spamsink.sh
· 3.4 KiB · Bash
Eredeti
# TODO
# * deliver over lmtp to cyrus [DONE]
# * verify reciep check (include "revieced for") [DONE]
# * pipe mail to sa-learn [DONE]
# * pipe mail to dcc
# * pipe mail to razor [DONE]
# * blacklist anywhere
# * dump mail into file
# initial some values
exit=1
i=1
tempfilename="/tmp/mailsink"
reciep_detection=0
removetemps=0
targets="spamfalle.info"
deliver_to_mailbox=0
sa_report=0
razor_report=0
razor_options="-conf=/etc/razor/razor-agent.conf"
mailbox="user.spamfalle"
auth="spamfalle"
# unique filename
tempfile=${tempfilename}`date +%s`
while read j ; do
echo "${j}" >> ${tempfile}
done
# deliver mail into mailbox
if [ ${deliver_to_mailbox} -eq "1" ] ; then
cat ${tempfile} | formail -I"From " | cyrdeliver -d -m ${mailbox} -a ${auth}
fi
# report mail as spam to spamassassin
if [ ${sa_report} -eq "1" ] ; then
sa-learn --spam ${tempfile}
fi
# report mail as spam to razor
if [ ${razor_report} -eq "1" ] ; then
razor-report ${razor_options} ${tempfile}
fi
# reciep_detection
if [ ${reciep_detection} -eq "1" ] ; then
# get reciep
to=`egrep -i "^To:.*\ <?.*\@.*\..*>?$" ${tempfile} | tail -1 | sed "s/^to:.* <\?//i" | sed "s/>$//"`
# check if mail is send to target
for jj in ${targets}; do
if [ `echo "${to}" | egrep -i "${jj}"` ] ; then
exit=0
fi
done
if [ ${exit} -eq "1" ] ; then
forcount=`egrep -c "^for\ <?.*\@.*\..*>?;\ ((Mon)|(Tue)|(Wed)|(Thu)|(Fri)|(Sat)|(Sun)),\ (([\ 0][1-9])|([1-2][0-9])|(3[0-1]))\ ((Jan)|(Feb)|(Mar)|(Apr)|(May)|(Jun)|(Jul)|(Aug)|(Sep)|(Oct)|(Nov)|(Dec))\ [1-2][0-9]{3}"`
jjj=1
while [ ${jjj} -le ${forcount} ] ; do
for[$jjj]=`egrep -c "^for\ <?.*\@.*\..*>?;\ ((Mon)|(Tue)|(Wed)|(Thu)|(Fri)|(Sat)|(Sun)),\ (([\ 0][1-9])|([1-2][0-9])|(3[0-1]))\ ((Jan)|(Feb)|(Mar)|(Apr)|(May)|(Jun)|(Jul)|(Aug)|(Sep)|(Oct)|(Nov)|(Dec))\ [1-2][0-9]{3}"`
jjj=$[$jjj+1]
done
for jj in ${targets}; do
jjj=1
while [ "${jjj}" -le "${forcount}" && "${exit}" -eq "1" ] ; do
if [ `echo "${for[$jjj]}" | egrep -i "${jj}"` ] ; then
exit=0
fi
jjj=$[$jjj+1]
done
done
fi
if [ ${exit} -eq "1" ] ; then
exit 1
fi
fi
# count relays
relaycount=`grep -c ^Received ${tempfile}`
# write lines matching "^Received:" into array
while [ ${i} -le ${relaycount} ] ; do
relay[$i]=`grep -i "^Received:" ${tempfile} | tail -${i} | head -1 | sed "s/^Received: .*(//i" | sed "s/).*//" | sed "s/.*\[//" | sed "s/\].*//"`
i=$[$i+1]
done
i=1
# get IP of first nonrfc1938 IP
while [ ${i} -le ${relaycount} ] ; do
relayhost=${relay[$i]}
i=$[$i+1]
if ! [ `echo "${relayhost}" | egrep "^127\.0\.0|^192\.168|^10|^172\.1[6-9]|^172\.2|^172\.3[0-1]|^169\.254"` ] ; then
i=$[${relaycount}+1]
fi
done
# ensure $relayhost is realy an IP
relayhost=`echo "${relayhost}" | egrep "^([12]?[0-9]?[0-9].){3}([12]?[0-9]?[0-9])$"`
# get returnpath
returnpath=`egrep -i "^Return-Path:.*\ <?.*\@.*\..*>?$" ${tempfile} | tail -1 | sed "s/^Return-Path:.* <\?//i" | sed "s/>$//"`
# get from
from=`egrep -i "^From:.*\ <?.*\@.*\..*>?$" ${tempfile} | tail -1 | sed "s/^From:.* <\?//i" | sed "s/>$//"`
# save subject for mail, give a hint if return path differs
if [ ${from} = ${returnpath} ] ; then
reportsubject="Spamsink Mail - Sender: ${from} Relay: ${relayhost}"
else
reportsubject="Spamsink Mail - Sender: ${from} Return-Path: ${returnpath} Relay: ${relayhost}"
fi
# cat ${tempfile} | mail -s ${reportsubject} waja@cyconet.org
echo ${reportsubject}
if [ ${removetemps} -eq "1" ] ; then
rm ${tempfile}
fi
exit 0
| 1 | # TODO |
| 2 | # * deliver over lmtp to cyrus [DONE] |
| 3 | # * verify reciep check (include "revieced for") [DONE] |
| 4 | # * pipe mail to sa-learn [DONE] |
| 5 | # * pipe mail to dcc |
| 6 | # * pipe mail to razor [DONE] |
| 7 | # * blacklist anywhere |
| 8 | # * dump mail into file |
| 9 | |
| 10 | # initial some values |
| 11 | exit=1 |
| 12 | i=1 |
| 13 | tempfilename="/tmp/mailsink" |
| 14 | reciep_detection=0 |
| 15 | removetemps=0 |
| 16 | targets="spamfalle.info" |
| 17 | deliver_to_mailbox=0 |
| 18 | sa_report=0 |
| 19 | razor_report=0 |
| 20 | razor_options="-conf=/etc/razor/razor-agent.conf" |
| 21 | mailbox="user.spamfalle" |
| 22 | auth="spamfalle" |
| 23 | |
| 24 | # unique filename |
| 25 | tempfile=${tempfilename}`date +%s` |
| 26 | |
| 27 | while read j ; do |
| 28 | echo "${j}" >> ${tempfile} |
| 29 | done |
| 30 | # deliver mail into mailbox |
| 31 | if [ ${deliver_to_mailbox} -eq "1" ] ; then |
| 32 | cat ${tempfile} | formail -I"From " | cyrdeliver -d -m ${mailbox} -a ${auth} |
| 33 | fi |
| 34 | # report mail as spam to spamassassin |
| 35 | if [ ${sa_report} -eq "1" ] ; then |
| 36 | sa-learn --spam ${tempfile} |
| 37 | fi |
| 38 | # report mail as spam to razor |
| 39 | if [ ${razor_report} -eq "1" ] ; then |
| 40 | razor-report ${razor_options} ${tempfile} |
| 41 | fi |
| 42 | # reciep_detection |
| 43 | if [ ${reciep_detection} -eq "1" ] ; then |
| 44 | # get reciep |
| 45 | to=`egrep -i "^To:.*\ <?.*\@.*\..*>?$" ${tempfile} | tail -1 | sed "s/^to:.* <\?//i" | sed "s/>$//"` |
| 46 | # check if mail is send to target |
| 47 | for jj in ${targets}; do |
| 48 | if [ `echo "${to}" | egrep -i "${jj}"` ] ; then |
| 49 | exit=0 |
| 50 | fi |
| 51 | done |
| 52 | if [ ${exit} -eq "1" ] ; then |
| 53 | forcount=`egrep -c "^for\ <?.*\@.*\..*>?;\ ((Mon)|(Tue)|(Wed)|(Thu)|(Fri)|(Sat)|(Sun)),\ (([\ 0][1-9])|([1-2][0-9])|(3[0-1]))\ ((Jan)|(Feb)|(Mar)|(Apr)|(May)|(Jun)|(Jul)|(Aug)|(Sep)|(Oct)|(Nov)|(Dec))\ [1-2][0-9]{3}"` |
| 54 | jjj=1 |
| 55 | while [ ${jjj} -le ${forcount} ] ; do |
| 56 | for[$jjj]=`egrep -c "^for\ <?.*\@.*\..*>?;\ ((Mon)|(Tue)|(Wed)|(Thu)|(Fri)|(Sat)|(Sun)),\ (([\ 0][1-9])|([1-2][0-9])|(3[0-1]))\ ((Jan)|(Feb)|(Mar)|(Apr)|(May)|(Jun)|(Jul)|(Aug)|(Sep)|(Oct)|(Nov)|(Dec))\ [1-2][0-9]{3}"` |
| 57 | jjj=$[$jjj+1] |
| 58 | done |
| 59 | for jj in ${targets}; do |
| 60 | jjj=1 |
| 61 | while [ "${jjj}" -le "${forcount}" && "${exit}" -eq "1" ] ; do |
| 62 | if [ `echo "${for[$jjj]}" | egrep -i "${jj}"` ] ; then |
| 63 | exit=0 |
| 64 | fi |
| 65 | jjj=$[$jjj+1] |
| 66 | done |
| 67 | done |
| 68 | fi |
| 69 | if [ ${exit} -eq "1" ] ; then |
| 70 | exit 1 |
| 71 | fi |
| 72 | fi |
| 73 | # count relays |
| 74 | relaycount=`grep -c ^Received ${tempfile}` |
| 75 | # write lines matching "^Received:" into array |
| 76 | while [ ${i} -le ${relaycount} ] ; do |
| 77 | relay[$i]=`grep -i "^Received:" ${tempfile} | tail -${i} | head -1 | sed "s/^Received: .*(//i" | sed "s/).*//" | sed "s/.*\[//" | sed "s/\].*//"` |
| 78 | i=$[$i+1] |
| 79 | done |
| 80 | i=1 |
| 81 | # get IP of first nonrfc1938 IP |
| 82 | while [ ${i} -le ${relaycount} ] ; do |
| 83 | relayhost=${relay[$i]} |
| 84 | i=$[$i+1] |
| 85 | if ! [ `echo "${relayhost}" | egrep "^127\.0\.0|^192\.168|^10|^172\.1[6-9]|^172\.2|^172\.3[0-1]|^169\.254"` ] ; then |
| 86 | i=$[${relaycount}+1] |
| 87 | fi |
| 88 | done |
| 89 | # ensure $relayhost is realy an IP |
| 90 | relayhost=`echo "${relayhost}" | egrep "^([12]?[0-9]?[0-9].){3}([12]?[0-9]?[0-9])$"` |
| 91 | # get returnpath |
| 92 | returnpath=`egrep -i "^Return-Path:.*\ <?.*\@.*\..*>?$" ${tempfile} | tail -1 | sed "s/^Return-Path:.* <\?//i" | sed "s/>$//"` |
| 93 | # get from |
| 94 | from=`egrep -i "^From:.*\ <?.*\@.*\..*>?$" ${tempfile} | tail -1 | sed "s/^From:.* <\?//i" | sed "s/>$//"` |
| 95 | # save subject for mail, give a hint if return path differs |
| 96 | if [ ${from} = ${returnpath} ] ; then |
| 97 | reportsubject="Spamsink Mail - Sender: ${from} Relay: ${relayhost}" |
| 98 | else |
| 99 | reportsubject="Spamsink Mail - Sender: ${from} Return-Path: ${returnpath} Relay: ${relayhost}" |
| 100 | fi |
| 101 | # cat ${tempfile} | mail -s ${reportsubject} waja@cyconet.org |
| 102 | echo ${reportsubject} |
| 103 | if [ ${removetemps} -eq "1" ] ; then |
| 104 | rm ${tempfile} |
| 105 | fi |
| 106 | exit 0 |