail/SpamAssassin/Util/DependencyInfo.pm b/lib/Mail/SpamAssassin/Util/DependencyInfo.pm
|
|
||||||
index b5b05cf..8223b26 100644
|
|
||||||
--- a/lib/Mail/SpamAssassin/Util/DependencyInfo.pm
|
|
||||||
+++ b/lib/Mail/SpamAssassin/Util/DependencyInfo.pm
|
|
||||||
@@ -234,12 +234,6 @@ our @OPTIONAL_MODULES = (
|
|
||||||
check for both Net::DNS and Net::DNS::Nameserver. However,
|
|
||||||
Net::DNS::Nameserver is only used in make test as of June 2014.',
|
|
||||||
},
|
|
||||||
-{
|
|
||||||
- module => 'BSD::Resource',
|
|
||||||
- version => 0,
|
|
||||||
- desc => 'BSD::Resource provides BSD process resource limit and priority
|
|
||||||
- functions. It is used by the optional ResourceLimits Plugin.',
|
|
||||||
-},
|
|
||||||
{
|
|
||||||
module => 'Archive::Zip',
|
|
||||||
version => 0,
|
|
||||||
diff --git a/rules/v342.pre b/rules/v342.pre
|
|
||||||
index 8e0fb07..c4758e9 100644
|
|
||||||
--- a/rules/v342.pre
|
|
||||||
+++ b/rules/v342.pre
|
|
||||||
@@ -19,10 +19,6 @@
|
|
||||||
# HashBL - Query hashed/unhashed strings, emails, uris etc from DNS lists
|
|
||||||
# loadplugin Mail::SpamAssassin::Plugin::HashBL
|
|
||||||
|
|
||||||
-# ResourceLimits - assure your spamd child processes
|
|
||||||
-# do not exceed specified CPU or memory limit
|
|
||||||
-# loadplugin Mail::SpamAssassin::Plugin::ResourceLimits
|
|
||||||
-
|
|
||||||
# FromNameSpoof - help stop spam that tries to spoof other domains using
|
|
||||||
# the from name
|
|
||||||
# loadplugin Mail::SpamAssassin::Plugin::FromNameSpoof
|
|
@ -1,40 +0,0 @@
|
|||||||
diff --git a/t/all_modules.t b/t/all_modules.t
|
|
||||||
index 855395f..a976012 100755
|
|
||||||
--- a/t/all_modules.t
|
|
||||||
+++ b/t/all_modules.t
|
|
||||||
@@ -12,15 +12,7 @@ plan tests => 5;
|
|
||||||
|
|
||||||
my $plugins = '';
|
|
||||||
|
|
||||||
-if (eval { require BSD::Resource; }) {
|
|
||||||
- $plugins .= "loadplugin Mail::SpamAssassin::Plugin::ResourceLimits\n"
|
|
||||||
-}
|
|
||||||
-if (eval { require Net::CIDR::Lite; }) {
|
|
||||||
- $plugins .= "loadplugin Mail::SpamAssassin::Plugin::URILocalBL\n";
|
|
||||||
-}
|
|
||||||
-
|
|
||||||
tstpre ("
|
|
||||||
-loadplugin Mail::SpamAssassin::Plugin::RelayCountry
|
|
||||||
loadplugin Mail::SpamAssassin::Plugin::URIDNSBL
|
|
||||||
loadplugin Mail::SpamAssassin::Plugin::Hashcash
|
|
||||||
loadplugin Mail::SpamAssassin::Plugin::SPF
|
|
||||||
diff --git a/t/data/01_test_rules.pre b/t/data/01_test_rules.pre
|
|
||||||
index c4681ca..1694ddf 100644
|
|
||||||
--- a/t/data/01_test_rules.pre
|
|
||||||
+++ b/t/data/01_test_rules.pre
|
|
||||||
@@ -21,7 +21,6 @@ loadplugin Mail::SpamAssassin::Plugin::WLBLEval
|
|
||||||
loadplugin Mail::SpamAssassin::Plugin::VBounce
|
|
||||||
|
|
||||||
# Try to load some non-default plugins also
|
|
||||||
-loadplugin Mail::SpamAssassin::Plugin::RelayCountry
|
|
||||||
loadplugin Mail::SpamAssassin::Plugin::DCC
|
|
||||||
loadplugin Mail::SpamAssassin::Plugin::AntiVirus
|
|
||||||
loadplugin Mail::SpamAssassin::Plugin::AWL
|
|
||||||
@@ -32,7 +31,6 @@ loadplugin Mail::SpamAssassin::Plugin::Shortcircuit
|
|
||||||
loadplugin Mail::SpamAssassin::Plugin::ASN
|
|
||||||
#loadplugin Mail::SpamAssassin::Plugin::PhishTag
|
|
||||||
#loadplugin Mail::SpamAssassin::Plugin::TxRep
|
|
||||||
-loadplugin Mail::SpamAssassin::Plugin::URILocalBL
|
|
||||||
loadplugin Mail::SpamAssassin::Plugin::PDFInfo
|
|
||||||
loadplugin Mail::SpamAssassin::Plugin::HashBL
|
|
||||||
#loadplugin Mail::SpamAssassin::Plugin::ResourceLimits
|
|
@ -1,354 +0,0 @@
|
|||||||
diff --git a/lib/Mail/SpamAssassin/AutoWhitelist.pm b/lib/Mail/SpamAssassin/AutoWhitelist.pm
|
|
||||||
index 627e249..cc3c97b 100644
|
|
||||||
--- a/lib/Mail/SpamAssassin/AutoWhitelist.pm
|
|
||||||
+++ b/lib/Mail/SpamAssassin/AutoWhitelist.pm
|
|
||||||
@@ -128,35 +128,35 @@ sub check_address {
|
|
||||||
my $entry = $self->{checker}->get_addr_entry ($fulladdr, $signedby);
|
|
||||||
$self->{entry} = $entry;
|
|
||||||
|
|
||||||
- if (!$entry->{msgcount}) {
|
|
||||||
+ if (!$entry->{count}) {
|
|
||||||
# no entry found
|
|
||||||
if (defined $origip) {
|
|
||||||
# try upgrading a default entry (probably from "add-addr-to-foo")
|
|
||||||
my $noipaddr = $self->pack_addr ($addr, undef);
|
|
||||||
my $noipent = $self->{checker}->get_addr_entry ($noipaddr, undef);
|
|
||||||
|
|
||||||
- if (defined $noipent->{msgcount} && $noipent->{msgcount} > 0) {
|
|
||||||
+ if (defined $noipent->{count} && $noipent->{count} > 0) {
|
|
||||||
dbg("auto-whitelist: found entry w/o IP address for $addr: replacing with $origip");
|
|
||||||
$self->{checker}->remove_entry($noipent);
|
|
||||||
# Now assign proper entry the count and totscore values of the
|
|
||||||
# no-IP entry instead of assigning the whole value to avoid
|
|
||||||
# wiping out any information added to the previous entry.
|
|
||||||
- $entry->{msgcount} = $noipent->{msgcount};
|
|
||||||
+ $entry->{count} = $noipent->{count};
|
|
||||||
$entry->{totscore} = $noipent->{totscore};
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
- if ($entry->{msgcount} < 0 ||
|
|
||||||
- $entry->{msgcount} != $entry->{msgcount} || # test for NaN
|
|
||||||
+ if ($entry->{count} < 0 ||
|
|
||||||
+ $entry->{count} != $entry->{count} || # test for NaN
|
|
||||||
$entry->{totscore} != $entry->{totscore})
|
|
||||||
{
|
|
||||||
warn "auto-whitelist: resetting bad data for ($addr, $origip), ".
|
|
||||||
- "count: $entry->{msgcount}, totscore: $entry->{totscore}\n";
|
|
||||||
- $entry->{msgcount} = $entry->{totscore} = 0;
|
|
||||||
+ "count: $entry->{count}, totscore: $entry->{totscore}\n";
|
|
||||||
+ $entry->{count} = $entry->{totscore} = 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
- return !$entry->{msgcount} ? undef : $entry->{totscore} / $entry->{msgcount};
|
|
||||||
+ return !$entry->{count} ? undef : $entry->{totscore} / $entry->{count};
|
|
||||||
}
|
|
||||||
|
|
||||||
###########################################################################
|
|
||||||
@@ -170,7 +170,7 @@ whitelist correction.
|
|
||||||
|
|
||||||
sub count {
|
|
||||||
my $self = shift;
|
|
||||||
- return $self->{entry}->{msgcount};
|
|
||||||
+ return $self->{entry}->{count};
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
@@ -195,7 +195,7 @@ sub add_score {
|
|
||||||
return; # don't try to add a NaN
|
|
||||||
}
|
|
||||||
|
|
||||||
- $self->{entry}->{msgcount} ||= 0;
|
|
||||||
+ $self->{entry}->{count} ||= 0;
|
|
||||||
$self->{checker}->add_score($self->{entry}, $score);
|
|
||||||
}
|
|
||||||
|
|
||||||
diff --git a/lib/Mail/SpamAssassin/DBBasedAddrList.pm b/lib/Mail/SpamAssassin/DBBasedAddrList.pm
|
|
||||||
index 6aaed86..a1adca3 100644
|
|
||||||
--- a/lib/Mail/SpamAssassin/DBBasedAddrList.pm
|
|
||||||
+++ b/lib/Mail/SpamAssassin/DBBasedAddrList.pm
|
|
||||||
@@ -125,10 +125,10 @@ sub get_addr_entry {
|
|
||||||
addr => $addr,
|
|
||||||
};
|
|
||||||
|
|
||||||
- $entry->{msgcount} = $self->{accum}->{$addr} || 0;
|
|
||||||
+ $entry->{count} = $self->{accum}->{$addr} || 0;
|
|
||||||
$entry->{totscore} = $self->{accum}->{$addr.'|totscore'} || 0;
|
|
||||||
|
|
||||||
- dbg("auto-whitelist: db-based $addr scores ".$entry->{msgcount}.'/'.$entry->{totscore});
|
|
||||||
+ dbg("auto-whitelist: db-based $addr scores ".$entry->{count}.'/'.$entry->{totscore});
|
|
||||||
return $entry;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -137,15 +137,15 @@ sub get_addr_entry {
|
|
||||||
sub add_score {
|
|
||||||
my($self, $entry, $score) = @_;
|
|
||||||
|
|
||||||
- $entry->{msgcount} ||= 0;
|
|
||||||
+ $entry->{count} ||= 0;
|
|
||||||
$entry->{addr} ||= '';
|
|
||||||
|
|
||||||
- $entry->{msgcount}++;
|
|
||||||
+ $entry->{count}++;
|
|
||||||
$entry->{totscore} += $score;
|
|
||||||
|
|
||||||
- dbg("auto-whitelist: add_score: new count: ".$entry->{msgcount}.", new totscore: ".$entry->{totscore});
|
|
||||||
+ dbg("auto-whitelist: add_score: new count: ".$entry->{count}.", new totscore: ".$entry->{totscore});
|
|
||||||
|
|
||||||
- $self->{accum}->{$entry->{addr}} = $entry->{msgcount};
|
|
||||||
+ $self->{accum}->{$entry->{addr}} = $entry->{count};
|
|
||||||
$self->{accum}->{$entry->{addr}.'|totscore'} = $entry->{totscore};
|
|
||||||
return $entry;
|
|
||||||
}
|
|
||||||
diff --git a/lib/Mail/SpamAssassin/Plugin/TxRep.pm b/lib/Mail/SpamAssassin/Plugin/TxRep.pm
|
|
||||||
index 2ef3ddc..08b432b 100644
|
|
||||||
--- a/lib/Mail/SpamAssassin/Plugin/TxRep.pm
|
|
||||||
+++ b/lib/Mail/SpamAssassin/Plugin/TxRep.pm
|
|
||||||
@@ -1521,7 +1521,7 @@ sub check_reputation {
|
|
||||||
#--------------------------------------------------------------------------
|
|
||||||
|
|
||||||
###########################################################################
|
|
||||||
-sub count {my $self=shift; return (defined $self->{checker})? $self->{entry}->{msgcount} : undef;}
|
|
||||||
+sub count {my $self=shift; return (defined $self->{checker})? $self->{entry}->{count} : undef;}
|
|
||||||
sub total {my $self=shift; return (defined $self->{checker})? $self->{entry}->{totscore} : undef;}
|
|
||||||
###########################################################################
|
|
||||||
|
|
||||||
@@ -1538,11 +1538,11 @@ sub get_sender {
|
|
||||||
$self->{entry} = $entry;
|
|
||||||
$origip = $origip || 'none';
|
|
||||||
|
|
||||||
- if ($entry->{msgcount}<0 || $entry->{msgcount}=~/^(nan|)$/ || $entry->{totscore}=~/^(nan|)$/) {
|
|
||||||
- warn "TxRep: resetting bad data for ($addr, $origip), count: $entry->{msgcount}, totscore: $entry->{totscore}\n";
|
|
||||||
- $self->{entry}->{msgcount} = $self->{entry}->{totscore} = 0;
|
|
||||||
+ if ($entry->{count}<0 || $entry->{count}=~/^(nan|)$/ || $entry->{totscore}=~/^(nan|)$/) {
|
|
||||||
+ warn "TxRep: resetting bad data for ($addr, $origip), count: $entry->{count}, totscore: $entry->{totscore}\n";
|
|
||||||
+ $self->{entry}->{count} = $self->{entry}->{totscore} = 0;
|
|
||||||
}
|
|
||||||
- return $self->{entry}->{msgcount};
|
|
||||||
+ return $self->{entry}->{count};
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
@@ -1557,7 +1557,7 @@ sub add_score {
|
|
||||||
warn "TxRep: attempt to add a $score to TxRep entry ignored\n";
|
|
||||||
return; # don't try to add a NaN
|
|
||||||
}
|
|
||||||
- $self->{entry}->{msgcount} ||= 0;
|
|
||||||
+ $self->{entry}->{count} ||= 0;
|
|
||||||
|
|
||||||
# performing the dilution aging correction
|
|
||||||
if (defined $self->total() && defined $self->count() && defined $self->{txrep_dilution_factor}) {
|
|
||||||
@@ -1587,9 +1587,9 @@ sub remove_score {
|
|
||||||
}
|
|
||||||
# no reversal dilution aging correction (not easily possible),
|
|
||||||
# just removing the original message score
|
|
||||||
- if ($self->{entry}->{msgcount} > 2)
|
|
||||||
- {$self->{entry}->{msgcount} -= 2;}
|
|
||||||
- else {$self->{entry}->{msgcount} = 0;}
|
|
||||||
+ if ($self->{entry}->{count} > 2)
|
|
||||||
+ {$self->{entry}->{count} -= 2;}
|
|
||||||
+ else {$self->{entry}->{count} = 0;}
|
|
||||||
# subtract 2, and add a score; hence decrementing by 1
|
|
||||||
$self->{checker}->add_score($self->{entry}, -1*$score);
|
|
||||||
}
|
|
||||||
diff --git a/lib/Mail/SpamAssassin/SQLBasedAddrList.pm b/lib/Mail/SpamAssassin/SQLBasedAddrList.pm
|
|
||||||
index 278f792..f3f40b4 100644
|
|
||||||
--- a/lib/Mail/SpamAssassin/SQLBasedAddrList.pm
|
|
||||||
+++ b/lib/Mail/SpamAssassin/SQLBasedAddrList.pm
|
|
||||||
@@ -45,7 +45,7 @@ CREATE TABLE awl (
|
|
||||||
username varchar(100) NOT NULL default '',
|
|
||||||
email varchar(255) NOT NULL default '',
|
|
||||||
ip varchar(40) NOT NULL default '',
|
|
||||||
- msgcount int(11) NOT NULL default '0',
|
|
||||||
+ count int(11) NOT NULL default '0',
|
|
||||||
totscore float NOT NULL default '0',
|
|
||||||
signedby varchar(255) NOT NULL default '',
|
|
||||||
PRIMARY KEY (username,email,signedby,ip)
|
|
||||||
@@ -191,7 +191,7 @@ sub get_addr_entry {
|
|
||||||
|
|
||||||
my $entry = { addr => $addr,
|
|
||||||
exists_p => 0,
|
|
||||||
- msgcount => 0,
|
|
||||||
+ count => 0,
|
|
||||||
totscore => 0,
|
|
||||||
signedby => $signedby,
|
|
||||||
};
|
|
||||||
@@ -200,7 +200,7 @@ sub get_addr_entry {
|
|
||||||
|
|
||||||
return $entry unless $email ne '' && (defined $ip || defined $signedby);
|
|
||||||
|
|
||||||
- my $sql = "SELECT msgcount, totscore FROM $self->{tablename} " .
|
|
||||||
+ my $sql = "SELECT count, totscore FROM $self->{tablename} " .
|
|
||||||
"WHERE username = ? AND email = ?";
|
|
||||||
my @args = ( $email );
|
|
||||||
if (!$self->{_with_awl_signer}) {
|
|
||||||
@@ -225,7 +225,7 @@ sub get_addr_entry {
|
|
||||||
if (!$rc) { # there was an error, but try to go on
|
|
||||||
info("auto-whitelist: sql-based get_addr_entry %s: SQL error: %s",
|
|
||||||
join('|',@args), $sth->errstr);
|
|
||||||
- $entry->{msgcount} = 0;
|
|
||||||
+ $entry->{count} = 0;
|
|
||||||
$entry->{totscore} = 0;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
@@ -234,8 +234,8 @@ sub get_addr_entry {
|
|
||||||
# how to combine data if there are several entries (like signed by
|
|
||||||
# an author domain and by a remailer)? for now just take an average
|
|
||||||
while ( defined($aryref = $sth->fetchrow_arrayref()) ) {
|
|
||||||
- if (defined $entry->{msgcount} && defined $aryref->[1]) {
|
|
||||||
- $entry->{msgcount} = $aryref->[0];
|
|
||||||
+ if (defined $entry->{count} && defined $aryref->[1]) {
|
|
||||||
+ $entry->{count} = $aryref->[0];
|
|
||||||
$entry->{totscore} = $aryref->[1];
|
|
||||||
}
|
|
||||||
$entry->{exists_p} = 1;
|
|
||||||
@@ -247,8 +247,8 @@ sub get_addr_entry {
|
|
||||||
}
|
|
||||||
$sth->finish();
|
|
||||||
|
|
||||||
- dbg("auto-whitelist: sql-based %s scores %s, msgcount %s",
|
|
||||||
- join('|',@args), $entry->{totscore}, $entry->{msgcount});
|
|
||||||
+ dbg("auto-whitelist: sql-based %s scores %s, count %s",
|
|
||||||
+ join('|',@args), $entry->{totscore}, $entry->{count});
|
|
||||||
|
|
||||||
return $entry;
|
|
||||||
}
|
|
||||||
@@ -275,7 +275,7 @@ sub add_score {
|
|
||||||
|
|
||||||
my ($email, $ip) = $self->_unpack_addr($entry->{addr});
|
|
||||||
|
|
||||||
- $entry->{msgcount} += 1;
|
|
||||||
+ $entry->{count} += 1;
|
|
||||||
$entry->{totscore} += $score;
|
|
||||||
my $signedby = $entry->{signedby};
|
|
||||||
|
|
||||||
@@ -286,7 +286,7 @@ sub add_score {
|
|
||||||
|
|
||||||
my $inserted = 0;
|
|
||||||
|
|
||||||
- { my @fields = qw(username email ip msgcount totscore);
|
|
||||||
+ { my @fields = qw(username email ip count totscore);
|
|
||||||
my @signedby;
|
|
||||||
if ($self->{_with_awl_signer}) {
|
|
||||||
push(@fields, 'signedby');
|
|
||||||
@@ -327,9 +327,9 @@ sub add_score {
|
|
||||||
# insert failed, assume primary key constraint, so try the update
|
|
||||||
|
|
||||||
my $sql = "UPDATE $self->{tablename} ".
|
|
||||||
- "SET msgcount = ?, totscore = totscore + ? ".
|
|
||||||
+ "SET count = ?, totscore = totscore + ? ".
|
|
||||||
"WHERE username = ? AND email = ?";
|
|
||||||
- my(@args) = ($entry->{msgcount}, $score, $self->{_username}, $email);
|
|
||||||
+ my(@args) = ($entry->{count}, $score, $self->{_username}, $email);
|
|
||||||
if ($self->{_with_awl_signer}) {
|
|
||||||
my @signedby = !defined $signedby ? () : split(' ', lc $signedby);
|
|
||||||
if (!@signedby) {
|
|
||||||
@@ -352,8 +352,8 @@ sub add_score {
|
|
||||||
join('|',@args), $sth->errstr);
|
|
||||||
} else {
|
|
||||||
dbg("auto-whitelist: sql-based add_score/update ".
|
|
||||||
- "new msgcount: %s, new totscore: %s for %s",
|
|
||||||
- $entry->{msgcount}, $entry->{totscore}, join('|',@args));
|
|
||||||
+ "new count: %s, new totscore: %s for %s",
|
|
||||||
+ $entry->{count}, $entry->{totscore}, join('|',@args));
|
|
||||||
$entry->{exists_p} = 1;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
diff --git a/sql/README.awl b/sql/README.awl
|
|
||||||
index 68de4a1..a1ddf40 100644
|
|
||||||
--- a/sql/README.awl
|
|
||||||
+++ b/sql/README.awl
|
|
||||||
@@ -75,7 +75,7 @@ setting: "awl") with at least these fields:
|
|
||||||
username varchar(100) # this is the username whose e-mail is being filtered
|
|
||||||
email varchar(200) # this is the address key
|
|
||||||
ip varchar(40) # this is the ip key (fits IPv4 or IPv6)
|
|
||||||
- msgcount int(11) # this is the message counter
|
|
||||||
+ count int(11) # this is the message counter
|
|
||||||
totscore float # this is the total calculated score
|
|
||||||
signedby varchar(255) # a DKIM or DomainKeys signing domain(s)
|
|
||||||
|
|
||||||
@@ -109,7 +109,7 @@ CREATE TABLE awl (
|
|
||||||
username varchar(100) NOT NULL default '',
|
|
||||||
email varchar(255) NOT NULL default '',
|
|
||||||
ip varchar(40) NOT NULL default '',
|
|
||||||
- msgcount int(11) NOT NULL default '0',
|
|
||||||
+ count int(11) NOT NULL default '0',
|
|
||||||
totscore float NOT NULL default '0',
|
|
||||||
signedby varchar(255) NOT NULL default '',
|
|
||||||
PRIMARY KEY (username,email,signedby,ip)
|
|
||||||
diff --git a/sql/awl_mysql.sql b/sql/awl_mysql.sql
|
|
||||||
index a8b6926..0bfa99a 100644
|
|
||||||
--- a/sql/awl_mysql.sql
|
|
||||||
+++ b/sql/awl_mysql.sql
|
|
||||||
@@ -2,7 +2,7 @@ CREATE TABLE awl (
|
|
||||||
username varchar(100) NOT NULL default '',
|
|
||||||
email varbinary(255) NOT NULL default '',
|
|
||||||
ip varchar(40) NOT NULL default '',
|
|
||||||
- msgcount int(11) NOT NULL default '0',
|
|
||||||
+ count int(11) NOT NULL default '0',
|
|
||||||
totscore float NOT NULL default '0',
|
|
||||||
signedby varchar(255) NOT NULL default '',
|
|
||||||
last_hit timestamp NOT NULL default CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
|
|
||||||
diff --git a/sql/awl_pg.sql b/sql/awl_pg.sql
|
|
||||||
index 2cb3f3e..4f59d72 100644
|
|
||||||
--- a/sql/awl_pg.sql
|
|
||||||
+++ b/sql/awl_pg.sql
|
|
||||||
@@ -2,7 +2,7 @@ CREATE TABLE awl (
|
|
||||||
username varchar(100) NOT NULL default '',
|
|
||||||
email varchar(255) NOT NULL default '',
|
|
||||||
ip varchar(40) NOT NULL default '',
|
|
||||||
- msgcount bigint NOT NULL default '0',
|
|
||||||
+ count bigint NOT NULL default '0',
|
|
||||||
totscore float NOT NULL default '0',
|
|
||||||
signedby varchar(255) NOT NULL default '',
|
|
||||||
last_hit timestamp NOT NULL default CURRENT_TIMESTAMP,
|
|
||||||
diff --git a/sql/txrep_mysql.sql b/sql/txrep_mysql.sql
|
|
||||||
index 9a4888b..bbe6b95 100644
|
|
||||||
--- a/sql/txrep_mysql.sql
|
|
||||||
+++ b/sql/txrep_mysql.sql
|
|
||||||
@@ -2,7 +2,7 @@ CREATE TABLE txrep (
|
|
||||||
username varchar(100) NOT NULL default '',
|
|
||||||
email varchar(255) NOT NULL default '',
|
|
||||||
ip varchar(40) NOT NULL default '',
|
|
||||||
- msgcount int(11) NOT NULL default '0',
|
|
||||||
+ count int(11) NOT NULL default '0',
|
|
||||||
totscore float NOT NULL default '0',
|
|
||||||
signedby varchar(255) NOT NULL default '',
|
|
||||||
last_hit timestamp NOT NULL default CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
|
|
||||||
diff --git a/sql/txrep_pg.sql b/sql/txrep_pg.sql
|
|
||||||
index 191074c..463006b 100644
|
|
||||||
--- a/sql/txrep_pg.sql
|
|
||||||
+++ b/sql/txrep_pg.sql
|
|
||||||
@@ -2,7 +2,7 @@ CREATE TABLE txrep (
|
|
||||||
username varchar(100) NOT NULL default '',
|
|
||||||
email varchar(255) NOT NULL default '',
|
|
||||||
ip varchar(40) NOT NULL default '',
|
|
||||||
- msgcount bigint NOT NULL default '0',
|
|
||||||
+ count bigint NOT NULL default '0',
|
|
||||||
totscore float NOT NULL default '0',
|
|
||||||
signedby varchar(255) NOT NULL default '',
|
|
||||||
last_hit timestamp NOT NULL default CURRENT_TIMESTAMP,
|
|
||||||
diff --git a/UPGRADE b/UPGRADE
|
|
||||||
index cfd31ab..b555b0b 100644
|
|
||||||
--- a/UPGRADE
|
|
||||||
+++ b/UPGRADE
|
|
||||||
@@ -24,18 +24,6 @@ Note for Users Upgrading to SpamAssassin 3.4.3
|
|
||||||
This is to make sure all the legacy installations and wiki guides etc
|
|
||||||
still using it needlessly get fixed.
|
|
||||||
|
|
||||||
-- TxRep and Awl plugins has been modified to be compatible
|
|
||||||
- with latest Postgresql versions.
|
|
||||||
- You should upgrade your sql database running the following command:
|
|
||||||
- MySQL:
|
|
||||||
- "ALTER TABLE `txrep` CHANGE `count` `msgcount` INT(11) NOT NULL DEFAULT '0';"
|
|
||||||
- "ALTER TABLE `awl` CHANGE `count` `msgcount` INT(11) NOT NULL DEFAULT '0';"
|
|
||||||
- "ALTER TABLE `awl` ADD last_hit timestamp NOT NULL default CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP;"
|
|
||||||
- PostgreSQL:
|
|
||||||
- "ALTER TABLE txrep RENAME COLUMN count TO msgcount;"
|
|
||||||
- "ALTER TABLE awl RENAME COLUMN count TO msgcount;"
|
|
||||||
- "ALTER TABLE awl ADD last_hit timestamp NOT NULL default CURRENT_TIMESTAMP;"
|
|
||||||
-
|
|
||||||
- body_part_scan_size 50000, rawbody_part_scan_size 500000 defaults added (Bug 6582)
|
|
||||||
These enable safer and faster scanning of large emails.
|
|
||||||
|
|
@ -53,21 +53,21 @@
|
|||||||
%define real_name Mail-SpamAssassin
|
%define real_name Mail-SpamAssassin
|
||||||
%{!?perl_vendorlib: %define perl_vendorlib %(eval "`%{__perl} -V:installvendorlib`"; echo $installvendorlib)}
|
%{!?perl_vendorlib: %define perl_vendorlib %(eval "`%{__perl} -V:installvendorlib`"; echo $installvendorlib)}
|
||||||
|
|
||||||
%global saversion 3.004006
|
%global saversion 3.004002
|
||||||
#%%global prerev rc2
|
#%%global prerev rc2
|
||||||
|
|
||||||
Summary: Spam filter for email which can be invoked from mail delivery agents
|
Summary: Spam filter for email which can be invoked from mail delivery agents
|
||||||
Name: spamassassin
|
Name: spamassassin
|
||||||
Version: 3.4.6
|
Version: 3.4.2
|
||||||
#Release: 0.8.%%{prerev}%%{?dist}
|
#Release: 0.8.%%{prerev}%%{?dist}
|
||||||
Release: 1%{?dist}
|
Release: 7%{?dist}
|
||||||
License: ASL 2.0
|
License: ASL 2.0
|
||||||
Group: Applications/Internet
|
Group: Applications/Internet
|
||||||
URL: https://spamassassin.apache.org/
|
URL: https://spamassassin.apache.org/
|
||||||
|
Source0: https://www.apache.org/dist/%{name}/source/%{real_name}-%{version}.tar.bz2
|
||||||
#Source0: %%{real_name}-%%{version}-%%{prerev}.tar.bz2
|
#Source0: %%{real_name}-%%{version}-%%{prerev}.tar.bz2
|
||||||
Source0: https://dlcdn.apache.org/dist/%{name}/source/%{real_name}-%{version}.tar.bz2
|
Source1: https://www.apache.org/dist/%{name}/source/%{real_name}-rules-%{version}.r1840640.tgz
|
||||||
#Source1: %%{real_name}-rules-%%{version}.%%{prerev}.tgz
|
#Source1: %%{real_name}-rules-%%{version}.%%{prerev}.tgz
|
||||||
Source1: https://dlcdn.apache.org/dist/%{name}/source/%{real_name}-rules-%{version}.r1888502.tgz
|
|
||||||
Source2: redhat_local.cf
|
Source2: redhat_local.cf
|
||||||
Source3: spamassassin-default.rc
|
Source3: spamassassin-default.rc
|
||||||
Source4: spamassassin-spamc.rc
|
Source4: spamassassin-spamc.rc
|
||||||
@ -78,6 +78,7 @@ Source8: sa-update.cronscript
|
|||||||
Source9: sa-update.force-sysconfig
|
Source9: sa-update.force-sysconfig
|
||||||
Source10: spamassassin-helper.sh
|
Source10: spamassassin-helper.sh
|
||||||
Source11: spamassassin-official.conf
|
Source11: spamassassin-official.conf
|
||||||
|
Source12: sought.conf
|
||||||
Source13: README.RHEL.Fedora
|
Source13: README.RHEL.Fedora
|
||||||
%if %{use_systemd}
|
%if %{use_systemd}
|
||||||
Source14: spamassassin.service
|
Source14: spamassassin.service
|
||||||
@ -92,12 +93,14 @@ Source17: sa-update.timer
|
|||||||
Patch0: spamassassin-3.3.2-gnupg2.patch
|
Patch0: spamassassin-3.3.2-gnupg2.patch
|
||||||
Patch1: spamassassin-3.4.1-add-logfile-homedir-options.patch
|
Patch1: spamassassin-3.4.1-add-logfile-homedir-options.patch
|
||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1607372
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1607372
|
||||||
Patch2: spamassassin-3.4.6-drop-geoip.patch
|
Patch2: spamassassin-3.4.2-drop-geoip.patch
|
||||||
Patch3: spamassassin-3.4.6-Drop-the-ResourceLimits-plugin.patch
|
Patch3: 0001-Drop-the-ResourceLimits-plugin.patch
|
||||||
%if 0%{?rhel} <= 8
|
|
||||||
Patch4: spamassassin-sql92_syntax.patch
|
# Patches 100+ are SVN backports (DO NOT REUSE!)
|
||||||
%endif
|
Patch100: spamassassin-3.4.2-fix-use-after-free.patch
|
||||||
Patch5: spamassassin-disable_tests_for_deleted_modules.patch
|
Patch101: spamassassin-3.4.2-fix-file-handle-leaks.patch
|
||||||
|
Patch102: spamassassin-3.4.2-fix-rawbody-rules-documentation.patch
|
||||||
|
|
||||||
# end of patches
|
# end of patches
|
||||||
|
|
||||||
Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
|
Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
|
||||||
@ -114,44 +117,16 @@ BuildRequires: perl(Time::HiRes)
|
|||||||
BuildRequires: perl(HTML::Parser)
|
BuildRequires: perl(HTML::Parser)
|
||||||
BuildRequires: perl(NetAddr::IP)
|
BuildRequires: perl(NetAddr::IP)
|
||||||
BuildRequires: openssl-devel
|
BuildRequires: openssl-devel
|
||||||
|
|
||||||
|
|
||||||
%if %{use_systemd}
|
%if %{use_systemd}
|
||||||
BuildRequires: systemd-units
|
BuildRequires: systemd-units
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
# BuildRequires for test suite
|
|
||||||
BuildRequires: perl(Test::Builder)
|
|
||||||
BuildRequires: perl(Test) perl(Test::More)
|
|
||||||
BuildRequires: perl(Net::DNS::Nameserver)
|
|
||||||
BuildRequires: perl(DB_File)
|
|
||||||
BuildRequires: perl(DBI) perl(DBD::mysql)
|
|
||||||
BuildRequires: perl(Mail::DKIM)
|
|
||||||
BuildRequires: perl(LWP::UserAgent)
|
|
||||||
BuildRequires: perl(Archive::Zip)
|
|
||||||
BuildRequires: perl(IO::String)
|
|
||||||
buildrequires: wget
|
|
||||||
|
|
||||||
%if 0%{?fedora}
|
|
||||||
BuildRequires: perl(Devel::Cycle)
|
|
||||||
BuildRequires: perl(Net::Patricia)
|
|
||||||
%endif
|
|
||||||
|
|
||||||
BuildRequires: perl(Mail::SPF)
|
|
||||||
BuildRequires: perl(IO::Socket::INET6)
|
|
||||||
BuildRequires: perl(IO::Socket::SSL)
|
|
||||||
BuildRequires: perl(Encode::Detect::Detector)
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
Requires: perl(HTTP::Date)
|
Requires: perl(HTTP::Date)
|
||||||
Requires: perl(LWP::UserAgent)
|
Requires: perl(LWP::UserAgent)
|
||||||
Requires: perl(Net::DNS)
|
Requires: perl(Net::DNS)
|
||||||
Requires: perl(Time::HiRes)
|
Requires: perl(Time::HiRes)
|
||||||
Requires: perl(DB_File)
|
Requires: perl(DB_File)
|
||||||
Requires: perl(Mail::SPF)
|
Requires: perl(Mail::SPF)
|
||||||
Requires: perl(IO::String)
|
|
||||||
%if %{require_encode_detect}
|
%if %{require_encode_detect}
|
||||||
Requires: perl(Encode::Detect)
|
Requires: perl(Encode::Detect)
|
||||||
%endif
|
%endif
|
||||||
@ -231,12 +206,13 @@ To filter spam for all users, add that line to /etc/procmailrc
|
|||||||
# Drop the ResourceLimits plugin - it requires perl(BSD::Resource)
|
# Drop the ResourceLimits plugin - it requires perl(BSD::Resource)
|
||||||
# which is not in RHEL-8
|
# which is not in RHEL-8
|
||||||
%patch3 -p1
|
%patch3 -p1
|
||||||
# Reverting this in thel8 to not complicate update process
|
rm -f lib/Mail/SpamAssassin/Plugin/ResourceLimits.pm
|
||||||
# https://github.com/apache/spamassassin/commit/f7d39bfd3ef2e5ef4a9de480764ee1d73be9349
|
|
||||||
%if 0%{?rhel} == 8
|
# Patches 100+ are SVN backports (DO NOT REUSE!)
|
||||||
%patch4 -p1
|
%patch100 -p1
|
||||||
%endif
|
%patch101 -p1
|
||||||
%patch5 -p1
|
%patch102 -p1
|
||||||
|
|
||||||
# end of patches
|
# end of patches
|
||||||
|
|
||||||
echo "RHEL=%{?rhel} FEDORA=%{?fedora}"
|
echo "RHEL=%{?rhel} FEDORA=%{?fedora}"
|
||||||
@ -319,16 +295,13 @@ mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/spamassassin
|
|||||||
mkdir -m 0700 $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/sa-update-keys/
|
mkdir -m 0700 $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/sa-update-keys/
|
||||||
mkdir -m 0755 $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channel.d/
|
mkdir -m 0755 $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channel.d/
|
||||||
install -m 0644 %{SOURCE11} $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channel.d/
|
install -m 0644 %{SOURCE11} $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channel.d/
|
||||||
|
install -m 0644 %{SOURCE12} $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channel.d/
|
||||||
|
|
||||||
install -m 0644 %{SOURCE13} $RPM_BUILD_DIR/Mail-SpamAssassin-%{version}/
|
install -m 0644 %{SOURCE13} $RPM_BUILD_DIR/Mail-SpamAssassin-%{version}/
|
||||||
%if %{razor_deps}
|
%if %{razor_deps}
|
||||||
mkdir -m 0700 -p $RPM_BUILD_ROOT%{_sharedstatedir}/razor/
|
mkdir -m 0700 -p $RPM_BUILD_ROOT%{_sharedstatedir}/razor/
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
%check
|
|
||||||
rm -f t/relaycountry* t/urilocal*
|
|
||||||
make disttest
|
|
||||||
|
|
||||||
%files -f %{name}-%{version}-filelist
|
%files -f %{name}-%{version}-filelist
|
||||||
%doc LICENSE NOTICE CREDITS Changes README TRADEMARK UPGRADE
|
%doc LICENSE NOTICE CREDITS Changes README TRADEMARK UPGRADE
|
||||||
%doc USAGE sample-nonspam.txt sample-spam.txt
|
%doc USAGE sample-nonspam.txt sample-spam.txt
|
||||||
@ -423,36 +396,6 @@ exit 0
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Mon Dec 13 2021 Martin Osvald <mosvald@redhat.com> - 3.4.6-1
|
|
||||||
- Rebase to v3.4.6
|
|
||||||
- Resolves: #1943848
|
|
||||||
|
|
||||||
* Thu Jul 29 2021 Pavel Zhukov <pzhukov@redhat.com> - 3.4.4-4.el4
|
|
||||||
- Fix header parsing
|
|
||||||
|
|
||||||
* Tue Oct 6 2020 Pavel Zhukov <pzhukov@redhat.com> - 3.4.4-3
|
|
||||||
- Add tests BRs
|
|
||||||
|
|
||||||
* Tue Oct 6 2020 Pavel Zhukov <pzhukov@redhat.com> - 3.4.4-2
|
|
||||||
- New version v3.4.4
|
|
||||||
- Enable tests
|
|
||||||
|
|
||||||
* Mon Jun 15 2020 Ondřej Lysoněk <olysonek@redhat.com> - 3.4.2-10
|
|
||||||
- Fixed CVE-2018-11805
|
|
||||||
- Resolves: rhbz#1787514
|
|
||||||
- Fixed CVE-2020-1930
|
|
||||||
- Resolves: rhbz#1820649
|
|
||||||
- Fixed CVE-2020-1931
|
|
||||||
- Resolves: rhbz#1820650
|
|
||||||
|
|
||||||
* Thu Apr 09 2020 Ondřej Lysoněk <olysonek@redhat.com> - 3.4.2-9
|
|
||||||
- Fix CVE-2019-12420
|
|
||||||
- Resolves: rhbz#1812977
|
|
||||||
|
|
||||||
* Wed Mar 18 2020 Ondřej Lysoněk <olysonek@redhat.com> - 3.4.2-8
|
|
||||||
- Removed the obsolete SOUGHT channel for rule updates
|
|
||||||
- Resolves: rhbz#1630362
|
|
||||||
|
|
||||||
* Tue Oct 01 2019 Ondřej Lysoněk <olysonek@redhat.com> - 3.4.2-7
|
* Tue Oct 01 2019 Ondřej Lysoněk <olysonek@redhat.com> - 3.4.2-7
|
||||||
- Fix rawbody rules documentation
|
- Fix rawbody rules documentation
|
||||||
- Resolves: rhbz#1639251
|
- Resolves: rhbz#1639251
|
||||||
|
Loading…
Reference in New Issue
Block a user