From d64ed65575e3a287a78ba7f976b96dd1006f7a9a Mon Sep 17 00:00:00 2001 From: andryyy Date: Mon, 8 May 2017 23:09:21 +0200 Subject: [PATCH] Add multimap and forced actions for forwarded_hosts, removed from settings --- data/conf/rspamd/dynmaps/forwardinghosts.php | 70 ++++++++------------ data/conf/rspamd/dynmaps/settings.php | 60 ----------------- data/conf/rspamd/local.d/force_actions.conf | 10 +++ data/conf/rspamd/local.d/multimap.conf | 11 +++ 4 files changed, 50 insertions(+), 101 deletions(-) diff --git a/data/conf/rspamd/dynmaps/forwardinghosts.php b/data/conf/rspamd/dynmaps/forwardinghosts.php index 377c5e7e..cbc82ee7 100644 --- a/data/conf/rspamd/dynmaps/forwardinghosts.php +++ b/data/conf/rspamd/dynmaps/forwardinghosts.php @@ -1,56 +1,44 @@ 1) - $mask = $net[1]; - $net = inet_pton($net[0]); - $addr = inet_pton($addr); +$redis = new Redis(); +$redis->connect('redis-mailcow', 6379); - $length = strlen($net); // 4 for IPv4, 16 for IPv6 - if (strlen($net) != strlen($addr)) - return FALSE; - if (!isset($mask)) - $mask = $length * 8; - - $addr_bin = ''; - $net_bin = ''; - for ($i = 0; $i < $length; ++$i) - { - $addr_bin .= str_pad(decbin(ord(substr($addr, $i, $i+1))), 8, '0', STR_PAD_LEFT); - $net_bin .= str_pad(decbin(ord(substr($net, $i, $i+1))), 8, '0', STR_PAD_LEFT); - } - - return substr($addr_bin, 0, $mask) == substr($net_bin, 0, $mask); +function in_net($addr, $net) { + $net = explode('/', $net); + if (count($net) > 1) { + $mask = $net[1]; + } + $net = inet_pton($net[0]); + $addr = inet_pton($addr); + $length = strlen($net); // 4 for IPv4, 16 for IPv6 + if (strlen($net) != strlen($addr)) { + return false; + } + if (!isset($mask)) { + $mask = $length * 8; + } + $addr_bin = ''; + $net_bin = ''; + for ($i = 0; $i < $length; ++$i) { + $addr_bin .= str_pad(decbin(ord(substr($addr, $i, $i+1))), 8, '0', STR_PAD_LEFT); + $net_bin .= str_pad(decbin(ord(substr($net, $i, $i+1))), 8, '0', STR_PAD_LEFT); + } + return substr($addr_bin, 0, $mask) == substr($net_bin, 0, $mask); } -$dsn = $database_type . ':host=' . $database_host . ';dbname=' . $database_name; -$opt = [ - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, - PDO::ATTR_EMULATE_PREPARES => false, -]; try { - $pdo = new PDO($dsn, $database_user, $database_pass, $opt); - $stmt = $pdo->query("SELECT host FROM `forwarding_hosts`"); - $networks = $stmt->fetchAll(PDO::FETCH_COLUMN); - foreach ($networks as $network) - { - if (in_net($_GET['host'], $network)) - { - echo '200 permit'; + foreach ($redis->hGetAll('WHITELISTED_FWD_HOST') as $host => $source) { + if (in_net($_GET['host'], $host)) { + echo '200 PERMIT'; exit; } } - echo '200 dunno'; + echo '200 DUNNO'; } -catch (PDOException $e) { - echo '200 dunno'; +catch (RedisException $e) { + echo '200 DUNNO'; exit; } ?> diff --git a/data/conf/rspamd/dynmaps/settings.php b/data/conf/rspamd/dynmaps/settings.php index 36b28d59..3976954c 100644 --- a/data/conf/rspamd/dynmaps/settings.php +++ b/data/conf/rspamd/dynmaps/settings.php @@ -31,67 +31,7 @@ catch (PDOException $e) { ?> settings { - -/* -// Start whitelist for forwarding hosts -*/ - query("SELECT `host` FROM `forwarding_hosts` WHERE `filter_spam` = 1"); - $rows = $stmt->fetchAll(PDO::FETCH_COLUMN); -} -catch (PDOException $e) { - $rows = array(); -} - -if (!empty($rows)) { -?> - whitelist_forwarding_hosts_with_spam_filter { - priority = high; - - ip = ""; - - apply "default" { - actions { - reject = 999.9; - greylist = 999.8; - } - } - symbols [ - "WHITELIST_FORWARDING_HOST" - ] - } -query("SELECT `host` FROM `forwarding_hosts` WHERE `filter_spam` = 0"); - $rows = $stmt->fetchAll(PDO::FETCH_COLUMN); -} -catch (PDOException $e) { - $rows = array(); -} - -if (!empty($rows)) { -?> - whitelist_forwarding_hosts { - priority = high; - - ip = ""; - - want_spam = yes; - } -