mailcow/data/conf/rspamd/lua/rspamd.local.lua

rspamd_config.MAILCOW_AUTH = {
	callback = function(task)
		local uname = task:get_user()
		if uname then
			return 1
		end
	end
}

rspamd_config.MAILCOW_MOO = function (task)
	return true
end

modify_subject_map = rspamd_config:add_map({
  url = 'http://172.22.1.251:8081/tags.php',
  type = 'map',
  description = 'Map of users to use subject tags for'
})

auth_domain_map = rspamd_config:add_map({
  url = 'http://172.22.1.251:8081/authoritative.php',
  type = 'map',
  description = 'Map of domains we are authoritative for'
})

rspamd_config.ADD_DELIMITER_TAG = {
  callback = function(task)
    local tag = nil
    local util = require("rspamd_util")
    local rspamd_logger = require "rspamd_logger"
    local user_tagged = task:get_recipients(2)[1]['user']
    local domain = task:get_recipients(1)[1]['domain']
    local user, tag = user_tagged:match("([^+]+)+(.*)")
    local authdomain = auth_domain_map:get_key(domain)

    if tag and authdomain then
      rspamd_logger.infox("domain: %1, tag: %2", domain, tag)
      local user_untagged = user .. '@' .. domain
      rspamd_logger.infox("querying tag settings for user %1", user_untagged)
      if modify_subject_map:get_key(user_untagged) then
        rspamd_logger.infox("found user in map for subject rewrite")
        local sbj = task:get_header('Subject')
        new_sbj = '=?UTF-8?B?' .. tostring(util.encode_base64('[' .. tag .. '] ' .. sbj)) .. '?='
        task:set_rmilter_reply({
          remove_headers = {['Subject'] = 1},
          add_headers = {['Subject'] = new_sbj}
        })
      else
        rspamd_logger.infox("add X-Moo-Tag header")
        task:set_rmilter_reply({
          add_headers = {['X-Moo-Tag'] = 'YES'}
        })
      end
    else
      rspamd_logger.infox("skip delimiter handling for untagged message or authenticated user")
    end
    return false
  end
}

rspamd_config.MRAPTOR = {
  callback = function(task)
    local parts = task:get_parts()
    local rspamd_logger = require "rspamd_logger"
    local rspamd_regexp = require "rspamd_regexp"

    if parts then
      for _,p in ipairs(parts) do
        local mtype,subtype = p:get_type()
        local re = rspamd_regexp.create_cached('/(office|word|excel)/i')
        if re:match(subtype) then
          local content = tostring(p:get_content())
          local filename = p:get_filename()

          local file = os.tmpname()
          f = io.open(file, "a+")
          f:write(content)
          f:close()

          local scan = assert(io.popen('PATH=/usr/bin:/usr/local/bin mraptor ' .. file .. '> /dev/null 2>&1; echo $?', 'r'))
          local result = scan:read('*all')
          local exit_code = string.match(result, "%d+")
          rspamd_logger.infox(exit_code)
          scan:close()

          if exit_code == "20" then
            rspamd_logger.infox("Reject dangerous macro in office file " .. filename)
            task:set_pre_result(rspamd_actions['reject'], 'Dangerous macro in office file ' .. filename)
          end

        end
      end
    end
  end
}
mailcow dockerized 2016-12-10 03:39:02 +08:00			`rspamd_config.MAILCOW_AUTH = {`
			`callback = function(task)`
			`local uname = task:get_user()`
			`if uname then`
			`return 1`
			`end`
			`end`
			`}`

First commit for rspamd settings 2016-12-10 07:39:27 +08:00			`rspamd_config.MAILCOW_MOO = function (task)`
			`return true`
			`end`
Add ability to set tag handling, add domain map 2017-01-09 18:05:33 +08:00
Change map variable 2017-03-03 22:39:12 +08:00			`modify_subject_map = rspamd_config:add_map({`
use ip address instead of alias name 2017-02-17 02:55:07 +08:00			`url = 'http://172.22.1.251:8081/tags.php',`
Add ability to set tag handling, add domain map 2017-01-09 18:05:33 +08:00			`type = 'map',`
			`description = 'Map of users to use subject tags for'`
			`})`

Change map variable 2017-03-03 22:39:12 +08:00			`auth_domain_map = rspamd_config:add_map({`
use ip address instead of alias name 2017-02-17 02:55:07 +08:00			`url = 'http://172.22.1.251:8081/authoritative.php',`
Add ability to set tag handling, add domain map 2017-01-09 18:05:33 +08:00			`type = 'map',`
			`description = 'Map of domains we are authoritative for'`
			`})`

			`rspamd_config.ADD_DELIMITER_TAG = {`
			`callback = function(task)`
Remove old files, fix tagging 2017-03-04 02:01:33 +08:00			`local tag = nil`
Add ability to set tag handling, add domain map 2017-01-09 18:05:33 +08:00			`local util = require("rspamd_util")`
			`local rspamd_logger = require "rspamd_logger"`
Remove old files, fix tagging 2017-03-04 02:01:33 +08:00			`local user_tagged = task:get_recipients(2)[1]['user']`
Add ability to set tag handling, add domain map 2017-01-09 18:05:33 +08:00			`local domain = task:get_recipients(1)[1]['domain']`
Remove old files, fix tagging 2017-03-04 02:01:33 +08:00			`local user, tag = user_tagged:match("([^+]+)+(.*)")`
Add ability to set tag handling, add domain map 2017-01-09 18:05:33 +08:00			`local authdomain = auth_domain_map:get_key(domain)`

			`if tag and authdomain then`
Remove old files, fix tagging 2017-03-04 02:01:33 +08:00			`rspamd_logger.infox("domain: %1, tag: %2", domain, tag)`
Add ability to set tag handling, add domain map 2017-01-09 18:05:33 +08:00			`local user_untagged = user .. '@' .. domain`
Remove old files, fix tagging 2017-03-04 02:01:33 +08:00			`rspamd_logger.infox("querying tag settings for user %1", user_untagged)`
Add ability to set tag handling, add domain map 2017-01-09 18:05:33 +08:00			`if modify_subject_map:get_key(user_untagged) then`
Remove old files, fix tagging 2017-03-04 02:01:33 +08:00			`rspamd_logger.infox("found user in map for subject rewrite")`
Add ability to set tag handling, add domain map 2017-01-09 18:05:33 +08:00			`local sbj = task:get_header('Subject')`
Remove old files, fix tagging 2017-03-04 02:01:33 +08:00			`new_sbj = '=?UTF-8?B?' .. tostring(util.encode_base64('[' .. tag .. '] ' .. sbj)) .. '?='`
			`task:set_rmilter_reply({`
			`remove_headers = {['Subject'] = 1},`
			`add_headers = {['Subject'] = new_sbj}`
			`})`
Add ability to set tag handling, add domain map 2017-01-09 18:05:33 +08:00			`else`
Remove old files, fix tagging 2017-03-04 02:01:33 +08:00			`rspamd_logger.infox("add X-Moo-Tag header")`
Add ability to set tag handling, add domain map 2017-01-09 18:05:33 +08:00			`task:set_rmilter_reply({`
			`add_headers = {['X-Moo-Tag'] = 'YES'}`
			`})`
			`end`
			`else`
Remove old files, fix tagging 2017-03-04 02:01:33 +08:00			`rspamd_logger.infox("skip delimiter handling for untagged message or authenticated user")`
Add ability to set tag handling, add domain map 2017-01-09 18:05:33 +08:00			`end`
			`return false`
			`end`
			`}`
Add mraptor to rspamd 2017-02-19 03:29:15 +08:00
			`rspamd_config.MRAPTOR = {`
			`callback = function(task)`
			`local parts = task:get_parts()`
			`local rspamd_logger = require "rspamd_logger"`
			`local rspamd_regexp = require "rspamd_regexp"`

			`if parts then`
			`for _,p in ipairs(parts) do`
			`local mtype,subtype = p:get_type()`
			`local re = rspamd_regexp.create_cached('/(office\|word\|excel)/i')`
			`if re:match(subtype) then`
			`local content = tostring(p:get_content())`
			`local filename = p:get_filename()`

			`local file = os.tmpname()`
			`f = io.open(file, "a+")`
			`f:write(content)`
			`f:close()`

			`local scan = assert(io.popen('PATH=/usr/bin:/usr/local/bin mraptor ' .. file .. '> /dev/null 2>&1; echo $?', 'r'))`
			`local result = scan:read('*all')`
			`local exit_code = string.match(result, "%d+")`
			`rspamd_logger.infox(exit_code)`
			`scan:close()`

			`if exit_code == "20" then`
			`rspamd_logger.infox("Reject dangerous macro in office file " .. filename)`
			`task:set_pre_result(rspamd_actions['reject'], 'Dangerous macro in office file ' .. filename)`
			`end`

			`end`
			`end`
			`end`
			`end`
			`}`