diff options
author | Marcello Coutinho <marcellocoutinho@gmail.com> | 2012-05-14 19:31:58 -0300 |
---|---|---|
committer | marcelloc <marcellocoutinho@gmail.com> | 2012-05-14 19:31:58 -0300 |
commit | c54b1eb082de236cabfae77cb8968dd66fdb8d18 (patch) | |
tree | 367290a326600f14217808c372eb96dfbbb0f574 /config/mailscanner/mailscanner.inc | |
parent | 0d639e580d2fc2651a4386a4248ac9e9b97d949d (diff) | |
download | pfsense-packages-c54b1eb082de236cabfae77cb8968dd66fdb8d18.tar.gz pfsense-packages-c54b1eb082de236cabfae77cb8968dd66fdb8d18.tar.bz2 pfsense-packages-c54b1eb082de236cabfae77cb8968dd66fdb8d18.zip |
mailscanner-dev - include boot, files and perl version checks
Diffstat (limited to 'config/mailscanner/mailscanner.inc')
-rw-r--r-- | config/mailscanner/mailscanner.inc | 816 |
1 files changed, 233 insertions, 583 deletions
diff --git a/config/mailscanner/mailscanner.inc b/config/mailscanner/mailscanner.inc index 1a4f284d..6a286e5c 100644 --- a/config/mailscanner/mailscanner.inc +++ b/config/mailscanner/mailscanner.inc @@ -32,7 +32,10 @@ require_once("util.inc"); require("globals.inc"); #require("guiconfig.inc"); - +$uname=posix_uname(); +if ($uname['machine']=='amd64') + ini_set('memory_limit', '250M'); + function ms_text_area_decode($text){ return preg_replace('/\r\n/', "\n",base64_decode($text)); } @@ -40,19 +43,84 @@ function ms_text_area_decode($text){ function sync_package_mailscanner() { global $config; + # detect boot process + if (is_array($_POST)){ + if (preg_match("/\w+/",$_POST['__csrf_magic'])) + unset($boot_process); + else + $boot_process="on"; + } + exec('/bin/pgrep -f MailScanner',$pgrep_out); + if (count($pgrep_out) > 0 && isset($boot_process)) + return; + + #check default config + $load_samples=0; + #assign xml arrays - if (is_array($config['installedpackages']['mailscanner'])) - $mailscanner=$config['installedpackages']['mailscanner']['config'][0]; - if (is_array($config['installedpackages']['msattachments'])) - $attachments=$config['installedpackages']['msattachments']['config'][0]; - if (is_array($config['installedpackages']['msantivirus'])) - $antivirus=$config['installedpackages']['msantivirus']['config'][0]; - if (is_array($config['installedpackages']['mscontent'])) - $content=$config['installedpackages']['mscontent']['config'][0]; - if (is_array($config['installedpackages']['msreport'])) - $report=$config['installedpackages']['msreport']['config'][0]; - if (is_array($config['installedpackages']['msantispam'])) - $antispam=$config['installedpackages']['msantispam']['config'][0]; + if (!is_array($config['installedpackages']['mailscanner'])){ + $config['installedpackages']['mailscanner']['config'][0]=array( 'max_children'=> '5', + 'pim'=> 'ScanMessages', + 'syslog_facility'=> 'mail', + 'syslog'=>'LogSpamAssassinRuleActions', + 'advanced'=> 'DeliverInBackground,AutomaticSyntaxCheck', + 'deliver_method'=>'batch', + 'minimum_code'=>'batch', + 'spam_score_format'=>'%d', + 'cache_timings'=> '1800,300,10800,172800,600' ); + $load_samples++; + } + $mailscanner=$config['installedpackages']['mailscanner']['config'][0]; + if (!is_array($config['installedpackages']['msattachments'])){ + $config['installedpackages']['msattachments']['config'][0]=array('features'=>'ExpandTNEF,FindArchiveByContent,UnpackMicrosoftDocuments', + 'tnef_contents'=>'replace', + 'max_sizes'=>'-1', + 'archive_depth'=>'8', + 'attachment_filename'=>'MessageAttachments.zip', + 'attachment_extension_exclude'=>'0', + 'attachment_max_per_archive'=>'0', + 'attachment_max'=>'50k'); + $load_samples++; + } + $attachments=$config['installedpackages']['msattachments']['config'][0]; + if (!is_array($config['installedpackages']['msantivirus'])){ + $config['installedpackages']['msantivirus']['config'][0]=array( 'features'=>'VirusScanning,CheckFilenamesInPassword-ProtectedArchives', + 'virus_scanner'=>'auto', + 'timeout'=>'300', + 'silent_virus'=>'HTML-Iframe,All-viruses'); + $load_samples++; + } + $antivirus=$config['installedpackages']['msantivirus']['config'][0]; + if (!is_array($config['installedpackages']['mscontent'])){ + $config['installedpackages']['mscontent']['config'][0]=array('checks'=>'DangerousContentScanning,UseStricterPhishingNet,HighlightPhishingFraud', + 'iframe_tags'=>'disarm', + 'form_tags'=>'disarm', + 'web_bugs'=>'disarm', + 'codebase_tags'=>'disarm'); + $load_samples++; + } + $content=$config['installedpackages']['mscontent']['config'][0]; + if (!is_array($config['installedpackages']['msreport'])){ + $config['installedpackages']['msreport']['config'][0]=array('features'=>'HideIncomingWorkDir,IncludeScannerNameInReports', + 'notification'=>'NotifySendersofBlockedFilenamesorFiletypes', + 'system'=>'NoticesIncludeFullHeaders', + 'language'=>'en'); + $load_samples++; + } + $report=$config['installedpackages']['msreport']['config'][0]; + if (!is_array($config['installedpackages']['msantispam'])){ + $config['installedpackages']['msantispam']['config'][0]=array( 'rblfeatures'=>'spam_checks', + 'safeatures'=>'use_sa,sa_auto_whitelist,check_sa_if_on_spam_list,spam_score,cache_spamassassin_results,use_pyzor,use_razor,use_dcc,use_bayes,use_auto_learn_bayes', + 'sa_score'=>'6', + 'spam_actions'=>'deliver', + 'hi_score'=>'20', + 'hispam_actions'=>'deliver', + 'rebuild_bayes'=>'86400', + 'mcp_features'=>'detailled_mcp_report', + 'mcp_score'=>'1'); + $load_samples++; + } + $antispam=$config['installedpackages']['msantispam']['config'][0]; if (is_array($config['installedpackages']['msalerts'])) $alert=$config['installedpackages']['msalerts']['config'][0]; @@ -186,7 +254,6 @@ function sync_package_mailscanner() { Language Strings = %report-dir%/languages.conf */ #check files - $load_samples=0; $mailscanner_dir="/usr/local/etc/MailScanner"; if($attachments['filename_rules'] == ""){ @@ -263,9 +330,11 @@ Language Strings = %report-dir%/languages.conf foreach ($report_files as $key_r => $file_r){ if ($report[$key_r] == ""){ #$input_errors[]= $key; - $config['installedpackages']['msreport']['config'][0][$key_r]=base64_encode(file_get_contents($report_dir.'/'.$file_r.'.sample')); - file_put_contents($report_dir.'/'.$file_r,ms_text_area_decode($config['installedpackages']['msreport']['config'][0][$key_r]),LOCK_EX); - $load_samples++; + if (file_exists($report_dir.'/'.$file_r.'.sample')){ + $config['installedpackages']['msreport']['config'][0][$key_r]=base64_encode(file_get_contents($report_dir.'/'.$file_r.'.sample')); + file_put_contents($report_dir.'/'.$file_r,ms_text_area_decode($config['installedpackages']['msreport']['config'][0][$key_r]),LOCK_EX); + $load_samples++; + } } #print $key_r ."X $file_r X". base64_encode(file_get_contents($report_dir.'/'.$file_r.'.sample')) ."<br>"; @@ -296,503 +365,15 @@ Language Strings = %report-dir%/languages.conf #exit; if($load_samples > 0) write_config(); - /* + +/* Phishing Safe Sites File = %etc-dir%/phishing.safe.sites.conf Phishing Bad Sites File = %etc-dir%/phishing.bad.sites.conf Country Sub-Domains List = %etc-dir%/country.domains.conf */ - #create MailScanner.conf$deliver_silent - $mc=<<<EOF -{$info} -# Configuration directory containing this file -%etc-dir% = /usr/local/etc/MailScanner - -# Set the directory containing all the reports in the required language -%report-dir% = /usr/local/share/MailScanner/reports/{$report_language} - -# Rulesets directory containing your ".rules" files -%rules-dir% = /usr/local/etc/MailScanner/rules - -# Configuration directory containing files related to MCP -# (Message Content Protection) -%mcp-dir% = /usr/local/etc/MailScanner/mcp - -# -# System settings -# --------------- -# -Max Children = {$max_children} -Run As User = postfix -Run As Group = postfix -Queue Scan Interval = 6 -Incoming Queue Dir = /var/spool/postfix/hold -Outgoing Queue Dir = /var/spool/postfix/incoming -Incoming Work Dir = /var/spool/MailScanner/incoming -Quarantine Dir = /var/spool/MailScanner/quarantine -PID file = /var/run/MailScanner.pid -Restart Every = 14400 -MTA = postfix -Sendmail = /usr/local/sbin/sendmail - -# -# Incoming Work Dir Settings -# -------------------------- -# -Incoming Work User = postix -Incoming Work Group = postix -Incoming Work Permissions = 0600 - -# -# Quarantine and Archive Settings -# ------------------------------- -# -Quarantine User = postifx -Quarantine Group = postfix -Quarantine Permissions = 0600 - -# -# Processing Incoming Mail -# ------------------------ -# -Max Unscanned Bytes Per Scan = 100m -Max Unsafe Bytes Per Scan = 50m -Max Unscanned Messages Per Scan = 30 -Max Unsafe Messages Per Scan = 30 -Max Normal Queue Size = 800 -Scan Messages = {$scan_messages} -Reject Message = {$reject_message} -Maximum Processing Attempts = 10 -Processing Attempts Database = /var/spool/MailScanner/incoming/Processing.db -Maximum Attachments Per Message = 200 -Expand TNEF = {$expand_tnef} -Deliver Unparsable TNEF = {$deliver_tnef} -Use TNEF Contents = {$attachments['tnef_contents']} -TNEF Expander = /usr/local/bin/tnef --maxsize=100000000 -TNEF Timeout = 120 -File Command = /usr/bin/file -File Timeout = 20 -Gunzip Command = /usr/bin/gunzip -Gunzip Timeout = 50 -Unrar Command = /usr/local/bin/unrar -Unrar Timeout = 50 -Find UU-Encoded Files = no -Maximum Message Size = %rules-dir%/max.message.size.rules -Maximum Attachment Size ={$max_size} -Minimum Attachment Size = -1 -Maximum Archive Depth = {$archive_depth} -Find Archives By Content ={$find_archive} -Unpack Microsoft Documents = {$microsoft} -Zip Attachments = {$zip_attachments} -Attachments Zip Filename = {$zip_file} -Attachments Min Total Size To Zip = 100k -Attachment Extensions Not To Zip = {$zip_exclude} -Add Text Of Doc = no -Antiword = /usr/bin/antiword -f -Antiword Timeout = 50 -Unzip Maximum Files Per Archive = {$unzip_max_per_archive} -Unzip Maximum File Size = {$unzip_max} -Unzip Filenames = *.txt *.ini *.log *.csv -Unzip MimeType = text/plain - -# -# Virus Scanning and Vulnerability Testing -# ---------------------------------------- -# -Virus Scanning = {$virus_scanning} -Virus Scanners = {$antivirus['virus_scanner']} -Virus Scanner Timeout = {$antivirus_timeout} -Deliver Disinfected Files = {$deliver_disinfected} -Silent Viruses = {$silent_viruses} -Still Deliver Silent Viruses = {$deliver_silent} -Non-Forging Viruses = Joke/ OF97/ WM97/ W97M/ eicar -Spam-Virus Header = {$spam_virus_header} -Virus Names Which Are Spam = Sane*UNOFFICIAL HTML/* *Phish* -Block Encrypted Messages = {$block_encrypted} -Block Unencrypted Messages = {$block_unencrypted} -Allow Password-Protected Archives = {$allow_password} -Check Filenames In Password-Protected Archives = {$check_filenames} -Monitors for ClamAV Updates = /var/db/clamav/*.cvd -ClamAVmodule Maximum Recursion Level = 8 -ClamAVmodule Maximum Files = 1000 -ClamAVmodule Maximum File Size = 10000000 # (10 Mbytes) -ClamAVmodule Maximum Compression Ratio = 25 -Allowed Sophos Error Messages = -Sophos IDE Dir = /opt/sophos-av/lib/sav -Sophos Lib Dir = /opt/sophos-av/lib -Monitors For Sophos Updates = /opt/sophos-av/lib/sav/*.ide -Clamd Port = 3310 -Clamd Socket = /var/run/clamav/clamd.sock -Clamd Lock File = # /var/lock/subsys/clamd -Clamd Use Threads = no -ClamAV Full Message Scan = yes -Fpscand Port = 10200 -{$custom_antivirus_options} - -# -# Removing/Logging dangerous or potentially offensive content -# ----------------------------------------------------------- -# -Dangerous Content Scanning = {$dangerous_content} -Allow Partial Messages = {$partial_messages} -Allow External Message Bodies = {$external_bodies} -Find Phishing Fraud = {$phishing_fraud} -Also Find Numeric Phishing = {$numeric_phishig} -Use Stricter Phishing Net = ${stricter_phishing_net} -Highlight Phishing Fraud = ${highlight_phishing} -Phishing Safe Sites File = %etc-dir%/phishing.safe.sites.conf -Phishing Bad Sites File = %etc-dir%/phishing.bad.sites.conf -Country Sub-Domains List = %etc-dir%/country.domains.conf -Allow IFrame Tags = {$content['iframe_tags']} -Allow Form Tags = {$content['form_tags']} -Allow Script Tags = {$content['script_tags']} -Allow WebBugs = {$content['web_bugs']} -Ignored Web Bug Filenames = spacer pixel.gif pixel.png gap shim -Known Web Bug Servers = msgtag.com -Web Bug Replacement = http://www.mailscanner.tv/1x1spacer.gif -Allow Object Codebase Tags = {$content['codebase_tags']} -Convert Dangerous HTML To Text = {$dangerous_html} -Convert HTML To Text = {$html_to_text} - -# -# Attachment Filename Checking -# ---------------------------- -# -Archives Are = zip rar ole -Allow Filenames = -Deny Filenames = -Filename Rules = %etc-dir%/filename.rules.conf -Allow Filetypes = -Allow File MIME Types = -Deny Filetypes = -Deny File MIME Types = -Filetype Rules = %etc-dir%/filetype.rules.conf -Archives: Allow Filenames = -Archives: Deny Filenames = -Archives: Filename Rules = %etc-dir%/archives.filename.rules.conf -Archives: Allow Filetypes = -Archives: Allow File MIME Types = -Archives: Deny Filetypes = -Archives: Deny File MIME Types = -Archives: Filetype Rules = %etc-dir%/archives.filetype.rules.conf -Default Rename Pattern = __FILENAME__.disarmed - -# -# Reports and Responses -# --------------------- -# -Quarantine Infections = {$quarantine_infections} -Quarantine Silent Viruses = {$quarantine_silent_virus} -Quarantine Modified Body = {$quarantine_modified_body} -Quarantine Whole Message = {$quarantine_whole_message} -Quarantine Whole Messages As Queue Files = {$quarantine_whole_message_as_queue} -Keep Spam And MCP Archive Clean = {$keep_spam_and_mcp} -Language Strings = %report-dir%/languages.conf -Rejection Report = %report-dir%/rejection.report.txt -Deleted Bad Content Message Report = %report-dir%/deleted.content.message.txt -Deleted Bad Filename Message Report = %report-dir%/deleted.filename.message.txt -Deleted Virus Message Report = %report-dir%/deleted.virus.message.txt -Deleted Size Message Report = %report-dir%/deleted.size.message.txt -Stored Bad Content Message Report = %report-dir%/stored.content.message.txt -Stored Bad Filename Message Report = %report-dir%/stored.filename.message.txt -Stored Virus Message Report = %report-dir%/stored.virus.message.txt -Stored Size Message Report = %report-dir%/stored.size.message.txt -Disinfected Report = %report-dir%/disinfected.report.txt -Inline HTML Signature = %report-dir%/inline.sig.html -Inline Text Signature = %report-dir%/inline.sig.txt -Signature Image Filename = %report-dir%/sig.jpg -Signature Image <img> Filename = signature.jpg -Inline HTML Warning = %report-dir%/inline.warning.html -Inline Text Warning = %report-dir%/inline.warning.txt -Sender Content Report = %report-dir%/sender.content.report.txt -Sender Error Report = %report-dir%/sender.error.report.txt -Sender Bad Filename Report = %report-dir%/sender.filename.report.txt -Sender Virus Report = %report-dir%/sender.virus.report.txt -Sender Size Report = %report-dir%/sender.size.report.txt -Hide Incoming Work Dir = {$hide_incoming_work_dir} -Include Scanner Name In Reports = {$include_scanner_name} -# -# Changes to Message Headers -# -------------------------- -# -Mail Header = X-%org-name%-MailScanner: -Spam Header = X-%org-name%-MailScanner-SpamCheck: -Spam Score Header = X-%org-name%-MailScanner-SpamScore: -Information Header = X-%org-name%-MailScanner-Information: -Add Envelope From Header = yes -Add Envelope To Header = no -Envelope From Header = X-%org-name%-MailScanner-From: -Envelope To Header = X-%org-name%-MailScanner-To: -ID Header = X-%org-name%-MailScanner-ID: -IP Protocol Version Header = # X-%org-name%-MailScanner-IP-Protocol: -Spam Score Character = s -SpamScore Number Instead Of Stars = no -Minimum Stars If On Spam List = 0 -Clean Header Value = Found to be clean -Infected Header Value = Found to be infected -Disinfected Header Value = Disinfected -Information Header Value = Please contact the ISP for more information -Detailed Spam Report = yes -Include Scores In SpamAssassin Report = yes -Always Include SpamAssassin Report = no -Multiple Headers = append -Place New Headers At Top Of Message = no -Hostname = the %org-name% ($HOSTNAME) MailScanner -Sign Messages Already Processed = no -Sign Clean Messages = yes -Attach Image To Signature = no -Attach Image To HTML Message Only = yes -Allow Multiple HTML Signatures = no -Dont Sign HTML If Headers Exist = # In-Reply-To: References: -Mark Infected Messages = yes -Mark Unscanned Messages = yes -Unscanned Header Value = Not scanned: please contact your Internet E-Mail Service Provider for details -Remove These Headers = X-Mozilla-Status: X-Mozilla-Status2: -Deliver Cleaned Messages = yes - -# -# Notifications back to the senders of blocked messages -# ----------------------------------------------------- -# -Notify Senders = {$notify_sender} -Notify Senders Of Viruses = {$notify_sender_viruses} -Notify Senders Of Blocked Filenames Or Filetypes = {$notify_sender_fileytypes} -Notify Senders Of Blocked Size Attachments = {$notify_sender_attachments} -Notify Senders Of Other Blocked Content = {$notify_sender_contents} -Never Notify Senders Of Precedence = list bulk - -# -# Changes to the Subject: line -# ---------------------------- -# -Scanned Modify Subject = no # end -Scanned Subject Text = [Scanned] -Virus Modify Subject = start -Virus Subject Text = [Virus?] -Filename Modify Subject = start -Filename Subject Text = [Filename?] -Content Modify Subject = start -Content Subject Text = [Dangerous Content?] -Size Modify Subject = start -Size Subject Text = [Size] -Disarmed Modify Subject = start -Disarmed Subject Text = [Disarmed] -Phishing Modify Subject = no -Phishing Subject Text = [Fraude?] -Spam Modify Subject = start -Spam Subject Text = [Spam?] -High Scoring Spam Modify Subject = start -High Scoring Spam Subject Text = [Spam?] - -# -# Changes to the Message Body -# --------------------------- -# -Warning Is Attachment = yes -Attachment Warning Filename = %org-name%-Attachment-Warning.txt -Attachment Encoding Charset = ISO-8859-1 - -# -# Mail Archiving and Monitoring -# ----------------------------- -# -Archive Mail = -Missing Mail Archive Is = directory - -# -# Notices to System Administrators -# -------------------------------- -# -Send Notices = {$send_notices} -Notices Include Full Headers = {$notices_include_header} -Hide Incoming Work Dir in Notices = {$hide_incoming_work_dir_notices} -Notice Signature = {$notice_signature} -Notices From = ${$notice_from} -Notices To = ${$notice_to} -Local Postmaster = postmaster - -# -# Spam Detection and Virus Scanner Definitions -# -------------------------------------------- -# -Spam List Definitions = %etc-dir%/spam.lists.conf -Virus Scanner Definitions = %etc-dir%/virus.scanners.conf - -# -# Spam Detection and Spam Lists (DNS blocklists) -# ---------------------------------------------- -# - -Spam Checks = yes -Spam List = # spamhaus-ZEN # You can un-comment this to enable them -Spam Domain List = -Spam Lists To Be Spam = 1 -Spam Lists To Reach High Score = 3 -Spam List Timeout = 10 -Max Spam List Timeouts = 7 -Spam List Timeouts History = 10 -Is Definitely Not Spam = %rules-dir%/spam.whitelist.rules -Is Definitely Spam = no -Definite Spam Is High Scoring = no -Ignore Spam Whitelist If Recipients Exceed = 20 -Max Spam Check Size = 200k - -# -# Watermarking -# ------------ -# -Use Watermarking = no -Add Watermark = yes -Check Watermarks With No Sender = yes -Treat Invalid Watermarks With No Sender as Spam = nothing -Check Watermarks To Skip Spam Checks = yes -Watermark Secret = %org-name%-Secret -Watermark Lifetime = 604800 -Watermark Header = X-%org-name%-MailScanner-Watermark: - -# -# SpamAssassin -# ------------ -# - -Use SpamAssassin = {$use_sa} -Max SpamAssassin Size = {$sa_max} -Required SpamAssassin Score = {$sa_score} -High SpamAssassin Score = {$hi_score} -SpamAssassin Auto Whitelist = {$sa_auto_whitelist} -SpamAssassin Timeout = 75 -Max SpamAssassin Timeouts = 10 -SpamAssassin Timeouts History = 30 -Check SpamAssassin If On Spam List = {$check_sa_if_on_spam_list} -Include Binary Attachments In SpamAssassin = {$include_sa_bin_attachments} -Spam Score = {$spam_score} -Cache SpamAssassin Results = {$cache_spamassassin_results} -SpamAssassin Cache Database File = /var/spool/MailScanner/incoming/SpamAssassin.cache.db -Rebuild Bayes Every = {$rebuild_bayes} -Wait During Bayes Rebuild = {$wait_during_bayes_rebuild} - -# -# Custom Spam Scanner Plugin -# -------------------------- -# -Use Custom Spam Scanner = no -Max Custom Spam Scanner Size = 20k -Custom Spam Scanner Timeout = 20 -Max Custom Spam Scanner Timeouts = 10 -Custom Spam Scanner Timeout History = 20 - -# -# What to do with spam -# -------------------- -# - -Spam Actions = {$spam_actions} header "X-Spam-Status: Yes" -High Scoring Spam Actions = {$hispam_actions} header "X-Spam-Status: Yes" -Non Spam Actions = deliver header "X-Spam-Status: No" -SpamAssassin Rule Actions = -Sender Spam Report = %report-dir%/sender.spam.report.txt -Sender Spam List Report = %report-dir%/sender.spam.rbl.report.txt -Sender SpamAssassin Report = %report-dir%/sender.spam.sa.report.txt -Inline Spam Warning = %report-dir%/inline.spam.warning.txt -Recipient Spam Report = %report-dir%/recipient.spam.report.txt -Enable Spam Bounce = %rules-dir%/bounce.rules -Bounce Spam As Attachment = no -# -# Logging -# ------- -# -Syslog Facility = {$syslog_facility} -Log Speed = {$log_speed} -Log Spam = {$log_spam} -Log Non Spam = {$log_non_spam} -Log Delivery And Non-Delivery = {$log_delivery} -Log Permitted Filenames = {$log_filenames} -Log Permitted Filetypes = {$log_filetypes} -Log Permitted File MIME Types = {$log_mime} -Log Silent Viruses = {$log_silent} -Log Dangerous HTML Tags = {$log_dangerous} -Log SpamAssassin Rule Actions = {$log_sa_rule_action} - -# -# Advanced SpamAssassin Settings -# ------------------------------ -# -SpamAssassin Temporary Dir = /var/spool/MailScanner/incoming/SpamAssassin-Temp -SpamAssassin User State Dir = -SpamAssassin Install Prefix = -SpamAssassin Site Rules Dir = /usr/local/etc/mail/spamassassin -SpamAssassin Local Rules Dir = -SpamAssassin Local State Dir = # /var/lib/spamassassin -SpamAssassin Default Rules Dir = - -# -# MCP (Message Content Protection) -# ----------------------------- -# - -MCP Checks = {$mcp_checks} -First Check = spam -MCP Required SpamAssassin Score = {$mcp_score} -MCP High SpamAssassin Score = {$hi_mcp_score} -MCP Error Score = 1 -MCP Header = X-%org-name%-MailScanner-MCPCheck: -Non MCP Actions = deliver -MCP Actions = {$mcp_action} -High Scoring MCP Actions = {$mcp_hi_action} -Bounce MCP As Attachment = {$bounce_mcp} -MCP Modify Subject = start -MCP Subject Text = [MCP?] -High Scoring MCP Modify Subject = start -High Scoring MCP Subject Text = [MCP?] - -Is Definitely MCP = {$is_mcp} -Is Definitely Not MCP = {$is_not_mcp} -Definite MCP Is High Scoring = {$mcp_is_high_score} -Always Include MCP Report = {$include_mcp_report} -Detailed MCP Report = {$detailled_mcp_report} -Include Scores In MCP Report = {$score_mcp_report} -Log MCP = {$log_mcp} - -MCP Max SpamAssassin Timeouts = 20 -MCP Max SpamAssassin Size = {$mcp_max} -MCP SpamAssassin Timeout = 10 - -MCP SpamAssassin Prefs File = %mcp-dir%/mcp.spam.assassin.prefs.conf -MCP SpamAssassin User State Dir = -MCP SpamAssassin Local Rules Dir = %mcp-dir% -MCP SpamAssassin Default Rules Dir = %mcp-dir% -MCP SpamAssassin Install Prefix = %mcp-dir% -Recipient MCP Report = %report-dir%/recipient.mcp.report.txt -Sender MCP Report = %report-dir%/sender.mcp.report.txt - -# -# Advanced Settings -# ----------------- -# -Use Default Rules With Multiple Recipients = {$default_rule_multiple} -Read IP Address From Received Header = {$read_ipaddress} -Spam Score Number Format = {$spam_score_format} -MailScanner Version Number = 4.83.5 -SpamAssassin Cache Timings = {$cache_timings} -Debug = {$debug} -Debug SpamAssassin = {$debug_spam} -Run In Foreground = {$foreground} -Always Looked Up Last = {$look_up_last} -Always Looked Up Last After Batch = {$look_up_last_batch} -Deliver In Background = {$deliver_background} -Delivery Method = {$mailscanner['deliver_method']} -Split Exim Spool = {$split_exim_spool} -Lockfile Dir = /var/spool/MailScanner/incoming/Locks -Custom Functions Dir = /usr/local/lib/MailScanner/MailScanner/CustomFunctions -Lock Type = -Syslog Socket Type = -Automatic Syntax Check = {$syntax_check} -Minimum Code Status = {$mailscanner['minimum_code']} -include /usr/local/etc/MailScanner/conf.d/* - - - -EOF; + #create MailScanner.conf + include("mailscanner.conf.template"); #write files conf_mount_rw(); if (!is_dir("/var/spool/MailScanner/incoming")){ @@ -811,7 +392,7 @@ EOF; $mfiles[]="/usr/local/share/MailScanner/reports/{$mlang}/languages.conf"; foreach ($mfiles as $mfile) - if (! file_exists ($mfile)) + if (! file_exists ($mfile) && file_exists($mfile.".sample")) copy($mfile.".sample",$mfile); @@ -965,46 +546,70 @@ EOF; log_error('No clamav database found, running freshclam in background.'); mwexec_bg('/usr/local/bin/freshclam'); } + #clamav-wrapper file $cconf=$libexec_dir."clamav-wrapper"; - $cconf_file=file_get_contents($cconf); - if (preg_match('/"clamav"/',$cconf_file)){ - $cconf_file=preg_replace('/"clamav"/','"postfix"',$cconf_file); - file_put_contents($cconf, $cconf_file, LOCK_EX); + if (file_exists($cconf)){ + $cconf_file=file_get_contents($cconf); + if (preg_match('/"clamav"/',$cconf_file)){ + $cconf_file=preg_replace('/"clamav"/','"postfix"',$cconf_file); + file_put_contents($cconf, $cconf_file, LOCK_EX); + } } #freshclam conf file $cconf="/usr/local/etc/freshclam.conf"; - $cconf_file=file_get_contents($cconf); - if (preg_match('/DatabaseOwner clamav/',$cconf_file)){ - $cconf_file=preg_replace("/DatabaseOwner clamav/","DatabaseOwner postfix",$cconf_file); - file_put_contents($cconf, $cconf_file, LOCK_EX); + if (file_exists($conf)){ + $cconf_file=file_get_contents($cconf); + if (preg_match('/DatabaseOwner clamav/',$cconf_file)){ + $cconf_file=preg_replace("/DatabaseOwner clamav/","DatabaseOwner postfix",$cconf_file); + file_put_contents($cconf, $cconf_file, LOCK_EX); + } } #clamd conf file $cconf="/usr/local/etc/clamd.conf"; - $cconf_file=file_get_contents($cconf); - if (preg_match('/User clamav/',$cconf_file)){ - $cconf_file=preg_replace("/User clamav/","User postfix",$cconf_file); - file_put_contents($cconf, $cconf_file, LOCK_EX); + if (file_exists($conf)){ + $cconf_file=file_get_contents($cconf); + if (preg_match('/User clamav/',$cconf_file)){ + $cconf_file=preg_replace("/User clamav/","User postfix",$cconf_file); + file_put_contents($cconf, $cconf_file, LOCK_EX); + } } #clamd script file $script='/usr/local/etc/rc.d/clamav-clamd'; - $script_file=file($script); - foreach ($script_file as $script_line){ - if(preg_match("/command=/",$script_line)){ - $new_clamav_startup.= "/bin/mkdir /var/run/clamav\n"; - $new_clamav_startup.= "chown postfix /var/run/clamav\n"; - $new_clamav_startup.=$script_line; + if (file_exists($script)){ + $script_file=file($script); + foreach ($script_file as $script_line){ + if(preg_match("/command=/",$script_line)){ + $new_clamav_startup.= "/bin/mkdir -p /var/run/clamav\n"; + $new_clamav_startup.= "chown postfix /var/run/clamav\n"; + $new_clamav_startup.=$script_line; + } + elseif(!preg_match("/(mkdir|chown|sleep|mailscanner)/",$script_line)) { + $new_clamav_startup.=preg_replace("/NO/","YES",$script_line); + } } - elseif(!preg_match("/(mkdir|chown|sleep|mailscanner)/",$script_line)) { - $new_clamav_startup.=preg_replace("/NO/","YES",$script_line); + file_put_contents($script, $new_clamav_startup, LOCK_EX); + + chmod ($script,0755); + if($config['installedpackages']['mailscanner']['config'][0]['enable']){ + if (is_process_running('clamd')){ + log_error("Restarting clamav-clamd daemon"); + mwexec("$script restart"); + } + else{ + log_error("Starting clamav-clamd daemon"); + mwexec_bg("$script start"); + } + } + else{ + if (is_process_running('clamd')){ + log_error("Restarting clamav-clamd daemon"); + mwexec("$script start"); + } } } - file_put_contents($script, $new_clamav_startup, LOCK_EX); - chmod ($script,0755); - mwexec("$script stop"); - mwexec_bg("$script start"); } } else{ @@ -1012,63 +617,105 @@ EOF; unlink_if_exists($libexec_dir.'clamav-wrapper'); } - #check dcc startup script - $script='/usr/local/etc/rc.d/dccifd'; - $script_file=file_get_contents($script); - if (preg_match('/NO/',$script_file)){ - $script_file=preg_replace("/NO/","YES",$script_file); - file_put_contents($script, $script_file, LOCK_EX); - chmod ($script,0755); - } #check dcc config file $script='/usr/local/dcc/dcc_conf'; - $script_file=file_get_contents($script); - if (preg_match('/DCCIFD_ENABLE=off/',$script_file)){ - $script_file=preg_replace("/DCCIFD_ENABLE=off/","DCCIFD_ENABLE=on",$script_file); - file_put_contents($script, $script_file, LOCK_EX); + if (file_exists($script)){ + $script_file=file_get_contents($script); + if (preg_match('/DCCIFD_ENABLE=off/',$script_file)){ + $script_file=preg_replace("/DCCIFD_ENABLE=off/","DCCIFD_ENABLE=on",$script_file); + file_put_contents($script, $script_file, LOCK_EX); + } + } + + #check dcc startup script + $script='/usr/local/etc/rc.d/dccifd'; + if (file_exists($script)){ + $script_file=file_get_contents($script); + if (preg_match('/NO/',$script_file)){ + $script_file=preg_replace("/NO/","YES",$script_file); + file_put_contents($script, $script_file, LOCK_EX); + chmod ($script,0755); + } + + if($config['installedpackages']['mailscanner']['config'][0]['enable']){ + if(is_process_running('dccifd')){ + log_error("Restarting dccifd"); + mwexec("$script restart"); + } + else{ + log_error("Starting dccifd"); + mwexec("$script start"); + } + } + else{ + if(is_process_running('dccifd')){ + log_error("Stopping dccifd"); + mwexec("$script stop"); + } + } } - mwexec("$script stop"); - mwexec_bg("$script start"); $script='/usr/local/etc/rc.d/mailscanner'; #fix MIME::ToolUtils deprecated function and usecure dependency calls in /usr/local/sbin/mailscanner $cconf="/usr/local/sbin/mailscanner"; - $cconf_file=file_get_contents($cconf); - $pattern2[0]='/perl\W+I/'; - $pattern2[1]='/\smy .current = config MIME::ToolUtils/'; - $replacement2[0]='perl -U -I'; - $replacement2[1]=' #my $current = config MIME::ToolUtils'; - if (preg_match('/perl\W+I/',$cconf_file)){ - $cconf_file=preg_replace($pattern2,$replacement2,$cconf_file); - file_put_contents($cconf, $cconf_file, LOCK_EX); - #force old process stop - mwexec("$script stop"); - } - - $script_file=file_get_contents($script); - if (preg_match('/NO/',$script_file)){ - $script_file=preg_replace("/NO/","YES",$script_file); - file_put_contents($script, $script_file, LOCK_EX); - chmod ($script,0755); - } - if($config['installedpackages']['mailscanner']['config'][0]['enable']){ - log_error("Reload mailscanner"); - chmod ($script,0755); - mwexec("$script stop"); - sleep(2); - mwexec_bg("$script start"); - } - else{ - log_error("Stopping mailscanner if running"); - mwexec("$script stop"); - chmod ($script,0444); + if (file_exists($cconf)){ + #check perl's version + exec('find /usr/local/lib/perl5/site_perl -name Df.pm',$find_out); + $perl_bin="perl"; + foreach($find_out as $perl_dir){ + if (preg_match ('@usr/local/lib/perl5/site_perl/([.0-9]+)/mach/Filesys/Df.pm@',$perl_dir,$perl_match)) + $perl_bin.=$perl_match[1]; + } + + $cconf_file=file_get_contents($cconf); + $pattern2[0]='@#!/usr.*bin/perl.*I@'; + $pattern2[1]='/\smy .current = config MIME::ToolUtils/'; + $replacement2[0]='#!/usr/local/bin/'.$perl_bin.' -U -I'; + $replacement2[1]=' #my $current = config MIME::ToolUtils'; + if (preg_match('@#!/usr.*bin/perl.*I@',$cconf_file)){ + $cconf_file=preg_replace($pattern2,$replacement2,$cconf_file); + file_put_contents($cconf, $cconf_file, LOCK_EX); + } } + if (file_exists($script)){ + $script_file=file_get_contents($script); + if (preg_match('/NO/',$script_file)){ + $script_file=preg_replace("/NO/","YES",$script_file); + file_put_contents($script, $script_file, LOCK_EX); + chmod ($script,0755); + } + exec('/bin/pgrep -f MailScanner', $pgrep_out); + if($config['installedpackages']['mailscanner']['config'][0]['enable']){ + chmod ($script,0755); + if (count($pgrep_out) > 0 && file_exists($script)){ + log_error("Restarting MailScanner"); + mwexec_bg("$script restart"); + } + else{ + log_error("Starting MailScanner"); + mwexec("$script start"); + } + } + else{ + if (count($pgrep_out) > 0 && file_exists($script)){ + log_error("Stopping MailScanner"); + mwexec("$script stop"); + chmod ($script,0444); + } + } + } conf_mount_ro(); + + #does not sync during boot process + if (isset($boot_process)) + return; + $synconchanges = $config['installedpackages']['mailscannersync']['config'][0]['synconchanges']; if(!$synconchanges && !$syncondbchanges) return; - log_error("[mailscanner] mailscanner_xmlrpc_sync.php is starting."); + + log_error("[MailScanner] mailscanner_xmlrpc_sync.php is starting."); foreach ($config['installedpackages']['mailscannersync']['config'] as $rs ){ foreach($rs['row'] as $sh){ $sync_to_ip = $sh['ipaddress']; @@ -1103,11 +750,14 @@ function mailscanner_php_install_command() { } function mailscanner_php_deinstall_command() { - mwexec("/usr/local/etc/rc.d/mailscanner.sh stop"); - sleep(1); - conf_mount_rw(); - unlink_if_exists("/usr/local/etc/rc.d/mailscanner.sh"); - conf_mount_ro(); + exec('/bin/pgrep -f MailScanner',$pgrep_out); + if (count($pgreg_out) > 0){ + mwexec("/usr/local/etc/rc.d/mailscanner stop"); + sleep(1); + conf_mount_rw(); + unlink_if_exists("/usr/local/etc/rc.d/mailscanner"); + conf_mount_ro(); + } } function mailscanner_do_xmlrpc_sync($sync_to_ip, $password,$sync_type) { |