aboutsummaryrefslogtreecommitdiffstats
path: root/config/mailscanner/mailscanner.inc
diff options
context:
space:
mode:
Diffstat (limited to 'config/mailscanner/mailscanner.inc')
-rw-r--r--config/mailscanner/mailscanner.inc178
1 files changed, 102 insertions, 76 deletions
diff --git a/config/mailscanner/mailscanner.inc b/config/mailscanner/mailscanner.inc
index 1ba0a4ca..0b638166 100644
--- a/config/mailscanner/mailscanner.inc
+++ b/config/mailscanner/mailscanner.inc
@@ -27,7 +27,7 @@
POSSIBILITY OF SUCH DAMAGE.
*/
-
+$shortcut_section = "mailscanner";
require_once("util.inc");
require("globals.inc");
#require("guiconfig.inc");
@@ -101,6 +101,7 @@ function sync_package_mailscanner($via_rpc=false) {
$config['installedpackages']['mscontent']['config'][0]=array('checks'=>'DangerousContentScanning,UseStricterPhishingNet,HighlightPhishingFraud',
'iframe_tags'=>'disarm',
'form_tags'=>'disarm',
+ 'script_tags'=>'disarm',
'web_bugs'=>'disarm',
'codebase_tags'=>'disarm');
$load_samples++;
@@ -116,7 +117,7 @@ function sync_package_mailscanner($via_rpc=false) {
$report=$config['installedpackages']['msreport']['config'][0];
if (!is_array($config['installedpackages']['msantispam'])){
$config['installedpackages']['msantispam']['config'][0]=array( 'rblfeatures'=>'spam_checks',
- 'safeatures'=>'use_sa,sa_auto_whitelist,check_sa_if_on_spam_list,spam_score,cache_spamassassin_results,use_pyzor,use_razor,use_dcc,use_bayes,use_auto_learn_bayes',
+ 'safeatures'=>'use_sa,sa_auto_whitelist,check_sa_if_on_spam_list,spam_score,cache_spamassassin_results,use_razor,use_dcc,use_bayes,use_auto_learn_bayes',
'sa_score'=>'6',
'spam_actions'=>'deliver',
'hi_score'=>'20',
@@ -259,6 +260,7 @@ function sync_package_mailscanner($via_rpc=false) {
/*
Language Strings = %report-dir%/languages.conf
*/
+
#check files
$mailscanner_dir=MAILSCANNER_LOCALBASE ."/etc/MailScanner";
@@ -309,7 +311,8 @@ Language Strings = %report-dir%/languages.conf
$load_samples++;
}
- $report_dir=MAILSCANNER_LOCALBASE."/share/MailScanner/reports/".strtolower($report['language']);
+ //$report_dir=MAILSCANNER_LOCALBASE."/share/MailScanner/reports/".strtolower($report['language']);
+ $report_dir="/usr/local/share/MailScanner/reports/".strtolower($report['language']);
#CHECK REPORT FILES
$report_files= array('deletedbadcontent' => 'deleted.content.message.txt',
'deletedbadfilename' => 'deleted.filename.message.txt',
@@ -377,8 +380,18 @@ Phishing Safe Sites File = %etc-dir%/phishing.safe.sites.conf
Phishing Bad Sites File = %etc-dir%/phishing.bad.sites.conf
Country Sub-Domains List = %etc-dir%/country.domains.conf
*/
-
+ #get mailscanner version
+ $msc_bin=MAILSCANNER_LOCALBASE. "/sbin/mailscanner";
+ if (file_exists($msc_bin)){
+ $msc_bin_file=file_get_contents($msc_bin);
+ if (preg_match("/MailScannerVersion = '(\S+)'/",$msc_bin_file,$msv_matches))
+ $mailscanner_version=$msv_matches[1];
+ else
+ $mailscanner_version='4.83.5';
+ }
#create MailScanner.conf
+ $mlb=MAILSCANNER_LOCALBASE;
+
include("mailscanner.conf.template");
#write files
conf_mount_rw();
@@ -404,76 +417,77 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
#update spam.assassin.prefs.conf
$sa_temp=ms_text_area_decode($config['installedpackages']['msantispam']['config'][0]['sa_pref_file']);
- $pattern[0]='/#ifplugin/';
- $pattern[1]='/#pyzor_path/';
- $pattern[2]='/usr.bin.pyzor/';
- $pattern[3]='/#dcc_path/';
- $pattern[4]='/#endif/';
- $replacement[0]="ifplugin";
- $replacement[1]="pyzor_path";
- $replacement[2]="usr/local/bin/pyzor";
- $replacement[3]="dcc_path";
- $replacement[4]="endif";
+ $pattern[]='/#ifplugin/';
+ $pattern[]='/#dcc_path/';
+ $pattern[]='/#endif/';
+
+ $replacement[]="ifplugin";
+ $replacement[]="dcc_path";
+ $replacement[]="endif";
if (preg_match('/use_razor/',$antispam['safeatures'])){
- $pattern[5]='/\nuse_razor2\s+0/';
- $replacement[5]="\n".'# use_razor2 0';
+ $pattern[]='/\nuse_razor2\s+0/';
+ $replacement[]="\n".'# use_razor2 0';
}
else{
- $pattern[5]='/\n#\s+use_razor2\s+0/';
- $replacement[5]="\n".'use_razor2 0';
+ $pattern[]='/\n#\s+use_razor2\s+0/';
+ $replacement[]="\n".'use_razor2 0';
}
if (preg_match('/use_dcc/',$antispam['safeatures'])){
- $pattern[6]='/\nuse_dcc\s+0/';
- $replacement[6]="\n".'# use_dcc 0';
+ $pattern[]='/\nuse_dcc\s+0/';
+ $replacement[]="\n".'# use_dcc 0';
}
else{
- $pattern[6]='/\n#\s+use_dcc\s+0/';
- $replacement[6]="\n".'use_dcc 0';
+ $pattern[]='/\n#\s+use_dcc\s+0/';
+ $replacement[]="\n".'use_dcc 0';
}
if (preg_match('/use_pyzor/',$antispam['safeatures'])){
- $pattern[7]='/\nuse_pyzor\s+0/';
- $replacement[7]="\n".'# use_pyzor 0';
+ $pattern[]='/#pyzor_path/';
+ $pattern[]='/usr.bin.pyzor/';
+ $pattern[]='/\nuse_pyzor\s+0/';
+ $replacement[]="pyzor_path";
+ $replacement[]="usr/local/bin/pyzor";
+ $replacement[]="\n".'# use_pyzor 0';
}
else{
- $pattern[7]='/\n#\s+use_pyzor\s+0/';
- $replacement[7]="\n".'# use_pyzor 0';
+ $pattern[]='/\n#\s+use_pyzor\s+0/';
+ $replacement[]="\n".'# use_pyzor 0';
}
if (preg_match('/use_auto_learn_bayes/',$antispam['safeatures'])){
- $pattern[8]='/\nbayes_auto_learn\s+0/';
- $replacement[8]="\n".'# bayes_auto_learn 0';
+ $pattern[]='/\nbayes_auto_learn\s+0/';
+ $replacement[]="\n".'# bayes_auto_learn 0';
}
else{
- $pattern[8]='/\n#\s+bayes_auto_learn\s+0/';
- $replacement[8]="\n".'bayes_auto_learn 0';
+ $pattern[]='/\n#\s+bayes_auto_learn\s+0/';
+ $replacement[]="\n".'bayes_auto_learn 0';
}
if (preg_match('/use_bayes/',$antispam['safeatures'])){
- $pattern[9]='/\nuse_bayes\s+0/';
- $replacement[9]="\n".'# use_bayes 0';
+ $pattern[]='/\nuse_bayes\s+0/';
+ $replacement[]="\n".'# use_bayes 0';
}
else{
- $pattern[9]='/\n#\s+use_bayes\s+0/';
- $replacement[9]="\n".'use_bayes 0';
+ $pattern[]='/\n#\s+use_bayes\s+0/';
+ $replacement[]="\n".'use_bayes 0';
}
if (preg_match('/sa_auto_whitelist/',$antispam['safeatures'])){
- $pattern[10]='/\nuse_auto_whitelist\s+0/';
- $replacement[10]="\n".'# use_auto_whitelist 0';
+ $pattern[]='/\nuse_auto_whitelist\s+0/';
+ $replacement[]="\n".'# use_auto_whitelist 0';
}
else{
- $pattern[10]='/\n#\s*use_auto_whitelist 0/';
- $replacement[10]="\n".'use_auto_whitelist 0';
+ $pattern[]='/\n#\s*use_auto_whitelist 0/';
+ $replacement[]="\n".'use_auto_whitelist 0';
}
if ($antispam['rblchecks']){
- $pattern[11]='/\nskip_rbl_checks\s+1/';
- $replacement[11]="\n".'# skip_rbl_checks 1';
+ $pattern[]='/\nskip_rbl_checks\s+1/';
+ $replacement[]="\n".'# skip_rbl_checks 1';
}
else{
- $pattern[11]='/\n#\s+skip_rbl_checks\s+\d/';
- $replacement[11]="\n".'skip_rbl_checks 1';
+ $pattern[]='/\n#\s+skip_rbl_checks\s+\d/';
+ $replacement[]="\n".'skip_rbl_checks 1';
}
- $pattern[12]='/bayes_ignore_header ([a-zA-Z0-9_.-]+)MailScanner/';
- $replacement[12]="bayes_ignore_header ".($mailscanner['orgname']!=""?$mailscanner['orgname']:"pfsense")."-MailScanner";
- $pattern[13]='/envelope_sender_header X([a-zA-Z0-9_.-]+)MailScanner-From/';
- $replacement[13]="envelope_sender_header X-".($mailscanner['orgname']!=""?$mailscanner['orgname']:"pfsense")."-MailScanner-From";
+ $pattern[]='/bayes_ignore_header ([a-zA-Z0-9_.-]+)MailScanner/';
+ $replacement[]="bayes_ignore_header ".($mailscanner['orgname']!=""?$mailscanner['orgname']:"Pfsense")."-MailScanner";
+ $pattern[]='/envelope_sender_header X([a-zA-Z0-9_.-]+)MailScanner-From/';
+ $replacement[]="envelope_sender_header X-".($mailscanner['orgname']!=""?$mailscanner['orgname']:"Pfsense")."-MailScanner-From";
$sa_temp=preg_replace($pattern,$replacement,$sa_temp);
@@ -525,34 +539,24 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
unlink_if_exists($libexec_dir.'clamav-wrapper');
}
else{
- if (file_exists('/var/run/clamav/'))
- chown('/var/run/clamav/', 'postfix');
- if (file_exists('/var/log/clamav/'))
- chown('/var/log/clamav/', 'postfix');
- if (file_exists('/var/db/clamav/'))
- chown('/var/db/clamav/', 'postfix');
- if (file_exists('/var/db/clamav/bytecode.cld'))
- chown('/var/db/clamav/bytecode.cld', 'postfix');
- if (file_exists('/var/db/clamav/daily.cld'))
- chown('/var/db/clamav/daily.cld', 'postfix');
- if (file_exists('/var/db/clamav/main.cvd'))
- chown('/var/db/clamav/main.cvd', 'postfix');
- if (file_exists('/var/db/clamav/mirrors.dat'))
- chown('/var/db/clamav/mirrors.dat', 'postfix');
- if (file_exists('/var/log/clamav/clamd.log'))
- chown('/var/log/clamav/clamd.log', 'postfix');
- if (file_exists('/var/log/clamav/freshclam.log'))
- chown('/var/log/clamav/freshclam.log', 'postfix');
-
+ $av_dirs=array('run','log','db');
+ foreach ($av_dirs as $av_dir){
+ if (!is_dir("/var/$av_dir/clamav"))
+ mkdir("/var/$av_dir/clamav",0774,true);
+ chown("/var/$av_dir/clamav", 'postfix');
+ chgrp("/var/$av_dir/clamav", 'wheel');
+ }
+ $av_files=array('/var/db/clamav/daily.cld','/var/db/clamav/main.cvd','/var/db/clamav/mirrors.dat',
+ '/var/log/clamav/clamd.log','/var/log/clamav/freshclam.log','/var/db/clamav/bytecode.cld');
+ foreach ($av_files as $av_file){
+ if (file_exists($av_file))
+ chown($av_file, 'postfix');
+ }
copy($libexec_dir.'clamav-autoupdate.sample',$libexec_dir.'clamav-autoupdate');
chmod ($libexec_dir.'clamav-autoupdate',0755);
copy($libexec_dir.'clamav-wrapper.sample',$libexec_dir.'clamav-wrapper');
chmod ($libexec_dir.'clamav-autoupdate',0755);
- if (!file_exists('/var/db/clamav/main.cvd')){
- log_error('No clamav database found, running freshclam in background.');
- mwexec_bg(MAILSCANNER_LOCALBASE. '/bin/freshclam');
- }
-
+
#clamav-wrapper file
$cconf=$libexec_dir."clamav-wrapper";
if (file_exists($cconf)){
@@ -565,7 +569,7 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
#freshclam conf file
$cconf=MAILSCANNER_LOCALBASE. "/etc/freshclam.conf";
- if (file_exists($conf)){
+ if (file_exists($cconf)){
$cconf_file=file_get_contents($cconf);
if (preg_match('/DatabaseOwner clamav/',$cconf_file)){
$cconf_file=preg_replace("/DatabaseOwner clamav/","DatabaseOwner postfix",$cconf_file);
@@ -575,7 +579,7 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
#clamd conf file
$cconf=MAILSCANNER_LOCALBASE. "/etc/clamd.conf";
- if (file_exists($conf)){
+ if (file_exists($cconf)){
$cconf_file=file_get_contents($cconf);
if (preg_match('/User clamav/',$cconf_file)){
$cconf_file=preg_replace("/User clamav/","User postfix",$cconf_file);
@@ -616,6 +620,13 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
}
}
}
+
+ #check clamav database
+ if (!file_exists('/var/db/clamav/main.cvd')){
+ log_error('No clamav database found, running freshclam in background.');
+ mwexec_bg(MAILSCANNER_LOCALBASE. '/bin/freshclam --config-file='.MAILSCANNER_LOCALBASE.'/etc/freshclam.conf --user=root');
+ }
+
}
}
else{
@@ -660,7 +671,7 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
}
}
}
-
+
$script=MAILSCANNER_LOCALBASE. '/etc/rc.d/mailscanner';
#fix MIME::ToolUtils deprecated function and usecure dependency calls in /usr/local/sbin/mailscanner
@@ -670,20 +681,35 @@ Country Sub-Domains List = %etc-dir%/country.domains.conf
exec('find '.MAILSCANNER_LOCALBASE. '/lib/perl5/site_perl -name Df.pm',$find_out);
$perl_bin="perl";
foreach($find_out as $perl_dir){
- if (preg_match ('@usr/local/lib/perl5/site_perl/([.0-9]+)/mach/Filesys/Df.pm@',$perl_dir,$perl_match))
+ if (preg_match ('@/usr\S+lib/perl5/site_perl/([.0-9]+)/mach/Filesys/Df.pm@',$perl_dir,$perl_match))
$perl_bin.=$perl_match[1];
}
$cconf_file=file_get_contents($cconf);
- $pattern2[0]='@#!/usr.*bin/perl.*I@';
+ $pattern2[0]='@#!/usr\S+bin/perl.*I@';
$pattern2[1]='/\smy .current = config MIME::ToolUtils/';
$replacement2[0]='#!'.MAILSCANNER_LOCALBASE. "/bin/{$perl_bin} -U -I";
$replacement2[1]=' #my $current = config MIME::ToolUtils';
- if (preg_match('@#!/usr.*bin/perl.*I@',$cconf_file)){
+ if (preg_match('@#!/usr\S+bin/perl.*I@',$cconf_file)){
$cconf_file=preg_replace($pattern2,$replacement2,$cconf_file);
file_put_contents($cconf, $cconf_file, LOCK_EX);
}
}
+
+ #check spam assassin rules
+ $saupdate="/usr/local/bin/sa-update";
+ if (file_exists($saupdate)){
+ $rules_found=0;
+ if (file_exists("/var/db/spamassassin")){
+ foreach (glob("/var/db/spamassassin/*",GLOB_ONLYDIR) as $dirname)
+ $rules_found++;
+ }
+ if ($rules_found==0){
+ log_error("Mailscanner- No spamassassin rules found, forcing sa-update.");
+ mwexec($saupdate);
+ }
+ }
+
if (file_exists($script)){
$script_file=file_get_contents($script);
if (preg_match('/NO/',$script_file)){