aboutsummaryrefslogtreecommitdiffstats
path: root/config/mailscanner/mailscanner.inc
diff options
context:
space:
mode:
Diffstat (limited to 'config/mailscanner/mailscanner.inc')
-rw-r--r--config/mailscanner/mailscanner.inc141
1 files changed, 71 insertions, 70 deletions
diff --git a/config/mailscanner/mailscanner.inc b/config/mailscanner/mailscanner.inc
index 0147bb2e..8418c85c 100644
--- a/config/mailscanner/mailscanner.inc
+++ b/config/mailscanner/mailscanner.inc
@@ -1,8 +1,8 @@
<?php
/*
- postfix.inc
+ mailscanner.inc
part of the Postfix package for pfSense
- Copyright (C) 2011-2013 Marcello Coutinho
+ Copyright (C) 2011-2014 Marcello Coutinho
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -29,21 +29,22 @@
*/
$shortcut_section = "mailscanner";
require_once("util.inc");
-require("globals.inc");
+require_once("globals.inc");
#require("guiconfig.inc");
$pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
-if ($pf_version > 2.0)
- define('MAILSCANNER_LOCALBASE', '/usr/pbi/mailscanner-' . php_uname("m"));
+define('MAILSCANNER_PREFIX', '/usr/pbi/mailscanner-' . php_uname("m"));
+if ($pf_version == "2.1")
+ define('MAILSCANNER_LOCALBASE', MAILSCANNER_PREFIX);
else
- define('MAILSCANNER_LOCALBASE','/usr/local');
+ define('MAILSCANNER_LOCALBASE', MAILSCANNER_PREFIX . '/local');
$uname=posix_uname();
if ($uname['machine']=='amd64')
ini_set('memory_limit', '250M');
-
+
function ms_text_area_decode($text){
- return preg_replace('/\r\n/', "\n",base64_decode($text));
+ return preg_replace('/\r\n/', "\n",base64_decode($text));
}
function sync_package_mailscanner($via_rpc=false) {
@@ -62,7 +63,7 @@ function sync_package_mailscanner($via_rpc=false) {
#check default config
$load_samples=0;
-
+
#assign xml arrays
if (!is_array($config['installedpackages']['mailscanner'])){
$config['installedpackages']['mailscanner']['config'][0]=array( 'max_children'=> '5',
@@ -130,7 +131,7 @@ function sync_package_mailscanner($via_rpc=false) {
$antispam=$config['installedpackages']['msantispam']['config'][0];
if (is_array($config['installedpackages']['msalerts']))
$alert=$config['installedpackages']['msalerts']['config'][0];
-
+
#General options
$info =($mailscanner['orgname']?'%org-name% = '.$mailscanner['orgname']."\n":'%org-name% = Pfsense'."\n");
$info .=($mailscanner['longorgname']?'%org-long-name% = '.$mailscanner['longorgname']."\n":'%org-long-name% = Pfsense Inc.'."\n");
@@ -165,7 +166,7 @@ function sync_package_mailscanner($via_rpc=false) {
#Attachment options
$max_size=($attachments['max_sizes']?$attachments['max_sizes']:'-1');
- $archive_depth=($attachments['archive_depth']?$attachments['archive_depth']:'8');
+ $archive_depth=($attachments['archive_depth']?$attachments['archive_depth']:'8');
$expand_tnef=(preg_match('/ExpandTNEF/',$attachments['features'])?"yes":"no");
$deliver_tnef=(preg_match('/DeliverUnparsableTNEF/',$attachments['features'])?"yes":"no");
$find_archive=(preg_match('/FindArchiveByContent/',$attachments['features'])?"yes":"no");
@@ -188,7 +189,7 @@ function sync_package_mailscanner($via_rpc=false) {
$allow_password=(preg_match('/AllowPassword-ProtectedArchives/',$antivirus['features'])?"yes":"no");
$check_filenames=(preg_match('/CheckFilenamesInPassword-ProtectedArchives/',$antivirus['features'])?"yes":"no");
$custom_antivirus_options=ms_text_area_decode($antivirus['custom']);
-
+
#content
$dangerous_content=(preg_match('/DangerousContentScanning/',$content['checks'])?"yes":"no");
$partial_messages=(preg_match('/AllowPartialMessages/',$content['checks'])?"yes":"no");
@@ -199,7 +200,7 @@ function sync_package_mailscanner($via_rpc=false) {
$highlight_phishing=(preg_match('/HighlightPhishingFraud/',$content['checks'])?"yes":"no");
$dangerous_html=(preg_match('/ConvertDangerousHTMLToText/',$content['checks'])?"yes":"no");
$html_to_text=(preg_match('/ConvertHTMLToText/',$content['checks'])?"yes":"no");
-
+
#reports and responses
$include_scanner_name=(preg_match('/IncludeScannerNameInReports/',$report['features'])?"yes":"no");
$hide_incoming_work_dir=(preg_match('/HideIncomingWorkDir/',$report['features'])?"yes":"no");
@@ -225,7 +226,7 @@ function sync_package_mailscanner($via_rpc=false) {
$notice_from=($report['notice_from']?$report['notice_from']:"MailScanner");
$notice_to=($report['notice_to']?$report['notice_to']:"MailScanner");
$notice_signature=($report['notice_signature']?$report['notice_signature']:'-- \nMailScanner\nEmail Virus Scanner\nwww.mailscanner.info');
-
+
#antispa- spam assassin
$use_sa=(preg_match('/use_sa/',$antispam['safeatures'])?"yes":"no");
$sa_auto_whitelist=(preg_match('/sa_auto_whitelist/',$antispam['safeatures'])?"yes":"no");
@@ -248,7 +249,7 @@ function sync_package_mailscanner($via_rpc=false) {
$is_not_mcp=(preg_match('/is_not_mcp/',$antispam['mcp_features'])?"yes":"no");
$mcp_is_high_score=(preg_match('/mcp_is_high_score/',$antispam['mcp_features'])?"yes":"no");
$include_mcp_report=(preg_match('/include_mcp_report/',$antispam['mcp_features'])?"yes":"no");
- $detailled_mcp_report=(preg_match('/detailled_mcp_report/',$antispam['mcp_features'])?"yes":"no");
+ $detailled_mcp_report=(preg_match('/detailled_mcp_report/',$antispam['mcp_features'])?"yes":"no");
$score_mcp_report=(preg_match('/score_mcp_report/',$antispam['mcp_features'])?"yes":"no");
$log_mcp=(preg_match('/log_mcp/',$antispam['mcp_features'])?"yes":"no");
$mcp_score=($antispam['mcp_score']?$antispam['mcp_score']:"1");
@@ -256,14 +257,14 @@ function sync_package_mailscanner($via_rpc=false) {
$mcp_action=($antispam['mcp_action']?preg_replace("/,/"," ",$antispam['mcp_action']):"deliver");
$mcp_hi_action=($antispam['mcp_hi_action']?preg_replace("/,/"," ",$antispam['mcp_hi_action']):"delete");
$mcp_max=($antispam['mcp_max']?$antispam['mcp_max']:"200k");
-
+
/*
Language Strings = %report-dir%/languages.conf
*/
#check files
$mailscanner_dir=MAILSCANNER_LOCALBASE ."/etc/MailScanner";
-
+
if($attachments['filename_rules'] == ""){
$config['installedpackages']['msattachments']['config'][0]['filename_rules']=base64_encode(file_get_contents($mailscanner_dir.'/archives.filename.rules.conf.sample'));
$load_samples++;
@@ -279,7 +280,7 @@ Language Strings = %report-dir%/languages.conf
if($content['phishing_bad'] == ""){
$config['installedpackages']['mscontent']['config'][0]['phishing_bad']=base64_encode(file_get_contents($mailscanner_dir.'/phishing.bad.sites.conf.sample'));
$load_samples++;
- }
+ }
if($content['country_domains'] == ""){
$config['installedpackages']['mscontent']['config'][0]['country_domains']=base64_encode(file_get_contents($mailscanner_dir.'/country.domains.conf.sample'));
$load_samples++;
@@ -310,9 +311,8 @@ Language Strings = %report-dir%/languages.conf
$config['installedpackages']['msantispam']['config'][0]['max_message_size']=base64_encode(file_get_contents($mailscanner_dir.'/rules/max.message.size.rules.sample'));
$load_samples++;
}
-
- //$report_dir=MAILSCANNER_LOCALBASE."/share/MailScanner/reports/".strtolower($report['language']);
- $report_dir="/usr/local/share/MailScanner/reports/".strtolower($report['language']);
+
+ $report_dir=MAILSCANNER_LOCALBASE."/share/MailScanner/reports/".strtolower($report['language']);
#CHECK REPORT FILES
$report_files= array('deletedbadcontent' => 'deleted.content.message.txt',
'deletedbadfilename' => 'deleted.filename.message.txt',
@@ -335,7 +335,7 @@ Language Strings = %report-dir%/languages.conf
'recipientmcp'=>'recipient.mcp.report.txt',
'recipientspam'=>'recipient.spam.report.txt',
'rejection' =>'rejection.report.txt');
-
+
foreach ($report_files as $key_r => $file_r){
if ($report[$key_r] == ""){
#$input_errors[]= $key;
@@ -346,7 +346,7 @@ Language Strings = %report-dir%/languages.conf
}
}
#print $key_r ."X $file_r X". base64_encode(file_get_contents($report_dir.'/'.$file_r.'.sample')) ."<br>";
-
+
if ($alert['sig']){
if($alert['sig_html'] == ""){
$config['installedpackages']['msalerts']['config'][0]['sig_html']=base64_encode(file_get_contents($report_dir.'/inline.sig.html'));
@@ -368,8 +368,8 @@ Language Strings = %report-dir%/languages.conf
$load_samples++;
}
}
-
-
+
+
}
#exit;
if($load_samples > 0)
@@ -381,7 +381,7 @@ Phishing Bad Sites File = %etc-dir%/phishing.bad.sites.conf
Country Sub-Domains List = %etc-dir%/country.domains.conf
*/
#get mailscanner version
- $msc_bin=MAILSCANNER_LOCALBASE. "/sbin/mailscanner";
+ $msc_bin=MAILSCANNER_PREFIX. "/sbin/mailscanner";
if (file_exists($msc_bin)){
$msc_bin_file=file_get_contents($msc_bin);
if (preg_match("/MailScannerVersion = '(\S+)'/",$msc_bin_file,$msv_matches))
@@ -404,23 +404,23 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
}
if (is_dir('/var/spool/postfix'))
chown ('/var/spool/postfix','postfix');
-
+
$mlang=strtolower($report['language']);
$mfiles[]= MAILSCANNER_LOCALBASE. "/etc/MailScanner/virus.scanners.conf";
$mfiles[]= MAILSCANNER_LOCALBASE. "/share/MailScanner/reports/{$mlang}/inline.spam.warning.txt";
$mfiles[]= MAILSCANNER_LOCALBASE. "/share/MailScanner/reports/{$mlang}/languages.conf";
-
+
foreach ($mfiles as $mfile)
if (! file_exists ($mfile) && file_exists($mfile.".sample"))
copy($mfile.".sample",$mfile);
-
+
#update spam.assassin.prefs.conf
$sa_temp=ms_text_area_decode($config['installedpackages']['msantispam']['config'][0]['sa_pref_file']);
$pattern[]='/#ifplugin/';
$pattern[]='/#dcc_path/';
$pattern[]='/#endif/';
-
+
$replacement[]="ifplugin";
$replacement[]="dcc_path";
$replacement[]="endif";
@@ -443,12 +443,12 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
if (preg_match('/use_pyzor/',$antispam['safeatures'])){
$pattern[]='/#pyzor_path/';
$pattern[]="/\S+yzor_disabled/";
- $pattern[]='/usr.bin.pyzor/';
+ $pattern[]='/\/usr.bin.pyzor/';
$pattern[]='/use_pyzor/';
$pattern[]="/\S+o_not_use_pyzor/";
$replacement[]="pyzor_path";
$replacement[]="pyzor_path";
- $replacement[]="usr/local/bin/pyzor";
+ $replacement[]=MAILSCANNER_PREFIX . "/bin/pyzor";
$replacement[]="use_pyzor";
$replacement[]="use_pyzor";
}
@@ -494,13 +494,13 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
$replacement[]="bayes_ignore_header ".($mailscanner['orgname']!=""?$mailscanner['orgname']:"Pfsense")."-MailScanner";
$pattern[]='/envelope_sender_header X([a-zA-Z0-9_.-]+)MailScanner-From/';
$replacement[]="envelope_sender_header X-".($mailscanner['orgname']!=""?$mailscanner['orgname']:"Pfsense")."-MailScanner-From";
-
-
+
+
$sa_temp=preg_replace($pattern,$replacement,$sa_temp);
#rint "pre".$sa_temp;exit;
$config['installedpackages']['msantispam']['config'][0]['sa_pref_file']=base64_encode($sa_temp);
write_config();
-
+
file_put_contents($mailscanner_dir."/MailScanner.conf", $mc, LOCK_EX);
file_put_contents($mailscanner_dir."/filename.rules.conf",ms_text_area_decode($config['installedpackages']['msattachments']['config'][0]['filename_rules']),LOCK_EX);
file_put_contents($mailscanner_dir."/filetype.rules.conf",ms_text_area_decode($config['installedpackages']['msattachments']['config'][0]['filetype_rules']),LOCK_EX);
@@ -515,10 +515,10 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
file_put_contents($mailscanner_dir.'/rules/bounce.rules',ms_text_area_decode($config['installedpackages']['msantispam']['config'][0]['bounce']),LOCK_EX);
file_put_contents($mailscanner_dir.'/rules/max.message.size.rules',ms_text_area_decode($config['installedpackages']['msantispam']['config'][0]['max_message_size']),LOCK_EX);
file_put_contents($mailscanner_dir.'/rules/spam.whitelist.rules',ms_text_area_decode($config['installedpackages']['msantispam']['config'][0]['spam_whitelist']),LOCK_EX);
-
+
foreach ($report_files as $key_r => $file_r)
file_put_contents($report_dir.'/'.$file_r,ms_text_area_decode($config['installedpackages']['msreport']['config'][0][$key_r]),LOCK_EX);
-
+
if ($alert['sig']){
$sig_html=ms_text_area_decode($config['installedpackages']['msalerts']['config'][0]['sig_html']);
$sig_txt=ms_text_area_decode($config['installedpackages']['msalerts']['config'][0]['sig_txt']);}
@@ -536,7 +536,7 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
$warning_txt="";}
file_put_contents($report_dir.'/inline.warning.txt',$warning_txt,LOCK_EX);
file_put_contents($report_dir.'/inline.warning.html',$warning_html,LOCK_EX);
-
+
#check virus_scanner options
$libexec_dir=MAILSCANNER_LOCALBASE. "/libexec/MailScanner/";
if ($virus_scanning == "yes"){
@@ -562,7 +562,7 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
chmod ($libexec_dir.'clamav-autoupdate',0755);
copy($libexec_dir.'clamav-wrapper.sample',$libexec_dir.'clamav-wrapper');
chmod ($libexec_dir.'clamav-autoupdate',0755);
-
+
#clamav-wrapper file
$cconf=$libexec_dir."clamav-wrapper";
if (file_exists($cconf)){
@@ -572,7 +572,7 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
file_put_contents($cconf, $cconf_file, LOCK_EX);
}
}
-
+
#freshclam conf file
$cconf=MAILSCANNER_LOCALBASE. "/etc/freshclam.conf";
if (file_exists($cconf)){
@@ -582,7 +582,7 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
file_put_contents($cconf, $cconf_file, LOCK_EX);
}
}
-
+
#clamd conf file
$cconf=MAILSCANNER_LOCALBASE. "/etc/clamd.conf";
if (file_exists($cconf)){
@@ -617,7 +617,7 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
else{
log_error("Starting clamav-clamd daemon");
mwexec_bg("$script start");
- }
+ }
}
else{
if (is_process_running('clamd')){
@@ -626,20 +626,20 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
}
}
}
-
+
#check clamav database
if (!file_exists('/var/db/clamav/main.cvd')){
log_error('No clamav database found, running freshclam in background.');
mwexec_bg(MAILSCANNER_LOCALBASE. '/bin/freshclam --config-file='.MAILSCANNER_LOCALBASE.'/etc/freshclam.conf --user=root');
}
-
+
}
}
else{
unlink_if_exists($libexec_dir.'clamav-autoupdate');
unlink_if_exists($libexec_dir.'clamav-wrapper');
}
-
+
#check dcc config file
$script=MAILSCANNER_LOCALBASE. '/dcc/dcc_conf';
if (file_exists($script)){
@@ -649,7 +649,7 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
file_put_contents($script, $script_file, LOCK_EX);
}
}
-
+
#check dcc startup script
$script=MAILSCANNER_LOCALBASE. '/etc/rc.d/dccifd';
if (file_exists($script)){
@@ -659,21 +659,21 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
file_put_contents($script, $script_file, LOCK_EX);
chmod ($script,0755);
}
-
+
if($config['installedpackages']['mailscanner']['config'][0]['enable']){
if(is_process_running('dccifd')){
log_error("Restarting dccifd");
- mwexec("$script restart");
+ mwexec("$script restart");
}
else{
log_error("Starting dccifd");
mwexec("$script start");
- }
+ }
}
else{
if(is_process_running('dccifd')){
log_error("Stopping dccifd");
- mwexec("$script stop");
+ mwexec("$script stop");
}
}
}
@@ -681,29 +681,29 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
$script=MAILSCANNER_LOCALBASE. '/etc/rc.d/mailscanner';
#fix MIME::ToolUtils deprecated function and usecure dependency calls in /usr/local/sbin/mailscanner
- $cconf=MAILSCANNER_LOCALBASE. "/sbin/mailscanner";
+ $cconf=MAILSCANNER_PREFIX. "/sbin/mailscanner";
if (file_exists($cconf)){
-
+
$perl_bin="perl_mailscanner";
- if(file_exists(MAILSCANNER_LOCALBASE . '/bin/perl') && !file_exists(MAILSCANNER_LOCALBASE . "/bin/{$perl_bin}")){
- link(MAILSCANNER_LOCALBASE . '/bin/perl',MAILSCANNER_LOCALBASE . '/bin/perl_mailscanner');
+ if(file_exists(MAILSCANNER_PREFIX . '/bin/perl') && !file_exists(MAILSCANNER_PREFIX . "/bin/{$perl_bin}")){
+ link(MAILSCANNER_PREFIX . '/bin/perl',MAILSCANNER_PREFIX . "/bin/{$perl_bin}");
}
- if (file_exists(MAILSCANNER_LOCALBASE . "/bin/{$perl_bin}")){
+ if (file_exists(MAILSCANNER_PREFIX . "/bin/{$perl_bin}")){
$cconf_file=file_get_contents($cconf);
$pattern2[0]='@#!/usr\S+bin/perl.*I@';
//$pattern2[1]='/\smy .current = config MIME::ToolUtils/';
- $replacement2[0]='#!'.MAILSCANNER_LOCALBASE. "/bin/{$perl_bin} -U -I";
+ $replacement2[0]='#!'.MAILSCANNER_PREFIX. "/bin/{$perl_bin} -U -I";
//$replacement2[1]=' #my $current = config MIME::ToolUtils';
if (preg_match('@#!/usr\S+bin/perl.*I@',$cconf_file)){
$cconf_file=preg_replace($pattern2,$replacement2,$cconf_file);
file_put_contents($cconf, $cconf_file, LOCK_EX);
- }
+ }
}
-
+
}
#check spam assassin rules
- $saupdate="/usr/local/bin/sa-update";
+ $saupdate=MAILSCANNER_PREFIX . "/bin/sa-update";
if (file_exists($saupdate)){
$rules_found=0;
if (file_exists("/var/db/spamassassin")){
@@ -714,7 +714,7 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
log_error("Mailscanner- No spamassassin rules found, forcing sa-update.");
mwexec($saupdate);
}
- }
+ }
if (file_exists($script)){
$script_file=file_get_contents($script);
@@ -765,8 +765,8 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
}
break;
case "auto":
- if (is_array($config['installedpackages']['carpsettings']) && is_array($config['installedpackages']['carpsettings']['config'])){
- $system_carp=$config['installedpackages']['carpsettings']['config'][0];
+ if (is_array($config['hasync'])){
+ $system_carp=$config['hasync'];
$rs[0]['ipaddress']=$system_carp['synchronizetoip'];
$rs[0]['username']=$system_carp['username'];
$rs[0]['password']=$system_carp['password'];
@@ -780,7 +780,7 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
log_error("[Mailscanner] xmlrpc sync is enabled but there is no system backup hosts to push mailscanner config.");
return;
}
- break;
+ break;
default:
return;
break;
@@ -846,7 +846,7 @@ function mailscanner_do_xmlrpc_sync($sync_to_ip,$username,$password,$sync_type,$
if(!$synctimeout)
$synctimeout=120;
-
+
$xmlrpc_sync_neighbor = $sync_to_ip;
if($config['system']['webgui']['protocol'] != "") {
$synchronizetoip = $config['system']['webgui']['protocol'];
@@ -855,9 +855,9 @@ function mailscanner_do_xmlrpc_sync($sync_to_ip,$username,$password,$sync_type,$
$port = $config['system']['webgui']['port'];
/* if port is empty lets rely on the protocol selection */
if($port == "") {
- if($config['system']['webgui']['protocol'] == "http")
+ if($config['system']['webgui']['protocol'] == "http")
$port = "80";
- else
+ else
$port = "443";
}
$synchronizetoip .= $sync_to_ip;
@@ -868,6 +868,7 @@ function mailscanner_do_xmlrpc_sync($sync_to_ip,$username,$password,$sync_type,$
if ($sync_xml){
log_error("Include mailscanner config");
$xml['mailscanner'] = $config['installedpackages']['mailscanner'];
+ $xml['msattachments'] = $config['installedpackages']['msattachments'];
$xml['msreport'] = $config['installedpackages']['msreport'];
$xml['mscontent'] = $config['installedpackages']['mscontent'];
$xml['msantivirus'] = $config['installedpackages']['msantivirus'];
@@ -880,7 +881,7 @@ function mailscanner_do_xmlrpc_sync($sync_to_ip,$username,$password,$sync_type,$
XML_RPC_encode($password),
XML_RPC_encode($xml)
);
-
+
/* set a few variables needed for sync code borrowed from filter.inc */
$url = $synchronizetoip;
log_error("Beginning mailscanner XMLRPC sync to {$url}:{$port}.");
@@ -905,18 +906,18 @@ function mailscanner_do_xmlrpc_sync($sync_to_ip,$username,$password,$sync_type,$
} else {
log_error("mailscanner XMLRPC sync successfully completed with {$url}:{$port}.");
}
-
+
/* tell postfix to reload our settings on the destionation sync host. */
$method = 'pfsense.exec_php';
$execcmd = "require_once('/usr/local/pkg/mailscanner.inc');\n";
$execcmd .= "sync_package_mailscanner(true);";
-
+
/* assemble xmlrpc payload */
$params = array(
XML_RPC_encode($password),
XML_RPC_encode($execcmd)
);
-
+
log_error("mailscanner XMLRPC reload data {$url}:{$port}.");
$msg = new XML_RPC_Message($method, $params);
$cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);