From 57b1446ac5fb0fead3c545264978aa7896d28654 Mon Sep 17 00:00:00 2001 From: Ermal Date: Tue, 23 Mar 2010 14:28:16 +0000 Subject: Move all spamd functions to its folder. --- config/spamd.inc | 323 ---------------------- config/spamd.xml | 211 -------------- config/spamd/spamd.inc | 323 ++++++++++++++++++++++ config/spamd/spamd.xml | 211 ++++++++++++++ config/spamd/spamd_db.php | 457 +++++++++++++++++++++++++++++++ config/spamd/spamd_db_ext.php | 239 ++++++++++++++++ config/spamd/spamd_exchexp.asp | 50 ++++ config/spamd/spamd_gather_stats.php | 82 ++++++ config/spamd/spamd_outlook.xml | 90 ++++++ config/spamd/spamd_rules.php | 34 +++ config/spamd/spamd_settings.xml | 192 +++++++++++++ config/spamd/spamd_verify_to_address.php | 144 ++++++++++ config/spamd/spamd_whitelist.xml | 132 +++++++++ config/spamd_db.php | 457 ------------------------------- config/spamd_db_ext.php | 239 ---------------- config/spamd_exchexp.asp | 50 ---- config/spamd_gather_stats.php | 82 ------ config/spamd_outlook.xml | 90 ------ config/spamd_rules.php | 34 --- config/spamd_settings.xml | 192 ------------- config/spamd_verify_to_address.php | 144 ---------- config/spamd_whitelist.xml | 132 --------- 22 files changed, 1954 insertions(+), 1954 deletions(-) delete mode 100644 config/spamd.inc delete mode 100644 config/spamd.xml create mode 100644 config/spamd/spamd.inc create mode 100644 config/spamd/spamd.xml create mode 100644 config/spamd/spamd_db.php create mode 100644 config/spamd/spamd_db_ext.php create mode 100644 config/spamd/spamd_exchexp.asp create mode 100644 config/spamd/spamd_gather_stats.php create mode 100644 config/spamd/spamd_outlook.xml create mode 100644 config/spamd/spamd_rules.php create mode 100644 config/spamd/spamd_settings.xml create mode 100644 config/spamd/spamd_verify_to_address.php create mode 100644 config/spamd/spamd_whitelist.xml delete mode 100644 config/spamd_db.php delete mode 100644 config/spamd_db_ext.php delete mode 100644 config/spamd_exchexp.asp delete mode 100644 config/spamd_gather_stats.php delete mode 100644 config/spamd_outlook.xml delete mode 100644 config/spamd_rules.php delete mode 100644 config/spamd_settings.xml delete mode 100644 config/spamd_verify_to_address.php delete mode 100644 config/spamd_whitelist.xml diff --git a/config/spamd.inc b/config/spamd.inc deleted file mode 100644 index 8747df29..00000000 --- a/config/spamd.inc +++ /dev/null @@ -1,323 +0,0 @@ - "") - $nextmta = $ss['nextmta']; - if($ss['greylistingparms'] <> "") - $passtime = " -G " . $ss['greylistingparms']; - if($ss['identifier'] <> "") - $identifier = " -n \"" . $ss['identifier'] . "\""; - // Default is greylisting, turn on blacklisting if not checked. - if($ss['greylisting'] <> "on") - $greylisting = " -b"; - if($ss['maxblack'] <> "") - $maxblack = " -B " . $ss['maxblack']; - if($ss['maxcon'] <> "") - $maxcon = " -c " . $ss['maxcon']; - if($ss['stuttersecs'] <> "") - $stuttersecs = " -S " . $ss['stuttersecs']; - if($ss['delaysecs'] <> "") - $delaysecs = " -s " . $ss['delaysecs']; - if($ss['window'] <> "") - $window = " -w " . $ss['window']; - if($ss['passtime'] <> "") - $passtime = $ss['passtime']; - if($ss['greyexp'] <> "") - $greyexp = $ss['greyexp']; - if($ss['whiteexp'] <> "") - $whiteexp = $ss['whiteexp']; - } - } - $greyparms = " -G {$passtime}:{$greyexp}:{$whiteexp}"; - $start = "if [ `mount | grep -v grep | grep fdescfs | wc -l` -lt 1 ]; then \n" . - "/sbin/mount -t fdescfs fdescfs /dev/fd\n" . - "fi\n" . - "/usr/local/sbin/spamd-setup -d &\n" . - "/sbin/pflogd &\n" . - "/usr/local/libexec/spamd {$greyparms}{$identifier}{$greylisting}{$maxcon}{$maxblack}{$window}{$replysmtperror} 127.0.0.1 &\n" . - "/usr/local/libexec/spamlogd\n"; - $stop = "/usr/bin/killall spamd-setup\n" . - "/usr/bin/killall spamlogd\n" . - "/usr/bin/killall spamd\n" . - "/usr/bin/killall pflogd\n" . - "sleep 2"; - log_error("Writing rc_file"); - write_rcfile(array( - "file" => "spamd.sh", - "start" => $start, - "stop" => $stop - ) - ); - log_error("Installing CRON"); - spamd_install_cron(true); - log_error("Mounting RO"); - conf_mount_ro(); - log_error("Unlocking config"); - config_unlock(); - log_error("Restart cron"); - mwexec("killall -HUP cron"); - log_error("Setting up spamd.conf symlink"); - mwexec("ln -s /etc/spamd.conf /usr/local/etc/spamd/spamd.conf"); - log_error("Stopping spamd"); - mwexec("/usr/local/etc/rc.d/spamd.sh stop"); - sleep(1); - log_error("Starting spamd"); - mwexec_bg("/usr/local/etc/rc.d/spamd.sh start"); - log_error("Reconfiguring filter"); - filter_configure(); - log_error("SpamD setup completed"); -} - -function spamd_generate_rules($type) { - global $config; - - $natrules = ""; - switch($type) { - case 'rdr': - $natrules .= "\n# spam table \n"; - $wanif = get_real_interface("wan"); - $natrules .= "table persist\n"; - $natrules .= "table persist\n"; - $natrules .= "table persist\n"; - if(file_exists("/var/db/whitelist.txt")) - $natrules .= "table persist file \"/var/db/whitelist.txt\"\n"; - $natrules .= "rdr pass on {$wanif} proto tcp from to port smtp -> 127.0.0.1 port spamd\n"; - $natrules .= "rdr pass on {$wanif} proto tcp from to port smtp -> 127.0.0.1 port spamd\n"; - $natrules .= "rdr pass on {$wanif} proto tcp from ! to port smtp -> 127.0.0.1 port spamd\n"; - if($config['installedpackages']['spamdsettings']['config']) - foreach($config['installedpackages']['spamdsettings']['config'] as $ss) - $nextmta = $ss['nextmta']; - if($nextmta <> "") { - $natrules .= "rdr pass on {$wanif} proto tcp from to port smtp -> {$nextmta} port smtp\n"; - } - - break; - } - - return $natrules; -} - -function remove_spaces($string) { - $string = str_replace(" ", "", $string); - return $string; -} - -function sync_spamd_config_to_backup() { - global $g, $config; - if(is_array($config['installedpackages']['carpsettings']['config'])) { - foreach($config['installedpackages']['carpsettings']['config'] as $carp) { - if($carp['synchronizetoip'] != "" ) { - $synctoip = $carp['synchronizetoip']; - $password = $carp['password']; - if($config['system']['username']) - $username = $config['system']['username']; - else - $username = "admin"; - } - } - } - if($synctoip and $password) { - if($config['system']['webgui']['protocol'] != "") { - $synchronizetoip = $config['system']['webgui']['protocol']; - $synchronizetoip .= "://"; - } - $port = $config['system']['webgui']['port']; - /* if port is empty lets rely on the protocol selection */ - if($port == "") { - if($config['system']['webgui']['protocol'] == "http") { - $port = "80"; - } else { - $port = "443"; - } - } - $params = array(XML_RPC_encode($password),XML_RPC_encode($xml)); - /* create files to sync array */ - $filetosync = array("/var/db/spamd", "/var/db/whitelist.txt"); - /* loop through files to sync list and sync them up */ - foreach($filetosync as $f2s) { - $f2c_contents = file_get_contents($f2s); - xmlrpc_sync_file($url, $password, $f2s, $f2c_contents, $port); - } - /* signal remote process config reload */ - xmlrpc_exec_shell($url, $password, "/usr/bin/killall -HUP spamlogd", $port); - xmlrpc_exec_shell($url, $password, "/usr/bin/killall -HUP spamd", $port); - } -} - -function custom_php_install_command() { - global $config, $g; - system("touch /var/db/whitelist.txt"); - system("touch /var/db/blacklist.txt"); - sync_package_spamd(); - exec("pw user mod_spamd -u 0"); -} - -function custom_php_deinstall_command() { - global $config, $g; - conf_mount_rw(); - exec("killall -9 spamd"); - unlink_if_exists("/usr/local/pkg/pf/spamd_rules.php"); - unlink_if_exists("/usr/local/www/spamd_rules.php"); - unlink_if_exists("/usr/local/etc/rc.d/spamd.sh"); - spamd_install_cron(false); - conf_mount_ro(); - filter_configure(); -} - -function spamd_install_cron($should_install) { - global $config, $g; - $is_installed = false; - if(!$config['cron']['item']) - return; - $x=0; - foreach($config['cron']['item'] as $item) { - if(strstr($item['command'], "spamd-setup")) { - $is_installed = true; - break; - } - $x++; - } - switch($should_install) { - case true: - if(!$is_installed) { - $cron_item = array(); - $cron_item['minute'] = "*/120"; - $cron_item['hour'] = "*"; - $cron_item['mday'] = "*"; - $cron_item['month'] = "*"; - $cron_item['wday'] = "*"; - $cron_item['who'] = "root"; - $cron_item['command'] = "/usr/bin/nice -n20 /usr/local/sbin/spamd-setup"; - $config['cron']['item'][] = $cron_item; - write_config("Installed SPAMD crontab entries."); - configure_cron(); - } - break; - case false: - if($is_installed == true) { - if($x > 0) { - unset($config['cron']['item'][$x]); - write_config(); - } - configure_cron(); - } - break; - } -} - -function spamd_validate_input($post, $input_errors) { - global $config, $g; - $nextmta = str_replace("$", "", $post['nextmta']); - if(stristr($nextmta, "{")) { - /* item is an alias, make sure the name exists */ - $nextmta = str_replace("$", "", $nextmta); - $found = false; - if($config['aliases']['alias']) { - foreach($config['aliases']['alias'] as $alias) { - if($alias['name'] == $nextmta) { - $found = true; - } - } - } - if($found == false) - $intput_errors = "Could not locate alias named " . htmlentities($nextmta); - } -} - -?> \ No newline at end of file diff --git a/config/spamd.xml b/config/spamd.xml deleted file mode 100644 index 5bbc5d71..00000000 --- a/config/spamd.xml +++ /dev/null @@ -1,211 +0,0 @@ - - - - - - - - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. - spamdsources - 4.2 - SpamD: External Sources - /usr/local/pkg/spamd.inc - /var/db/spamd - - - SpamD -
Services
- spamd.xml -
- - spamd - /usr/local/etc/rc.d/spamd.sh - - - - SpamD External Sources - /pkg.php?xml=spamd.xml - - - - SpamD Whitelist - /pkg.php?xml=spamd_whitelist.xml - - - SpamD Settings - /pkg_edit.php?xml=spamd_settings.xml&id=0 - - - SpamD Database - /spamd_db.php - - - - ['installedpackages']['spamd']['config'] - - - Provider Name - providername - - - Provider Type - providertype - - - Description - providerdescription - - - - /usr/local/www/ - 0755 - http://www.pfsense.com/packages/config/spamd_rules.php - - - /usr/local/pkg/ - 0755 - http://www.pfsense.com/packages/config/spamd_whitelist.xml - - - /usr/local/pkg/ - 0755 - http://www.pfsense.com/packages/config/spamd_outlook.xml - - - /usr/local/pkg/ - 0755 - http://www.pfsense.com/packages/config/spamd.inc - - - /usr/local/pkg/ - 0755 - http://www.pfsense.com/packages/config/spamd_settings.xml - - - /usr/local/www/ - 0755 - http://www.pfsense.com/packages/config/spamd_db.php - - - /usr/local/www/ - 0755 - http://www.pfsense.com/packages/config/spamd_db_ext.php - - - /usr/local/bin/ - 0755 - http://www.pfsense.com/packages/config/spamd_gather_stats.php - - - - - - Provider Name - providername - Enter the name of the source - input - 30 - - - Provider Type - providertype - Select the Provider Type - select - 1 - black - - - - - - - Provider Description - providerdescription - Enter the description for this item - textarea - 30 - 40 - 4 - - - Reject message - rejectmessage - Enter the message to display to emailing parties that are on this providers list - textarea - 30 - 40 - 2 - - - Provider Method - providermethod - Select the Provider Method - select - 1 - http - - - - - - - - Provider URL or Filename - providerurl - Enter the URL to the provider. - textarea - 40 - 4 - - - - sync_package_spamd(); - - - sync_package_spamd(); - - - custom_php_install_command(); - - - custom_php_deinstall_command(); - - spamd_generate_rules -
diff --git a/config/spamd/spamd.inc b/config/spamd/spamd.inc new file mode 100644 index 00000000..8747df29 --- /dev/null +++ b/config/spamd/spamd.inc @@ -0,0 +1,323 @@ + "") + $nextmta = $ss['nextmta']; + if($ss['greylistingparms'] <> "") + $passtime = " -G " . $ss['greylistingparms']; + if($ss['identifier'] <> "") + $identifier = " -n \"" . $ss['identifier'] . "\""; + // Default is greylisting, turn on blacklisting if not checked. + if($ss['greylisting'] <> "on") + $greylisting = " -b"; + if($ss['maxblack'] <> "") + $maxblack = " -B " . $ss['maxblack']; + if($ss['maxcon'] <> "") + $maxcon = " -c " . $ss['maxcon']; + if($ss['stuttersecs'] <> "") + $stuttersecs = " -S " . $ss['stuttersecs']; + if($ss['delaysecs'] <> "") + $delaysecs = " -s " . $ss['delaysecs']; + if($ss['window'] <> "") + $window = " -w " . $ss['window']; + if($ss['passtime'] <> "") + $passtime = $ss['passtime']; + if($ss['greyexp'] <> "") + $greyexp = $ss['greyexp']; + if($ss['whiteexp'] <> "") + $whiteexp = $ss['whiteexp']; + } + } + $greyparms = " -G {$passtime}:{$greyexp}:{$whiteexp}"; + $start = "if [ `mount | grep -v grep | grep fdescfs | wc -l` -lt 1 ]; then \n" . + "/sbin/mount -t fdescfs fdescfs /dev/fd\n" . + "fi\n" . + "/usr/local/sbin/spamd-setup -d &\n" . + "/sbin/pflogd &\n" . + "/usr/local/libexec/spamd {$greyparms}{$identifier}{$greylisting}{$maxcon}{$maxblack}{$window}{$replysmtperror} 127.0.0.1 &\n" . + "/usr/local/libexec/spamlogd\n"; + $stop = "/usr/bin/killall spamd-setup\n" . + "/usr/bin/killall spamlogd\n" . + "/usr/bin/killall spamd\n" . + "/usr/bin/killall pflogd\n" . + "sleep 2"; + log_error("Writing rc_file"); + write_rcfile(array( + "file" => "spamd.sh", + "start" => $start, + "stop" => $stop + ) + ); + log_error("Installing CRON"); + spamd_install_cron(true); + log_error("Mounting RO"); + conf_mount_ro(); + log_error("Unlocking config"); + config_unlock(); + log_error("Restart cron"); + mwexec("killall -HUP cron"); + log_error("Setting up spamd.conf symlink"); + mwexec("ln -s /etc/spamd.conf /usr/local/etc/spamd/spamd.conf"); + log_error("Stopping spamd"); + mwexec("/usr/local/etc/rc.d/spamd.sh stop"); + sleep(1); + log_error("Starting spamd"); + mwexec_bg("/usr/local/etc/rc.d/spamd.sh start"); + log_error("Reconfiguring filter"); + filter_configure(); + log_error("SpamD setup completed"); +} + +function spamd_generate_rules($type) { + global $config; + + $natrules = ""; + switch($type) { + case 'rdr': + $natrules .= "\n# spam table \n"; + $wanif = get_real_interface("wan"); + $natrules .= "table persist\n"; + $natrules .= "table persist\n"; + $natrules .= "table persist\n"; + if(file_exists("/var/db/whitelist.txt")) + $natrules .= "table persist file \"/var/db/whitelist.txt\"\n"; + $natrules .= "rdr pass on {$wanif} proto tcp from to port smtp -> 127.0.0.1 port spamd\n"; + $natrules .= "rdr pass on {$wanif} proto tcp from to port smtp -> 127.0.0.1 port spamd\n"; + $natrules .= "rdr pass on {$wanif} proto tcp from ! to port smtp -> 127.0.0.1 port spamd\n"; + if($config['installedpackages']['spamdsettings']['config']) + foreach($config['installedpackages']['spamdsettings']['config'] as $ss) + $nextmta = $ss['nextmta']; + if($nextmta <> "") { + $natrules .= "rdr pass on {$wanif} proto tcp from to port smtp -> {$nextmta} port smtp\n"; + } + + break; + } + + return $natrules; +} + +function remove_spaces($string) { + $string = str_replace(" ", "", $string); + return $string; +} + +function sync_spamd_config_to_backup() { + global $g, $config; + if(is_array($config['installedpackages']['carpsettings']['config'])) { + foreach($config['installedpackages']['carpsettings']['config'] as $carp) { + if($carp['synchronizetoip'] != "" ) { + $synctoip = $carp['synchronizetoip']; + $password = $carp['password']; + if($config['system']['username']) + $username = $config['system']['username']; + else + $username = "admin"; + } + } + } + if($synctoip and $password) { + if($config['system']['webgui']['protocol'] != "") { + $synchronizetoip = $config['system']['webgui']['protocol']; + $synchronizetoip .= "://"; + } + $port = $config['system']['webgui']['port']; + /* if port is empty lets rely on the protocol selection */ + if($port == "") { + if($config['system']['webgui']['protocol'] == "http") { + $port = "80"; + } else { + $port = "443"; + } + } + $params = array(XML_RPC_encode($password),XML_RPC_encode($xml)); + /* create files to sync array */ + $filetosync = array("/var/db/spamd", "/var/db/whitelist.txt"); + /* loop through files to sync list and sync them up */ + foreach($filetosync as $f2s) { + $f2c_contents = file_get_contents($f2s); + xmlrpc_sync_file($url, $password, $f2s, $f2c_contents, $port); + } + /* signal remote process config reload */ + xmlrpc_exec_shell($url, $password, "/usr/bin/killall -HUP spamlogd", $port); + xmlrpc_exec_shell($url, $password, "/usr/bin/killall -HUP spamd", $port); + } +} + +function custom_php_install_command() { + global $config, $g; + system("touch /var/db/whitelist.txt"); + system("touch /var/db/blacklist.txt"); + sync_package_spamd(); + exec("pw user mod_spamd -u 0"); +} + +function custom_php_deinstall_command() { + global $config, $g; + conf_mount_rw(); + exec("killall -9 spamd"); + unlink_if_exists("/usr/local/pkg/pf/spamd_rules.php"); + unlink_if_exists("/usr/local/www/spamd_rules.php"); + unlink_if_exists("/usr/local/etc/rc.d/spamd.sh"); + spamd_install_cron(false); + conf_mount_ro(); + filter_configure(); +} + +function spamd_install_cron($should_install) { + global $config, $g; + $is_installed = false; + if(!$config['cron']['item']) + return; + $x=0; + foreach($config['cron']['item'] as $item) { + if(strstr($item['command'], "spamd-setup")) { + $is_installed = true; + break; + } + $x++; + } + switch($should_install) { + case true: + if(!$is_installed) { + $cron_item = array(); + $cron_item['minute'] = "*/120"; + $cron_item['hour'] = "*"; + $cron_item['mday'] = "*"; + $cron_item['month'] = "*"; + $cron_item['wday'] = "*"; + $cron_item['who'] = "root"; + $cron_item['command'] = "/usr/bin/nice -n20 /usr/local/sbin/spamd-setup"; + $config['cron']['item'][] = $cron_item; + write_config("Installed SPAMD crontab entries."); + configure_cron(); + } + break; + case false: + if($is_installed == true) { + if($x > 0) { + unset($config['cron']['item'][$x]); + write_config(); + } + configure_cron(); + } + break; + } +} + +function spamd_validate_input($post, $input_errors) { + global $config, $g; + $nextmta = str_replace("$", "", $post['nextmta']); + if(stristr($nextmta, "{")) { + /* item is an alias, make sure the name exists */ + $nextmta = str_replace("$", "", $nextmta); + $found = false; + if($config['aliases']['alias']) { + foreach($config['aliases']['alias'] as $alias) { + if($alias['name'] == $nextmta) { + $found = true; + } + } + } + if($found == false) + $intput_errors = "Could not locate alias named " . htmlentities($nextmta); + } +} + +?> \ No newline at end of file diff --git a/config/spamd/spamd.xml b/config/spamd/spamd.xml new file mode 100644 index 00000000..5bbc5d71 --- /dev/null +++ b/config/spamd/spamd.xml @@ -0,0 +1,211 @@ + + + + + + + + Describe your package here + Describe your package requirements here + Currently there are no FAQ items provided. + spamdsources + 4.2 + SpamD: External Sources + /usr/local/pkg/spamd.inc + /var/db/spamd + + + SpamD +
Services
+ spamd.xml +
+ + spamd + /usr/local/etc/rc.d/spamd.sh + + + + SpamD External Sources + /pkg.php?xml=spamd.xml + + + + SpamD Whitelist + /pkg.php?xml=spamd_whitelist.xml + + + SpamD Settings + /pkg_edit.php?xml=spamd_settings.xml&id=0 + + + SpamD Database + /spamd_db.php + + + + ['installedpackages']['spamd']['config'] + + + Provider Name + providername + + + Provider Type + providertype + + + Description + providerdescription + + + + /usr/local/www/ + 0755 + http://www.pfsense.com/packages/config/spamd_rules.php + + + /usr/local/pkg/ + 0755 + http://www.pfsense.com/packages/config/spamd_whitelist.xml + + + /usr/local/pkg/ + 0755 + http://www.pfsense.com/packages/config/spamd_outlook.xml + + + /usr/local/pkg/ + 0755 + http://www.pfsense.com/packages/config/spamd.inc + + + /usr/local/pkg/ + 0755 + http://www.pfsense.com/packages/config/spamd_settings.xml + + + /usr/local/www/ + 0755 + http://www.pfsense.com/packages/config/spamd_db.php + + + /usr/local/www/ + 0755 + http://www.pfsense.com/packages/config/spamd_db_ext.php + + + /usr/local/bin/ + 0755 + http://www.pfsense.com/packages/config/spamd_gather_stats.php + + + + + + Provider Name + providername + Enter the name of the source + input + 30 + + + Provider Type + providertype + Select the Provider Type + select + 1 + black + + + + + + + Provider Description + providerdescription + Enter the description for this item + textarea + 30 + 40 + 4 + + + Reject message + rejectmessage + Enter the message to display to emailing parties that are on this providers list + textarea + 30 + 40 + 2 + + + Provider Method + providermethod + Select the Provider Method + select + 1 + http + + + + + + + + Provider URL or Filename + providerurl + Enter the URL to the provider. + textarea + 40 + 4 + + + + sync_package_spamd(); + + + sync_package_spamd(); + + + custom_php_install_command(); + + + custom_php_deinstall_command(); + + spamd_generate_rules +
diff --git a/config/spamd/spamd_db.php b/config/spamd/spamd_db.php new file mode 100644 index 00000000..112fdd71 --- /dev/null +++ b/config/spamd/spamd_db.php @@ -0,0 +1,457 @@ +","",$srcip); + $srcip = str_replace(" ","",$srcip); + // Make input safe + $srcip = escapeshellarg($srcip); + /* execute spamdb command */ + if($action == "'whitelist'") { + exec("/usr/local/sbin/spamdb -d {$srcip}"); + exec("/usr/local/sbin/spamdb -d {$srcip} -T"); + exec("/usr/local/sbin/spamdb -d {$srcip} -t"); + delete_from_blacklist($srcip); + mwexec("/sbin/pfctl -q -t blacklist -T replace -f /var/db/blacklist.txt"); + exec("echo spamdb -a {$srcip} > /tmp/tmp"); + exec("/usr/local/sbin/spamdb -a {$srcip}"); + } else if($action == "'delete'") { + exec("/usr/local/sbin/spamdb -d {$srcip}"); + exec("/usr/local/sbin/spamdb -d {$srcip} -T"); + exec("/usr/local/sbin/spamdb -d {$srcip} -t"); + delete_from_blacklist($srcip); + mwexec("/sbin/pfctl -q -t spamd -T delete $srcip"); + mwexec("/sbin/pfctl -q -t blacklist -T replace -f /var/db/blacklist.txt"); + } else if($action == "'spamtrap'") { + exec("/usr/local/sbin/spamdb -d {$srcip}"); + exec("/usr/local/sbin/spamdb -d {$srcip} -T"); + exec("/usr/local/sbin/spamdb -d {$srcip} -t"); + exec("/usr/local/sbin/spamdb -a {$srcip} -T"); + } else if($action == "'trapped'") { + exec("/usr/local/sbin/spamdb -T -d {$toaddress}"); + exec("/usr/local/sbin/spamdb -T -a '{$toaddress}'"); + } + /* signal a reload for real time effect. */ + mwexec("killall -HUP spamlogd"); + exit; +} + +/* spam trap e-mail address */ +if($_POST['spamtrapemail'] <> "") { + $spamtrapemail = escapeshellarg($_POST['spamtrapemail']); + exec("/usr/local/sbin/spamdb -d {$spamtrapemail}"); + exec("/usr/local/sbin/spamdb -d -T {$spamtrapemail}"); + exec("/usr/local/sbin/spamdb -d -t {$spamtrapemail}"); + exec("/usr/local/sbin/spamdb -T -a '{$toaddress}'"); + + mwexec("killall -HUP spamlogd"); + $savemsg = htmlentities($_POST['spamtrapemail']) . " added to spam trap database."; +} + +if($_GET['getstatus'] <> "") { + $status = exec("/usr/local/sbin/spamdb | grep \"{$_GET['getstatus']}\""); + if(stristr($status, "WHITE") == true) { + echo "WHITE"; + } else if(stristr($status, "TRAPPED") == true) { + echo "TRAPPED"; + } else if(stristr($status, "GREY") == true) { + echo "GREY"; + } else if(stristr($status, "SPAMTRAP") == true) { + echo "SPAMTRAP"; + } else { + echo "NOT FOUND"; + } + exit; +} + +/* spam trap e-mail address */ +if($_GET['spamtrapemail'] <> "") { + $spamtrapemail = escapeshellarg($_GET['spamtrapemail']); + $status = exec("spamdb -T -a {$spamtrapemail}"); + mwexec("killall -HUP spamlogd"); + if($status) + echo $status; + else + echo htmlentities($_POST['spamtrapemail']) . " added to spam trap database."; + exit; +} + +/* whitelist e-mail address */ +if($_GET['whitelist'] <> "") { + $spamtrapemail = escapeshellarg($_GET['spamtrapemail']); + $status = exec("spamdb -a {$spamtrapemail}"); + mwexec("killall -HUP spamlogd"); + if($status) + echo $status; + else + echo htmlentities($_POST['spamtrapemail']) . " added to whitelist database."; + exit; +} + +function delete_from_blacklist($srcip) { + config_lock(); + $blacklist = split("\n", file_get_contents("/var/db/blacklist.txt")); + $fd = fopen("/var/db/blacklist.txt", "w"); + foreach($blacklist as $bl) { + if($bl <> "") + if(!stristr($bl, $srcip)) + fwrite($fd, "{$bl}\n"); + } + fclose($fd); + mwexec("/sbin/pfctl -q -t spamd -T delete {$srcip}"); + mwexec("/sbin/pfctl -q -t blacklist -T replace -f /var/db/blacklist.txt"); + config_unlock(); +} + +function delete_from_whitelist($srcip) { + config_lock(); + $whitelist = split("\n", file_get_contents("/var/db/whitelist.txt")); + $fd = fopen("/var/db/whitelist.txt", "w"); + foreach($whitelist as $wl) { + if($wl <> "") + if(!stristr($wl, $srcip)) + fwrite($fd, "{$wl}\n"); + } + fclose($fd); + mwexec("/sbin/pfctl -q -t spamd -T delete $srcip"); + mwexec("/sbin/pfctl -q -t whitelist -T replace -f /var/db/whitelist.txt"); + config_unlock(); +} + +$pgtitle = "SpamD: Database"; +include("head.inc"); + +if(file_exists("/var/db/whitelist.txt")) + $whitelist_items = `cat /var/db/whitelist.txt | wc -l`; +else + $whitelist_items = 0; + +if(file_exists("/var/db/blacklist.txt")) + $blacklist_items = `cat /var/db/blacklist.txt | wc -l`; +else + $blacklist_items = 0; + +// Get an overall count of the database +$spamdb_items = `/usr/local/sbin/spamdb | wc -l`; + +// Get blacklist and whitelist count from database +$spamdb_white = `/usr/local/sbin/spamdb | grep WHITE | wc -l`; +$spamdb_black = `/usr/local/sbin/spamdb | grep BLACK | wc -l`; +$spamdb_grey = `/usr/local/sbin/spamdb | grep GREY | wc -l`; + +// Now count the user contributed whitelist and blacklist count +$whitelist_items = $whitelist_items + $spamdb_white; +$blacklist_items = $blacklist_items + $spamdb_black; + +?> + + +

+
+ + + + + + +

+ + + + + + +
+ +
+
+ + +
+ + + + + + + +
Filter by test:  Inverse filter (NOT):>
Limit:
 
* Add spam trap E-mail address:

+ + + + + + + + + + + + +"; + } + } + } else { + $pkgdb = split("\n", `/usr/local/sbin/spamdb | tail -n {$limit}`); + } + $rows = 0; + $lastseenip = ""; + $srcip = "|"; + foreach($pkgdb as $pkgdb_row) { + + if($rows > $limit) + break; + $dontdisplay = false; + if(!$pkgdb_row) + continue; + $pkgdb_split = split("\|", $pkgdb_row); + + /* + + For TRAPPED entries the format is: + + type|ip|expire + + where type will be TRAPPED, IP will be the IP address blacklisted due to + hitting a spamtrap, and expire will be when the IP is due to be removed + from the blacklist. + + For GREY entries, the format is: + + type|source IP|helo|from|to|first|pass|expire|block|pass + + For WHITE entries, the format is: + + type|source IP|||first|pass|expire|block|pass + + */ + switch($pkgdb_split[0]) { + case "SPAMTRAP": + $recordtype = htmlentities($pkgdb_split[0]); + $srcip = htmlentities($pkgdb_split[1]); + $fromaddress = htmlentities($pkgdb_split[3]); + $toaddress = htmlentities($pkgdb_split[4]); + $attempts = htmlentities($pkgdb_split[8]); + break; + case "TRAPPED": + $recordtype = htmlentities($pkgdb_split[0]); + $srcip = htmlentities($pkgdb_split[1]); + $fromaddress = ""; + $toaddress = ""; + $attempts = ""; + break; + case "GREY": + $recordtype = htmlentities($pkgdb_split[0]); + $srcip = htmlentities($pkgdb_split[1]); + $fromaddress = htmlentities($pkgdb_split[3]); + $toaddress = htmlentities($pkgdb_split[4]); + $attempts = htmlentities($pkgdb_split[8]); + break; + case "WHITE": + $recordtype = htmlentities($pkgdb_split[0]); + $srcip = htmlentities($pkgdb_split[1]); + $fromaddress = ""; + $toaddress = ""; + $attempts = htmlentities($pkgdb_split[8]); + break; + } + if($srcip == "" and $fromaddress == "" and $toaddress == "") + continue; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + + $rows++; + } +?>
TypeIPFromToAttempts
{$recordtype}{$srcip}{$fromaddress}{$toaddress}{$attempts}"; + $rowtext = "\"Add "; + $rowtext .= "\"Blacklist\" "; + $rowtext .= "\"Delete\""; + $rowtext .= "\"Spamtrap\" "; + + echo $rowtext; + + echo "
+
+

" . $rows . " rows returned."; ?> +

+ * NOTE: adding an e-mail address to the spamtrap automatically traps any server trying to send e-mail to this address. +

+
+
+

+
+Note: Clicking on the action icons will invoke a AJAX query and the page will not refresh. Click refresh in you're browser if you wish to view the changes in status. +
+

Database totals:

+ "; + echo "{$blacklist_items} total items in the blacklist.
"; + echo "{$spamdb_grey} total items in the greylist.
"; + echo "{$spamdb_items} total items in the SpamDB.
"; + ?> + + + diff --git a/config/spamd/spamd_db_ext.php b/config/spamd/spamd_db_ext.php new file mode 100644 index 00000000..e029f676 --- /dev/null +++ b/config/spamd/spamd_db_ext.php @@ -0,0 +1,239 @@ + $username) { + echo "550. INVALID USERNAME {$username}."; + exit; + } + if($outlook['password'] <> $password) { + echo "550. INVALID PASSWORD {$password}."; + exit; + } +} + +exec("echo {$_GET['action']} > /tmp/tmp"); + +/* handle AJAX operations */ +if($_GET['action'] or $_POST['action']) { + if($_GET['action']) + $action = escapeshellarg(trim($_GET['action'])); + if($_POST['action']) + $action = escapeshellarg(trim($_POST['action'])); + if($_GET['srcip']) + $srcip = escapeshellarg(trim($_GET['srcip'])); + if($_POST['srcip']) + $srcip = escapeshellarg(trim($_POST['srcip'])); + if($_POST['email']) + $email = escapeshellarg(trim($_POST['email'])); + if($_GET['email']) + $email = escapeshellarg(trim($_GET['email'])); + /* execute spamdb command */ + if($action == "whitelist") { + delete_from_spamd_db($srcip); + usleep(100); + exec("/usr/local/sbin/spamdb -a {$srcip}"); + mwexec("/sbin/pfctl -q -t blacklist -T replace -f /var/db/blacklist.txt"); + delete_from_blacklist($srcip); + log_error("spamd: {$srcip} has been whitelisted by {$_SERVER['REMOTE_ADDR']} {$loginname}"); + hup_spamd(); + exit; + } else if($action == "delete") { + delete_from_spamd_db($srcip); + usleep(100); + hup_spamd(); + mwexec("/sbin/pfctl -q -t spamd -T delete $srcip"); + mwexec("/sbin/pfctl -q -t blacklist -T replace -f /var/db/blacklist.txt"); + delete_from_blacklist($srcip); + delete_from_whitelist($srcip); + log_error("spamd: {$srcip} has been deleted by {$_SERVER['REMOTE_ADDR']} {$loginname}"); + exit; + } else if($action == "spamtrap") { + delete_from_spamd_db($email); + delete_from_whitelist($srcip); + usleep(100); + exec("/usr/local/sbin/spamdb -a \"{$email}\" -T"); + hup_spamd(); + mwexec("/sbin/pfctl -q -t blacklist -T add -f /var/db/blacklist.txt"); + log_error("spamd: {$srcip} has been blacklisted by {$_SERVER['REMOTE_ADDR']} {$loginname}"); + exit; + } else if($action == "trapped") { + delete_from_spamd_db($srcip); + delete_from_whitelist($srcip); + usleep(100); + exec("/usr/local/sbin/spamdb -a {$srcip} -t"); + add_to_blacklist($srcip); + log_error("spamd: {$srcip} has been trapped by {$_SERVER['REMOTE_ADDR']} {$loginname}"); + hup_spamd(); + exit; + } + /* signal a reload for real time effect. */ + hup_spamd(); + exit; +} + +/* spam trap e-mail address */ +if($_POST['spamtrapemail'] <> "") { + $spamtrapemail = escapeshellarg($_POST['spamtrapemail']); + exec("/usr/local/sbin/spamdb -d {$spamtrapemail}"); + exec("/usr/local/sbin/spamdb -d -T \"{$spamtrapemail}\""); + exec("/usr/local/sbin/spamdb -d -t \"{$spamtrapemail}\""); + mwexec("/usr/local/sbin/spamdb -T -a \"{$spamtrapemail}\""); + mwexec("killall -HUP spamlogd"); + $savemsg = htmlentities($_POST['spamtrapemail']) . " added to spam trap database."; +} + +if($_GET['getstatus'] <> "") { + $getstatus = escapeshellarg($_GET['getstatus']); + $status = exec("/usr/local/sbin/spamdb | grep \"{$getstatus}\""); + if(stristr($status, "WHITE") == true) { + echo "WHITE"; + } else if(stristr($status, "TRAPPED") == true) { + echo "TRAPPED"; + } else if(stristr($status, "GREY") == true) { + echo "GREY"; + } else if(stristr($status, "SPAMTRAP") == true) { + echo "SPAMTRAP"; + } else { + echo "NOT FOUND"; + } + exit; +} + +/* spam trap e-mail address */ +if($_GET['spamtrapemail'] <> "") { + $spamtrapemail = escapeshellarg($_GET['spamtrapemail']); + $status = exec("spamdb -T -a \"{$spamtrapemail}\""); + mwexec("killall -HUP spamlogd"); + if($status) + echo $status; + else + echo htmlentities($_POST['spamtrapemail']) . " added to spam trap database."; + exit; +} + +/* spam trap e-mail address */ +if($_GET['whitelist'] <> "") { + $spamtrapemail = escapeshellarg($_GET['spamtrapemail']); + $status = exec("spamdb -a \"{$spamtrapemail}\""); + mwexec("killall -HUP spamlogd"); + if($status) + echo $status; + else + echo htmlentities($_POST['spamtrapemail']) . " added to whitelist database."; + exit; +} + +function delete_from_spamd_db($srcip) { + config_lock(); + $fd = fopen("/tmp/execcmds", "w"); + fwrite($fd, "#!/bin/sh\n"); + fwrite($fd, "/usr/local/sbin/spamdb -d {$srcip}\n"); + fwrite($fd, "/usr/local/sbin/spamdb -d {$srcip} -T\n"); + fwrite($fd, "/usr/local/sbin/spamdb -d {$srcip} -t\n"); + fwrite($fd, "/usr/local/sbin/spamdb -d \"{$srcip}\" -t\n"); + fwrite($fd, "/usr/local/sbin/spamdb -d \"{$srcip}\" -T\n"); + fclose($fd); + exec("/bin/chmod a+rx /tmp/execcmds"); + system("/bin/sh /tmp/execcmds"); + mwexec("/usr/bin/killall -HUP spamlogd"); + mwexec("/sbin/pfctl -q -t blacklist -T replace -f /var/db/blacklist.txt"); + config_unlock(); +} + +function basic_auth_prompt(){ + header("WWW-Authenticate: Basic realm=\".\""); + header("HTTP/1.0 401 Unauthorized"); + echo "You must enter valid credentials to access this resource."; + exit; +} + +function add_to_blacklist($srcip) { + config_lock(); + $fd = fopen("/var/db/blacklist.txt", "a"); + fwrite($fd, "{$srcip}\n"); + fclose($fd); + mwexec("/sbin/pfctl -q -t spamd -T add -f /var/db/blacklist.txt"); + mwexec("/sbin/pfctl -q -t blacklist -T add -f /var/db/blacklist.txt"); + config_unlock(); +} + +function delete_from_blacklist($srcip) { + config_lock(); + $blacklist = split("\n", file_get_contents("/var/db/blacklist.txt")); + $fd = fopen("/var/db/blacklist.txt", "w"); + foreach($blacklist as $bl) { + if($bl <> "") + if(!stristr($bl, $srcip)) + fwrite($fd, "{$bl}\n"); + } + fclose($fd); + mwexec("/sbin/pfctl -q -t spamd -T delete $srcip"); + mwexec("/sbin/pfctl -q -t blacklist -T replace -f /var/db/blacklist.txt"); + config_unlock(); +} + +function delete_from_whitelist($srcip) { + config_lock(); + $whitelist = split("\n", file_get_contents("/var/db/whitelist.txt")); + $fd = fopen("/var/db/whitelist.txt", "w"); + foreach($whitelist as $wl) { + if($wl <> "") + if(!stristr($wl, $srcip)) + fwrite($fd, "{$wl}\n"); + } + fclose($fd); + mwexec("/sbin/pfctl -q -t spamd -T delete $srcip"); + mwexec("/sbin/pfctl -q -t whitelist -T replace -f /var/db/whitelist.txt"); + config_unlock(); +} + +function hup_spamd() { + mwexec("killall -HUP spamlogd"); +} + +exit; + +?> \ No newline at end of file diff --git a/config/spamd/spamd_exchexp.asp b/config/spamd/spamd_exchexp.asp new file mode 100644 index 00000000..56b0c629 --- /dev/null +++ b/config/spamd/spamd_exchexp.asp @@ -0,0 +1,50 @@ +<% + +dim server +server = "SERVERNAME" + +Sub ExportUsers(oObject) + Dim oUser + For Each oUser in oObject + Select Case oUser.Class + Case "user" + If oUser.mail <> "" then + + for each email in oUser.proxyAddresses + If (lcase(left(email,4))="smtp") Then + 'userFile.WriteLine Mid(email,6) + document.write Mid(email,6) & vbCrLf + End If + next + End if + Case "organizationalUnit" , "container" + If UsersinOU (oUser) then + ExportUsers(oUser) + End if + End select + Next +End Sub + +Function UsersinOU (oObject) + Dim oUser + UsersinOU = False + for Each oUser in oObject + Select Case oUser.Class + Case "organizationalUnit" , "container" + UsersinOU = UsersinOU(oUser) + Case "user" + UsersinOU = True + + End select + Next +End Function + +Dim rootDSE, domainObject +Set rootDSE=GetObject("LDAP://" & server & "/RootDSE") +domainContainer = rootDSE.Get("defaultNamingContext") +Set domainObject = GetObject("LDAP://" & domainContainer) + +ExportUsers(domainObject) +Set oDomain = Nothing + +%> \ No newline at end of file diff --git a/config/spamd/spamd_gather_stats.php b/config/spamd/spamd_gather_stats.php new file mode 100644 index 00000000..a95e2596 --- /dev/null +++ b/config/spamd/spamd_gather_stats.php @@ -0,0 +1,82 @@ +#!/usr/local/bin/php -q + + \ No newline at end of file diff --git a/config/spamd/spamd_outlook.xml b/config/spamd/spamd_outlook.xml new file mode 100644 index 00000000..5e94701f --- /dev/null +++ b/config/spamd/spamd_outlook.xml @@ -0,0 +1,90 @@ + + + + + + . + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + + Describe your package here + Describe your package requirements here + Currently there are no FAQ items provided. + spamdoutlook + 0.1.0 + SpamD Outlook + pkg_edit.php?xml=spamd_outlook.xml&id=0 + + + SpamD External Sources + /pkg.php?xml=spamd.xml + + + SpamD Whitelist + /pkg.php?xml=spamd_whitelist.xml + + + SpamD Settings + /pkg_edit.php?xml=spamd_settings.xml&id=0 + + + SpamD Database + /spamd_db.php + + + + ['installedpackages']['spamd']['config'] + + + + Username + username + Enter the username the outlook clients will use to connect with. + input + + + Password + password + Enter the password the outlook clients will use to connect with. + password + + + + \ No newline at end of file diff --git a/config/spamd/spamd_rules.php b/config/spamd/spamd_rules.php new file mode 100644 index 00000000..27ac850a --- /dev/null +++ b/config/spamd/spamd_rules.php @@ -0,0 +1,34 @@ + +/* + spamd_rules.inc + part of pfSense (www.pfSense.com) + Copyright (C) 2004 Scott Ullrich (sullrich@gmail.com) + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +$wanif = get_real_wan_interface(); +$anchor = "natearly"; +$natrules .= "rdr pass on {$wanif} proto tcp from to port smtp -> 127.0.0.1 port spamd\n"; +$natrules .= "rdr pass on {$wanif} proto tcp from ! to port smtp -> 127.0.0.1 port spamd\n"; +$label = "spamd"; +add_rule_to_anchor($anchor, $rule, $label); diff --git a/config/spamd/spamd_settings.xml b/config/spamd/spamd_settings.xml new file mode 100644 index 00000000..95c343d1 --- /dev/null +++ b/config/spamd/spamd_settings.xml @@ -0,0 +1,192 @@ + + + + + + + + Describe your package here + Describe your package requirements here + Currently there are no FAQ items provided. + spamdsettings + 0.1.0 + SpamD Settings + pkg_edit.php?xml=spamd_settings.xml&id=0 + /usr/local/pkg/spamd.inc + +

+ SpamD +
Services
+ spamd.xml +
+ + spamd + spamd.sh + + + + SpamD External Sources + /pkg.php?xml=spamd.xml + + + SpamD Whitelist + /pkg.php?xml=spamd_whitelist.xml + + + SpamD Settings + /pkg_edit.php?xml=spamd_settings.xml&id=0 + + + + SpamD Database + /spamd_db.php + + + + ['installedpackages']['spamd']['config'] + + + + Identifier + identifier + The SMTP version banner that is reported upon initial connection. + input + + + Maximum blacklisted connections + maxblack + The maximum number of concurrent blacklisted connections to allow in greylisting mode. This value may not be greater than maxcon (see below). The default is maxcon - 100. + input + + + Max concurrent connections + maxcon + The maximum number of concurrent connections to allow. The default is 800. + input + 800 + + + Grey listing + greylisting + Connections from addresses not blacklisted on the black lists tab will be considered for greylisting. Such connections will not be stuttered at (though see the stutter secs option) or delayed, and will receive the pleasantly innocuous temporary failure. After passtime if the host returns it will be added to the white list. + checkbox + yes + + + Passtime + passtime + Adjust the three time parameters for greylisting. Passtime defaults to 25 (minutes). After passtime minutes if spamd sees a retried attempt to deliver mail for the same tuple, spamd will whitelist the connecting address by adding it as a whitelist entry. + input + 30 + 25:4:864 + + + Grey Expiration + greyexp + Adjust the three time parameters for greylisting. Grey expiration defaults to 4. SpamD removes connection entries from the database if delivery has not been retried within greyexp hours from the initial time a connection is seen. + input + 30 + 25:4:864 + + + White Exp + whiteexp + Adjust the three time parameters for greylisting. White expiration defaults to 864 (hours, approximately 36 days). SpamD removes whitelist entries from the database if no mail delivery activity has been seen from the whitelisted address within whiteexp hours from the initial time an address is whitelisted. + input + 30 + 25:4:864 + + + Stutter Secs + stuttersecs + Stutter at greylisted connections for the specified amount of seconds, after which the connection is not stuttered at. Defaults to 10. + input + 10 + + + Delay Secs + delaysecs + Delay each character sent to the client by the specified amount of seconds. Defaults to 1. + input + 1 + + + Window Size + window + Set the socket receive buffer to this many bytes, adjusting the window size. + input + + + + + NextMTA + nextmta + Automatically sends messages after being processed by SpamD to IP Address. You may enter an alias if you like, simply prepend $ to the alias name. example: $mailservers. Note, if you have postfix package installed enter 127.0.0.1 here. + input + 1 + + + Enable RRD graphing + enablerrd + Enables the graphing of SpamD connection and disconnection statistics. + checkbox + + + + + spamd_validate_input($_POST, &$input_errors); + + + sync_package_spamd(); + + \ No newline at end of file diff --git a/config/spamd/spamd_verify_to_address.php b/config/spamd/spamd_verify_to_address.php new file mode 100644 index 00000000..56821370 --- /dev/null +++ b/config/spamd/spamd_verify_to_address.php @@ -0,0 +1,144 @@ +#!/usr/local/bin/php -q + from email addresses */ +for($x=0; isset($current_spamtrap[$x]); $x++) { + $current_spamtrap[$x] = str_replace("<", "", $current_spamtrap[$x]); + $current_spamtrap[$x] = str_replace(">", "", $current_spamtrap[$x]); +} + +/* traverse list and find the dictionary attackers, etc */ +foreach($grey_hosts as $grey) { + if(trim($grey) == "") + continue; + /* clean up and further break down values */ + $grey_lower = strtolower($grey); + $grey_lower = str_replace("<","",$grey_lower); + $grey_lower = str_replace(">","",$grey_lower); + $grey_split = split("\|", $grey_lower); + $email_from = strtolower($grey_split[2]); + $email_to = strtolower($grey_split[3]); + $server_ip = strtolower($grey_split[1]); + if(in_array($server_ip, $current_blacklist)) { + if($debug) + echo "$server_ip already in blacklist.\n"; + continue; + } + if(in_array($email_to, $current_spamtrap)) { + if($email_to) + echo "$email_to already in blacklist.\n"; + continue; + } + if($debug) + echo "Testing $email_from | $email_to \n"; + if (in_array($email_to, $valid_list)) { + if($debug) + echo "$email_to is in the valid list\n"; + } else { + /* spammer picked the wrong person to mess with */ + if($server_ip) { + if($debug) + echo "/usr/local/sbin/spamdb -a $server_ip -t\n"; + exec("/usr/local/sbin/spamdb -d {$server_ip} 2>/dev/null"); + exec("/usr/local/sbin/spamdb -d {$server_ip} -T 2>/dev/null"); + exec("/usr/local/sbin/spamdb -d {$server_ip} -t 2>/dev/null"); + if($debug) + echo "/usr/local/sbin/spamdb -a \"<$email_to>\" -T\n"; + exec("/usr/local/sbin/spamdb -a \"<$email_to>\" -T"); + config_lock(); + system("echo $server_ip >> /var/db/blacklist.txt"); + config_unlock(); + $result = mwexec("/usr/local/sbin/spamdb -a $server_ip -t"); + } else { + if($debug) + echo "Could not locate server ip address."; + } + if($debug) + echo "Script result code: {$result}\n"; + } +} + +mwexec("killall -HUP spamlogd"); + +if($debug) { + echo "\nSearch completed.\n\n"; + echo "Items trapped: "; + system("/usr/local/sbin/spamdb | grep TRAPPED | wc -l"); + echo "Items spamtrapped: "; + system("/usr/local/sbin/spamdb | grep SPAMTRAP | wc -l"); + echo "Items in blacklist.txt: "; + system("/sbin/pfctl -t blacklist -T show | wc -l"); +} + +mwexec("/sbin/pfctl -q -t blacklist -T replace -f /var/db/blacklist.txt"); + +?> \ No newline at end of file diff --git a/config/spamd/spamd_whitelist.xml b/config/spamd/spamd_whitelist.xml new file mode 100644 index 00000000..f7b3f4fe --- /dev/null +++ b/config/spamd/spamd_whitelist.xml @@ -0,0 +1,132 @@ + + + + + + . + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + + Describe your package here + Describe your package requirements here + Currently there are no FAQ items provided. + spamd-whitelist + 0.1.0 + SpamD: Whitelist + + + SpamD Whitelist + +
Services
+ spamd.xml +
+ + + SpamD External Sources + /pkg.php?xml=spamd.xml + + + SpamD Whitelist + /pkg.php?xml=spamd_whitelist.xml + + + + SpamD Settings + /pkg_edit.php?xml=spamd_settings.xml&id=0 + + + SpamD Database + /spamd_db.php + + + + ['installedpackages']['spamdwhitelist']['config'] + + + Exempted IP + ip + + + Description + description + + + + + + Exempted IP + ip + Enter the IP to exempt from blacklisting + input + + + Description + description + Enter the description for this item + input + + + + function sync_package_spamd_whitelist() { + global $config; + conf_mount_rw(); + config_lock(); + /* write out ip to the whitelist db */ + $fd = fopen("/var/db/whitelist.txt","w"); + if($config['installedpackages']['spamdwhitelist']['config'] != "") { + foreach($config['installedpackages']['spamdwhitelist']['config'] as $spamd) { + fwrite($fd, $spamd['ip'] . "\n"); + } + } + fclose($fd); + /* signal a reload of all files */ + mwexec("/usr/bin/killall -HUP spamlogd"); + mwexec("/sbin/pfctl -t spamd-white -T add {$spamd['ip']}"); + conf_mount_ro(); + config_unlock(); + } + + + sync_package_spamd_whitelist(); + + + sync_package_spamd_whitelist(); + +
\ No newline at end of file diff --git a/config/spamd_db.php b/config/spamd_db.php deleted file mode 100644 index 112fdd71..00000000 --- a/config/spamd_db.php +++ /dev/null @@ -1,457 +0,0 @@ -","",$srcip); - $srcip = str_replace(" ","",$srcip); - // Make input safe - $srcip = escapeshellarg($srcip); - /* execute spamdb command */ - if($action == "'whitelist'") { - exec("/usr/local/sbin/spamdb -d {$srcip}"); - exec("/usr/local/sbin/spamdb -d {$srcip} -T"); - exec("/usr/local/sbin/spamdb -d {$srcip} -t"); - delete_from_blacklist($srcip); - mwexec("/sbin/pfctl -q -t blacklist -T replace -f /var/db/blacklist.txt"); - exec("echo spamdb -a {$srcip} > /tmp/tmp"); - exec("/usr/local/sbin/spamdb -a {$srcip}"); - } else if($action == "'delete'") { - exec("/usr/local/sbin/spamdb -d {$srcip}"); - exec("/usr/local/sbin/spamdb -d {$srcip} -T"); - exec("/usr/local/sbin/spamdb -d {$srcip} -t"); - delete_from_blacklist($srcip); - mwexec("/sbin/pfctl -q -t spamd -T delete $srcip"); - mwexec("/sbin/pfctl -q -t blacklist -T replace -f /var/db/blacklist.txt"); - } else if($action == "'spamtrap'") { - exec("/usr/local/sbin/spamdb -d {$srcip}"); - exec("/usr/local/sbin/spamdb -d {$srcip} -T"); - exec("/usr/local/sbin/spamdb -d {$srcip} -t"); - exec("/usr/local/sbin/spamdb -a {$srcip} -T"); - } else if($action == "'trapped'") { - exec("/usr/local/sbin/spamdb -T -d {$toaddress}"); - exec("/usr/local/sbin/spamdb -T -a '{$toaddress}'"); - } - /* signal a reload for real time effect. */ - mwexec("killall -HUP spamlogd"); - exit; -} - -/* spam trap e-mail address */ -if($_POST['spamtrapemail'] <> "") { - $spamtrapemail = escapeshellarg($_POST['spamtrapemail']); - exec("/usr/local/sbin/spamdb -d {$spamtrapemail}"); - exec("/usr/local/sbin/spamdb -d -T {$spamtrapemail}"); - exec("/usr/local/sbin/spamdb -d -t {$spamtrapemail}"); - exec("/usr/local/sbin/spamdb -T -a '{$toaddress}'"); - - mwexec("killall -HUP spamlogd"); - $savemsg = htmlentities($_POST['spamtrapemail']) . " added to spam trap database."; -} - -if($_GET['getstatus'] <> "") { - $status = exec("/usr/local/sbin/spamdb | grep \"{$_GET['getstatus']}\""); - if(stristr($status, "WHITE") == true) { - echo "WHITE"; - } else if(stristr($status, "TRAPPED") == true) { - echo "TRAPPED"; - } else if(stristr($status, "GREY") == true) { - echo "GREY"; - } else if(stristr($status, "SPAMTRAP") == true) { - echo "SPAMTRAP"; - } else { - echo "NOT FOUND"; - } - exit; -} - -/* spam trap e-mail address */ -if($_GET['spamtrapemail'] <> "") { - $spamtrapemail = escapeshellarg($_GET['spamtrapemail']); - $status = exec("spamdb -T -a {$spamtrapemail}"); - mwexec("killall -HUP spamlogd"); - if($status) - echo $status; - else - echo htmlentities($_POST['spamtrapemail']) . " added to spam trap database."; - exit; -} - -/* whitelist e-mail address */ -if($_GET['whitelist'] <> "") { - $spamtrapemail = escapeshellarg($_GET['spamtrapemail']); - $status = exec("spamdb -a {$spamtrapemail}"); - mwexec("killall -HUP spamlogd"); - if($status) - echo $status; - else - echo htmlentities($_POST['spamtrapemail']) . " added to whitelist database."; - exit; -} - -function delete_from_blacklist($srcip) { - config_lock(); - $blacklist = split("\n", file_get_contents("/var/db/blacklist.txt")); - $fd = fopen("/var/db/blacklist.txt", "w"); - foreach($blacklist as $bl) { - if($bl <> "") - if(!stristr($bl, $srcip)) - fwrite($fd, "{$bl}\n"); - } - fclose($fd); - mwexec("/sbin/pfctl -q -t spamd -T delete {$srcip}"); - mwexec("/sbin/pfctl -q -t blacklist -T replace -f /var/db/blacklist.txt"); - config_unlock(); -} - -function delete_from_whitelist($srcip) { - config_lock(); - $whitelist = split("\n", file_get_contents("/var/db/whitelist.txt")); - $fd = fopen("/var/db/whitelist.txt", "w"); - foreach($whitelist as $wl) { - if($wl <> "") - if(!stristr($wl, $srcip)) - fwrite($fd, "{$wl}\n"); - } - fclose($fd); - mwexec("/sbin/pfctl -q -t spamd -T delete $srcip"); - mwexec("/sbin/pfctl -q -t whitelist -T replace -f /var/db/whitelist.txt"); - config_unlock(); -} - -$pgtitle = "SpamD: Database"; -include("head.inc"); - -if(file_exists("/var/db/whitelist.txt")) - $whitelist_items = `cat /var/db/whitelist.txt | wc -l`; -else - $whitelist_items = 0; - -if(file_exists("/var/db/blacklist.txt")) - $blacklist_items = `cat /var/db/blacklist.txt | wc -l`; -else - $blacklist_items = 0; - -// Get an overall count of the database -$spamdb_items = `/usr/local/sbin/spamdb | wc -l`; - -// Get blacklist and whitelist count from database -$spamdb_white = `/usr/local/sbin/spamdb | grep WHITE | wc -l`; -$spamdb_black = `/usr/local/sbin/spamdb | grep BLACK | wc -l`; -$spamdb_grey = `/usr/local/sbin/spamdb | grep GREY | wc -l`; - -// Now count the user contributed whitelist and blacklist count -$whitelist_items = $whitelist_items + $spamdb_white; -$blacklist_items = $blacklist_items + $spamdb_black; - -?> - - -

-
- - - - - - -

- - - - - - -
- -
-
- - -
- - - - - - - -
Filter by test:  Inverse filter (NOT):>
Limit:
 
* Add spam trap E-mail address:

- - - - - - - - - - - - -"; - } - } - } else { - $pkgdb = split("\n", `/usr/local/sbin/spamdb | tail -n {$limit}`); - } - $rows = 0; - $lastseenip = ""; - $srcip = "|"; - foreach($pkgdb as $pkgdb_row) { - - if($rows > $limit) - break; - $dontdisplay = false; - if(!$pkgdb_row) - continue; - $pkgdb_split = split("\|", $pkgdb_row); - - /* - - For TRAPPED entries the format is: - - type|ip|expire - - where type will be TRAPPED, IP will be the IP address blacklisted due to - hitting a spamtrap, and expire will be when the IP is due to be removed - from the blacklist. - - For GREY entries, the format is: - - type|source IP|helo|from|to|first|pass|expire|block|pass - - For WHITE entries, the format is: - - type|source IP|||first|pass|expire|block|pass - - */ - switch($pkgdb_split[0]) { - case "SPAMTRAP": - $recordtype = htmlentities($pkgdb_split[0]); - $srcip = htmlentities($pkgdb_split[1]); - $fromaddress = htmlentities($pkgdb_split[3]); - $toaddress = htmlentities($pkgdb_split[4]); - $attempts = htmlentities($pkgdb_split[8]); - break; - case "TRAPPED": - $recordtype = htmlentities($pkgdb_split[0]); - $srcip = htmlentities($pkgdb_split[1]); - $fromaddress = ""; - $toaddress = ""; - $attempts = ""; - break; - case "GREY": - $recordtype = htmlentities($pkgdb_split[0]); - $srcip = htmlentities($pkgdb_split[1]); - $fromaddress = htmlentities($pkgdb_split[3]); - $toaddress = htmlentities($pkgdb_split[4]); - $attempts = htmlentities($pkgdb_split[8]); - break; - case "WHITE": - $recordtype = htmlentities($pkgdb_split[0]); - $srcip = htmlentities($pkgdb_split[1]); - $fromaddress = ""; - $toaddress = ""; - $attempts = htmlentities($pkgdb_split[8]); - break; - } - if($srcip == "" and $fromaddress == "" and $toaddress == "") - continue; - echo ""; - echo ""; - echo ""; - echo ""; - echo ""; - echo ""; - echo ""; - - $rows++; - } -?>
TypeIPFromToAttempts
{$recordtype}{$srcip}{$fromaddress}{$toaddress}{$attempts}"; - $rowtext = "\"Add "; - $rowtext .= "\"Blacklist\" "; - $rowtext .= "\"Delete\""; - $rowtext .= "\"Spamtrap\" "; - - echo $rowtext; - - echo "
-
-

" . $rows . " rows returned."; ?> -

- * NOTE: adding an e-mail address to the spamtrap automatically traps any server trying to send e-mail to this address. -

-
-
-

-
-Note: Clicking on the action icons will invoke a AJAX query and the page will not refresh. Click refresh in you're browser if you wish to view the changes in status. -
-

Database totals:

- "; - echo "{$blacklist_items} total items in the blacklist.
"; - echo "{$spamdb_grey} total items in the greylist.
"; - echo "{$spamdb_items} total items in the SpamDB.
"; - ?> - - - diff --git a/config/spamd_db_ext.php b/config/spamd_db_ext.php deleted file mode 100644 index e029f676..00000000 --- a/config/spamd_db_ext.php +++ /dev/null @@ -1,239 +0,0 @@ - $username) { - echo "550. INVALID USERNAME {$username}."; - exit; - } - if($outlook['password'] <> $password) { - echo "550. INVALID PASSWORD {$password}."; - exit; - } -} - -exec("echo {$_GET['action']} > /tmp/tmp"); - -/* handle AJAX operations */ -if($_GET['action'] or $_POST['action']) { - if($_GET['action']) - $action = escapeshellarg(trim($_GET['action'])); - if($_POST['action']) - $action = escapeshellarg(trim($_POST['action'])); - if($_GET['srcip']) - $srcip = escapeshellarg(trim($_GET['srcip'])); - if($_POST['srcip']) - $srcip = escapeshellarg(trim($_POST['srcip'])); - if($_POST['email']) - $email = escapeshellarg(trim($_POST['email'])); - if($_GET['email']) - $email = escapeshellarg(trim($_GET['email'])); - /* execute spamdb command */ - if($action == "whitelist") { - delete_from_spamd_db($srcip); - usleep(100); - exec("/usr/local/sbin/spamdb -a {$srcip}"); - mwexec("/sbin/pfctl -q -t blacklist -T replace -f /var/db/blacklist.txt"); - delete_from_blacklist($srcip); - log_error("spamd: {$srcip} has been whitelisted by {$_SERVER['REMOTE_ADDR']} {$loginname}"); - hup_spamd(); - exit; - } else if($action == "delete") { - delete_from_spamd_db($srcip); - usleep(100); - hup_spamd(); - mwexec("/sbin/pfctl -q -t spamd -T delete $srcip"); - mwexec("/sbin/pfctl -q -t blacklist -T replace -f /var/db/blacklist.txt"); - delete_from_blacklist($srcip); - delete_from_whitelist($srcip); - log_error("spamd: {$srcip} has been deleted by {$_SERVER['REMOTE_ADDR']} {$loginname}"); - exit; - } else if($action == "spamtrap") { - delete_from_spamd_db($email); - delete_from_whitelist($srcip); - usleep(100); - exec("/usr/local/sbin/spamdb -a \"{$email}\" -T"); - hup_spamd(); - mwexec("/sbin/pfctl -q -t blacklist -T add -f /var/db/blacklist.txt"); - log_error("spamd: {$srcip} has been blacklisted by {$_SERVER['REMOTE_ADDR']} {$loginname}"); - exit; - } else if($action == "trapped") { - delete_from_spamd_db($srcip); - delete_from_whitelist($srcip); - usleep(100); - exec("/usr/local/sbin/spamdb -a {$srcip} -t"); - add_to_blacklist($srcip); - log_error("spamd: {$srcip} has been trapped by {$_SERVER['REMOTE_ADDR']} {$loginname}"); - hup_spamd(); - exit; - } - /* signal a reload for real time effect. */ - hup_spamd(); - exit; -} - -/* spam trap e-mail address */ -if($_POST['spamtrapemail'] <> "") { - $spamtrapemail = escapeshellarg($_POST['spamtrapemail']); - exec("/usr/local/sbin/spamdb -d {$spamtrapemail}"); - exec("/usr/local/sbin/spamdb -d -T \"{$spamtrapemail}\""); - exec("/usr/local/sbin/spamdb -d -t \"{$spamtrapemail}\""); - mwexec("/usr/local/sbin/spamdb -T -a \"{$spamtrapemail}\""); - mwexec("killall -HUP spamlogd"); - $savemsg = htmlentities($_POST['spamtrapemail']) . " added to spam trap database."; -} - -if($_GET['getstatus'] <> "") { - $getstatus = escapeshellarg($_GET['getstatus']); - $status = exec("/usr/local/sbin/spamdb | grep \"{$getstatus}\""); - if(stristr($status, "WHITE") == true) { - echo "WHITE"; - } else if(stristr($status, "TRAPPED") == true) { - echo "TRAPPED"; - } else if(stristr($status, "GREY") == true) { - echo "GREY"; - } else if(stristr($status, "SPAMTRAP") == true) { - echo "SPAMTRAP"; - } else { - echo "NOT FOUND"; - } - exit; -} - -/* spam trap e-mail address */ -if($_GET['spamtrapemail'] <> "") { - $spamtrapemail = escapeshellarg($_GET['spamtrapemail']); - $status = exec("spamdb -T -a \"{$spamtrapemail}\""); - mwexec("killall -HUP spamlogd"); - if($status) - echo $status; - else - echo htmlentities($_POST['spamtrapemail']) . " added to spam trap database."; - exit; -} - -/* spam trap e-mail address */ -if($_GET['whitelist'] <> "") { - $spamtrapemail = escapeshellarg($_GET['spamtrapemail']); - $status = exec("spamdb -a \"{$spamtrapemail}\""); - mwexec("killall -HUP spamlogd"); - if($status) - echo $status; - else - echo htmlentities($_POST['spamtrapemail']) . " added to whitelist database."; - exit; -} - -function delete_from_spamd_db($srcip) { - config_lock(); - $fd = fopen("/tmp/execcmds", "w"); - fwrite($fd, "#!/bin/sh\n"); - fwrite($fd, "/usr/local/sbin/spamdb -d {$srcip}\n"); - fwrite($fd, "/usr/local/sbin/spamdb -d {$srcip} -T\n"); - fwrite($fd, "/usr/local/sbin/spamdb -d {$srcip} -t\n"); - fwrite($fd, "/usr/local/sbin/spamdb -d \"{$srcip}\" -t\n"); - fwrite($fd, "/usr/local/sbin/spamdb -d \"{$srcip}\" -T\n"); - fclose($fd); - exec("/bin/chmod a+rx /tmp/execcmds"); - system("/bin/sh /tmp/execcmds"); - mwexec("/usr/bin/killall -HUP spamlogd"); - mwexec("/sbin/pfctl -q -t blacklist -T replace -f /var/db/blacklist.txt"); - config_unlock(); -} - -function basic_auth_prompt(){ - header("WWW-Authenticate: Basic realm=\".\""); - header("HTTP/1.0 401 Unauthorized"); - echo "You must enter valid credentials to access this resource."; - exit; -} - -function add_to_blacklist($srcip) { - config_lock(); - $fd = fopen("/var/db/blacklist.txt", "a"); - fwrite($fd, "{$srcip}\n"); - fclose($fd); - mwexec("/sbin/pfctl -q -t spamd -T add -f /var/db/blacklist.txt"); - mwexec("/sbin/pfctl -q -t blacklist -T add -f /var/db/blacklist.txt"); - config_unlock(); -} - -function delete_from_blacklist($srcip) { - config_lock(); - $blacklist = split("\n", file_get_contents("/var/db/blacklist.txt")); - $fd = fopen("/var/db/blacklist.txt", "w"); - foreach($blacklist as $bl) { - if($bl <> "") - if(!stristr($bl, $srcip)) - fwrite($fd, "{$bl}\n"); - } - fclose($fd); - mwexec("/sbin/pfctl -q -t spamd -T delete $srcip"); - mwexec("/sbin/pfctl -q -t blacklist -T replace -f /var/db/blacklist.txt"); - config_unlock(); -} - -function delete_from_whitelist($srcip) { - config_lock(); - $whitelist = split("\n", file_get_contents("/var/db/whitelist.txt")); - $fd = fopen("/var/db/whitelist.txt", "w"); - foreach($whitelist as $wl) { - if($wl <> "") - if(!stristr($wl, $srcip)) - fwrite($fd, "{$wl}\n"); - } - fclose($fd); - mwexec("/sbin/pfctl -q -t spamd -T delete $srcip"); - mwexec("/sbin/pfctl -q -t whitelist -T replace -f /var/db/whitelist.txt"); - config_unlock(); -} - -function hup_spamd() { - mwexec("killall -HUP spamlogd"); -} - -exit; - -?> \ No newline at end of file diff --git a/config/spamd_exchexp.asp b/config/spamd_exchexp.asp deleted file mode 100644 index 56b0c629..00000000 --- a/config/spamd_exchexp.asp +++ /dev/null @@ -1,50 +0,0 @@ -<% - -dim server -server = "SERVERNAME" - -Sub ExportUsers(oObject) - Dim oUser - For Each oUser in oObject - Select Case oUser.Class - Case "user" - If oUser.mail <> "" then - - for each email in oUser.proxyAddresses - If (lcase(left(email,4))="smtp") Then - 'userFile.WriteLine Mid(email,6) - document.write Mid(email,6) & vbCrLf - End If - next - End if - Case "organizationalUnit" , "container" - If UsersinOU (oUser) then - ExportUsers(oUser) - End if - End select - Next -End Sub - -Function UsersinOU (oObject) - Dim oUser - UsersinOU = False - for Each oUser in oObject - Select Case oUser.Class - Case "organizationalUnit" , "container" - UsersinOU = UsersinOU(oUser) - Case "user" - UsersinOU = True - - End select - Next -End Function - -Dim rootDSE, domainObject -Set rootDSE=GetObject("LDAP://" & server & "/RootDSE") -domainContainer = rootDSE.Get("defaultNamingContext") -Set domainObject = GetObject("LDAP://" & domainContainer) - -ExportUsers(domainObject) -Set oDomain = Nothing - -%> \ No newline at end of file diff --git a/config/spamd_gather_stats.php b/config/spamd_gather_stats.php deleted file mode 100644 index a95e2596..00000000 --- a/config/spamd_gather_stats.php +++ /dev/null @@ -1,82 +0,0 @@ -#!/usr/local/bin/php -q - - \ No newline at end of file diff --git a/config/spamd_outlook.xml b/config/spamd_outlook.xml deleted file mode 100644 index 5e94701f..00000000 --- a/config/spamd_outlook.xml +++ /dev/null @@ -1,90 +0,0 @@ - - - - - - . - All rights reserved. - */ -/* ========================================================================== */ -/* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. - spamdoutlook - 0.1.0 - SpamD Outlook - pkg_edit.php?xml=spamd_outlook.xml&id=0 - - - SpamD External Sources - /pkg.php?xml=spamd.xml - - - SpamD Whitelist - /pkg.php?xml=spamd_whitelist.xml - - - SpamD Settings - /pkg_edit.php?xml=spamd_settings.xml&id=0 - - - SpamD Database - /spamd_db.php - - - - ['installedpackages']['spamd']['config'] - - - - Username - username - Enter the username the outlook clients will use to connect with. - input - - - Password - password - Enter the password the outlook clients will use to connect with. - password - - - - \ No newline at end of file diff --git a/config/spamd_rules.php b/config/spamd_rules.php deleted file mode 100644 index 27ac850a..00000000 --- a/config/spamd_rules.php +++ /dev/null @@ -1,34 +0,0 @@ - -/* - spamd_rules.inc - part of pfSense (www.pfSense.com) - Copyright (C) 2004 Scott Ullrich (sullrich@gmail.com) - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ -$wanif = get_real_wan_interface(); -$anchor = "natearly"; -$natrules .= "rdr pass on {$wanif} proto tcp from to port smtp -> 127.0.0.1 port spamd\n"; -$natrules .= "rdr pass on {$wanif} proto tcp from ! to port smtp -> 127.0.0.1 port spamd\n"; -$label = "spamd"; -add_rule_to_anchor($anchor, $rule, $label); diff --git a/config/spamd_settings.xml b/config/spamd_settings.xml deleted file mode 100644 index 95c343d1..00000000 --- a/config/spamd_settings.xml +++ /dev/null @@ -1,192 +0,0 @@ - - - - - - - - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. - spamdsettings - 0.1.0 - SpamD Settings - pkg_edit.php?xml=spamd_settings.xml&id=0 - /usr/local/pkg/spamd.inc - -

- SpamD -
Services
- spamd.xml -
- - spamd - spamd.sh - - - - SpamD External Sources - /pkg.php?xml=spamd.xml - - - SpamD Whitelist - /pkg.php?xml=spamd_whitelist.xml - - - SpamD Settings - /pkg_edit.php?xml=spamd_settings.xml&id=0 - - - - SpamD Database - /spamd_db.php - - - - ['installedpackages']['spamd']['config'] - - - - Identifier - identifier - The SMTP version banner that is reported upon initial connection. - input - - - Maximum blacklisted connections - maxblack - The maximum number of concurrent blacklisted connections to allow in greylisting mode. This value may not be greater than maxcon (see below). The default is maxcon - 100. - input - - - Max concurrent connections - maxcon - The maximum number of concurrent connections to allow. The default is 800. - input - 800 - - - Grey listing - greylisting - Connections from addresses not blacklisted on the black lists tab will be considered for greylisting. Such connections will not be stuttered at (though see the stutter secs option) or delayed, and will receive the pleasantly innocuous temporary failure. After passtime if the host returns it will be added to the white list. - checkbox - yes - - - Passtime - passtime - Adjust the three time parameters for greylisting. Passtime defaults to 25 (minutes). After passtime minutes if spamd sees a retried attempt to deliver mail for the same tuple, spamd will whitelist the connecting address by adding it as a whitelist entry. - input - 30 - 25:4:864 - - - Grey Expiration - greyexp - Adjust the three time parameters for greylisting. Grey expiration defaults to 4. SpamD removes connection entries from the database if delivery has not been retried within greyexp hours from the initial time a connection is seen. - input - 30 - 25:4:864 - - - White Exp - whiteexp - Adjust the three time parameters for greylisting. White expiration defaults to 864 (hours, approximately 36 days). SpamD removes whitelist entries from the database if no mail delivery activity has been seen from the whitelisted address within whiteexp hours from the initial time an address is whitelisted. - input - 30 - 25:4:864 - - - Stutter Secs - stuttersecs - Stutter at greylisted connections for the specified amount of seconds, after which the connection is not stuttered at. Defaults to 10. - input - 10 - - - Delay Secs - delaysecs - Delay each character sent to the client by the specified amount of seconds. Defaults to 1. - input - 1 - - - Window Size - window - Set the socket receive buffer to this many bytes, adjusting the window size. - input - - - - - NextMTA - nextmta - Automatically sends messages after being processed by SpamD to IP Address. You may enter an alias if you like, simply prepend $ to the alias name. example: $mailservers. Note, if you have postfix package installed enter 127.0.0.1 here. - input - 1 - - - Enable RRD graphing - enablerrd - Enables the graphing of SpamD connection and disconnection statistics. - checkbox - - - - - spamd_validate_input($_POST, &$input_errors); - - - sync_package_spamd(); - - \ No newline at end of file diff --git a/config/spamd_verify_to_address.php b/config/spamd_verify_to_address.php deleted file mode 100644 index 56821370..00000000 --- a/config/spamd_verify_to_address.php +++ /dev/null @@ -1,144 +0,0 @@ -#!/usr/local/bin/php -q - from email addresses */ -for($x=0; isset($current_spamtrap[$x]); $x++) { - $current_spamtrap[$x] = str_replace("<", "", $current_spamtrap[$x]); - $current_spamtrap[$x] = str_replace(">", "", $current_spamtrap[$x]); -} - -/* traverse list and find the dictionary attackers, etc */ -foreach($grey_hosts as $grey) { - if(trim($grey) == "") - continue; - /* clean up and further break down values */ - $grey_lower = strtolower($grey); - $grey_lower = str_replace("<","",$grey_lower); - $grey_lower = str_replace(">","",$grey_lower); - $grey_split = split("\|", $grey_lower); - $email_from = strtolower($grey_split[2]); - $email_to = strtolower($grey_split[3]); - $server_ip = strtolower($grey_split[1]); - if(in_array($server_ip, $current_blacklist)) { - if($debug) - echo "$server_ip already in blacklist.\n"; - continue; - } - if(in_array($email_to, $current_spamtrap)) { - if($email_to) - echo "$email_to already in blacklist.\n"; - continue; - } - if($debug) - echo "Testing $email_from | $email_to \n"; - if (in_array($email_to, $valid_list)) { - if($debug) - echo "$email_to is in the valid list\n"; - } else { - /* spammer picked the wrong person to mess with */ - if($server_ip) { - if($debug) - echo "/usr/local/sbin/spamdb -a $server_ip -t\n"; - exec("/usr/local/sbin/spamdb -d {$server_ip} 2>/dev/null"); - exec("/usr/local/sbin/spamdb -d {$server_ip} -T 2>/dev/null"); - exec("/usr/local/sbin/spamdb -d {$server_ip} -t 2>/dev/null"); - if($debug) - echo "/usr/local/sbin/spamdb -a \"<$email_to>\" -T\n"; - exec("/usr/local/sbin/spamdb -a \"<$email_to>\" -T"); - config_lock(); - system("echo $server_ip >> /var/db/blacklist.txt"); - config_unlock(); - $result = mwexec("/usr/local/sbin/spamdb -a $server_ip -t"); - } else { - if($debug) - echo "Could not locate server ip address."; - } - if($debug) - echo "Script result code: {$result}\n"; - } -} - -mwexec("killall -HUP spamlogd"); - -if($debug) { - echo "\nSearch completed.\n\n"; - echo "Items trapped: "; - system("/usr/local/sbin/spamdb | grep TRAPPED | wc -l"); - echo "Items spamtrapped: "; - system("/usr/local/sbin/spamdb | grep SPAMTRAP | wc -l"); - echo "Items in blacklist.txt: "; - system("/sbin/pfctl -t blacklist -T show | wc -l"); -} - -mwexec("/sbin/pfctl -q -t blacklist -T replace -f /var/db/blacklist.txt"); - -?> \ No newline at end of file diff --git a/config/spamd_whitelist.xml b/config/spamd_whitelist.xml deleted file mode 100644 index f7b3f4fe..00000000 --- a/config/spamd_whitelist.xml +++ /dev/null @@ -1,132 +0,0 @@ - - - - - - . - All rights reserved. - */ -/* ========================================================================== */ -/* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. - spamd-whitelist - 0.1.0 - SpamD: Whitelist - - - SpamD Whitelist - -
Services
- spamd.xml -
- - - SpamD External Sources - /pkg.php?xml=spamd.xml - - - SpamD Whitelist - /pkg.php?xml=spamd_whitelist.xml - - - - SpamD Settings - /pkg_edit.php?xml=spamd_settings.xml&id=0 - - - SpamD Database - /spamd_db.php - - - - ['installedpackages']['spamdwhitelist']['config'] - - - Exempted IP - ip - - - Description - description - - - - - - Exempted IP - ip - Enter the IP to exempt from blacklisting - input - - - Description - description - Enter the description for this item - input - - - - function sync_package_spamd_whitelist() { - global $config; - conf_mount_rw(); - config_lock(); - /* write out ip to the whitelist db */ - $fd = fopen("/var/db/whitelist.txt","w"); - if($config['installedpackages']['spamdwhitelist']['config'] != "") { - foreach($config['installedpackages']['spamdwhitelist']['config'] as $spamd) { - fwrite($fd, $spamd['ip'] . "\n"); - } - } - fclose($fd); - /* signal a reload of all files */ - mwexec("/usr/bin/killall -HUP spamlogd"); - mwexec("/sbin/pfctl -t spamd-white -T add {$spamd['ip']}"); - conf_mount_ro(); - config_unlock(); - } - - - sync_package_spamd_whitelist(); - - - sync_package_spamd_whitelist(); - -
\ No newline at end of file -- cgit v1.2.3