gist:7b95249e01cb46fa98d9918313815bed

spamsink.sh · 3.4 KiB · Bash Originalformat

# TODO # * deliver over lmtp to cyrus [DONE] # * verify reciep check (include "revieced for") [DONE] # * pipe mail to sa-learn [DONE] # * pipe mail to dcc # * pipe mail to razor [DONE] # * blacklist anywhere # * dump mail into file # initial some values exit=1 i=1 tempfilename="/tmp/mailsink" reciep_detection=0 removetemps=0 targets="spamfalle.info" deliver_to_mailbox=0 sa_report=0 razor_report=0 razor_options="-conf=/etc/razor/razor-agent.conf" mailbox="user.spamfalle" auth="spamfalle" # unique filename tempfile=${tempfilename}`date +%s` while read j ; do echo "${j}" >> ${tempfile} done # deliver mail into mailbox if [ ${deliver_to_mailbox} -eq "1" ] ; then cat ${tempfile} | formail -I"From " | cyrdeliver -d -m ${mailbox} -a ${auth} fi # report mail as spam to spamassassin if [ ${sa_report} -eq "1" ] ; then sa-learn --spam ${tempfile} fi # report mail as spam to razor if [ ${razor_report} -eq "1" ] ; then razor-report ${razor_options} ${tempfile} fi # reciep_detection if [ ${reciep_detection} -eq "1" ] ; then # get reciep to=`egrep -i "^To:.*\ <?.*\@.*\..*>?$" ${tempfile} | tail -1 | sed "s/^to:.* <\?//i" | sed "s/>$//"` # check if mail is send to target for jj in ${targets}; do if [ `echo "${to}" | egrep -i "${jj}"` ] ; then exit=0 fi done if [ ${exit} -eq "1" ] ; then forcount=`egrep -c "^for\ <?.*\@.*\..*>?;\ ((Mon)|(Tue)|(Wed)|(Thu)|(Fri)|(Sat)|(Sun)),\ (([\ 0][1-9])|([1-2][0-9])|(3[0-1]))\ ((Jan)|(Feb)|(Mar)|(Apr)|(May)|(Jun)|(Jul)|(Aug)|(Sep)|(Oct)|(Nov)|(Dec))\ [1-2][0-9]{3}"` jjj=1 while [ ${jjj} -le ${forcount} ] ; do for[$jjj]=`egrep -c "^for\ <?.*\@.*\..*>?;\ ((Mon)|(Tue)|(Wed)|(Thu)|(Fri)|(Sat)|(Sun)),\ (([\ 0][1-9])|([1-2][0-9])|(3[0-1]))\ ((Jan)|(Feb)|(Mar)|(Apr)|(May)|(Jun)|(Jul)|(Aug)|(Sep)|(Oct)|(Nov)|(Dec))\ [1-2][0-9]{3}"` jjj=$[$jjj+1] done for jj in ${targets}; do jjj=1 while [ "${jjj}" -le "${forcount}" && "${exit}" -eq "1" ] ; do if [ `echo "${for[$jjj]}" | egrep -i "${jj}"` ] ; then exit=0 fi jjj=$[$jjj+1] done done fi if [ ${exit} -eq "1" ] ; then exit 1 fi fi # count relays relaycount=`grep -c ^Received ${tempfile}` # write lines matching "^Received:" into array while [ ${i} -le ${relaycount} ] ; do relay[$i]=`grep -i "^Received:" ${tempfile} | tail -${i} | head -1 | sed "s/^Received: .*(//i" | sed "s/).*//" | sed "s/.*\[//" | sed "s/\].*//"` i=$[$i+1] done i=1 # get IP of first nonrfc1938 IP while [ ${i} -le ${relaycount} ] ; do relayhost=${relay[$i]} i=$[$i+1] if ! [ `echo "${relayhost}" | egrep "^127\.0\.0|^192\.168|^10|^172\.1[6-9]|^172\.2|^172\.3[0-1]|^169\.254"` ] ; then i=$[${relaycount}+1] fi done # ensure $relayhost is realy an IP relayhost=`echo "${relayhost}" | egrep "^([12]?[0-9]?[0-9].){3}([12]?[0-9]?[0-9])$"` # get returnpath returnpath=`egrep -i "^Return-Path:.*\ <?.*\@.*\..*>?$" ${tempfile} | tail -1 | sed "s/^Return-Path:.* <\?//i" | sed "s/>$//"` # get from from=`egrep -i "^From:.*\ <?.*\@.*\..*>?$" ${tempfile} | tail -1 | sed "s/^From:.* <\?//i" | sed "s/>$//"` # save subject for mail, give a hint if return path differs if [ ${from} = ${returnpath} ] ; then reportsubject="Spamsink Mail - Sender: ${from} Relay: ${relayhost}" else reportsubject="Spamsink Mail - Sender: ${from} Return-Path: ${returnpath} Relay: ${relayhost}" fi # cat ${tempfile} | mail -s ${reportsubject} waja@cyconet.org echo ${reportsubject} if [ ${removetemps} -eq "1" ] ; then rm ${tempfile} fi exit 0

1	# TODO
2	# * deliver over lmtp to cyrus [DONE]
3	# * verify reciep check (include "revieced for") [DONE]
4	# * pipe mail to sa-learn [DONE]
5	# * pipe mail to dcc
6	# * pipe mail to razor [DONE]
7	# * blacklist anywhere
8	# * dump mail into file
9
10	# initial some values
11	exit=1
12	i=1
13	tempfilename="/tmp/mailsink"
14	reciep_detection=0
15	removetemps=0
16	targets="spamfalle.info"
17	deliver_to_mailbox=0
18	sa_report=0
19	razor_report=0
20	razor_options="-conf=/etc/razor/razor-agent.conf"
21	mailbox="user.spamfalle"
22	auth="spamfalle"
23
24	# unique filename
25	tempfile=${tempfilename}`date +%s`
26
27	while read j ; do
28	echo "${j}" >> ${tempfile}
29	done
30	# deliver mail into mailbox
31	if [ ${deliver_to_mailbox} -eq "1" ] ; then
32	cat ${tempfile} \| formail -I"From " \| cyrdeliver -d -m ${mailbox} -a ${auth}
33	fi
34	# report mail as spam to spamassassin
35	if [ ${sa_report} -eq "1" ] ; then
36	sa-learn --spam ${tempfile}
37	fi
38	# report mail as spam to razor
39	if [ ${razor_report} -eq "1" ] ; then
40	razor-report ${razor_options} ${tempfile}
41	fi
42	# reciep_detection
43	if [ ${reciep_detection} -eq "1" ] ; then
44	# get reciep
45	to=`egrep -i "^To:.\ <?.\@.\..>?$" ${tempfile} \| tail -1 \| sed "s/^to:.* <\?//i" \| sed "s/>$//"`
46	# check if mail is send to target
47	for jj in ${targets}; do
48	if [ `echo "${to}" \| egrep -i "${jj}"` ] ; then
49	exit=0
50	fi
51	done
52	if [ ${exit} -eq "1" ] ; then
53	forcount=`egrep -c "^for\ <?.\@.\..*>?;\ ((Mon)\|(Tue)\|(Wed)\|(Thu)\|(Fri)\|(Sat)\|(Sun)),\ (([\ 0][1-9])\|([1-2][0-9])\|(3[0-1]))\ ((Jan)\|(Feb)\|(Mar)\|(Apr)\|(May)\|(Jun)\|(Jul)\|(Aug)\|(Sep)\|(Oct)\|(Nov)\|(Dec))\ [1-2][0-9]{3}"`
54	jjj=1
55	while [ ${jjj} -le ${forcount} ] ; do
56	for[$jjj]=`egrep -c "^for\ <?.\@.\..*>?;\ ((Mon)\|(Tue)\|(Wed)\|(Thu)\|(Fri)\|(Sat)\|(Sun)),\ (([\ 0][1-9])\|([1-2][0-9])\|(3[0-1]))\ ((Jan)\|(Feb)\|(Mar)\|(Apr)\|(May)\|(Jun)\|(Jul)\|(Aug)\|(Sep)\|(Oct)\|(Nov)\|(Dec))\ [1-2][0-9]{3}"`
57	jjj=$[$jjj+1]
58	done
59	for jj in ${targets}; do
60	jjj=1
61	while [ "${jjj}" -le "${forcount}" && "${exit}" -eq "1" ] ; do
62	if [ `echo "${for[$jjj]}" \| egrep -i "${jj}"` ] ; then
63	exit=0
64	fi
65	jjj=$[$jjj+1]
66	done
67	done
68	fi
69	if [ ${exit} -eq "1" ] ; then
70	exit 1
71	fi
72	fi
73	# count relays
74	relaycount=`grep -c ^Received ${tempfile}`
75	# write lines matching "^Received:" into array
76	while [ ${i} -le ${relaycount} ] ; do
77	relay[$i]=`grep -i "^Received:" ${tempfile} \| tail -${i} \| head -1 \| sed "s/^Received: .(//i" \| sed "s/).//" \| sed "s/.\[//" \| sed "s/\].//"`
78	i=$[$i+1]
79	done
80	i=1
81	# get IP of first nonrfc1938 IP
82	while [ ${i} -le ${relaycount} ] ; do
83	relayhost=${relay[$i]}
84	i=$[$i+1]
85	if ! [ `echo "${relayhost}" \| egrep "^127\.0\.0\|^192\.168\|^10\|^172\.1[6-9]\|^172\.2\|^172\.3[0-1]\|^169\.254"` ] ; then
86	i=$[${relaycount}+1]
87	fi
88	done
89	# ensure $relayhost is realy an IP
90	relayhost=`echo "${relayhost}" \| egrep "^([12]?[0-9]?[0-9].){3}([12]?[0-9]?[0-9])$"`
91	# get returnpath
92	returnpath=`egrep -i "^Return-Path:.\ <?.\@.\..>?$" ${tempfile} \| tail -1 \| sed "s/^Return-Path:.* <\?//i" \| sed "s/>$//"`
93	# get from
94	from=`egrep -i "^From:.\ <?.\@.\..>?$" ${tempfile} \| tail -1 \| sed "s/^From:.* <\?//i" \| sed "s/>$//"`
95	# save subject for mail, give a hint if return path differs
96	if [ ${from} = ${returnpath} ] ; then
97	reportsubject="Spamsink Mail - Sender: ${from} Relay: ${relayhost}"
98	else
99	reportsubject="Spamsink Mail - Sender: ${from} Return-Path: ${returnpath} Relay: ${relayhost}"
100	fi
101	# cat ${tempfile} \| mail -s ${reportsubject} waja@cyconet.org
102	echo ${reportsubject}
103	if [ ${removetemps} -eq "1" ] ; then
104	rm ${tempfile}
105	fi
106	exit 0