//
//
-// $Id: spamass-milter.cpp,v 1.86 2005/02/05 07:03:22 dnelson Exp $
+// $Id: spamass-milter.cpp,v 1.94 2011/02/14 21:50:53 dnelson Exp $
//
// SpamAss-Milter
// - a rather trivial SpamAssassin Sendmail Milter plugin
// }}}
-static const char Id[] = "$Id: spamass-milter.cpp,v 1.86 2005/02/05 07:03:22 dnelson Exp $";
+static const char Id[] = "$Id: spamass-milter.cpp,v 1.94 2011/02/14 21:50:53 dnelson Exp $";
struct smfiDesc smfilter =
{
bool flag_full_email = false; /* pass full email address to spamc */
bool flag_expand = false; /* alias/virtusertable expansion */
bool ignore_authenticated_senders = false;
-
-#if defined(__FreeBSD__) /* popen bug - see PR bin/50770 */
-static pthread_mutex_t popen_mutex = PTHREAD_MUTEX_INITIALIZER;
-#endif
+bool warnedmacro = false; /* have we logged that we couldn't fetch a macro? */
// {{{ main()
" username. Uses 'defaultdomain' if there was none" << endl;
cout << " -f: fork into background" << endl;
cout << " -i: skip (ignore) checks from these IPs or netblocks" << endl;
- cout << " example: -i 192.168.12.5,10.0.0.0/8,172.16/255.255.0.0" << endl;
+ cout << " example: -i 192.168.12.5,10.0.0.0/8,172.16.0.0/255.255.0.0" << endl;
cout << " -I: skip (ignore) checks if sender is authenticated" << endl;
cout << " -m: don't modify body, Content-type: or Subject:" << endl;
cout << " -M: don't modify the message at all" << endl;
// }}}
/* Update a header if SA changes it, or add it if it is new. */
-void update_or_insert(SpamAssassin* assassin, SMFICTX* ctx, string oldstring, t_setter setter, char *header )
+void update_or_insert(SpamAssassin* assassin, SMFICTX* ctx, string oldstring, t_setter setter, const char *header )
{
string::size_type eoh1 = assassin->d().find("\n\n");
string::size_type eoh2 = assassin->d().find("\n\r\n");
{
/* change if old one was present, append if non-null */
char* cstr = const_cast<char*>(newstring.c_str());
+ char* hstr = const_cast<char*>(header);
if (oldsize > 0)
{
debug(D_UORI, "u_or_i: changing");
- smfi_chgheader(ctx, header, 1, newstring.size() > 0 ?
+ smfi_chgheader(ctx, hstr, 1, newstring.size() > 0 ?
cstr : NULL );
} else if (newstring.size() > 0)
{
debug(D_UORI, "u_or_i: inserting");
- smfi_addheader(ctx, header, cstr);
+ smfi_addheader(ctx, hstr, cstr);
}
} else
{
send another copy. The milter API will not let you send the
message AND return a failure code to the sender, so this is
the only way to do it. */
-#if defined(__FreeBSD__)
- int rv;
-#endif
-
-#if defined(HAVE_ASPRINTF)
- char *buf;
-#else
- char buf[1024];
-#endif
- char *fmt="%s \"%s\"";
+ char *popen_argv[3];
FILE *p;
+ pid_t pid;
-#if defined(HAVE_ASPRINTF)
- asprintf(&buf, fmt, SENDMAIL, spambucket);
-#else
-#if defined(HAVE_SNPRINTF)
- snprintf(buf, sizeof(buf)-1, fmt, SENDMAIL, spambucket);
-#else
- /* XXX possible buffer overflow here */
- sprintf(buf, fmt, SENDMAIL, spambucket);
-#endif
-#endif
-
- debug(D_COPY, "calling %s", buf);
-#if defined(__FreeBSD__) /* popen bug - see PR bin/50770 */
- rv = pthread_mutex_lock(&popen_mutex);
- if (rv)
- {
- debug(D_ALWAYS, "Could not lock popen mutex: %s", strerror(rv));
- abort();
- }
-#endif
- p = popen(buf, "w");
+ popen_argv[0] = SENDMAIL;
+ popen_argv[1] = spambucket;
+ popen_argv[2] = NULL;
+
+ debug(D_COPY, "calling %s %s", SENDMAIL, spambucket);
+ p = popenv(popen_argv, "w",&pid);
if (!p)
{
- debug(D_COPY, "popen failed(%s). Will not send a copy to spambucket", strerror(errno));
+ debug(D_COPY, "popenv failed(%s). Will not send a copy to spambucket", strerror(errno));
} else
{
// Send message provided by SpamAssassin
fwrite(assassin->d().c_str(), assassin->d().size(), 1, p);
- pclose(p); p = NULL;
+ fclose(p); p = NULL;
+ waitpid(pid,0,0);
}
-#if defined(__FreeBSD__)
- rv = pthread_mutex_unlock(&popen_mutex);
- if (rv)
- {
- debug(D_ALWAYS, "Could not unlock popen mutex: %s", strerror(rv));
- abort();
- }
-#endif
-#if defined(HAVE_ASPRINTF)
- free(buf);
-#endif
}
return SMFIS_REJECT;
}
if (header[field_end-1] == '\r')
field_end--;
- // Maybe remove the whitespace picked up when a header wraps - this
- // might actually be a requirement
- return header.substr( field_start, field_end - field_start );
+ string data = header.substr( field_start, field_end - field_start );
+
+ /* Replace all CRLF pairs with LF */
+ idx = 0;
+ while ( (idx = data.find("\r\n", idx)) != string::npos )
+ {
+ data.replace(idx,2,"\n");
+ }
+
+ return data;
}
mlfi_connect(SMFICTX * ctx, char *hostname, _SOCK_ADDR * hostaddr)
{
struct context *sctx;
+ int rv;
debug(D_FUNC, "mlfi_connect: enter");
sctx->helo = NULL;
/* store a pointer to it with setpriv */
- smfi_setpriv(ctx, sctx);
+ rv = smfi_setpriv(ctx, sctx);
+ if (rv != MI_SUCCESS)
+ {
+ debug(D_ALWAYS, "smfi_setpriv failed!");
+ return SMFIS_TEMPFAIL;
+ }
+ /* debug(D_ALWAYS, "ZZZ set private context to %p", sctx); */
if (ip_in_networklist(sctx->connect_ip, &ignorenets))
{
struct context *sctx = (struct context *)smfi_getpriv(ctx);
char *queueid;
+ if (sctx == NULL)
+ {
+ debug(D_ALWAYS, "smfi_getpriv failed!");
+ return SMFIS_TEMPFAIL;
+ }
+ /* debug(D_ALWAYS, "ZZZ got private context %p", sctx); */
+
if (ignore_authenticated_senders)
{
char *auth_authen;
queueid=smfi_getsymval(ctx,"i");
if (!queueid)
- queueid="unk";
+ {
+ queueid="unknown";
+ warnmacro("i", "ENVFROM");
+ }
assassin->queueid = queueid;
debug(D_MISC, "queueid=%s", queueid);
struct context *sctx = (struct context*)smfi_getpriv(ctx);
SpamAssassin* assassin = sctx->assassin;
FILE *p;
-#if defined(__FreeBSD__)
- int rv;
-#endif
debug(D_FUNC, "mlfi_envrcpt: enter");
/* open a pipe to sendmail so we can do address expansion */
char buf[1024];
- char *fmt="%s -bv \"%s\" 2>&1";
-
-#if defined(HAVE_SNPRINTF)
- snprintf(buf, sizeof(buf)-1, fmt, SENDMAIL, envrcpt[0]);
-#else
- /* XXX possible buffer overflow here */
- sprintf(buf, fmt, SENDMAIL, envrcpt[0]);
-#endif
-
- debug(D_RCPT, "calling %s", buf);
+ char *popen_argv[4];
+ pid_t pid;
+
+ popen_argv[0] = SENDMAIL;
+ popen_argv[1] = "-bv";
+ popen_argv[2] = envrcpt[0];
+ popen_argv[3] = NULL;
-#if defined(__FreeBSD__) /* popen bug - see PR bin/50770 */
- rv = pthread_mutex_lock(&popen_mutex);
- if (rv)
- {
- debug(D_ALWAYS, "Could not lock popen mutex: %s", strerror(rv));
- abort();
- }
-#endif
+ debug(D_RCPT, "calling %s -bv %s", SENDMAIL, envrcpt[0]);
- p = popen(buf, "r");
+ p = popenv(popen_argv, "r", &pid);
if (!p)
{
- debug(D_RCPT, "popen failed(%s). Will not expand aliases", strerror(errno));
+ debug(D_RCPT, "popenv failed(%s). Will not expand aliases", strerror(errno));
assassin->expandedrcpt.push_back(envrcpt[0]);
} else
{
assassin->expandedrcpt.push_back(p+7);
}
}
- pclose(p); p = NULL;
+ fclose(p); p = NULL;
+ waitpid(pid,0,0);
+
}
-#if defined(__FreeBSD__)
- rv = pthread_mutex_unlock(&popen_mutex);
- if (rv)
- {
- debug(D_ALWAYS, "Could not unlock popen mutex: %s", strerror(rv));
- abort();
- }
-#endif
} else
{
assassin->expandedrcpt.push_back(envrcpt[0]);
(envelope-from $g)$.
*/
- const char *macro_b, *macro_s, *macro_j, *macro__;
+ const char *macro_b, *macro_i, *macro_j, *macro_r,
+ *macro_s, *macro_v, *macro_Z, *macro__;
+ char date[32];
- /* Failure to fetch {b} is not fatal. Without this date SA can't do
- future/past validation on the Date: header, but sendmail doesn't
- default to allow milters to see it.
- */
+ /* RFC 822 date. */
macro_b = smfi_getsymval(ctx, "b");
+ if (!macro_b)
+ {
+ time_t tval;
+ time(&tval);
+ strftime(date, sizeof(date), "%a, %d %b %Y %H:%M:%S %z", localtime(&tval));
+ macro_b = date;
+ warnmacro("b", "ENVRCPT");
+ }
+
+ /* queue ID */
+ macro_i = smfi_getsymval(ctx, "i");
+ if (!macro_i)
+ {
+ macro_i = "unknown";
+ warnmacro("i", "ENVRCPT");
+ }
+
+ /* FQDN of this site */
+ macro_j = smfi_getsymval(ctx, "j");
+ if (!macro_j)
+ {
+ macro_j = "localhost";
+ warnmacro("j", "ENVRCPT");
+ }
+
+ /* Protocol used to receive the message */
+ macro_r = smfi_getsymval(ctx, "r");
+ if (!macro_r)
+ {
+ macro_r = "SMTP";
+ warnmacro("r", "ENVRCPT");
+ }
/* Sendmail currently cannot pass us the {s} macro, but
I do not know why. Leave this in for the day sendmail is
if (!macro_s)
macro_s = "nohelo";
- /* FQDN of this site */
- macro_j = smfi_getsymval(ctx, "j");
- if (!macro_j)
- macro_j = "localhost";
+ /* Sendmail binary version */
+ macro_v = smfi_getsymval(ctx, "v");
+ if (!macro_v)
+ {
+ macro_v = "8.13.0";
+ warnmacro("v", "ENVRCPT");
+ }
- /* Sending site's address */
+ /* Sendmail .cf version */
+ macro_Z = smfi_getsymval(ctx, "Z");
+ if (!macro_Z)
+ {
+ macro_Z = "8.13.0";
+ warnmacro("Z", "ENVRCPT");
+ }
+
+ /* Validated sending site's address */
macro__ = smfi_getsymval(ctx, "_");
if (!macro__)
+ {
macro__ = "unknown";
+ warnmacro("_", "ENVRCPT");
+ }
assassin->output((string)"X-Envelope-From: "+assassin->from()+"\r\n");
assassin->output((string)"X-Envelope-To: "+envrcpt[0]+"\r\n");
- if (!macro_b)
- assassin->output((string)"Received: from "+macro_s+" ("+macro__+") by "+macro_j+";\r\n");
- else
- assassin->output((string)"Received: from "+macro_s+" ("+macro__+") by "+macro_j+"; "+macro_b+"\r\n");
+ assassin->output((string)
+ "Received: from "+macro_s+" ("+macro__+")\r\n\t"+
+ "by "+macro_j+" ("+macro_v+"/"+macro_Z+") with "+macro_r+" id "+macro_i+"\r\n\t"+
+ macro_b+"\r\n\t"+
+ "(envelope-from "+assassin->from()+")\r\n");
} else
assassin->output((string)"X-Envelope-To: "+envrcpt[0]+"\r\n");
sctx = (struct context*)smfi_getpriv(ctx);
if (sctx == NULL)
- {
- /* the context should have been set in mlfi_connect */
- debug(D_ALWAYS, "NULL context in mlfi_close! Should not happen!");
return SMFIS_ACCEPT;
- }
+
if (sctx->helo)
free(sctx->helo);
free(sctx);
string::const_iterator p=s.begin();
string::const_iterator p2=s2.begin();
- while ( p != s.end() && p2 != s2.end() ) {
+ while ( p != s.end() && p2 <= s2.end() ) {
if (toupper(*p) != toupper(*p2))
{
debug(D_STR, "c_nc_p: <%s><%s> : miss", s.c_str(), s2.c_str());
return str;
}
+/* Log a message about missing milter macros, but only the first time */
+void warnmacro(char *macro, char *scope)
+{
+ if (warnedmacro)
+ return;
+ debug(D_ALWAYS, "Could not retrieve sendmail macro \"%s\"!. Please add it to confMILTER_MACROS_%s for better spamassassin results",
+ macro, scope);
+ warnedmacro = true;
+}
+
+/*
+ untrusted-argument-safe popen function - only supports "r" and "w" modes
+ for simplicity, and always reads stdout and stderr in "r" mode. Call
+ fclose to close the FILE.
+*/
+FILE *popenv(char *const argv[], const char *type, pid_t *pid)
+{
+ FILE *iop;
+ int pdes[2];
+ int save_errno;
+
+ if ((*type != 'r' && *type != 'w') || type[1])
+ {
+ errno = EINVAL;
+ return (NULL);
+ }
+ if (pipe(pdes) < 0)
+ return (NULL);
+
+ *pid = fork();
+ switch (*pid) {
+
+ case -1: /* Error. */
+ save_errno = errno;
+ (void)close(pdes[0]);
+ (void)close(pdes[1]);
+ errno = save_errno;
+ return (NULL);
+ /* NOTREACHED */
+ case 0: /* Child. */
+ if (*type == 'r') {
+ /*
+ * The dup2() to STDIN_FILENO is repeated to avoid
+ * writing to pdes[1], which might corrupt the
+ * parent's copy. This isn't good enough in
+ * general, since the exit() is no return, so
+ * the compiler is free to corrupt all the local
+ * variables.
+ */
+ (void)close(pdes[0]);
+ (void)dup2(pdes[1], STDOUT_FILENO);
+ (void)dup2(pdes[1], STDERR_FILENO);
+ if (pdes[1] != STDOUT_FILENO && pdes[1] != STDERR_FILENO) {
+ (void)close(pdes[1]);
+ }
+ } else {
+ if (pdes[0] != STDIN_FILENO) {
+ (void)dup2(pdes[0], STDIN_FILENO);
+ (void)close(pdes[0]);
+ }
+ (void)close(pdes[1]);
+ }
+ execv(argv[0], argv);
+ exit(127);
+ /* NOTREACHED */
+ }
+
+ /* Parent; assume fdopen can't fail. */
+ if (*type == 'r') {
+ iop = fdopen(pdes[0], type);
+ (void)close(pdes[1]);
+ } else {
+ iop = fdopen(pdes[1], type);
+ (void)close(pdes[0]);
+ }
+
+ return (iop);
+}
+
// }}}
// vim6:ai:noexpandtab