proxmox-mirrors/proxmox-spamassassin
1
0
Fork 0
mirror of https://git.proxmox.com/git/proxmox-spamassassin synced 2025-04-28 16:01:29 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

update spamassassin to 3.4.5

Browse Source 
contains fixes for:
    * CVE-2020-1946

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
This commit is contained in:
Stoiko Ivanov 2021-03-24 17:47:43 +01:00
parent 37ef577538
commit e04a3a9b6c
62 changed files with 1734 additions and 653 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
upstream/CREDITS
View File

@ -1,4 +1,4 @@
Copyright (C) 2019 The Apache Software Foundation
Copyright (C) 2021 The Apache Software Foundation
Project Management Committee (PMC):

369
upstream/Changes
View File

@ -1,4 +1,373 @@
------------------------------------------------------------------------
r1887306 | hege | 2021-03-07 21:56:45 +0000 (Sun, 07 Mar 2021) | 2 lines
Fix previous commit, need to allow multiple AskDNS hits
------------------------------------------------------------------------
r1887305 | hege | 2021-03-07 21:51:31 +0000 (Sun, 07 Mar 2021) | 2 lines
AskDNS cleanups and fixes for Bug 7777 & Bug 7875 (Multiple DNS
responses)
------------------------------------------------------------------------
r1886188 | gbechis | 2021-02-04 08:02:07 +0000 (Thu, 04 Feb 2021) | 3
lines
do not consider oleobject1.bin files as bad,
they could also be images
------------------------------------------------------------------------
r1885637 | kmcgrail | 2021-01-18 05:37:09 +0000 (Mon, 18 Jan 2021) | 1
line
preparing to release 3.4.5-rc1
------------------------------------------------------------------------
r1885636 | kmcgrail | 2021-01-18 05:36:12 +0000 (Mon, 18 Jan 2021) | 1
line
adding spam that hits razor for testing
------------------------------------------------------------------------
r1885345 | kb | 2021-01-11 02:51:19 +0000 (Mon, 11 Jan 2021) | 1 line
BodyEval: plaintext_body_sig_ratio eval rules, bug 7879
------------------------------------------------------------------------
r1885234 | gbechis | 2021-01-07 07:47:53 +0000 (Thu, 07 Jan 2021) | 2
lines
pod fixes
------------------------------------------------------------------------
r1885233 | gbechis | 2021-01-07 07:31:13 +0000 (Thu, 07 Jan 2021) | 2
lines
clarify man page
------------------------------------------------------------------------
r1885214 | kb | 2021-01-06 21:08:43 +0000 (Wed, 06 Jan 2021) | 1 line
plaintext_body_sig_ratio: eval() rules for the (first text/plain MIME
part's) body and signature lengths and ratio
------------------------------------------------------------------------
r1884879 | gbechis | 2020-12-28 15:00:10 +0000 (Mon, 28 Dec 2020) | 2
lines
update [meta]cpan url
------------------------------------------------------------------------
r1884876 | gbechis | 2020-12-28 14:38:35 +0000 (Mon, 28 Dec 2020) | 2
lines
Mention some changes in 3.4.5
------------------------------------------------------------------------
r1884872 | kmcgrail | 2020-12-28 13:56:49 +0000 (Mon, 28 Dec 2020) | 1
line
More MANIFEST cleanup
------------------------------------------------------------------------
r1884871 | kmcgrail | 2020-12-28 13:51:17 +0000 (Mon, 28 Dec 2020) | 1
line
MANIFEST clean-up
------------------------------------------------------------------------
r1884870 | kmcgrail | 2020-12-28 13:48:59 +0000 (Mon, 28 Dec 2020) | 1
line
Fixing Copyright on CREDITS file
------------------------------------------------------------------------
r1883660 | gbechis | 2020-11-20 07:33:00 +0000 (Fri, 20 Nov 2020) | 2
lines
fix GeoIP open_type call, bz #7871
------------------------------------------------------------------------
r1883643 | gbechis | 2020-11-19 15:37:20 +0000 (Thu, 19 Nov 2020) | 2
lines
typo
------------------------------------------------------------------------
r1883642 | gbechis | 2020-11-19 15:35:33 +0000 (Thu, 19 Nov 2020) | 2
lines
specify in debug message that not all rule types are compatible
------------------------------------------------------------------------
r1883069 | gbechis | 2020-11-02 18:14:47 +0000 (Mon, 02 Nov 2020) | 3
lines
backport TextCat improvements from trunk
fix bz #7866
------------------------------------------------------------------------
r1882297 | gbechis | 2020-10-07 08:28:05 +0000 (Wed, 07 Oct 2020) | 2
lines
Missing files from previous commit, bz #7860
------------------------------------------------------------------------
r1882269 | gbechis | 2020-10-06 10:20:40 +0000 (Tue, 06 Oct 2020) | 4
lines
Make it possible to run the Spamassassin test suite against the installed
SpamAssassin files (rather than those in the source directory)
bz #7860
------------------------------------------------------------------------
r1881912 | jhardin | 2020-09-21 18:43:37 +0000 (Mon, 21 Sep 2020) | 1 line
Bug 7857: merge Revision 1881911 from trunk
------------------------------------------------------------------------
r1881784 | gbechis | 2020-09-17 07:17:40 +0000 (Thu, 17 Sep 2020) | 2
lines
exit if reallyallowplugin option is not specified
------------------------------------------------------------------------
r1881066 | billcole | 2020-08-21 19:29:57 +0000 (Fri, 21 Aug 2020) | 1
line
Understand deprecated charset=ascii correctly. BZ#7851
------------------------------------------------------------------------
r1880999 | billcole | 2020-08-19 17:31:48 +0000 (Wed, 19 Aug 2020) | 1
line
Fix duplicated-word typos in documentation BZ#7850
------------------------------------------------------------------------
r1880998 | billcole | 2020-08-19 17:26:15 +0000 (Wed, 19 Aug 2020) | 1
line
Add man page generation for sa-check_spamd BZ#7849
------------------------------------------------------------------------
r1879979 | hege | 2020-07-17 05:03:52 +0000 (Fri, 17 Jul 2020) | 2 lines
Bug 7810 - gmail has an extra dot in rDNS
------------------------------------------------------------------------
r1879806 | hege | 2020-07-12 10:18:32 +0000 (Sun, 12 Jul 2020) | 2 lines
Bug 7817 - Pyzor.pm - Show traceback in log
------------------------------------------------------------------------
r1879731 | kmcgrail | 2020-07-10 04:18:33 +0000 (Fri, 10 Jul 2020) | 1
line
Fixing powered by Apache SpamAssassin logo to the correct version 2.0
------------------------------------------------------------------------
r1879727 | billcole | 2020-07-09 21:59:24 +0000 (Thu, 09 Jul 2020) | 1
line
Don't assume versions are simple numbers
------------------------------------------------------------------------
r1879726 | billcole | 2020-07-09 20:42:56 +0000 (Thu, 09 Jul 2020) | 1
line
Don't treat versions like simple numbers
------------------------------------------------------------------------
r1879700 | hege | 2020-07-09 10:47:48 +0000 (Thu, 09 Jul 2020) | 2 lines
Backport EnvelopeFrom fixes from trunk (Revision 1844628,1864383) (Bug
7834)
------------------------------------------------------------------------
r1879123 | billcole | 2020-06-23 18:20:55 +0000 (Tue, 23 Jun 2020) | 4
lines
Fix Bug #7830: non-numeric version comparison.
------------------------------------------------------------------------
r1879052 | kmcgrail | 2020-06-21 02:48:32 +0000 (Sun, 21 Jun 2020) | 1
line
preparing to release 3.4.5-pre1
------------------------------------------------------------------------
r1878990 | hege | 2020-06-19 14:11:26 +0000 (Fri, 19 Jun 2020) | 2 lines
Bug 7828 - uri_detail lacks support for key type "host"
------------------------------------------------------------------------
r1878575 | hege | 2020-06-08 05:18:37 +0000 (Mon, 08 Jun 2020) | 2 lines
Log all URIBL hit domains in report
------------------------------------------------------------------------
r1878574 | hege | 2020-06-08 04:44:27 +0000 (Mon, 08 Jun 2020) | 2 lines
Bug 7822: HashBL not examining all addresses in a message
------------------------------------------------------------------------
r1878572 | hege | 2020-06-08 04:18:44 +0000 (Mon, 08 Jun 2020) | 2 lines
Backport check_cleanup callback from trunk for internal use, not
documenting since it will only be in 3.4.5
------------------------------------------------------------------------
r1878568 | hege | 2020-06-07 16:34:50 +0000 (Sun, 07 Jun 2020) | 2 lines
Clarify some HashBL docs
------------------------------------------------------------------------
r1878559 | hege | 2020-06-07 10:41:22 +0000 (Sun, 07 Jun 2020) | 2 lines
Bug 7822: HashBL not examining all addresses in a message
------------------------------------------------------------------------
r1877459 | gbechis | 2020-05-06 22:36:46 +0000 (Wed, 06 May 2020) | 2
lines
always pass the rulename to bgsend_and_start_lookup
------------------------------------------------------------------------
r1877139 | gbechis | 2020-04-28 19:21:04 +0000 (Tue, 28 Apr 2020) | 3
lines
fix warnings that happens when From: is not a proper email address
bz 7811
------------------------------------------------------------------------
r1877124 | gbechis | 2020-04-28 09:50:37 +0000 (Tue, 28 Apr 2020) | 3
lines
fix txrep tags, "_" is not an allowed char in tag names
fixes bz 7749
------------------------------------------------------------------------
r1876821 | hege | 2020-04-22 10:00:36 +0000 (Wed, 22 Apr 2020) | 2 lines
Allow undefined suppl_attrib just in case
------------------------------------------------------------------------
r1876795 | hege | 2020-04-21 12:28:07 +0000 (Tue, 21 Apr 2020) | 2 lines
Add some suppl_attrib debugging
------------------------------------------------------------------------
r1876780 | gbechis | 2020-04-21 09:20:23 +0000 (Tue, 21 Apr 2020) | 2
lines
silence a possible warning
------------------------------------------------------------------------
r1876711 | hege | 2020-04-19 06:25:48 +0000 (Sun, 19 Apr 2020) | 2 lines
Mention Bug 7803
------------------------------------------------------------------------
r1876710 | hege | 2020-04-19 06:18:25 +0000 (Sun, 19 Apr 2020) | 2 lines
Bug 7809 - unwhitelist broken
------------------------------------------------------------------------
r1876561 | hege | 2020-04-15 15:03:58 +0000 (Wed, 15 Apr 2020) | 2 lines
DNSEval cleanups, validate hostnames
------------------------------------------------------------------------
r1876556 | hege | 2020-04-15 13:59:34 +0000 (Wed, 15 Apr 2020) | 2 lines
Bug 7808 - Fix check_rbl_headers with multiple same headers
------------------------------------------------------------------------
r1876381 | hege | 2020-04-10 20:38:45 +0000 (Fri, 10 Apr 2020) | 2 lines
Fix header rule parsing
------------------------------------------------------------------------
r1876367 | hege | 2020-04-10 14:49:20 +0000 (Fri, 10 Apr 2020) | 2 lines
Bug 7750 - _DKIMSELECTOR_ template tag is not substituted, when mail is
not DKIM signed
------------------------------------------------------------------------
r1876350 | hege | 2020-04-10 08:22:55 +0000 (Fri, 10 Apr 2020) | 2 lines
Bug 7790 - Allow = character in pyzor_options
------------------------------------------------------------------------
r1876348 | hege | 2020-04-10 07:51:51 +0000 (Fri, 10 Apr 2020) | 2 lines
Bug 7803 - SQL schema of userpref table, value too short
------------------------------------------------------------------------
r1876347 | hege | 2020-04-10 07:47:37 +0000 (Fri, 10 Apr 2020) | 2 lines
Bug 7807 - t/spamd_ssl.t fails due to small key size
------------------------------------------------------------------------
r1876346 | hege | 2020-04-10 07:44:37 +0000 (Fri, 10 Apr 2020) | 2 lines
Bug 7763 - ssl tests must be run as root
------------------------------------------------------------------------
r1876320 | hege | 2020-04-09 12:40:52 +0000 (Thu, 09 Apr 2020) | 2 lines
Bug 7806 - Tainting through concatenation with $^X does not taint
------------------------------------------------------------------------
r1876218 | gbechis | 2020-04-07 08:20:15 +0000 (Tue, 07 Apr 2020) | 2
lines
match few more received lines
------------------------------------------------------------------------
r1875134 | gbechis | 2020-03-12 18:32:40 +0000 (Thu, 12 Mar 2020) | 5
lines
sync OLEVBMacro plugin with trunk
- check for undef before reading mime part
- add a new rule to check if on the doc file there is an url that
triggers a download to an external malicious file
------------------------------------------------------------------------
r1874343 | gbechis | 2020-02-21 23:04:46 +0000 (Fri, 21 Feb 2020) | 4
lines
put [raw]body_part_scan_size documentation in the right
section of man page
fix bz 7796
------------------------------------------------------------------------
r1874012 | gbechis | 2020-02-14 10:57:25 +0000 (Fri, 14 Feb 2020) | 2
lines
another couple of too chatty info messages converted to dbg
------------------------------------------------------------------------
r1874010 | gbechis | 2020-02-14 10:35:39 +0000 (Fri, 14 Feb 2020) | 2
lines
switch a too chatty info into a dbg statement
------------------------------------------------------------------------
r1873859 | gbechis | 2020-02-10 14:33:45 +0000 (Mon, 10 Feb 2020) | 2
lines
one more OLEMacro marker
------------------------------------------------------------------------
r1873752 | gbechis | 2020-02-07 18:37:10 +0000 (Fri, 07 Feb 2020) | 2
lines
sync OLEVBMacro plugin with trunk
------------------------------------------------------------------------
r1873340 | hege | 2020-01-29 21:38:08 +0000 (Wed, 29 Jan 2020) | 2 lines
Clarify mimepart limit
------------------------------------------------------------------------
r1873200 | hege | 2020-01-27 09:43:17 +0000 (Mon, 27 Jan 2020) | 2 lines
More DKIM test files for different CRLF/LF cases
------------------------------------------------------------------------
r1873123 | kmcgrail | 2020-01-25 02:49:19 +0000 (Sat, 25 Jan 2020) | 1
line
preparing to release 3.4.4 (post rc-1)
------------------------------------------------------------------------
r1873122 | kmcgrail | 2020-01-25 02:04:07 +0000 (Sat, 25 Jan 2020) | 1
line

7
upstream/MANIFEST
View File

@ -300,6 +300,10 @@ t/data/dkim/test-pass-16.msg
t/data/dkim/test-pass-17.msg
t/data/dkim/test-pass-18.msg
t/data/dkim/test-pass-19.msg
t/data/dkim/test-pass-20.msg
t/data/dkim/test-pass-21.msg
t/data/dkim/test-pass-22.msg
t/data/dkim/test-pass-23.msg
t/data/etc/hello.txt
t/data/etc/testhost.cert
t/data/etc/testhost.key
@ -561,6 +565,7 @@ t/uri_html.t
t/uri_text.t
t/uribl.t
t/urilocalbl_geoip.t
t/uri_saferedirect.t
t/utf8.t
t/util_wrap.t
t/whitelist_addrs.t
@ -580,6 +585,6 @@ powered_by/128-powered-by-spamassassin.png
powered_by/256-powered-by-spamassassin.png
powered_by/512-powered-by-spamassassin.png
powered_by/LOGO_USAGE.TXT
powered_by/powered_by_spamassassin.psd
powered_by/powered_by_SpamAssassin-v2.psd
META.yml Module YAML meta-data (added by MakeMaker)
META.json Module JSON meta-data (added by MakeMaker)

2
upstream/META.json
View File

@ -57,5 +57,5 @@
},
"x_MailingList" : "http://wiki.apache.org/spamassassin/MailingLists"
},
"version" : "3.004004"
"version" : "3.004005"
}

2
upstream/META.yml
View File

@ -36,4 +36,4 @@ resources:
license: http://www.apache.org/licenses/LICENSE-2.0.html
repository: http://svn.apache.org/repos/asf/spamassassin/
x_MailingList: http://wiki.apache.org/spamassassin/MailingLists
version: 3.004004
version: 3.004005

1
upstream/Makefile.PL
View File

@ -157,6 +157,7 @@ my %makefile = (
'sa-update' => '$(INST_MAN1DIR)/sa-update.$(MAN1EXT)',
'sa-compile' => '$(INST_MAN1DIR)/sa-compile.$(MAN1EXT)',
'sa-awl' => '$(INST_MAN1DIR)/sa-awl.$(MAN1EXT)',
'sa-check_spamd' => '$(INST_MAN1DIR)/sa-check_spamd.$(MAN1EXT)',
'spamc/spamc.pod' => '$(INST_MAN1DIR)/spamc.$(MAN1EXT)',
'spamd/spamd' => '$(INST_MAN1DIR)/spamd.$(MAN1EXT)',
},

2
upstream/NOTICE
View File

@ -29,7 +29,7 @@ The OpenSSL Project - http://www.openssl.org/source/
spamc and libspamc use OpenSSL to perform SSL encryption.
Steffen Ullrich - http://search.cpan.org/%7esullr/
Steffen Ullrich - https://metacpan.org/author/SULLR
spamd uses IO::Socket::SSL to perform SSL encryption.

2
upstream/README
View File

@ -14,7 +14,7 @@ filtering, DNS blocklists, and collaborative filtering databases.
Apache SpamAssassin is a project of the Apache Software Foundation (ASF).
What Apache SpamAssassin Is Not
What Apache SpamAssassin is Not
-------------------------------
Apache SpamAssassin is not a program to delete spam, route spam and ham to

18
upstream/UPGRADE
View File

@ -1,3 +1,21 @@
Note for Users Upgrading to SpamAssassin 3.4.5
----------------------------------------------
- Spamassassin test suite can now run against the installed
SpamAssassin files (rather than those in the source directory)
- unwhitelist_auth now also removes def_whitelist_auth entries
- SPF: add unwhitelist_from_spf to remove both whitelist_from_spf and
def_whitelist_from_spf entries
- Default SQL schema for userpref.value changed from varchar(100) to
varchar(255), no need to modify unless you hit the limit. (Bug 7803)
- URIDetail can now match full hostname with "host" key
- BodyEval: plaintext_body_sig_ratio: eval rules for the (first text/plain
MIME part's) body and signature lengths and ratio
Note for Users Upgrading to SpamAssassin 3.4.4
----------------------------------------------

14
upstream/lib/Mail/SpamAssassin.pm
View File

@ -87,7 +87,7 @@ use Time::HiRes qw(time);
use Cwd;
use Config;
our $VERSION = "3.004004"; # update after release (same format as perl $])
our $VERSION = "3.004005"; # update after release (same format as perl $])
#our $IS_DEVEL_BUILD = 1; # 1 for devel build
our $IS_DEVEL_BUILD = 0; # 0 for release versions including rc & pre releases
@ -101,18 +101,18 @@ our @ISA = qw();
# SUB_VERSION is now just <yyyy>-<mm>-<dd>
our $SUB_VERSION = 'svnunknown';
if ('$LastChangedDate: 2020-01-24 21:49:19 -0500 (Fri, 24 Jan 2020) $' =~ ':') {
# Subversion keyword "$LastChangedDate: 2020-01-24 21:49:19 -0500 (Fri, 24 Jan 2020) $" has been successfully expanded.
if ('$LastChangedDate: 2021-03-20 22:14:03 +1300 (Sat, 20 Mar 2021) $' =~ ':') {
# Subversion keyword "$LastChangedDate: 2021-03-20 22:14:03 +1300 (Sat, 20 Mar 2021) $" has been successfully expanded.
# Doesn't happen with automated launchpad builds:
# https://bugs.launchpad.net/launchpad/+bug/780916
$SUB_VERSION = (split(/\s+/,'$LastChangedDate: 2020-01-24 21:49:19 -0500 (Fri, 24 Jan 2020) $ updated by SVN'))[1];
$SUB_VERSION = (split(/\s+/,'$LastChangedDate: 2021-03-20 22:14:03 +1300 (Sat, 20 Mar 2021) $ updated by SVN'))[1];
}
if (defined $IS_DEVEL_BUILD && $IS_DEVEL_BUILD) {
if ('$LastChangedRevision: 1873123 $' =~ ':') {
# Subversion keyword "$LastChangedRevision: 1873123 $" has been successfully expanded.
push(@EXTRA_VERSION, ('r' . qw{$LastChangedRevision: 1873123 $ updated by SVN}[1]));
if ('$LastChangedRevision: 1887843 $' =~ ':') {
# Subversion keyword "$LastChangedRevision: 1887843 $" has been successfully expanded.
push(@EXTRA_VERSION, ('r' . qw{$LastChangedRevision: 1887843 $ updated by SVN}[1]));
} else {
push(@EXTRA_VERSION, ('r' . 'svnunknown'));
}

136
upstream/lib/Mail/SpamAssassin/Conf.pm
View File

@ -317,7 +317,7 @@ e.g.
=item unwhitelist_from user@example.com
Used to override a default whitelist_from entry, so for example a distribution
Used to remove a default whitelist_from entry, so for example a distribution
whitelist_from can be overridden in a local.cf file, or an individual user can
override a whitelist_from entry in their own C<user_prefs> file.
The specified email address has to match exactly (although case-insensitively)
@ -458,10 +458,10 @@ e.g.
=item unwhitelist_from_rcvd user@example.com
Used to override a default whitelist_from_rcvd entry, so for example a
distribution whitelist_from_rcvd can be overridden in a local.cf file,
or an individual user can override a whitelist_from_rcvd entry in
their own C<user_prefs> file.
Used to remove a default whitelist_from_rcvd or def_whitelist_from_rcvd
entry, so for example a distribution whitelist_from_rcvd can be overridden
in a local.cf file, or an individual user can override a whitelist_from_rcvd
entry in their own C<user_prefs> file.
The specified email address has to match exactly the address previously
used in a whitelist_from_rcvd line.
@ -505,7 +505,7 @@ non-spam, but which the user doesn't want. Same format as C<whitelist_from>.
=item unblacklist_from user@example.com
Used to override a default blacklist_from entry, so for example a
Used to remove a default blacklist_from entry, so for example a
distribution blacklist_from can be overridden in a local.cf file, or
an individual user can override a blacklist_from entry in their own
C<user_prefs> file. The specified email address has to match exactly
@ -634,8 +634,8 @@ these are often targets for spammer spoofing.
=item unwhitelist_auth user@example.com
Used to override a C<whitelist_auth> entry. The specified email address has to
match exactly the address previously used in a C<whitelist_auth> line.
Used to remove a C<whitelist_auth> or C<def_whitelist_auth> entry. The
specified email address has to match exactly the address previously used.
e.g.
@ -645,10 +645,21 @@ e.g.
=cut
push (@cmds, {
command => 'unwhitelist_auth',
setting => 'whitelist_auth',
setting => 'unwhitelist_auth',
type => $CONF_TYPE_ADDRLIST,
code => \&Mail::SpamAssassin::Conf::Parser::remove_addrlist_value
code => sub {
my ($self, $key, $value, $line) = @_;
unless (defined $value && $value !~ /^$/) {
return $MISSING_REQUIRED_VALUE;
}
unless ($value =~ /^(?:\S+(?:\s+\S+)*)$/) {
return $INVALID_VALUE;
}
$self->{parser}->remove_from_addrlist('whitelist_auth',
split (/\s+/, $value));
$self->{parser}->remove_from_addrlist('def_whitelist_auth',
split (/\s+/, $value));
}
});
@ -911,7 +922,19 @@ should be used to silence warnings in previous
SpamAssassin versions.
To be able to use this feature a C<add_header all Subjprefix _SUBJPREFIX_>
configuration line could be needed on some setups.
configuration line could be needed when the glue between the MTA and SpamAssassin
rewrites the email content.
Here is an example on how to use this feature:
rewrite_header Subject *****SPAM*****
add_header all Subjprefix _SUBJPREFIX_
body OLEMACRO_MALICE eval:check_olemacro_malice()
describe OLEMACRO_MALICE Dangerous Office Macro
score OLEMACRO_MALICE 5.0
if can(Mail::SpamAssassin::Conf::feature_subjprefix)
subjprefix OLEMACRO_MALICE [VIRUS]
endif
=cut
@ -1242,38 +1265,6 @@ it will be used if it is available.
}
});
=item body_part_scan_size (default: 50000)
Per mime-part scan size limit in bytes for "body" type rules.
The decoded/stripped mime-part is truncated approx to this size.
Helps scanning large messages safely, so it's not necessary to
skip them completely. Disabled with 0.
=cut
push (@cmds, {
setting => 'body_part_scan_size',
is_admin => 1,
default => 50000,
type => $CONF_TYPE_NUMERIC,
});
=item rawbody_part_scan_size (default: 500000)
Like body_part_scan_size, for "rawbody" type rules.
=cut
push (@cmds, {
setting => 'rawbody_part_scan_size',
is_admin => 1,
default => 500000,
type => $CONF_TYPE_NUMERIC,
});
=back
=head2 NETWORK TEST OPTIONS
@ -2849,11 +2840,11 @@ in all of the following cases:
=item display: example@foo (Foo Blah), example@bar ;
=item Foo Blah <example@foo>
=item Foo Blah E<lt>example@fooE<gt>
=item "Foo Blah" <example@foo>
=item "Foo Blah" E<lt>example@fooE<gt>
=item "'Foo Blah'" <example@foo>
=item "'Foo Blah'" E<lt>example@fooE<gt>
=back
@ -2868,11 +2859,11 @@ For example, appending C<:name> to a header name will result in "Foo Blah"
=item display: example@foo (Foo Blah), example@bar ;
=item Foo Blah <example@foo>
=item Foo Blah E<lt>example@fooE<gt>
=item "Foo Blah" <example@foo>
=item "Foo Blah" E<lt>example@fooE<gt>
=item "'Foo Blah'" <example@foo>
=item "'Foo Blah'" E<lt>example@fooE<gt>
=back
@ -2964,10 +2955,10 @@ zone. There's a few things to note:
Duplicated IPs are only queried once and reserved IPs are not queried.
Private IPs are those listed in
<https://www.iana.org/assignments/ipv4-address-space>,
<http://duxcw.com/faq/network/privip.htm>,
<http://duxcw.com/faq/network/autoip.htm>, or
<https://tools.ietf.org/html/rfc5735> as private.
C<https://www.iana.org/assignments/ipv4-address-space>,
C<http://duxcw.com/faq/network/privip.htm>,
C<http://duxcw.com/faq/network/autoip.htm>, or
C<https://tools.ietf.org/html/rfc5735> as private.
=item the 'set' argument
@ -3283,7 +3274,7 @@ The value of any other type of hit test is "1".
For example:
meta META2 (3 * TEST1 - 2 * TEST2) > 0
meta META2 (3 * TEST1 - 2 * TEST2) E<gt> 0
Note that Perl builtins and functions, like C<abs()>, B<can't> be
used, and will be treated as rule names.
@ -3428,7 +3419,7 @@ Only affects header, body, rawbody, uri, and full tests.
=item maxhits=N
If B<multiple> is specified, limit the number of hits found to N.
If the rule is used in a meta that counts the hits (e.g. __RULENAME > 5),
If the rule is used in a meta that counts the hits (e.g. __RULENAME E<gt> 5),
this is a way to avoid wasted extra work (use "tflags multiple maxhits=6").
For example:
@ -3489,7 +3480,7 @@ tests, are run in increasing priority value order (negative priority values
are run before positive priority values). The default test priority is 0
(zero).
The values <-99999999999999> and <-99999999999998> have a special meaning
The values C<-99999999999999> and C<-99999999999998> have a special meaning
internally, and should not be used.
=cut
@ -3582,6 +3573,36 @@ general running of SpamAssassin.
}
});
=item body_part_scan_size (default: 50000)
Per mime-part scan size limit in bytes for "body" type rules.
The decoded/stripped mime-part is truncated approx to this size.
Helps scanning large messages safely, so it's not necessary to
skip them completely. Disabled with 0.
=cut
push (@cmds, {
setting => 'body_part_scan_size',
is_admin => 1,
default => 50000,
type => $CONF_TYPE_NUMERIC,
});
=item rawbody_part_scan_size (default: 500000)
Like body_part_scan_size, for "rawbody" type rules.
=cut
push (@cmds, {
setting => 'rawbody_part_scan_size',
is_admin => 1,
default => 500000,
type => $CONF_TYPE_NUMERIC,
});
=item rbl_timeout t [t_min] [zone] (default: 15 3)
All DNS queries are made at the beginning of a check and we try to read
@ -4357,6 +4378,7 @@ optional, and the default is shown below.
If a tag reference uses the name of a tag which is not in this list or defined
by a loaded plugin, the reference will be left intact and not replaced by any
value.
All template tag names should be restricted to the character set [A-Za-z0-9(,)].
Additional, plugin specific, template tags can be found in the documentation for
the following plugins:

7
upstream/lib/Mail/SpamAssassin/Conf/Parser.pm
View File

@ -1244,9 +1244,9 @@ sub add_test {
# no re "strict"; # since perl 5.21.8: Ranges of ASCII printables...
if ($text =~ /^exists:(.*)/) {
my $hdr = $1;
# never evaled, so can be quite generous with the name
# check :addr etc header options
if ($hdr !~ /^[^:\s]+:?$/) {
# $hdr used in eval text, validate carefully
if ($hdr !~ /^[\w.-]+:?$/) {
$self->lint_warn("config: invalid head test $name header: $hdr");
return;
}
@ -1254,7 +1254,8 @@ sub add_test {
$conf->{test_opt_header}->{$name} = $hdr;
$conf->{test_opt_exists}->{$name} = 1;
} else {
if ($text !~ /^([^:\s]+(?:\:|(?:\:[a-z]+){1,2})?)\s*([=!]~)\s*(.+)$/) {
# $hdr used in eval text, validate carefully
if ($text !~ /^([\w.-]+(?:\:|(?:\:[a-z]+){1,2})?)\s*([=!]~)\s*(.+)$/) {
$self->lint_warn("config: invalid head test $name: $text");
return;
}

6
upstream/lib/Mail/SpamAssassin/DnsResolver.pm
View File

@ -858,7 +858,7 @@ sub poll_responses {
if ($rcode eq 'REFUSED' || $id =~ m{^\d+/NO_QUESTION_IN_PACKET\z}) {
# the failure was already reported above
} else {
info("dns: no callback for id $id, ignored, packet on next debug line");
dbg("dns: no callback for id $id, ignored, packet on next debug line");
# prevent filling normal logs with huge packet dumps
dbg("dns: %s", $packet ? $packet->string : "undef");
}
@ -869,9 +869,9 @@ sub poll_responses {
my @matches =
grep(m{^\Q$dnsid\E/}, keys %{$self->{id_to_callback}});
if (!@matches) {
info("dns: no likely matching queries for id %s", $dnsid);
dbg("dns: no likely matching queries for id %s", $dnsid);
} else {
info("dns: a likely matching query: %s", join(', ', @matches));
dbg("dns: a likely matching query: %s", join(', ', @matches));
}
}
}

3
upstream/lib/Mail/SpamAssassin/HTML.pm
View File

@ -377,6 +377,9 @@ sub html_uri {
if (defined $attr->{href}) {
$self->push_uri($tag, $attr->{href});
}
if (defined $attr->{'data-saferedirecturl'}) {
$self->push_uri($tag, $attr->{'data-saferedirecturl'});
}
}
elsif ($tag =~ /^(?:img|frame|iframe|embed|script|bgsound)$/) {
if (defined $attr->{src}) {

3
upstream/lib/Mail/SpamAssassin/Locales.pm
View File

@ -18,6 +18,7 @@
package Mail::SpamAssassin::Locales;
use strict;
use Mail::SpamAssassin::Logger;
use warnings;
# use bytes;
use re 'taint';
@ -75,12 +76,14 @@ sub is_charset_ok_for_locales {
$cs = uc $cs; $cs =~ s/[^A-Z0-9]//g;
$cs =~ s/^3D//gs; # broken by quoted-printable
$cs =~ s/:.*$//gs; # trim off multiple charsets, just use 1st
dbg ("locales: is $cs ok for @locales?");
study $cs; # study is a no-op since perl 5.16.0, eliminating related bugs
#warn "JMD $cs";
# always OK (the net speaks mostly roman charsets)
return 1 if ($cs eq 'USASCII');
return 1 if ($cs eq 'ASCII');
return 1 if ($cs =~ /^ISO8859/);
return 1 if ($cs =~ /^ISO10646/);
return 1 if ($cs =~ /^UTF/);

4
upstream/lib/Mail/SpamAssassin/Message.pm
View File

@ -132,6 +132,7 @@ sub new {
# $self->{pristine_body} size, e.g. when the caller passed a truncated
# message to SpamAssassin, or when counting line-endings differently.
$self->{pristine_body_length} = $self->{suppl_attrib}{body_size};
dbg("message: set pristine_body_length from suppl_attrib: %s", $self->{pristine_body_length});
}
if (ref $self->{suppl_attrib}{mimepart_digests}) {
# Optional info provided by a caller: an array of digest codes (e.g. SHA1)
@ -139,6 +140,7 @@ sub new {
# As such it may differ from digests calculated by get_mimepart_digests(),
# e.g. when the caller passed a truncated message to SpamAssassin.
$self->{mimepart_digests} = $self->{suppl_attrib}{mimepart_digests};
dbg("message: set mimepart_digests from suppl_attrib");
}
}
@ -978,7 +980,7 @@ sub _parse_multipart {
}
}
# Maximum parts to process
# Maximum parts to process, simply skip the rest of the parts
if (++$partcnt == 1000) {
dbg("message: mimepart limit exceeded, stopping parsing");
$self->{'mimepart_limit_exceeded'} = 1;

63
upstream/lib/Mail/SpamAssassin/Message/Metadata/Received.pm
View File

@ -53,15 +53,16 @@ use Mail::SpamAssassin::Constants qw(:ip);
# ---------------------------------------------------------------------------
sub parse_received_headers {
my ($self, $permsgstatus, $msg) = @_;
my $suppl_attrib = $msg->{suppl_attrib}; # out-of-band info from a caller
my ($self, $pms, $msg) = @_;
# a caller may assert that a message is coming from inside or from an
# authenticated roaming users; this info may not be available in mail
# header section, e.g. in case of nonstandard authentication mechanisms
my $originating; # boolean
$originating = $suppl_attrib->{originating} if ref $suppl_attrib;
if (exists $msg->{suppl_attrib}->{originating}) {
$originating = $msg->{suppl_attrib}->{originating} || 0;
dbg("metadata: set originating from suppl_attrib: %s", $originating);
}
$self->{relays_trusted} = [ ];
$self->{num_relays_trusted} = 0;
@ -87,11 +88,11 @@ sub parse_received_headers {
$self->{allow_mailfetch_markers} = 1; # This needs to be set for the
# first Received: header
# now figure out what relays are trusted...
my $trusted = $permsgstatus->{main}->{conf}->{trusted_networks};
my $internal = $permsgstatus->{main}->{conf}->{internal_networks};
my $msa = $permsgstatus->{main}->{conf}->{msa_networks};
my $did_user_specify_trust = $permsgstatus->{main}->{conf}->{trusted_networks_configured};
my $did_user_specify_internal = $permsgstatus->{main}->{conf}->{internal_networks_configured};
my $trusted = $pms->{main}->{conf}->{trusted_networks};
my $internal = $pms->{main}->{conf}->{internal_networks};
my $msa = $pms->{main}->{conf}->{msa_networks};
my $did_user_specify_trust = $pms->{main}->{conf}->{trusted_networks_configured};
my $did_user_specify_internal = $pms->{main}->{conf}->{internal_networks_configured};
my $in_trusted = 1;
my $in_internal = 1;
my $found_msa = 0;
@ -125,8 +126,7 @@ sub parse_received_headers {
# Now add the single line headers like X-Originating-IP. (bug 5680)
# we convert them into synthetic "Received" headers so we can share
# code below.
for my $header (@{$permsgstatus->{main}->{conf}->{originating_ip_headers}})
{
foreach my $header (@{$pms->{main}->{conf}->{originating_ip_headers}}) {
my $str = $msg->get_header($header);
next unless ($str && $str =~ m/($IP_ADDRESS)/);
push @hdrs, "from X-Originating-IP: $1\n";
@ -334,7 +334,7 @@ sub parse_received_line {
my $by = '';
my $id = '';
my $ident = '';
my $envfrom = '';
my $envfrom = undef;
my $mta_looked_up_dns = 0;
my $IP_ADDRESS = IP_ADDRESS;
my $IP_PRIVATE = IP_PRIVATE;
@ -1210,8 +1210,11 @@ sub parse_received_line {
# details of the handover described here, it's just qmail-scanner
# logging a little more.
if (/^\S+ by \S+ \(.{0,100}\) with qmail-scanner/) {
$envfrom =~ s/^\s*<*//gs; $envfrom =~ s/>*\s*$//gs;
$envfrom =~ s/[\s\000\#\[\]\(\)\<\>\|]/!/gs;
if (defined $envfrom) {
$envfrom =~ s/^\s*<*//gs;
$envfrom =~ s/>*\s*$//gs;
$envfrom =~ s/[\s\000\#\[\]\(\)\<\>\|]/!/gs;
}
$self->{qmail_scanner_env_from} = $envfrom; # hack!
return 0;
}
@ -1240,6 +1243,12 @@ sub parse_received_line {
# from zimbramail.artsit.org.uk (unverified) by MAILSWEEP.birminghamartsit.org.uk (Clearswift SMTPRS 5.1.7) with ESMTP id <T78926b35f2c0a80003da8@MAILSWEEP.birminghamartsit.org.uk> for <discuss@lists.surbl.org>; Tue, 30 May 2006 15:56:15 +0100
if (/^\S+ (?:(?:with|via|for) \S+|\(unverified\)) by\b/) { return 0; }
# from MjA3NDc4Mg (unknown) by ismtpd0001p1lon1.sendgrid.net (SG) with HTTP id aqHKNX2kSp-HiqspAa-uvw for <email@e.example.com>; Thu, 02 Apr 2020 07:53:55.516 +0000 (UTC)
if (/^\S+ \(unknown\) by \S+ \(SG\) with \b/) { return 0; }
# from localhost (example.com [local]) by example.com (OpenSMTPD) with ESMTPA id 5db34e0d for <email@example.com>; Tue, 7 Apr 2020 01:38:29 -0600 (MDT)
if (/^\S+ \(\S+ \[local\]\) by \S+ \(OpenSMTPD\) with \b/) { return 0; }
# from DL1GSPMX02 (dl1gspmx02.gamestop.com) by email.ebgames.com (LSMTP for Windows NT v1.1b) with SMTP id <21.000575A0@email.ebgames.com>; Tue, 12 Sep 2006 21:06:43 -0500
if (/\(LSMTP for/) { return 0; }
@ -1345,6 +1354,9 @@ enough:
}
}
# Strip ending dot, Bug 7810
$rdns =~ s/\.+\z//;
if ($rdns =~ /^unknown$/i || $rdns =~ /^\[/) {
$rdns = ''; # some MTAs seem to do this
}
@ -1360,19 +1372,23 @@ enough:
# (only handles 'alternative form', not 'preferred form' - to be improved)
$ip =~ s/^0*:0*:(?:0*:)*ffff:(\d+\.\d+\.\d+\.\d+)$/$1/i;
$envfrom =~ s/^\s*<*//gs; $envfrom =~ s/>*\s*$//gs;
$by =~ s/\;$//;
# ensure invalid chars are stripped. Replace with '!' to flag their
# presence, though. NOTE: this means "[1.2.3.4]" IP addr HELO
# strings, which are legit by RFC-2821, look like "!1.2.3.4!".
# still useful though.
$ip =~ s/[\s\000\#\[\]\(\)\<\>\|]/!/gs;
$rdns =~ s/[\s\000\#\[\]\(\)\<\>\|]/!/gs;
$helo =~ s/[\s\000\#\[\]\(\)\<\>\|]/!/gs;
$by =~ s/[\s\000\#\[\]\(\)\<\>\|]/!/gs;
$ident =~ s/[\s\000\#\[\]\(\)\<\>\|]/!/gs;
$envfrom =~ s/[\s\000\#\[\]\(\)\<\>\|]/!/gs;
my $strip_chars = qr/[\s\000\#\[\]\(\)\<\>\|]/;
$ip =~ s/$strip_chars/!/gs;
$rdns =~ s/$strip_chars/!/gs;
$helo =~ s/$strip_chars/!/gs;
$by =~ s/$strip_chars/!/gs;
$ident =~ s/$strip_chars/!/gs;
if (defined $envfrom) {
$envfrom =~ s/^\s*<*//gs;
$envfrom =~ s/>*\s*$//gs;
$envfrom =~ s/$strip_chars/!/gs;
}
my $relay = {
ip => $ip,
@ -1419,7 +1435,10 @@ sub make_relay_as_string {
# of entries must be preserved, so that regexps that assume that
# e.g. "ip" comes before "helo" will still work.
#
my $asstr = "[ ip=$relay->{ip} rdns=$relay->{rdns} helo=$relay->{helo} by=$relay->{by} ident=$relay->{ident} envfrom=$relay->{envfrom} intl=0 id=$relay->{id} auth=$relay->{auth} msa=0 ]";
# we could mark envfrom as "undef" if missing? dunno if needed?
my $envfrom = $relay->{envfrom} || '';
my $asstr = "[ ip=$relay->{ip} rdns=$relay->{rdns} helo=$relay->{helo} by=$relay->{by} ident=$relay->{ident} envfrom=$envfrom intl=0 id=$relay->{id} auth=$relay->{auth} msa=0 ]";
dbg("received-header: parsed as $asstr");
$relay->{as_string} = $asstr;
}

2
upstream/lib/Mail/SpamAssassin/Message/Node.pm
View File

@ -265,7 +265,7 @@ sub is_leaf {
=item raw()
Return a reference to the the raw array. Treat this as READ ONLY.
Return a reference to the raw array. Treat this as READ ONLY.
=cut

63
upstream/lib/Mail/SpamAssassin/PerMsgStatus.pm
View File

@ -308,7 +308,7 @@ sub new {
my $tag_data_ref = $self->{tag_data};
foreach (qw(SUMMARY REPORT SUBJPREFIX RBL)) { $tag_data_ref->{$_} = '' }
foreach (qw(AWL AWLMEAN AWLCOUNT AWLPRESCORE
DCCB DCCR DCCREP PYZOR DKIMIDENTITY DKIMDOMAIN
DCCB DCCR DCCREP PYZOR DKIMIDENTITY DKIMDOMAIN DKIMSELECTOR
BAYESTC BAYESTCLEARNED BAYESTCSPAMMY BAYESTCHAMMY
HAMMYTOKENS SPAMMYTOKENS TOKENSUMMARY)) {
$tag_data_ref->{$_} = undef; # exist, but undefined
@ -1102,13 +1102,13 @@ sub rewrite_report_safe {
if (defined $self->{conf}->{rewrite_header}->{Subject}) {
# Add a prefix to the subject if needed
$subject = "\n" if !defined $subject;
if((defined $self->{subjprefix}) and ($self->{subjprefix} ne "")) {
$tag = $self->_replace_tags($self->{subjprefix});
$tag =~ s/\n/ /gs;
$subject = $tag . $subject;
}
# Add a **SPAM** prefix
$subject = "\n" if !defined $subject;
$tag = $self->_replace_tags($self->{conf}->{rewrite_header}->{Subject});
$tag =~ s/\n/ /gs; # strip tag's newlines
$subject =~ s/^(?:\Q${tag}\E )?/${tag} /g; # For some reason the tag may already be there!?
@ -2928,11 +2928,13 @@ sub _test_log_line {
###########################################################################
# helper for get(). Do not call directly, as get() caches its results
# and this does not!
# helper for get()
sub get_envelope_from {
my ($self) = @_;
# Cached?
return $self->{envelopefrom} if exists $self->{envelopefrom};
# bug 2142:
# Get the SMTP MAIL FROM:, aka. the "envelope sender", if our
# calling app has helpfully marked up the source message
@ -2948,17 +2950,22 @@ sub get_envelope_from {
# make sure we get the most recent copy - there can be only one EnvelopeSender.
$envf = $self->get($self->{conf}->{envelope_sender_header}.":addr",undef);
# ok if it contains an "@" sign, or is "" (ie. "<>" without the < and >)
goto ok if defined $envf && ($envf =~ /\@/ || $envf eq '');
if (defined $envf && (index($envf, '@') > 0 || $envf eq '')) {
dbg("message: using envelope_sender_header '%s' as EnvelopeFrom: '%s'",
$self->{conf}->{envelope_sender_header}, $envf);
$self->{envelopefrom} = $envf;
return $envf;
}
# Warn them if it's configured, but not there or not usable.
if (defined $envf) {
chomp $envf;
dbg("message: envelope_sender_header '%s: %s' is not an FQDN, ignoring",
dbg("message: envelope_sender_header '%s': '%s' is not valid, ignoring",
$self->{conf}->{envelope_sender_header}, $envf);
} else {
dbg("message: envelope_sender_header '%s' not found in message",
$self->{conf}->{envelope_sender_header});
}
# Couldn't get envelope-sender using the configured header.
$self->{envelopefrom} = undef;
return;
}
@ -2968,18 +2975,21 @@ sub get_envelope_from {
# if possible... use the last untrusted header, in case there's
# trusted headers.
my $lasthop = $self->{relays_untrusted}->[0];
my $lasthop_str = 'last untrusted';
if (!defined $lasthop) {
# no untrusted headers? in that case, the message is ALL_TRUSTED.
# use the first trusted header (ie. the oldest, originating one).
$lasthop = $self->{relays_trusted}->[-1];
$lasthop_str = 'first trusted';
}
if (defined $lasthop) {
$envf = $lasthop->{envfrom};
# TODO FIXME: Received.pm puts both null senders and absence-of-sender
# into the relays array as '', so we can't distinguish them :(
if ($envf && ($envf =~ /\@/)) {
goto ok;
# ok if it contains an "@" sign, or is "" (ie. "<>" without the < and >)
if (defined $envf && (index($envf, '@') > 0 || $envf eq '')) {
dbg("message: using $lasthop_str relay envelope-from as EnvelopeFrom: '$envf'");
$self->{envelopefrom} = $envf;
return $envf;
}
}
@ -2991,34 +3001,40 @@ sub get_envelope_from {
# lines, we cannot trust any Envelope-From headers, since they're likely to
# be incorrect fetchmail guesses.
if ($self->get("X-Sender") =~ /\@/) {
if (index($self->get("X-Sender"), '@') != -1) {
my $rcvd = join(' ', $self->get("Received"));
if ($rcvd =~ /\(fetchmail/) {
if (index($rcvd, '(fetchmail') != -1) {
dbg("message: X-Sender and fetchmail signatures found, cannot trust envelope-from");
$self->{envelopefrom} = undef;
return;
}
}
# procmailrc notes this (we now recommend adding it to Received instead)
if ($envf = $self->get("X-Envelope-From")) {
if (defined($envf = $self->get("X-Envelope-From:addr",undef))) {
# heuristic: this could have been relayed via a list which then used
# a *new* Envelope-from. check
if ($self->get("ALL") =~ /^Received:.*?^X-Envelope-From:/smi) {
dbg("message: X-Envelope-From header found after 1 or more Received lines, cannot trust envelope-from");
$self->{envelopefrom} = undef;
return;
} else {
goto ok;
dbg("message: using X-Envelope-From header as EnvelopeFrom: '$envf'");
$self->{envelopefrom} = $envf;
return $envf;
}
}
# qmail, new-inject(1)
if ($envf = $self->get("Envelope-Sender")) {
if (defined($envf = $self->get("Envelope-Sender:addr",undef))) {
# heuristic: this could have been relayed via a list which then used
# a *new* Envelope-from. check
if ($self->get("ALL") =~ /^Received:.*?^Envelope-Sender:/smi) {
dbg("message: Envelope-Sender header found after 1 or more Received lines, cannot trust envelope-from");
} else {
goto ok;
dbg("message: using Envelope-Sender header as EnvelopeFrom: '$envf'");
$self->{envelopefrom} = $envf;
return $envf;
}
}
@ -3029,24 +3045,21 @@ sub get_envelope_from {
# data. This use of return-path is required; mail systems MUST support
# it. The return-path line preserves the information in the <reverse-
# path> from the MAIL command.
if ($envf = $self->get("Return-Path")) {
if (defined($envf = $self->get("Return-Path:addr",undef))) {
# heuristic: this could have been relayed via a list which then used
# a *new* Envelope-from. check
if ($self->get("ALL") =~ /^Received:.*?^Return-Path:/smi) {
dbg("message: Return-Path header found after 1 or more Received lines, cannot trust envelope-from");
} else {
goto ok;
dbg("message: using Return-Path header as EnvelopeFrom: '$envf'");
$self->{envelopefrom} = $envf;
return $envf;
}
}
# give up.
$self->{envelopefrom} = undef;
return;
ok:
$envf =~ s/^<*//s; # remove <
$envf =~ s/>*\s*\z//s; # remove >, whitespace, newlines
return $envf;
}
###########################################################################

2
upstream/lib/Mail/SpamAssassin/Plugin/AWL.pm
View File

@ -108,7 +108,7 @@ for messages, depending on the long-term behavior of the particular
correspondent.
For more information about the auto-whitelist system, please look
at the the C<Automatic Whitelist System> section of the README file.
at the C<Automatic Whitelist System> section of the README file.
The auto-whitelist is not intended as a general-purpose replacement
for static whitelist entries added to your config files.

6
upstream/lib/Mail/SpamAssassin/Plugin/AskDNS.pm
View File

@ -594,17 +594,13 @@ sub process_response_packet {
# dbg("askdns: received rr type %s, data: %s", $rr_type, $rr_rdatastr);
}
my $j = 0;
for my $q_tuple (!ref $queries_ref ? () : @$queries_ref) {
next if !$q_tuple;
my($query_type, $answer_types_ref, $rules) = @$q_tuple;
next if !defined $qtype || $query_type ne $qtype;
next if !defined $qtype;
$answer_types_ref = [$query_type] if !defined $answer_types_ref;
# mark rule as done
$pms->{askdns_map_dnskey_to_rules}{$dnskey}[$j++] = undef;
while (my($rulename,$subtest) = each %$rules) {
my $match;
local($1,$2,$3);

86
upstream/lib/Mail/SpamAssassin/Plugin/BodyEval.pm
View File

@ -46,6 +46,10 @@ sub new {
$self->register_eval_rule("check_stock_info");
$self->register_eval_rule("check_body_length");
$self->register_eval_rule("plaintext_body_length");
$self->register_eval_rule("plaintext_sig_length");
$self->register_eval_rule("plaintext_body_sig_ratio");
return $self;
}
@ -292,10 +296,92 @@ sub check_body_length {
return (defined $body_length && $body_length <= $min) ? 1 : 0;
}
# For plain text parts with a signature delimiter, evaluate the ratio and
# lengths (in bytes) of the body and signature parts.
#
# Arguments: min and (optional) max value
#
# body __SIG_RATIO_EXCESSIVE eval:plaintext_body_sig_ratio('0','0.5')
sub plaintext_body_length {
my ($self, $pms, undef, $min, $max) = @_;
$self->_plaintext_body_sig_ratio($pms);
my $len = $pms->{plaintext_body_sig_ratio}->{body_length};
return ( defined $len
&& $len >= $min
&& (defined $max ? $len <= $max : 1) ) ? 1 : 0;
}
sub plaintext_sig_length {
my ($self, $pms, undef, $min, $max) = @_;
$self->_plaintext_body_sig_ratio($pms);
my $len = $pms->{plaintext_body_sig_ratio}->{sig_length};
return ( defined $len
&& $len >= $min
&& (defined $max ? $len <= $max : 1) ) ? 1 : 0;
}
sub plaintext_body_sig_ratio {
my ($self, $pms, undef, $min, $max) = @_;
$self->_plaintext_body_sig_ratio($pms);
my $len = $pms->{plaintext_body_sig_ratio}->{ratio};
return ( defined $len
&& $len >= $min
&& (defined $max ? $len <= $max : 10**6) ) ? 1 : 0;
}
sub _plaintext_body_sig_ratio {
my ($self, $pms) = @_;
return if exists $pms->{plaintext_body_sig_ratio};
$pms->{plaintext_body_sig_ratio} = {};
# Find the first text/plain MIME part.
# Naive approach. This should commonly match the text/plain part we want,
# but could be enhanced to better cope with complex MIME structures.
my $part = ($pms->{msg}->find_parts(qr/^text\/plain/))[0];
return unless defined $part;
# Decode if necessary, do not render or alter whitespace.
my $text = $part->decode();
# Find the last occurence of a signature delimiter and get the body and
# signature lengths.
my ($len_b, $len_s) = map { length } $text =~ /(^|.*\n)-- \n(.*?)$/s;
if (! defined $len_b) { # no sig marker, all body
$len_b = length $text;
$len_s = 0;
}
$pms->{plaintext_body_sig_ratio}->{body_length} = $len_b;
$pms->{plaintext_body_sig_ratio}->{sig_length} = $len_s;
$pms->{plaintext_body_sig_ratio}->{ratio} = $len_s ? $len_b/$len_s : 10**6;
return 1;
}
# ---------------------------------------------------------------------------
# capability checks for "if can()":
#
sub has_check_body_length { 1 }
sub has_plaintext_body_sig_ratio { 1 }
1;

8
upstream/lib/Mail/SpamAssassin/Plugin/Check.pm
View File

@ -202,6 +202,9 @@ sub check_main {
$pms->{resolver}->finish_socket() if $pms->{resolver};
}
# last chance to handle left callbacks, make rule hits etc
$self->{main}->call_plugins ("check_cleanup", { permsgstatus => $pms });
if ($pms->{deadline_exceeded}) {
$pms->got_hit('TIME_LIMIT_EXCEEDED', '', defscore => 0.001,
description => 'Exceeded time limit / deadline');
@ -716,7 +719,7 @@ sub do_head_tests {
}
my $def = $conf->{test_opt_unset}->{$rulename};
push(@{ $ordered{$hdrname . (!defined $def ? '' : "\t".$def)} },
push(@{ $ordered{$hdrname . (!defined $def ? '' : "\t$rulename")} },
$rulename);
return if ($opts{doing_user_rules} &&
@ -740,7 +743,8 @@ sub do_head_tests {
my($hdrname, $def) = split(/\t/, $k, 2);
$self->push_evalstr_prefix($pms, '
$hval = $self->get(q{'.$hdrname.'}, ' .
(!defined($def) ? 'undef' : 'q{'.$def.'}') . ');
(!defined($def) ? 'undef' :
'$self->{conf}->{test_opt_unset}->{q{'.$def.'}}') . ');
');
foreach my $rulename (@{$v}) {
my $tc_ref = $testcode{$rulename};

6
upstream/lib/Mail/SpamAssassin/Plugin/DKIM.pm
View File

@ -682,8 +682,9 @@ sub _dkim_load_modules {
dbg("dkim: cannot load Mail::DKIM module, DKIM checks disabled: %s",
$eval_stat);
} else {
use version 0.77;
my $version = Mail::DKIM::Verifier->VERSION;
if ($version >= 0.31) {
if (version->parse($version) >= version->parse(0.31)) {
dbg("dkim: using Mail::DKIM version $version");
} else {
info("dkim: Mail::DKIM $version is older than the required ".
@ -806,7 +807,8 @@ sub _check_dkim_signature {
# signature objects not provided by the caller, must verify for ourselves
my $timemethod = $self->{main}->UNIVERSAL::can("time_method") &&
$self->{main}->time_method("check_dkim_signature");
if (Mail::DKIM::Verifier->VERSION >= 0.40) {
use version 0.77;
if (version->parse(Mail::DKIM::Verifier->VERSION) >= version->parse(0.40)) {
my $edns = $conf->{dns_options}->{edns};
if ($edns && $edns >= 1024) {
# Let Mail::DKIM use our interface to Net::DNS::Resolver.

47
upstream/lib/Mail/SpamAssassin/Plugin/DNSEval.pm
View File

@ -45,7 +45,7 @@ package Mail::SpamAssassin::Plugin::DNSEval;
use Mail::SpamAssassin::Plugin;
use Mail::SpamAssassin::Logger;
use Mail::SpamAssassin::Constants qw(:ip);
use Mail::SpamAssassin::Util qw(reverse_ip_address);
use Mail::SpamAssassin::Util qw(reverse_ip_address is_fqdn_valid);
use strict;
use warnings;
@ -397,7 +397,7 @@ sub check_rbl_results_for {
# using the domain name had much worse results for dsn.rfc-ignorant.org
sub check_rbl_from_host {
my ($self, $pms, $rule, $set, $rbl_server, $subtest) = @_;
_check_rbl_addresses($self, $pms, $rule, $set, $rbl_server, $subtest, $_[1]->all_from_addrs());
_check_rbl_addresses($self, $pms, $rule, $set, $rbl_server, $subtest, $pms->all_from_addrs());
}
sub check_rbl_headers {
@ -416,21 +416,24 @@ sub check_rbl_headers {
}
foreach my $rbl_headers (@env_hdr) {
my $addr = $_[1]->get($rbl_headers.':addr', undef);
my $addr = $pms->get($rbl_headers.':addr', undef);
if ( defined $addr && $addr =~ /\@([^\@\s]+)/ ) {
$self->_check_rbl_addresses($pms, $rule, $set, $rbl_server,
$subtest, $addr);
} else {
my $host = $pms->get($rbl_headers);
chomp($host);
if($host =~ /^$IP_ADDRESS$/ ) {
return if ($conf->{tflags}->{$rule}||'') =~ /\bdomains_only\b/;
$host = reverse_ip_address($host);
} else {
return if ($conf->{tflags}->{$rule}||'') =~ /\bips_only\b/;
my $unsplitted_host = $pms->get($rbl_headers);
chomp($unsplitted_host);
foreach my $host (split(/\n/, $unsplitted_host)) {
if($host =~ /^$IP_ADDRESS$/ ) {
next if ($conf->{tflags}->{$rule}||'') =~ /\bdomains_only\b/;
$host = reverse_ip_address($host);
} else {
next if ($conf->{tflags}->{$rule}||'') =~ /\bips_only\b/;
next unless is_fqdn_valid($host);
next unless $pms->{main}->{registryboundaries}->is_domain_valid($host);
}
$pms->do_rbl_lookup($rule, $set, 'A', "$host.$rbl_server", $subtest);
}
$pms->do_rbl_lookup($rule, $set, 'A',
"$host.$rbl_server", $subtest) if ( defined $host and $host ne "");
}
}
}
@ -447,7 +450,7 @@ This checks all the from addrs domain names as an alternate to check_rbl_from_ho
sub check_rbl_from_domain {
my ($self, $pms, $rule, $set, $rbl_server, $subtest) = @_;
_check_rbl_addresses($self, $pms, $rule, $set, $rbl_server, $subtest, $_[1]->all_from_addrs_domains());
_check_rbl_addresses($self, $pms, $rule, $set, $rbl_server, $subtest, $pms->all_from_addrs_domains());
}
=over 4
@ -484,7 +487,7 @@ sub check_rbl_ns_from {
my $key = "NS:" . $domain;
my $obj = { dom => $domain, rule => $rule, set => $set, rbl_server => $rbl_server, subtest => $subtest };
my $ent = {
key => $key, zone => $domain, obj => $obj, type => "URI-NS",
rulename => $rule, key => $key, zone => $domain, obj => $obj, type => "URI-NS",
};
# dig $dom ns
$ent = $pms->{async}->bgsend_and_start_lookup(
@ -514,15 +517,16 @@ sub complete_ns_lookup {
foreach my $rr (@ns) {
my $nshost = $rr->mname;
if(defined($nshost)) {
chomp($nshost);
next unless defined $nshost;
chomp($nshost);
if (is_fqdn_valid($nshost)) {
if ( defined $subtest ) {
dbg("dns: checking [$nshost] / $rule / $set / $rbl_server / $subtest");
} else {
dbg("dns: checking [$nshost] / $rule / $set / $rbl_server");
}
$pms->do_rbl_lookup($rule, $set, 'A',
"$nshost.$rbl_server", $subtest) if ( defined $nshost and $nshost ne "");
"$nshost.$rbl_server", $subtest);
}
}
}
@ -564,14 +568,15 @@ sub check_rbl_rcvd {
} else {
next if ($pms->{conf}->{tflags}->{$rule}||'') =~ /\bips_only\b/;
$host =~ s/\.$//;
next unless is_fqdn_valid($host);
next unless $pms->{main}->{registryboundaries}->is_domain_valid($host);
}
if ( defined $subtest ) {
dbg("dns: checking [$host] / $rule / $set / $rbl_server / $subtest");
} else {
dbg("dns: checking [$host] / $rule / $set / $rbl_server");
}
$pms->do_rbl_lookup($rule, $set, 'A',
"$host.$rbl_server", $subtest) if ( defined $host and $host ne "");
$pms->do_rbl_lookup($rule, $set, 'A', "$host.$rbl_server", $subtest);
}
}
return 0;
@ -581,7 +586,7 @@ sub check_rbl_rcvd {
# using the domain name had much worse results for dsn.rfc-ignorant.org
sub check_rbl_envfrom {
my ($self, $pms, $rule, $set, $rbl_server, $subtest) = @_;
_check_rbl_addresses($self, $pms, $rule, $set, $rbl_server, $subtest, $_[1]->get('EnvelopeFrom:addr',undef));
_check_rbl_addresses($self, $pms, $rule, $set, $rbl_server, $subtest, $pms->get('EnvelopeFrom:addr',undef));
}
sub _check_rbl_addresses {
@ -614,6 +619,8 @@ sub _check_rbl_addresses {
$host = reverse_ip_address($host);
} else {
next if ($pms->{conf}->{tflags}->{$rule}||'') =~ /\bips_only\b/;
next unless is_fqdn_valid($host);
next unless $pms->{main}->{registryboundaries}->is_domain_valid($host);
}
dbg("dns: checking [$host] / $rule / $set / $rbl_server");
$pms->do_rbl_lookup($rule, $set, 'A', "$host.$rbl_server", $subtest);

69
upstream/lib/Mail/SpamAssassin/Plugin/HashBL.pm
View File

@ -23,20 +23,29 @@ HashBL - query hashed (and unhashed) DNS blocklists
loadplugin Mail::SpamAssassin::Plugin::HashBL
header HASHBL_EMAIL eval:check_hashbl_emails('ebl.msbl.org')
# NON-WORKING usage examples below, replace xxx.example.invalid with real list
# See documentation below for detailed usage
header HASHBL_EMAIL eval:check_hashbl_emails('ebl.example.invalid')
describe HASHBL_EMAIL Message contains email address found on EBL
priority HASHBL_EMAIL -100 # required priority to launch async lookups early
tflags HASHBL_EMAIL net
hashbl_acl_freemail gmail.com
header HASHBL_OSENDR eval:check_hashbl_emails('rbl.example.com/A', 'md5/max=10/shuffle', 'X-Original-Sender', '^127\.', 'freemail')
header HASHBL_OSENDR eval:check_hashbl_emails('rbl.example.invalid/A', 'md5/max=10/shuffle', 'X-Original-Sender', '^127\.', 'freemail')
describe HASHBL_OSENDR Message contains email address found on HASHBL
tflags HASHBL_OSENDR net
priority HASHBL_OSENDR -100 # required priority to launch async lookups early
tflags HASHBL_OSENDR net
body HASHBL_BTC eval:check_hashbl_bodyre('btcbl.foo.bar', 'sha1/max=10/shuffle', '\b([13][a-km-zA-HJ-NP-Z1-9]{25,34})\b')
body HASHBL_BTC eval:check_hashbl_bodyre('btcbl.example.invalid', 'sha1/max=10/shuffle', '\b([13][a-km-zA-HJ-NP-Z1-9]{25,34})\b')
describe HASHBL_BTC Message contains BTC address found on BTCBL
priority HASHBL_BTC -100 # required priority to launch async lookups
priority HASHBL_BTC -100 # required priority to launch async lookups early
tflags HASHBL_BTC net
header HASHBL_URI eval:check_hashbl_uris('rbl.foo.bar', 'sha1', '127.0.0.32')
header HASHBL_URI eval:check_hashbl_uris('rbl.example.invalid', 'sha1', '127.0.0.32')
describe HASHBL_URI Message contains uri found on rbl
priority HASHBL_URI -100 # required priority to launch async lookups early
tflags HASHBL_URI net
=head1 DESCRIPTION
@ -65,7 +74,7 @@ if HEADERS is empty ('') or missing, default is used.
=over 4
=item header RULE check_hashbl_emails('bl.example.com/A', 'OPTS', 'HEADERS/body', '^127\.')
=item header RULE check_hashbl_emails('bl.example.invalid/A', 'OPTS', 'HEADERS/body', '^127\.')
Check email addresses from DNS list, "body" can be specified along with
headers to search body for emails. Optional subtest regexp to match DNS
@ -86,12 +95,15 @@ Default HEADERS: ALLFROM/Reply-To/body
For existing public email blacklist, see: http://msbl.org/ebl.html
header HASHBL_EBL check_hashbl_emails('ebl.msbl.org')
priority HASHBL_EBL -100 # required for async query
# Working example, see http://msbl.org/ebl.html before usage
header HASHBL_EMAIL eval:check_hashbl_emails('ebl.msbl.org')
describe HASHBL_EMAIL Message contains email address found on EBL
priority HASHBL_EMAIL -100 # required priority to launch async lookups early
tflags HASHBL_EMAIL net
=over 4
=item header RULE check_hashbl_uris('bl.example.com/A', 'OPTS', '^127\.')
=item header RULE check_hashbl_uris('bl.example.invalid/A', 'OPTS', '^127\.')
Check uris from DNS list, optional subtest regexp to match DNS
answer.
@ -102,7 +114,7 @@ Default OPTS: sha1/max=10/shuffle
=back
=item body RULE check_hashbl_bodyre('bl.example.com/A', 'OPTS', '\b(match)\b', '^127\.')
=item body RULE check_hashbl_bodyre('bl.example.invalid/A', 'OPTS', '\b(match)\b', '^127\.')
Search body for matching regexp and query the string captured. Regexp must
have a single capture ( ) for the string ($1). Optional subtest regexp to
@ -341,7 +353,7 @@ sub _parse_emails {
}
}
}
my $body = join('', $pms->get_decoded_stripped_body_text_array());
my $body = join('', @{$pms->get_decoded_stripped_body_text_array()});
if ($opts =~ /\bnouri\b/) {
# strip urls with possible emails inside
$body =~ s#<?https?://\S{0,255}(?:\@|%40)\S{0,255}# #gi;
@ -416,6 +428,7 @@ sub check_hashbl_emails {
my %seen;
foreach my $email (@$emails) {
next if exists $seen{$email};
next if $email !~ /.*\@.*/;
if (($email =~ $self->{email_whitelist}) or defined ($pms->{hashbl_whitelist}{$email})) {
dbg("Address whitelisted: $email");
next;
@ -439,6 +452,7 @@ sub check_hashbl_emails {
my $max = $opts =~ /\bmax=(\d+)\b/ ? $1 : 10;
$#filtered_emails = $max-1 if scalar @filtered_emails > $max;
$pms->{hashbl_emails_count}{$rulename} = scalar @filtered_emails;
foreach my $email (@filtered_emails) {
$self->_submit_query($pms, $rulename, $email, $list, $opts, $subtest);
}
@ -653,9 +667,11 @@ sub _submit_query {
sub _finish_query {
my ($self, $pms, $ent, $pkt) = @_;
my $rulename = $ent->{rulename};
if (!$pkt) {
# $pkt will be undef if the DNS query was aborted (e.g. timed out)
dbg("lookup was aborted: $ent->{rulename} $ent->{key}");
dbg("lookup was aborted: $rulename $ent->{key}");
return;
}
@ -663,16 +679,35 @@ sub _finish_query {
my @answer = $pkt->answer;
foreach my $rr (@answer) {
if ($rr->address =~ $dnsmatch) {
dbg("$ent->{rulename}: $ent->{zone} hit '$ent->{value}'");
dbg("$rulename: $ent->{zone} hit '$ent->{value}'");
$ent->{value} =~ s/\@/[at]/g;
$pms->test_log($ent->{value});
$pms->got_hit($ent->{rulename}, '', ruletype => 'eval');
$pms->register_async_rule_finish($ent->{rulename});
# Hit now if only one query exists, otherwise call hits at scan end
if ($pms->{hashbl_emails_count}{$rulename} == 1) {
$pms->test_log($ent->{value});
$pms->got_hit($rulename, '', ruletype => 'eval');
$pms->register_async_rule_finish($rulename);
} else {
push @{$pms->{hashbl_emails_hits}{$rulename}}, $ent->{value};
}
return;
}
}
}
sub check_cleanup {
my ($self, $opts) = @_;
my $pms = $opts->{permsgstatus};
# Call any remaining hits
if (exists $pms->{hashbl_emails_hits}) {
foreach my $rulename (keys %{$pms->{hashbl_emails_hits}}) {
$pms->test_log(join(', ', sort @{$pms->{hashbl_emails_hits}{$rulename}}));
$pms->got_hit($rulename, '', ruletype => 'eval');
}
}
}
# Version features
sub has_hashbl_bodyre { 1 }
sub has_hashbl_emails { 1 }

1
upstream/lib/Mail/SpamAssassin/Plugin/MIMEEval.pm
View File

@ -291,6 +291,7 @@ sub _check_mime_header {
if (!(grep { $_ eq "all" } @l) &&
!Mail::SpamAssassin::Locales::is_charset_ok_for_locales($charset, @l))
{
dbg ("mimeeval: $charset is not ok for @l");
$pms->{mime_faraway_charset} = 1;
}
}

78
upstream/lib/Mail/SpamAssassin/Plugin/OLEVBMacro.pm
View File

@ -41,6 +41,9 @@ Mail::SpamAssassin::Plugin::OLEVBMacro - search attached documents for evidence
body OLEMACRO_CSV eval:check_olemacro_csv()
describe OLEMACRO_CSV Malicious csv file that tries to exec cmd.exe detected
body OLEMACRO_DOWNLOAD_EXE eval:check_olemacro_download_exe()
describe OLEMACRO_DOWNLOAD_EXE Malicious code inside the Office doc that tries to download a .exe file detected
endif
=head1 DESCRIPTION
@ -91,12 +94,17 @@ our $VERSION = '0.52';
# http://blog.rootshell.be/2015/01/08/searching-for-microsoft-office-files-containing-macro/
my $marker1 = "\xd0\xcf\x11\xe0";
my $marker2 = "\x00\x41\x74\x74\x72\x69\x62\x75\x74\x00";
# Office 2003 embedded ole
my $marker2a = "\x01\x00\x4f\x00\x6c\x00\x65\x00\x31\x00\x30\x00\x4e\x00\x61\x00";
# embedded object in rtf files (https://www.biblioscape.com/rtf15_spec.htm)
my $marker3 = "\x5c\x6f\x62\x6a\x65\x6d\x62";
my $marker4 = "\x5c\x6f\x62\x6a\x64\x61\x74";
my $marker5 = "\x5c\x20\x6f\x62\x6a\x64\x61\x74";
# Excel .xlsx encrypted package, thanks to Dan Bagwell for the sample
my $encrypted_marker = "\x45\x00\x6e\x00\x63\x00\x72\x00\x79\x00\x70\x00\x74\x00\x65\x00\x64\x00\x50\x00\x61\x00\x63\x00\x6b\x00\x61\x00\x67\x00\x65";
# .exe file downloaded from external website
my $exe_marker1 = "\x00((https?)://)[-A-Za-z0-9+&@#/%?=~_|!:,.;]{5,1000}[-A-Za-z0-9+&@#/%=~_|]{5,1000}(\.exe|\.cmd|\.bat)([\x06|\x00])";
my $exe_marker2 = "URLDownloadToFileA";
# this code burps an ugly message if it fails, but that's redirected elsewhere
# AZ_OK is a constant exported by Archive::Zip
@ -121,6 +129,7 @@ sub new {
$self->register_eval_rule("check_olemacro_renamed");
$self->register_eval_rule("check_olemacro_encrypted");
$self->register_eval_rule("check_olemacro_zip_password");
$self->register_eval_rule("check_olemacro_download_exe");
return $self;
}
@ -461,6 +470,14 @@ sub check_olemacro_zip_password {
return $pms->{olemacro_zip_password};
}
sub check_olemacro_download_exe {
my ($self,$pms,$body,$name) = @_;
_check_attachments(@_) unless exists $pms->{olemacro_download_exe};
return $pms->{olemacro_download_exe};
}
sub _check_attachments {
my ($self,$pms,$body,$name) = @_;
@ -495,8 +512,10 @@ sub _check_attachments {
$data = $part->decode($chunk_size) unless defined $data;
_check_encrypted_doc($pms, $name, $data);
_check_macrotype_doc($pms, $name, $data);
if (defined $data) {
_check_encrypted_doc($pms, $name, $data);
_check_macrotype_doc($pms, $name, $data);
}
return 1 if $pms->{olemacro_exists} == 1;
}
@ -506,11 +525,13 @@ sub _check_attachments {
dbg("Found attachment with name $name");
$data = $part->decode($chunk_size) unless defined $data;
_check_encrypted_doc($pms, $name, $data);
_check_oldtype_doc($pms, $name, $data);
# zipped doc that matches olemacro_exts - strange
if (_check_macrotype_doc($pms, $name, $data)) {
$pms->{olemacro_renamed} = $pms->{olemacro_office_xml};
if (defined $data) {
_check_encrypted_doc($pms, $name, $data);
_check_oldtype_doc($pms, $name, $data);
# zipped doc that matches olemacro_exts - strange
if (_check_macrotype_doc($pms, $name, $data)) {
$pms->{olemacro_renamed} = $pms->{olemacro_office_xml};
}
}
return 1 if $pms->{olemacro_exists} == 1;
@ -520,27 +541,36 @@ sub _check_attachments {
dbg("Found zip attachment with name $name");
$data = $part->decode($chunk_size) unless defined $data;
_check_zip($pms, $name, $data);
if (defined $data) {
_check_zip($pms, $name, $data);
}
return 1 if $pms->{olemacro_exists} == 1;
}
if ((defined $data) and ($data =~ /$exe_marker1/) and (index($data, $exe_marker2))) {
dbg('Url that triggers a download to an .exe file found in Office file');
$pms->{olemacro_download_exe} = 1;
}
if ($pms->{conf}->{olemacro_extended_scan} == 1) {
dbg("Extended scan attachment with name $name");
$data = $part->decode($chunk_size) unless defined $data;
if (_is_office_doc($data)) {
$pms->{olemacro_renamed} = 1;
dbg("Found $name to be an Office Doc!");
_check_encrypted_doc($pms, $name, $data);
_check_oldtype_doc($pms, $name, $data);
}
if (defined $data) {
if (_is_office_doc($data)) {
$pms->{olemacro_renamed} = 1;
dbg("Found $name to be an Office Doc!");
_check_encrypted_doc($pms, $name, $data);
_check_oldtype_doc($pms, $name, $data);
}
if (_check_macrotype_doc($pms, $name, $data)) {
$pms->{olemacro_renamed} = $pms->{olemacro_office_xml};
}
if (_check_macrotype_doc($pms, $name, $data)) {
$pms->{olemacro_renamed} = $pms->{olemacro_office_xml};
}
_check_zip($pms, $name, $data);
_check_zip($pms, $name, $data);
}
return 1 if $pms->{olemacro_exists} == 1;
}
@ -750,12 +780,12 @@ sub _check_macrotype_doc {
my $zip = _open_zip_handle($data);
return 0 unless $zip;
#https://www.decalage.info/vba_tools
# https://www.decalage.info/vba_tools
# Consider macrofiles as lowercase, they are checked later with a case-insensitive method
my %macrofiles = (
'word/vbaproject.bin' => 'word2k7',
'macros/vba/_vba_project' => 'word97',
'xl/vbaproject.bin' => 'xl2k7',
'xl/embeddings/oleObject1.bin' => 'xl2k13',
'_vba_project_cur/vba/_vba_project' => 'xl97',
'ppt/vbaproject.bin' => 'ppt2k7',
);
@ -763,7 +793,7 @@ sub _check_macrotype_doc {
my @members = $zip->members();
foreach my $member (@members){
my $mname = lc $member->fileName();
if (exists($macrofiles{$mname})) {
if (exists($macrofiles{lc($mname)})) {
dbg("Found $macrofiles{$mname} vba file");
$pms->{olemacro_exists} = 1;
last;
@ -870,6 +900,11 @@ sub _check_markers {
return 1;
}
if (index($data, $marker1) == 0 && index($data, $marker2a) > -1) {
dbg('Marker 1 & 2a found');
return 1;
}
if (index($data, $marker3) > -1) {
dbg('Marker 3 found');
return 1;
@ -894,6 +929,7 @@ sub _check_markers {
dbg('XML macros marker found');
return 1;
}
}
sub _find_malice_bins {

10
upstream/lib/Mail/SpamAssassin/Plugin/Pyzor.pm
View File

@ -149,7 +149,7 @@ removing one of them.
=item pyzor_options options
Specify additional options to the pyzor(1) command. Please note that only
characters in the range [0-9A-Za-z ,._/-] are allowed for security reasons.
characters in the range [0-9A-Za-z =,._/-] are allowed for security reasons.
=cut
@ -160,7 +160,7 @@ characters in the range [0-9A-Za-z ,._/-] are allowed for security reasons.
type => $Mail::SpamAssassin::Conf::CONF_TYPE_STRING,
code => sub {
my ($self, $key, $value, $line) = @_;
if ($value !~ m{^([0-9A-Za-z ,._/-]+)$}) {
if ($value !~ m{^([0-9A-Za-z =,._/-]+)$}) {
return $Mail::SpamAssassin::Conf::INVALID_VALUE;
}
$self->{pyzor_options} = $1;
@ -303,10 +303,12 @@ sub pyzor_lookup {
return;
}
chomp for @response;
dbg("pyzor: got response: " . join("\\n", @response));
if ($response[0] =~ /^Traceback/) {
warn("internal error, python traceback seen in response\n");
warn("internal error, python traceback seen in response: ".
join("\\n", @response));
} else {
dbg("pyzor: got response: ".join("\\n", @response));
}
});

4
upstream/lib/Mail/SpamAssassin/Plugin/ReplaceTags.pm
View File

@ -24,7 +24,7 @@ regular expression rules. The tags make it much easier to maintain
complicated rules.
Warning: This plugin relies on data structures specific to this version of
SpamAssasin; it is not guaranteed to work with other versions of SpamAssassin.
SpamAssassin; it is not guaranteed to work with other versions of SpamAssassin.
=head1 SYNOPSIS
@ -100,7 +100,7 @@ sub finish_parsing_end {
$self->{replace_rules_done}->{$rule} = 1;
if (!exists $conf->{test_qrs}->{$rule}) {
dbg("replacetags: replace requested for non-existing rule: $rule\n");
dbg("replacetags: replace requested for non-existing or incompatible rule: $rule\n");
next;
}

26
upstream/lib/Mail/SpamAssassin/Plugin/SPF.pm
View File

@ -113,6 +113,14 @@ Same as C<whitelist_from_spf>, but used for the default whitelist entries
in the SpamAssassin distribution. The whitelist score is lower, because
these are often targets for spammer spoofing.
=item unwhitelist_from_spf user@example.com
Used to remove a C<whitelist_from_spf> or C<def_whitelist_from_spf> entry.
The specified email address has to match exactly the address previously used.
Useful for removing undesired default entries from a distributed configuration
by a local or site-specific configuration or by C<user_prefs>.
=cut
push (@cmds, {
@ -125,6 +133,24 @@ these are often targets for spammer spoofing.
type => $Mail::SpamAssassin::Conf::CONF_TYPE_ADDRLIST
});
push (@cmds, {
setting => 'unwhitelist_from_spf',
type => $Mail::SpamAssassin::Conf::CONF_TYPE_ADDRLIST,
code => sub {
my ($self, $key, $value, $line) = @_;
unless (defined $value && $value !~ /^$/) {
return $Mail::SpamAssassin::Conf::MISSING_REQUIRED_VALUE;
}
unless ($value =~ /^(?:\S+(?:\s+\S+)*)$/) {
return $Mail::SpamAssassin::Conf::INVALID_VALUE;
}
$self->{parser}->remove_from_addrlist('whitelist_from_spf',
split (/\s+/, $value));
$self->{parser}->remove_from_addrlist('def_whitelist_from_spf',
split (/\s+/, $value));
}
});
=back
=head1 ADMINISTRATOR OPTIONS

24
upstream/lib/Mail/SpamAssassin/Plugin/TextCat.pm
View File

@ -80,6 +80,7 @@ sub new {
if (! @nm) {
if (!defined $mailsaobject->{languages_filename}) {
warn "textcat: languages filename not defined\n";
$self->{textcat_disabled} = 1;
}
else {
load_models($mailsaobject->{languages_filename});
@ -484,9 +485,11 @@ sub create_lm {
# Note that $$inputptr may or may not be in perl characters (utf8 flag set)
my $is_unicode = utf8::is_utf8($$inputptr);
# my $non_word_characters = qr/[0-9\s]/;
for my $word (split(/[0-9\s]+/, $$inputptr))
# "Split the text into separate tokens consisting only of letters and
# apostrophes. Digits and punctuation are discarded."
while ($$inputptr =~ /([^0-9\s\-!"#\$\%\&()*+,.\/:;<=>?\@\[\\\]\^_`{|}~]+)/gs)
{
my $word = $1;
# Bug 6229: Current TextCat database only works well with lowercase input
if ($is_unicode) {
# Unicode rules are used for the case change
@ -500,8 +503,7 @@ sub create_lm {
$word = "\000" . $word . "\000";
my $len = length($word);
my $flen = $len;
my $i;
for ($i = 0; $i < $flen; $i++) {
for (my $i = 0; $i < $flen; $i++) {
$len--;
$ngram{substr($word, $i, 1)}++;
($len < 1) ? next : $ngram{substr($word, $i, 2)}++;
@ -516,10 +518,10 @@ sub create_lm {
# up sorting by removing singletons, however I have very bad
# results for short inputs, this way
@sorted = sort { $ngram{$b} <=> $ngram{$a} }
(grep { $ngram{$_} > $conf->{textcat_optimal_ngrams} } keys %ngram);
(grep { $ngram{$_} > $conf->{textcat_optimal_ngrams} } sort keys %ngram);
}
else {
@sorted = sort { $ngram{$b} <=> $ngram{$a} } keys %ngram;
@sorted = sort { $ngram{$b} <=> $ngram{$a} } sort keys %ngram;
}
splice(@sorted, $conf->{textcat_max_ngrams}) if (@sorted > $conf->{textcat_max_ngrams});
@ -531,12 +533,18 @@ sub create_lm {
sub extract_metadata {
my ($self, $opts) = @_;
return if $self->{textcat_disabled};
my $msg = $opts->{msg};
my $body = $msg->get_rendered_body_text_array();
$body = join("\n", @{$body});
$body =~ s/^Subject://i;
# Strip anything that looks like url or email, enhances results
$body =~ s{https?://\S+}{ }gs;
$body =~ s{\S+?\@[a-zA-Z]\S+}{ }gs;
my $len = length($body);
# truncate after 10k; that should be plenty to classify it
if ($len > 10000) {
@ -572,6 +580,8 @@ sub extract_metadata {
sub check_language {
my ($self, $scan) = @_;
return 0 if $self->{textcat_disabled};
my $msg = $scan->{msg};
my @languages = split(/\s+/, $scan->{conf}->{ok_languages});
@ -612,6 +622,8 @@ sub check_language {
sub check_body_8bits {
my ($self, $scan, $body) = @_;
return 0 if $self->{textcat_disabled};
my @languages = split(/\s+/, $scan->{conf}->{ok_languages});
for (@languages) {

31
upstream/lib/Mail/SpamAssassin/Plugin/TxRep.pm
View File

@ -184,16 +184,16 @@ This plugin module adds the following C<tags> that can be used as
placeholders in certain options. See L<Mail::SpamAssassin::Conf>
for more information on TEMPLATE TAGS.
_TXREP_XXX_Y_ TXREP modifier
_TXREP_XXX_Y_MEAN_ Mean score on which TXREP modification is based
_TXREP_XXX_Y_COUNT_ Number of messages on which TXREP modification is based
_TXREP_XXX_Y_PRESCORE_ Score before TXREP
_TXREP_XXX_Y_UNKNOW_ New sender (not found in the TXREP list)
_TXREPXXXY_ TXREP modifier
_TXREPXXXYMEAN_ Mean score on which TXREP modification is based
_TXREPXXXYCOUNT_ Number of messages on which TXREP modification is based
_TXREPXXXYPRESCORE_ Score before TXREP
_TXREPXXXYUNKNOWN_ New sender (not found in the TXREP list)
The XXX part of the tag takes the form of one of the following IDs, depending
on the reputation checked: EMAIL, EMAIL_IP, IP, DOMAIN, or HELO. The _Y appendix
ID is used only in the case of dual storage, and takes the form of either _U (for
user storage reputations), or _G (for global storage reputations).
on the reputation checked: EMAIL, EMAILIP, IP, DOMAIN, or HELO. The Y appendix
ID is used only in the case of dual storage, and takes the form of either U (for
user storage reputations), or G (for global storage reputations).
=cut
@ -1249,7 +1249,7 @@ sub check_senders_reputation {
Mail::SpamAssassin::Plugin::Bayes->get_msgid($pms->{msg}) ||
$pms->get('Message-Id') || $pms->get('Message-ID') || $pms->get('MESSAGE-ID') || $pms->get('MESSAGEID');
my $from = lc $pms->get('From:addr') || $pms->get('EnvelopeFrom:addr');;
my $from = lc $pms->get('From:addr') || $pms->get('EnvelopeFrom:addr');
return 0 unless $from =~ /\S/;
my $domain = $from;
$domain =~ s/^.+@//;
@ -1446,6 +1446,9 @@ sub check_reputation {
}
my $found = $self->get_sender($id, $ip, $signedby);
my $tag_id = (defined $storage)? uc($key.'_'.substr($storage,0,1)) : uc($key);
# TEMPLATE TAGS should match [A-Z] in their name
# and "_" must be avoided
$tag_id =~ s/_//g;
if (defined $found && $self->count()) {
$meanrep = $self->total() / $self->count();
}
@ -1473,14 +1476,14 @@ sub check_reputation {
$delta = ($self->total()) / (1 + $self->count());
}
$pms->set_tag('TXREP_'.$tag_id, sprintf("%2.1f", $delta));
$pms->set_tag('TXREP'.$tag_id, sprintf("%2.1f", $delta));
if (defined $meanrep) {
$pms->set_tag('TXREP_'.$tag_id.'_MEAN', sprintf("%2.1f", $meanrep));
$pms->set_tag('TXREP'.$tag_id.'MEAN', sprintf("%2.1f", $meanrep));
}
$pms->set_tag('TXREP_'.$tag_id.'_COUNT', sprintf("%2.1f", $self->count()));
$pms->set_tag('TXREP_'.$tag_id.'_PRESCORE', sprintf("%2.1f", $pms->{score}));
$pms->set_tag('TXREP'.$tag_id.'COUNT', sprintf("%2.1f", $self->count()));
$pms->set_tag('TXREP'.$tag_id.'PRESCORE', sprintf("%2.1f", $pms->{score}));
} else {
$pms->set_tag('TXREP_'.$tag_id.'_UNKNOWN', 1);
$pms->set_tag('TXREP'.$tag_id.'UNKNOWN', 1);
}
dbg("TxRep: reputation: %s, count: %d, weight: %.1f, delta: %.3f, $tag_id: %s",
defined $meanrep? sprintf("%.3f",$meanrep) : 'none',

25
upstream/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm
View File

@ -1159,11 +1159,6 @@ sub got_dnsbl_hit {
$str =~ s/\s+/ /gs; # long whitespace => short
dbg("uridnsbl: domain \"$dom\" listed ($rulename): $str");
if (!defined $pms->{uridnsbl_hits}->{$rulename}) {
$pms->{uridnsbl_hits}->{$rulename} = { };
};
$pms->{uridnsbl_hits}->{$rulename}->{$dom} = 1;
if ( $pms->{uridnsbl_active_rules_nsrevipbl}->{$rulename}
|| $pms->{uridnsbl_active_rules_arevipbl}->{$rulename}
|| $pms->{uridnsbl_active_rules_nsrhsbl}->{$rulename}
@ -1172,14 +1167,20 @@ sub got_dnsbl_hit {
|| $pms->{uridnsbl_active_rules_rhsbl_ipsonly}->{$rulename}
|| $pms->{uridnsbl_active_rules_rhsbl_domsonly}->{$rulename})
{
# TODO: this needs to handle multiple domain hits per rule
$pms->clear_test_state();
my $uris = join (' ', keys %{$pms->{uridnsbl_hits}->{$rulename}});
$pms->test_log ("URIs: $uris");
$pms->got_hit ($rulename, "");
# Hits are saved and called in check_cleanup
$pms->{uridnsbl_hits}->{$rulename}->{$dom} = 1;
}
}
# note that this rule has completed (since it got at least 1 hit)
$pms->register_async_rule_finish($rulename);
sub check_cleanup {
my ($self, $opts) = @_;
my $pms = $opts->{permsgstatus};
# Call any remaining hits
foreach my $rulename (keys %{$pms->{uridnsbl_hits}}) {
$pms->test_log("URIs: ".join(', ', sort keys %{$pms->{uridnsbl_hits}->{$rulename}}));
$pms->got_hit($rulename, '');
}
}

21
upstream/lib/Mail/SpamAssassin/Plugin/URIDetail.pm
View File

@ -50,7 +50,10 @@ https://spamassassin.apache.org/).
C<text> is the anchor text(s) (text between <a> and </a>) that
linked to the raw URI.
C<domain> is the domain(s) found in the cleaned URIs.
C<domain> is the domain(s) found in the cleaned URIs, as trimmed to
registrar boundary by Mail::SpamAssassin::Util::RegistrarBoundaries(3).
C<host> is the full host(s) in the cleaned URIs. (Supported since SA 3.4.5)
Example rule for matching a URI where the raw URI matches "%2Ebar",
the domain "bar.com" is found, and the type is "a" (an anchor tag).
@ -119,7 +122,7 @@ sub set_config {
my $op = $2;
my $pattern = $3;
if ($target !~ /^(?:raw|type|cleaned|text|domain)$/) {
if ($target !~ /^(?:raw|type|cleaned|text|domain|host)$/) {
return $Mail::SpamAssassin::Conf::INVALID_VALUE;
}
@ -220,6 +223,18 @@ sub check_uri_detail {
dbg("uri: domain matched: '%s' %s /%s/", $match,$op,$patt);
}
if (exists $rule->{host}) {
next unless $info->{hosts};
my($op,$patt) = @{$rule->{host}};
my $match;
for my $text (keys %{ $info->{hosts} }) {
if ( ($op eq '=~' && $text =~ $patt) ||
($op eq '!~' && $text !~ $patt) ) { $match = $text; last }
}
next unless defined $match;
dbg("uri: host matched: '%s' %s /%s/", $match,$op,$patt);
}
if (would_log('dbg', 'rules') > 1) {
dbg("uri: criteria for $test met");
}
@ -237,4 +252,6 @@ sub check_uri_detail {
# ---------------------------------------------------------------------------
sub has_host_key { 1 } # can match with "host" key
1;

10
upstream/lib/Mail/SpamAssassin/Plugin/URILocalBL.pm
View File

@ -480,14 +480,14 @@ sub check_uri_local_bl {
my $flags = 0;
my $flag_isp = 0;
my $flag_silent = 0;
eval '$flags = GEOIP_MEMORY_CACHE | GEOIP_CHECK_CACHE' if ($gip_wanted >= $gip_have);
eval '$flag_silent = Geo::IP::GEOIP_SILENCE' if ($gip_wanted >= $gip_have);
eval '$flag_isp = GEOIP_ISP_EDITION' if ($gip_wanted >= $gip_have);
eval '$flags = GEOIP_MEMORY_CACHE | GEOIP_CHECK_CACHE' if ($gip_have >= $gip_wanted);
eval '$flag_silent = GEOIP_SILENCE' if ($gip_have >= $gip_wanted);
eval '$flag_isp = GEOIP_ISP_EDITION' if ($gip_have >= $gip_wanted);
eval {
if ($flag_silent && $gic_wanted >= $gic_have) {
if ($flag_silent && $gic_have >= $gic_wanted) {
$self->{geoip} = Geo::IP->new($flags | $flag_silent);
$self->{geoisp} = Geo::IP->open_type($flag_isp | $flag_silent | $flags);
$self->{geoisp} = Geo::IP->open_type($flag_isp, $flag_silent | $flags);
} else {
open(OLDERR, ">&STDERR");
open(STDERR, ">", "/dev/null");

5
upstream/lib/Mail/SpamAssassin/Util.pm
View File

@ -337,7 +337,10 @@ sub taint_var {
# $^X is apparently "always tainted".
# Concatenating an empty tainted string taints the result.
return $v . substr($^X, 0, 0);
# Bug 7806: use $fh trick to enforce for older Perl
my $t = eval { local $/; open my $fh, '<', \""; <$fh>; };
$t = '' unless defined $t;
return $v . $t . substr($^X, 0, 0);
}
###########################################################################

3
upstream/lib/Mail/SpamAssassin/Util/DependencyInfo.pm
View File

@ -33,6 +33,7 @@ use strict;
use warnings;
# use bytes;
use re 'taint';
use version 0.77;
our ( $EXIT_STATUS, $WARNINGS );
@ -654,7 +655,7 @@ sub try_module {
if ($installed) {
eval { $module_version = $moddef->{module}->VERSION }; # wrap just in case
if (!$recommended_version ||
($module_version && $module_version >= $recommended_version)) {
($module_version && version->parse($module_version) >= version->parse($recommended_version))) {
$version_meets_recommended = 1;
}
$module_version = '' if !defined $module_version;

BIN
upstream/powered_by/128-powered-by-spamassassin.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 14 KiB

After

Width:  |  Height:  |  Size: 22 KiB

BIN
upstream/powered_by/256-powered-by-spamassassin.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 33 KiB

After

Width:  |  Height:  |  Size: 55 KiB

BIN
upstream/powered_by/512-powered-by-spamassassin.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 84 KiB

After

Width:  |  Height:  |  Size: 137 KiB

BIN
upstream/powered_by/powered_by_spamassassin.psd
View File

Binary file not shown.

197
upstream/rules/20_aux_tlds.cf
View File

@ -90,114 +90,111 @@ endif
# wget https://data.iana.org/TLD/tlds-alpha-by-domain.txt -q -O - | tail -n+2 | grep -vi '^xn--' | tr '\n' ' ' | fold -w 80 -s | perl -pe 'chomp; s/.*/util_rb_tld \L$_\n/'
util_rb_tld aaa aarp abarth abb abbott abbvie abc able abogado abudhabi ac academy
util_rb_tld accenture accountant accountants aco active actor ad adac ads adult ae aeg aero
util_rb_tld aetna af afamilycompany afl africa ag agakhan agency ai aig aigo airbus
util_rb_tld airforce airtel akdn al alfaromeo alibaba alipay allfinanz allstate ally alsace
util_rb_tld alstom am americanexpress americanfamily amex amfam amica amsterdam analytics
util_rb_tld accenture accountant accountants aco actor ad adac ads adult ae aeg aero aetna
util_rb_tld af afamilycompany afl africa ag agakhan agency ai aig airbus airforce airtel
util_rb_tld akdn al alfaromeo alibaba alipay allfinanz allstate ally alsace alstom am
util_rb_tld amazon americanexpress americanfamily amex amfam amica amsterdam analytics
util_rb_tld android anquan anz ao aol apartments app apple aq aquarelle ar arab aramco
util_rb_tld archi army arpa art arte as asda asia associates at athleta attorney au auction
util_rb_tld audi audible audio auspost author auto autos avianca aw aws ax axa az azure ba
util_rb_tld baby baidu banamex bananarepublic band bank bar barcelona barclaycard barclays
util_rb_tld barefoot bargains baseball basketball bauhaus bayern bb bbc bbt bbva bcg bcn bd
util_rb_tld be beats beauty beer bentley berlin best bestbuy bet bf bg bh bharti bi bible
util_rb_tld bid bike bing bingo bio biz bj black blackfriday blanco blockbuster blog
util_rb_tld bloomberg blue bm bms bmw bn bnl bnpparibas bo boats boehringer bofa bom bond
util_rb_tld boo book booking bosch bostik boston bot boutique box br bradesco bridgestone
util_rb_tld broadway broker brother brussels bs bt budapest bugatti build builders business
util_rb_tld buy buzz bv bw by bz bzh ca cab cafe cal call calvinklein cam camera camp
util_rb_tld cancerresearch canon capetown capital capitalone car caravan cards care career
util_rb_tld careers cars cartier casa case caseih cash casino cat catering catholic cba cbn
util_rb_tld cbre cbs cc cd ceb center ceo cern cf cfa cfd cg ch chanel channel charity
util_rb_tld chase chat cheap chintai christmas chrome chrysler church ci cipriani circle
util_rb_tld cisco citadel citi citic city cityeats ck cl claims cleaning click clinic
util_rb_tld clinique clothing cloud club clubmed cm cn co coach codes coffee college
util_rb_tld cologne com comcast commbank community company compare computer comsec condos
util_rb_tld construction consulting contact contractors cooking cookingchannel cool coop
util_rb_tld corsica country coupon coupons courses cr credit creditcard creditunion cricket
util_rb_tld crown crs cruise cruises csc cu cuisinella cv cw cx cy cymru cyou cz dabur dad
util_rb_tld dance data date dating datsun day dclk dds de deal dealer deals degree delivery
util_rb_tld dell deloitte delta democrat dental dentist desi design dev dhl diamonds diet
util_rb_tld digital direct directory discount discover dish diy dj dk dm dnp do docs doctor
util_rb_tld dodge dog doha domains dot download drive dtv dubai duck dunlop duns dupont
util_rb_tld durban dvag dvr dz earth eat ec eco edeka edu education ee eg email emerck
util_rb_tld energy engineer engineering enterprises epost epson equipment er ericsson erni
util_rb_tld es esq estate esurance et etisalat eu eurovision eus events everbank exchange
util_rb_tld expert exposed express extraspace fage fail fairwinds faith family fan fans
util_rb_tld farm farmers fashion fast fedex feedback ferrari ferrero fi fiat fidelity fido
util_rb_tld film final finance financial fire firestone firmdale fish fishing fit fitness
util_rb_tld fj fk flickr flights flir florist flowers fly fm fo foo food foodnetwork
util_rb_tld football ford forex forsale forum foundation fox fr free fresenius frl frogans
util_rb_tld frontdoor frontier ftr fujitsu fujixerox fun fund furniture futbol fyi ga gal
util_rb_tld gallery gallo gallup game games gap garden gb gbiz gd gdn ge gea gent genting
util_rb_tld george gf gg ggee gh gi gift gifts gives giving gl glade glass gle global globo
util_rb_tld gm gmail gmbh gmo gmx gn godaddy gold goldpoint golf goo goodhands goodyear
util_rb_tld goog google gop got gov gp gq gr grainger graphics gratis green gripe grocery
util_rb_tld group gs gt gu guardian gucci guge guide guitars guru gw gy hair hamburg
util_rb_tld hangout haus hbo hdfc hdfcbank health healthcare help helsinki here hermes hgtv
util_rb_tld hiphop hisamitsu hitachi hiv hk hkt hm hn hockey holdings holiday homedepot
util_rb_tld homegoods homes homesense honda honeywell horse hospital host hosting hot
util_rb_tld hoteles hotels hotmail house how hr hsbc ht hu hughes hyatt hyundai ibm icbc
util_rb_tld ice icu id ie ieee ifm ikano il im imamat imdb immo immobilien in inc
util_rb_tld industries infiniti info ing ink institute insurance insure int intel
util_rb_tld international intuit investments io ipiranga iq ir irish is iselect ismaili ist
util_rb_tld istanbul it itau itv iveco jaguar java jcb jcp je jeep jetzt jewelry jio jlc
util_rb_tld bid bike bing bingo bio biz bj black blackfriday blockbuster blog bloomberg
util_rb_tld blue bm bms bmw bn bnpparibas bo boats boehringer bofa bom bond boo book
util_rb_tld booking bosch bostik boston bot boutique box br bradesco bridgestone broadway
util_rb_tld broker brother brussels bs bt budapest bugatti build builders business buy buzz
util_rb_tld bv bw by bz bzh ca cab cafe cal call calvinklein cam camera camp cancerresearch
util_rb_tld canon capetown capital capitalone car caravan cards care career careers cars
util_rb_tld casa case caseih cash casino cat catering catholic cba cbn cbre cbs cc cd ceb
util_rb_tld center ceo cern cf cfa cfd cg ch chanel channel charity chase chat cheap
util_rb_tld chintai christmas chrome church ci cipriani circle cisco citadel citi citic
util_rb_tld city cityeats ck cl claims cleaning click clinic clinique clothing cloud club
util_rb_tld clubmed cm cn co coach codes coffee college cologne com comcast commbank
util_rb_tld community company compare computer comsec condos construction consulting
util_rb_tld contact contractors cooking cookingchannel cool coop corsica country coupon
util_rb_tld coupons courses cpa cr credit creditcard creditunion cricket crown crs cruise
util_rb_tld cruises csc cu cuisinella cv cw cx cy cymru cyou cz dabur dad dance data date
util_rb_tld dating datsun day dclk dds de deal dealer deals degree delivery dell deloitte
util_rb_tld delta democrat dental dentist desi design dev dhl diamonds diet digital direct
util_rb_tld directory discount discover dish diy dj dk dm dnp do docs doctor dog domains
util_rb_tld dot download drive dtv dubai duck dunlop dupont durban dvag dvr dz earth eat ec
util_rb_tld eco edeka edu education ee eg email emerck energy engineer engineering
util_rb_tld enterprises epson equipment er ericsson erni es esq estate et etisalat eu
util_rb_tld eurovision eus events exchange expert exposed express extraspace fage fail
util_rb_tld fairwinds faith family fan fans farm farmers fashion fast fedex feedback
util_rb_tld ferrari ferrero fi fiat fidelity fido film final finance financial fire
util_rb_tld firestone firmdale fish fishing fit fitness fj fk flickr flights flir florist
util_rb_tld flowers fly fm fo foo food foodnetwork football ford forex forsale forum
util_rb_tld foundation fox fr free fresenius frl frogans frontdoor frontier ftr fujitsu
util_rb_tld fujixerox fun fund furniture futbol fyi ga gal gallery gallo gallup game games
util_rb_tld gap garden gay gb gbiz gd gdn ge gea gent genting george gf gg ggee gh gi gift
util_rb_tld gifts gives giving gl glade glass gle global globo gm gmail gmbh gmo gmx gn
util_rb_tld godaddy gold goldpoint golf goo goodyear goog google gop got gov gp gq gr
util_rb_tld grainger graphics gratis green gripe grocery group gs gt gu guardian gucci guge
util_rb_tld guide guitars guru gw gy hair hamburg hangout haus hbo hdfc hdfcbank health
util_rb_tld healthcare help helsinki here hermes hgtv hiphop hisamitsu hitachi hiv hk hkt
util_rb_tld hm hn hockey holdings holiday homedepot homegoods homes homesense honda horse
util_rb_tld hospital host hosting hot hoteles hotels hotmail house how hr hsbc ht hu hughes
util_rb_tld hyatt hyundai ibm icbc ice icu id ie ieee ifm ikano il im imamat imdb immo
util_rb_tld immobilien in inc industries infiniti info ing ink institute insurance insure
util_rb_tld int intel international intuit investments io ipiranga iq ir irish is ismaili
util_rb_tld ist istanbul it itau itv iveco jaguar java jcb jcp je jeep jetzt jewelry jio
util_rb_tld jll jm jmp jnj jo jobs joburg jot joy jp jpmorgan jprs juegos juniper kaufen
util_rb_tld kddi ke kerryhotels kerrylogistics kerryproperties kfh kg kh ki kia kim kinder
util_rb_tld kindle kitchen kiwi km kn koeln komatsu kosher kp kpmg kpn kr krd kred
util_rb_tld kuokgroup kw ky kyoto kz la lacaixa ladbrokes lamborghini lamer lancaster
util_rb_tld lancia lancome land landrover lanxess lasalle lat latino latrobe law lawyer lb
util_rb_tld lc lds lease leclerc lefrak legal lego lexus lgbt li liaison lidl life
util_rb_tld lifeinsurance lifestyle lighting like lilly limited limo lincoln linde link
util_rb_tld lipsy live living lixil lk llc loan loans locker locus loft lol london lotte
util_rb_tld lotto love lpl lplfinancial lr ls lt ltd ltda lu lundbeck lupin luxe luxury lv
util_rb_tld ly ma macys madrid maif maison makeup man management mango map market marketing
util_rb_tld markets marriott marshalls maserati mattel mba mc mckinsey md me med media meet
util_rb_tld melbourne meme memorial men menu merckmsd metlife mg mh miami microsoft mil
util_rb_tld mini mint mit mitsubishi mk ml mlb mls mm mma mn mo mobi mobile mobily moda moe
util_rb_tld moi mom monash money monster mopar mormon mortgage moscow moto motorcycles mov
util_rb_tld movie movistar mp mq mr ms msd mt mtn mtr mu museum mutual mv mw mx my mz na
util_rb_tld nab nadex nagoya name nationwide natura navy nba nc ne nec net netbank netflix
util_rb_tld network neustar new newholland news next nextdirect nexus nf nfl ng ngo nhk ni
util_rb_tld nico nike nikon ninja nissan nissay nl no nokia northwesternmutual norton now
util_rb_tld nowruz nowtv np nr nra nrw ntt nu nyc nz obi observer off office okinawa olayan
util_rb_tld olayangroup oldnavy ollo om omega one ong onl online onyourside ooo open oracle
util_rb_tld orange org organic origins osaka otsuka ott ovh pa page panasonic panerai paris
util_rb_tld pars partners parts party passagens pay pccw pe pet pf pfizer pg ph pharmacy
util_rb_tld phd philips phone photo photography photos physio piaget pics pictet pictures
util_rb_tld pid pin ping pink pioneer pizza pk pl place play playstation plumbing plus pm
util_rb_tld pn pnc pohl poker politie porn post pr pramerica praxi press prime pro prod
util_rb_tld productions prof progressive promo properties property protection pru
util_rb_tld prudential ps pt pub pw pwc py qa qpon quebec quest qvc racing radio raid re
util_rb_tld read realestate realtor realty recipes red redstone redumbrella rehab reise
util_rb_tld reisen reit reliance ren rent rentals repair report republican rest restaurant
util_rb_tld review reviews rexroth rich richardli ricoh rightathome ril rio rip rmit ro
util_rb_tld rocher rocks rodeo rogers room rs rsvp ru rugby ruhr run rw rwe ryukyu sa
util_rb_tld saarland safe safety sakura sale salon samsclub samsung sandvik sandvikcoromant
util_rb_tld sanofi sap sarl sas save saxo sb sbi sbs sc sca scb schaeffler schmidt
util_rb_tld scholarships school schule schwarz science scjohnson scor scot sd se search
util_rb_tld seat secure security seek select sener services ses seven sew sex sexy sfr sg
util_rb_tld sh shangrila sharp shaw shell shia shiksha shoes shop shopping shouji show
util_rb_tld showtime shriram si silk sina singles site sj sk ski skin sky skype sl sling sm
util_rb_tld smart smile sn sncf so soccer social softbank software sohu solar solutions
util_rb_tld song sony soy space spiegel sport spot spreadbetting sr srl srt st stada
util_rb_tld staples star starhub statebank statefarm statoil stc stcgroup stockholm storage
util_rb_tld store stream studio study style su sucks supplies supply support surf surgery
util_rb_tld suzuki sv swatch swiftcover swiss sx sy sydney symantec systems sz tab taipei
util_rb_tld talk taobao target tatamotors tatar tattoo tax taxi tc tci td tdk team tech
util_rb_tld technology tel telefonica temasek tennis teva tf tg th thd theater theatre tiaa
util_rb_tld tickets tienda tiffany tips tires tirol tj tjmaxx tjx tk tkmaxx tl tm tmall tn
util_rb_tld to today tokyo tools top toray toshiba total tours town toyota toys tr trade
util_rb_tld trading training travel travelchannel travelers travelersinsurance trust trv tt
util_rb_tld tube tui tunes tushu tv tvs tw tz ua ubank ubs uconnect ug uk unicom university
util_rb_tld uno uol ups us uy uz va vacations vana vanguard vc ve vegas ventures verisign
util_rb_tld versicherung vet vg vi viajes video vig viking villas vin vip virgin visa
util_rb_tld vision vista vistaprint viva vivo vlaanderen vn vodka volkswagen volvo vote
util_rb_tld voting voto voyage vu vuelos wales walmart walter wang wanggou warman watch
util_rb_tld watches weather weatherchannel webcam weber website wed wedding weibo weir wf
util_rb_tld whoswho wien wiki williamhill win windows wine winners wme wolterskluwer
util_rb_tld woodside work works world wow ws wtc wtf xbox xerox xfinity xihuan xin xxx xyz
util_rb_tld yachts yahoo yamaxun yandex ye yodobashi yoga yokohama you youtube yt yun za
util_rb_tld zappos zara zero zip zippo zm zone zuerich zw
util_rb_tld kuokgroup kw ky kyoto kz la lacaixa lamborghini lamer lancaster lancia land
util_rb_tld landrover lanxess lasalle lat latino latrobe law lawyer lb lc lds lease leclerc
util_rb_tld lefrak legal lego lexus lgbt li lidl life lifeinsurance lifestyle lighting like
util_rb_tld lilly limited limo lincoln linde link lipsy live living lixil lk llc llp loan
util_rb_tld loans locker locus loft lol london lotte lotto love lpl lplfinancial lr ls lt
util_rb_tld ltd ltda lu lundbeck lupin luxe luxury lv ly ma macys madrid maif maison makeup
util_rb_tld man management mango map market marketing markets marriott marshalls maserati
util_rb_tld mattel mba mc mckinsey md me med media meet melbourne meme memorial men menu
util_rb_tld merckmsd metlife mg mh miami microsoft mil mini mint mit mitsubishi mk ml mlb
util_rb_tld mls mm mma mn mo mobi mobile moda moe moi mom monash money monster mormon
util_rb_tld mortgage moscow moto motorcycles mov movie mp mq mr ms msd mt mtn mtr mu museum
util_rb_tld mutual mv mw mx my mz na nab nagoya name nationwide natura navy nba nc ne nec
util_rb_tld net netbank netflix network neustar new newholland news next nextdirect nexus
util_rb_tld nf nfl ng ngo nhk ni nico nike nikon ninja nissan nissay nl no nokia
util_rb_tld northwesternmutual norton now nowruz nowtv np nr nra nrw ntt nu nyc nz obi
util_rb_tld observer off office okinawa olayan olayangroup oldnavy ollo om omega one ong
util_rb_tld onl online onyourside ooo open oracle orange org organic origins osaka otsuka
util_rb_tld ott ovh pa page panasonic paris pars partners parts party passagens pay pccw pe
util_rb_tld pet pf pfizer pg ph pharmacy phd philips phone photo photography photos physio
util_rb_tld pics pictet pictures pid pin ping pink pioneer pizza pk pl place play
util_rb_tld playstation plumbing plus pm pn pnc pohl poker politie porn post pr pramerica
util_rb_tld praxi press prime pro prod productions prof progressive promo properties
util_rb_tld property protection pru prudential ps pt pub pw pwc py qa qpon quebec quest qvc
util_rb_tld racing radio raid re read realestate realtor realty recipes red redstone
util_rb_tld redumbrella rehab reise reisen reit reliance ren rent rentals repair report
util_rb_tld republican rest restaurant review reviews rexroth rich richardli ricoh
util_rb_tld rightathome ril rio rip rmit ro rocher rocks rodeo rogers room rs rsvp ru rugby
util_rb_tld ruhr run rw rwe ryukyu sa saarland safe safety sakura sale salon samsclub
util_rb_tld samsung sandvik sandvikcoromant sanofi sap sarl sas save saxo sb sbi sbs sc sca
util_rb_tld scb schaeffler schmidt scholarships school schule schwarz science scjohnson
util_rb_tld scot sd se search seat secure security seek select sener services ses seven sew
util_rb_tld sex sexy sfr sg sh shangrila sharp shaw shell shia shiksha shoes shop shopping
util_rb_tld shouji show showtime shriram si silk sina singles site sj sk ski skin sky skype
util_rb_tld sl sling sm smart smile sn sncf so soccer social softbank software sohu solar
util_rb_tld solutions song sony soy space sport spot spreadbetting sr srl ss st stada
util_rb_tld staples star statebank statefarm stc stcgroup stockholm storage store stream
util_rb_tld studio study style su sucks supplies supply support surf surgery suzuki sv
util_rb_tld swatch swiftcover swiss sx sy sydney symantec systems sz tab taipei talk taobao
util_rb_tld target tatamotors tatar tattoo tax taxi tc tci td tdk team tech technology tel
util_rb_tld temasek tennis teva tf tg th thd theater theatre tiaa tickets tienda tiffany
util_rb_tld tips tires tirol tj tjmaxx tjx tk tkmaxx tl tm tmall tn to today tokyo tools
util_rb_tld top toray toshiba total tours town toyota toys tr trade trading training travel
util_rb_tld travelchannel travelers travelersinsurance trust trv tt tube tui tunes tushu tv
util_rb_tld tvs tw tz ua ubank ubs ug uk unicom university uno uol ups us uy uz va
util_rb_tld vacations vana vanguard vc ve vegas ventures verisign versicherung vet vg vi
util_rb_tld viajes video vig viking villas vin vip virgin visa vision viva vivo vlaanderen
util_rb_tld vn vodka volkswagen volvo vote voting voto voyage vu vuelos wales walmart
util_rb_tld walter wang wanggou watch watches weather weatherchannel webcam weber website
util_rb_tld wed wedding weibo weir wf whoswho wien wiki williamhill win windows wine
util_rb_tld winners wme wolterskluwer woodside work works world wow ws wtc wtf xbox xerox
util_rb_tld xfinity xihuan xin xxx xyz yachts yahoo yamaxun yandex ye yodobashi yoga
util_rb_tld yokohama you youtube yt yun za zappos zara zero zip zm zone zuerich zw
#
# 2nd level TLD list
@ -630,6 +627,8 @@ util_rb_2tld azurewebsites.net
util_rb_2tld azureedge.net
util_rb_2tld zohosites.com
util_rb_2tld wixsite.com
util_rb_2tld firebaseapp.com
util_rb_2tld web.app
#
util_rb_2tld neostrada.pl
util_rb_2tld vv.cc

571
upstream/rules/active.list
View File

File diff suppressed because it is too large Load Diff

5
upstream/rules/local.cf
View File

@ -7,6 +7,11 @@
#
###########################################################################
# A 'contact address' users should contact for more info. (replaces
# _CONTACTADDRESS_ in the report template)
# report_contact youremailaddress@domain.tld
# Add *****SPAM***** to the Subject header of spam e-mails
#
# rewrite_header Subject *****SPAM*****

5
upstream/rules/user_prefs.template
View File

@ -11,9 +11,10 @@
# How many points before a mail is considered spam.
# required_score 5
# Whitelist and blacklist addresses are now file-glob-style patterns, so
# Welcomelist and blocklist addresses are now file-glob-style patterns, so
# "friend@somewhere.com", "*@isp.com", or "*.domain.net" will all work.
# whitelist_from someone@somewhere.com
# welcomelist_from someone@somewhere.com
# welcomelist_to someone@mydomain.com
# Add your own customised scores for some tests below. The default scores are
# read from the installed spamassassin rules files, but you can override them

2
upstream/rules/v343.pre
View File

@ -3,7 +3,7 @@
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
# This file was installed during the installation of SpamAssassin 4.0.0,
# This file was installed during the installation of SpamAssassin 3.4.3,
# and contains plugin loading commands for the new plugins added in that
# release. It will not be overwritten during future SpamAssassin installs,
# so you can modify it to enable some disabled-by-default plugins below,

7
upstream/sa-update.raw
View File

@ -22,11 +22,11 @@ use warnings;
use re 'taint';
my $VERSION = 'svnunknown';
if ('$Id: sa-update.raw 1869639 2019-11-11 04:09:44Z kmcgrail $' =~ ':') {
# Subversion keyword "$Id: sa-update.raw 1869639 2019-11-11 04:09:44Z kmcgrail $" has been successfully expanded.
if ('$Id: sa-update.raw 1881784 2020-09-17 07:17:40Z gbechis $' =~ ':') {
# Subversion keyword "$Id: sa-update.raw 1881784 2020-09-17 07:17:40Z gbechis $" has been successfully expanded.
# Doesn't happen with automated launchpad builds:
# https://bugs.launchpad.net/launchpad/+bug/780916
$VERSION = &Mail::SpamAssassin::Version . ' / svn' . (split(/\s+/, '$Id: sa-update.raw 1869639 2019-11-11 04:09:44Z kmcgrail $'))[2];
$VERSION = &Mail::SpamAssassin::Version . ' / svn' . (split(/\s+/, '$Id: sa-update.raw 1881784 2020-09-17 07:17:40Z gbechis $'))[2];
}
my $PREFIX = '@@PREFIX@@'; # substituted at 'make' time
@ -224,6 +224,7 @@ if ( $opt{'allowplugins'} && !$opt{'reallyallowplugins'} ) {
warn "Security warning: dangerous option --allowplugins used:\n".
"- there should never be need to use this option, see man sa-update(1)\n".
"- specify --reallyallowplugins to allow activating plugins\n";
exit 2;
}
$use_inet4 = $have_inet4 && ( !$opt{'force_pf'} || $opt{'force_pf'} eq 'inet' );

2
upstream/spamd/spamd.raw
View File

@ -3490,7 +3490,7 @@ with the B<-u> option, the file must be writable by that user.
=item B<-v>, B<--vpopmail>
Enable vpopmail config. If specified with with B<-u> set to the vpopmail user,
Enable vpopmail config. If specified with B<-u> set to the vpopmail user,
this allows spamd to lookup/create user_prefs in the vpopmail user's own
maildir. This option is useful for vpopmail virtual users who do not have an
entry in the system /etc/passwd file.

2
upstream/sql/userpref_mysql.sql
View File

@ -1,7 +1,7 @@
CREATE TABLE userpref (
username varchar(100) NOT NULL default '',
preference varchar(50) NOT NULL default '',
value varchar(100) NOT NULL default '',
value varchar(255) NOT NULL default '',
prefid int(11) NOT NULL auto_increment,
PRIMARY KEY (prefid),
KEY username (username)

2
upstream/sql/userpref_pg.sql
View File

@ -2,6 +2,6 @@ CREATE TABLE userpref (
prefid bigserial NOT NULL unique primary key,
username varchar(100) NOT NULL,
preference varchar(50) NOT NULL,
value varchar(100) NOT NULL
value varchar(255) NOT NULL
);
CREATE INDEX userpref_username_idx ON userpref(username);

3
upstream/t/README
View File

@ -82,6 +82,9 @@ SPAMD_PORT
SPAMD_LOCALHOST
SPAMASSASSIN_SCRIPT
SPAMC_SCRIPT
SPAMD_SCRIPT
SAAWL_SCRIPT
SACHECKSPAMD_SCRIPT
SALEARN_SCRIPT
SA_ARGS
SC_ARGS

21
upstream/t/SATest.pm
View File

@ -103,7 +103,8 @@ sub sa_t_init {
$scr = $ENV{'SPAMASSASSIN_SCRIPT'};
$scr ||= "$perl_cmd ../spamassassin.raw";
$spamd = "$perl_cmd ../spamd/spamd.raw";
$spamd = $ENV{'SPAMD_SCRIPT'};
$spamd ||= "$perl_cmd ../spamd/spamd.raw";
$spamc = $ENV{'SPAMC_SCRIPT'};
$spamc ||= "../spamc/spamc";
@ -111,6 +112,12 @@ sub sa_t_init {
$salearn = $ENV{'SALEARN_SCRIPT'};
$salearn ||= "$perl_cmd ../sa-learn.raw";
$saawl = $ENV{'SAAWL_SCRIPT'};
$saawl ||= "../sa-awl";
$sacheckspamd = $ENV{'SACHECKSPAMD_SCRIPT'};
$sacheckspamd ||= "../sa-check_spamd";
$spamdlocalhost = $ENV{'SPAMD_LOCALHOST'};
if (!$spamdlocalhost) {
$spamdlocalhost = $have_inet4 || !$have_inet6 ? '127.0.0.1' : '::1';
@ -396,6 +403,18 @@ sub salearnrun {
1;
}
sub saawlrun {
my $args = shift;
untaint_system("$saawl $args");
}
sub sacheckspamdrun {
my $args = shift;
untaint_system("$sacheckspamd $args");
}
sub scrun {
spamcrun (@_, 0);
}

44
upstream/t/data/etc/testhost.cert
View File

@ -1,23 +1,25 @@
-----BEGIN CERTIFICATE-----
MIIDyjCCAzOgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBpTELMAkGA1UEBhMCU0Ex
CzAJBgNVBAgTAlNBMRowGAYDVQQHExFTcGFtQXNzYXNzaW4gQ2l0eTEVMBMGA1UE
ChMMU3BhbUFzc2Fzc2luMRkwFwYDVQQLExBGT1IgVEVTVElORyBPTkxZMRIwEAYD
VQQDEwlsb2NhbGhvc3QxJzAlBgkqhkiG9w0BCQEWGHNwYW1hc3Nhc3NpbkBleGFt
cGxlLmNvbTAeFw0wNDA3MDkyMTE4NDdaFw0yNDA3MTQyMTE4NDdaMIGlMQswCQYD
VQQGEwJTQTELMAkGA1UECBMCU0ExGjAYBgNVBAcTEVNwYW1Bc3Nhc3NpbiBDaXR5
MRUwEwYDVQQKEwxTcGFtQXNzYXNzaW4xGTAXBgNVBAsTEEZPUiBURVNUSU5HIE9O
TFkxEjAQBgNVBAMTCWxvY2FsaG9zdDEnMCUGCSqGSIb3DQEJARYYc3BhbWFzc2Fz
c2luQGV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1l6To
Fxkyc2glblqZYFq/BWFSMKh9LsouTVowuxC7yQkEENBjeQ4paHUFsi49s0RnabsA
D1c56O8BBT0C89CMiCubRbv/KyHMDut5Nt0brWKS+VRWHgN9T5eYOy3wKPwbc7bm
sPdgt5bOCS78F0luL5T6DPcf5mgE7XAv8qp+mwIDAQABo4IBBjCCAQIwHQYDVR0O
BBYEFGJWfa4QHDeC9Wn3UNLIaf7prjmUMIHSBgNVHSMEgcowgceAFGJWfa4QHDeC
9Wn3UNLIaf7prjmUoYGrpIGoMIGlMQswCQYDVQQGEwJTQTELMAkGA1UECBMCU0Ex
GjAYBgNVBAcTEVNwYW1Bc3Nhc3NpbiBDaXR5MRUwEwYDVQQKEwxTcGFtQXNzYXNz
aW4xGTAXBgNVBAsTEEZPUiBURVNUSU5HIE9OTFkxEjAQBgNVBAMTCWxvY2FsaG9z
dDEnMCUGCSqGSIb3DQEJARYYc3BhbWFzc2Fzc2luQGV4YW1wbGUuY29tggEAMAwG
A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAsKbOfgXZlBm1rQlM6W2Nxf5g
r3QA67liZjVxhIb9chvreCttoe3IkHRSM4axToeKo+x7IV6ceXnqMc5chnu2lUmH
2z7m3IYRYmIOaXroXZcfqX/P4HMw9NOphpEZ4yNsvKSl2n3h3bJ3ErqxMgghlTGD
KYC+xKTFTsPjOE53Jh8=
MIIELTCCAxWgAwIBAgIUCEYDt5yF4chKPuWTkkbpgLAZWycwDQYJKoZIhvcNAQEL
BQAwgaUxCzAJBgNVBAYTAlNBMQswCQYDVQQIDAJTQTEaMBgGA1UEBwwRU3BhbUFz
c2Fzc2luIENpdHkxFTATBgNVBAoMDFNwYW1Bc3Nhc3NpbjEZMBcGA1UECwwQRk9S
IFRFU1RJTkcgT05MWTESMBAGA1UEAwwJbG9jYWxob3N0MScwJQYJKoZIhvcNAQkB
FhhzcGFtYXNzYXNzaW5AZXhhbXBsZS5jb20wHhcNMjAwNDEwMDczMTA3WhcNMzAw
NDA4MDczMTA3WjCBpTELMAkGA1UEBhMCU0ExCzAJBgNVBAgMAlNBMRowGAYDVQQH
DBFTcGFtQXNzYXNzaW4gQ2l0eTEVMBMGA1UECgwMU3BhbUFzc2Fzc2luMRkwFwYD
VQQLDBBGT1IgVEVTVElORyBPTkxZMRIwEAYDVQQDDAlsb2NhbGhvc3QxJzAlBgkq
hkiG9w0BCQEWGHNwYW1hc3Nhc3NpbkBleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAK+IP5AWcdwiGG33Tt9pAjQ/tWnqhoUoSGHJMq9n
hV3GI6CyqbbJXN/VFDC27F9qltoZp2eSEigRvLgnrjmnJFJ3H34CcKghx3TfEFdf
ILCKPXvYSIe7fpeD5+0LN2t+0Kr56vejyGkQAiGDs7FU9rPOHENolU8SvRv102M0
K65sZU940ML43ns3JCg1AGGBQj3LabqlxHM+zBAYHFLMd9/fMzKfaFgvyPvZIlIv
zhzdBksBrl2Wa8RPdJUtWhDGbYMEAHPreZQmiqdtfBbOc946LYYrDTaCAPaAYzUd
WOqOU9grNcWjIuiIlUjcCPdRe1njDSerfsMdcXUjGroGj90CAwEAAaNTMFEwHQYD
VR0OBBYEFP8lys2m3PDCcYXieVxpOBaBUX/eMB8GA1UdIwQYMBaAFP8lys2m3PDC
cYXieVxpOBaBUX/eMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
AAuVryADs+3mv4mLLzWPmjBLSzlemqXqZPu7OPe8GrzD3BkovudWErI/nW7OTWcJ
JixVeL5IgJ/ddDZXIaLM6c73NqcVpOQ+E/vnkbHHJtYTPJ8aSl5DWFd7Pid8JV2M
gHcNFXStCWQ2XN3iXliDnb7LBI2DphCIBBKGajbP3mlVcVwZstqqyoqRn8wshlrJ
j7FlrmDF2f62huGBKgfgC4lov95B7TH45hjUnIHaemgVw9VLyZHqw0jQ7Fd14069
RMHuzP2DGi6+uJ4rS8pnDGYXHh4Exyl3TXGLAoWFjCmh3TWGRqwbs/VWC6TrbUSe
mmPZfIFNtvb9bh/uatmTIFU=
-----END CERTIFICATE-----

43
upstream/t/data/etc/testhost.key
View File

@ -1,15 +1,28 @@
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQC1l6ToFxkyc2glblqZYFq/BWFSMKh9LsouTVowuxC7yQkEENBj
eQ4paHUFsi49s0RnabsAD1c56O8BBT0C89CMiCubRbv/KyHMDut5Nt0brWKS+VRW
HgN9T5eYOy3wKPwbc7bmsPdgt5bOCS78F0luL5T6DPcf5mgE7XAv8qp+mwIDAQAB
AoGAXyirQvAvxQ9TCSJuGaezhhxkpnRXJtppGqBwXc75ct5jehzxht79+9cAU87O
ioixlNuEIgDn/bHB5TAAi9aGduwz9hsv4NpNQ89/z7tmRKq43QFpf9hFHxZ3Q4e9
Hmey7ZsJ3/TpqFNfhH0IkLy6fA5+iClss3b2/6BbqqL8drkCQQDb9TSAJW56LnY2
aRtImgEyoeg2iEgV98SuDvNNUpTYvG0pkFolFlhb49w5KCmKqOtPA+etc/K2vRJf
8zkfz/BnAkEA01kVZoojg/am0K184Qfotxr7+t8Rjxn4k4g6Eq7ryth/Uicffixx
9E9sp2aadEW+Lt5pao+BsIwxxtLhphkPrQJBALQi1KQ+A4Q8mMNmwNlshp6Yyjwe
0Cpth72ksM0aXJxDdIMdnTXSXvqiWbDVm2/bdxp28D21P4k4vtulrZrICPECQQDP
RzhQ57wrSXWThgLK5KndIy7sfWhIM81yTBHAjyOcPraoSMx/P3HHjTnf+CYVUO1U
JDe5FeO41dZfzCUYdM3FAkA8IXYe74FVG9VM9yzZYbZHaS17TCyztkqagIuUBfDe
g0frip4VCEHvh+qDk678GZ1tMJ30utuTx6JgXJ5HeuFi
-----END RSA PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCviD+QFnHcIhht
907faQI0P7Vp6oaFKEhhyTKvZ4VdxiOgsqm2yVzf1RQwtuxfapbaGadnkhIoEby4
J645pyRSdx9+AnCoIcd03xBXXyCwij172EiHu36Xg+ftCzdrftCq+er3o8hpEAIh
g7OxVPazzhxDaJVPEr0b9dNjNCuubGVPeNDC+N57NyQoNQBhgUI9y2m6pcRzPswQ
GBxSzHff3zMyn2hYL8j72SJSL84c3QZLAa5dlmvET3SVLVoQxm2DBABz63mUJoqn
bXwWznPeOi2GKw02ggD2gGM1HVjqjlPYKzXFoyLoiJVI3Aj3UXtZ4w0nq37DHXF1
Ixq6Bo/dAgMBAAECggEAGrgqtMw12MR344VZxDg/1aQ9ATpp76sKGZh+1qRzcKrQ
kY2gt+o+8POGd0PhB0U6YUi2atWZXfAVQhMIOk5vAP6RFKVacL1zlx69Zg9c8oKY
iVmK8N5hjr7Ndw/WB87uBJi2Y6vSvetp56AcoknEo+oj8z7gO4EmuDLbUqaGX65v
08wyrSoWYAUPDhXvOclReBITDkWuGzhd5IDv3kVmf9oizOO6gbKxh5speFKA91Yg
WMuBbi7hWB41Nn1ycSKfAx9W7kvBhxA35G/QKupXoTPoNNw5Z08zpg2tiqGlrVFS
xs5SagfBjxqF2I44y/xH9xv3WuYNPSsQDZANxat+AQKBgQDVbWWryhas9AyyQQdr
uJRCpBf6Gyzd/FwUnb3370YhK/mVogAIbyT2TwTliXjPYTccvDzP9mWnmH2QVBfG
e5NW7A3zYwCrculucdKL+PZ58PF/LuCzQUuSlZ72fhqIPHXi3Acipjk6NDLntI/4
OF6HO1ZwNqL7tsf2bFjarOjIbQKBgQDSi7+hI6rg/8ovt9UrJYZEv5bR8wHsZRB3
4uHvCHHkbNlvZiorAsaVO8w0EoSqT3tsxHTz6l1TskxQhznjru+/mn5QDVu4gHMh
BFewZ+PRZKxqx61Y1zlvRSHLWM1uXxVcCrBCIC3fFb50oluiCVcI+OE7qXPgX6zN
Iqd4XB8fMQKBgBT1nVp1iiyJ+wU2ZagqhETXIJOrP4i9U72ikBldIiH305biReaO
I68cq3pvObID9gmYYtB5fhorW4lk+MDBOgL7Q5N3UYWEz2/NNcQROwNWqiC3VdHE
w8stbmL+l1Rxu5H/0aORd2VD4wvmK41Q29ej+CUk+HSHyrNkiIVRHbsxAoGBALlq
rskG8y6QtQsO9uC3fCZBH14nhrMbUcRyfwwVwM8seNQdAde86wtzjOLyx/iAZK6l
2GUSKTxTEdf9LqLvZV20fbab/QFfxYP3Ig5Nf5jg8uJalLNfXso59Ify3X9spw/W
reCeHCeRK5flf5MUbJyPKTN0iIK5XyGMejWJ0zKRAoGAc2lrUlT64htPj1//kcgl
ILzQo51ujjzjOlHYanvN6ekMSfj3Q1ZCTJUp2ArVA64w7Jt16cEEEFCaP4+i9UaW
aM9/8tho4J29QSllAyxfUIF9i5gcElTfzRhpNGMVrnV/ynyOaTXzUkk7L6FH9soq
JS3kXA6oQN5NkW6AF/3X314=
-----END PRIVATE KEY-----

261
upstream/t/data/spam/razor2
View File

@ -1,152 +1,117 @@
From WalterYoung@oxente.net Fri Jun 7 08:44:21 2019
Received: from smtp-server1.cfdenselr.com ([103.223.64.66]) by smtp18.yenddx.com with LOCAL; Fri, 07 Jun 2019 21:44:21 +0900
Message-ID: <99E92467.A1199370@oxente.net>
Date: Fri, 07 Jun 2019 21:31:14 +0900
From: "Nicole" <WalterYoung@oxente.net>
User-Agent: Mozilla/5.0 (Macintosh; U; PPC; en-US; rv:1.0.1) Gecko/20020823 Netscape/7.0
X-Accept-Language: en-us
From info@presidentsummit2021.info Sat Jan 16 17:41:58 2021
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=default; d=presidentsummit2021.info;
h=Message-ID:Date:Subject:From:Reply-To:To:MIME-Version:Content-Type:List-Unsubscribe:List-Id; i=info@presidentsummit2021.info;
bh=zCmdjXCkxF7SXehJvLELwjWIpFs=;
b=1zD+yqjMCkkPLJ1VWPlx5VNRgSOmQyhalItexvfsHcuPkTbs7kniBWH99Kd0az5cKw0uZd9wkERP
2yhT4+KX6uY6hb9FWsbGGeZGXW7j948QdHIsO1FwfECH5wfjgIPIknzno7SZ6qeWMBlW0y6e0bET
Ngp2Ga4Ik2JGXprNW6HK3yf+s/0X5a0uNmXq3vrYKeSzKJ7vudPgE+5zmnTlBkk9pzjR9fE+vGhV
iwVPNr4nWUka27w6ebzskyiN5T3xUcPxrd9UXJ+yBQesO19jOvDjbGBFAClmmRQrMuxtdzEb/njF
Z7sfSMiNYYI+lMt04KXiiaESpATZ80ZrJ8qO0A==
DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=default; d=presidentsummit2021.info;
b=uMkknlU8C+GAM70ZbhmgIG1QwJVAyR2J3or3MC5rZdwPL5dBWSN3yCEwgK/cBptCtsW78enoZyyv
FFmcG+BILfK/b5DYPM21RjujHUQ4PPQE/nH7OtLAka8+w3S9x0lU4ldSpupgfgSAUvoMzqi43dwF
f68TdIOwHMpcql6WTud4kQCmip9LpdGVJe9e0wtqInf3qR/MmC4hRUJytdcnAAtpcA5coiYCJeRr
OMS4Y7UXoyXGMGAs9LNtDzlL2rcfvw7O7BqFKCicXVSOqj0VHovnhaftw/bW+TV81MOCGywDCkO/
8BP9Bx9X6xxTlyzGZiDjMv774BnatYcH1Peggg==;
Received: from presidentsummit2021.info (127.0.0.1) by ecow1.presidentsummit2021.info id h0dlrji19tki for <redact@redact.com>; Sat, 16 Jan 2021 22:41:58 +0000 (envelope-from <info-redact=redact.com@presidentsummit2021.info>)
Return-Path: <info@presidentsummit2021.info>
Message-ID: <4b0231c00308db9c803683968797800d@presidentsummit2021.info>
Date: Sat, 16 Jan 2021 22:41:58 +0000
Subject: RE: Campaign Leads
From: Rachel Griffin <info@presidentsummit2021.info>
Reply-To: Rachel Griffin <rachelgriffinmail@gmail.com>
To: "redact@redact.com" <redact@redact.com>
MIME-Version: 1.0
To: "Nicole" <redact@redact.com>
Subject: could you meet me today?
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: base64
X-KAM-Reverse: Passed - Reverse DNS of 161.82.84.187.oxente.net/187.84.82.161
X-Relay-Addr: 187.84.82.161
X-Relay-Host: [187.84.82.161]
X-Relay-Time: Fri Jun 7 02:46:20 2019
Content-Type: multipart/alternative;
boundary="_=_swift_v4_1610836918_a9651a24a0eda1c77c572d4cb05bc287_=_"
X-Ybzc-Tracking-Did: 0
X-Ybzc-Subscriber-Uid: gl421xmhpg4c3
X-Ybzc-Mailer: SwiftMailer - 5.4.x
X-Ybzc-EBS: http://presidentsummit2021.info/emm/index.php/lists/block-address
X-Ybzc-Delivery-Sid: 1
X-Ybzc-Customer-Uid: yc9451v43la86
X-Ybzc-Customer-Gid: 0
X-Ybzc-Campaign-Uid: zl108ds17n2de
X-Sender: info@presidentsummit2021.info
X-Report-Abuse: Please report abuse for this campaign here:
http://presidentsummit2021.info/emm/index.php/campaigns/zl108ds17n2de/report-abuse/mz251dhqpz1e6/gl421xmhpg4c3
X-Receiver: redact@redact.com
Precedence: bulk
List-Unsubscribe: <http://presidentsummit2021.info/emm/index.php/lists/mz251dhqpz1e6/unsubscribe/gl421xmhpg4c3/zl108ds17n2de/unsubscribe-direct?source=email-client-unsubscribe-button>,
<mailto:rachelgriffinmail@gmail.com?subject=Campaign-Uid:zl108ds17n2de /
Subscriber-Uid:gl421xmhpg4c3 - Unsubscribe request&body=Please unsubscribe
me!>
List-Id: mz251dhqpz1e6 <A3>
Feedback-ID: zl108ds17n2de:gl421xmhpg4c3:mz251dhqpz1e6:yc9451v43la86
X-KAM-Reverse: Passed - Reverse DNS of ip218.ip-51-83-191.eu/51.83.191.218
X-Relay-Addr: 51.83.191.218
X-Relay-Host: ip218.ip-51-83-191.eu
X-Relay-Time: Sat Jan 16 17:42:03 2021
Status: RO
PCFkb2N0eXBlIGh0bWw+DQo8aHRtbD4NCjxoZWFkPg0KPG1ldGEgY2hhcnNl
dD0idXRmLTgiPg0KPC9oZWFkPg0KPGJvZHk+DQo8dGFibGUgd2lkdGg9IjYw
MCIgYm9yZGVyPSIwIiBhbGlnbj0iY2VudGVyIiBzdHlsZT0iZm9udC1mYW1p
bHk6IEFyaWFsOyBmb250LXNpemU6IDE4cHgiPg0KPHRib2R5Pg0KPHRyPg0K
PHRoIGhlaWdodD0iNzkiIHNjb3BlPSJjb2wiPkxvb2tpbmcgZm9yIGhvdCBn
aXJscyBhbmQgd29tZW5zPzxwPjwvcD48L3RoPg0KPC90cj4NCjx0cj4NCjx0
ZCBoZWlnaHQ9IjYzIiBhbGlnbj0iY2VudGVyIiBiZ2NvbG9yPSIjQzEwMDAz
IiBzdHlsZT0iY29sb3I6ICNGRkZGRkY7IGZvbnQtc2l6ZTogMjRweDsgZm9u
dC1mYW1pbHk6IEFyaWFsIj5XYW50IHNleCB0b25pZ2h0LCBhbmQgbmV3IHB1
c3N5IGV2ZXJ5IGRheT88aGVhZGVyPjwvaGVhZGVyPjwvdGQ+DQo8L3RyPg0K
PHRyPg0KPHRkIGhlaWdodD0iMTMzIiBhbGlnbj0iY2VudGVyIj48cD5IZXJl
IHlvdSBjYW4gZmluZCBhbnkgZ2lybCBmb3Igc2V4ISBUaGV5IGFsbCB3YW50
IHRvIGZ1Y2suPHRhYmxlIHdpZHRoPSIxNyUiIGJvcmRlcj0iMCI+PHRib2R5
Pjx0cj48dGQ+PC90ZD48L3RyPjwvdGJvZHk+PC90YWJsZT48L3A+DQo8cD48
YSBocmVmPSJodHRwOi8vaG90bWFyeS5zdSIgc3R5bGU9ImZvbnQtZmFtaWx5
OiBBcmlhbDsgZm9udC1zaXplOiAxOHB4OyBjb2xvcjogIzNGNTBGQzsiPmh0
dHA6Ly9ob3RtYXJ5LnN1PC9hPjwvcD48dGFibGUgd2lkdGg9IjYwJSIgYm9y
ZGVyPSIwIj48dGJvZHk+PHRyPjx0ZD48L3RkPjx0ZD48L3RkPjx0ZD48L3Rk
PjwvdHI+PC90Ym9keT48L3RhYmxlPg0KPHA+RG8gbm90IGJlIHNoeSwgY29t
ZSBhbmQgY2hvb3NlITwvcD48aHI+DQo8cD5Gb3IgZXhhbXBsZSwgcmlnaHQg
bm93IHRoZXNlIGdpcmxzICA8c3Ryb25nPkZST00gWU9VUiBDSVRZPC9zdHJv
bmc+IGFyZSByZWFkeSB0byBmdWNrLiBXYW50IG90aGVycz8gQ29tZSB0byBv
dXIgc2l0ZSEgPT0+IDxhIGhyZWY9Imh0dHA6Ly9ob3RtYXJ5LnN1IiBzdHls
ZT0iZm9udC1mYW1pbHk6IEFyaWFsOyBmb250LXNpemU6IDE4cHg7IGNvbG9y
OiAjM0Y1MEZDOyI+aHR0cDovL2hvdG1hcnkuc3U8L2E+PC9wPg0KPG9sPjwv
b2w+PC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90YWJsZT48aGVhZGVyPjwv
aGVhZGVyPg0KPHRhYmxlIHdpZHRoPSI2MDAiIGJvcmRlcj0iMCIgYWxpZ249
ImNlbnRlciI+DQo8dGJvZHk+DQo8dHI+DQo8dGg+PGEgaHJlZj0iaHR0cDov
L2hvdG1hcnkuc3UiPjxpbWcgc3JjPSJodHRwOi8vMjQtaW5mby5pbmZvL3Vw
bG9hZHMvcG9zdHMvMjAxOC0xMS9kYXZheXRlLXZ6Z2x5YW5lbS1jaHRvLXUt
ZGV2dXNoZWstcG9kLW1heWtveS0zMS1mb3RvXzkuanBnIiB3aWR0aD0iMjgw
IiBhbHQ9InBob3RvIG9uZSIvPjwvYT48L3RoPg0KPHRoPjxhIGhyZWY9Imh0
dHA6Ly9ob3RtYXJ5LnN1Ij48aW1nIHNyYz0iaHR0cDovLzI0LWluZm8uaW5m
by91cGxvYWRzL3Bvc3RzLzIwMTgtMTEvZ3J1ZGFzdHllLWRldnVzaGtpLWl6
LXNvY2lhbG55aC1zZXRleS01NS1mb3RvXzE1LmpwZyIgd2lkdGg9IjI4MCIg
YWx0PSJwaG90byB0d28iLz48L2E+PC90aD4NCjwvdHI+DQo8dHI+DQo8dGQ+
PGxhYmVsPjwvbGFiZWw+PC90ZD4NCjx0ZD48dGFibGUgd2lkdGg9IjQxJSIg
Ym9yZGVyPSIwIj48dGJvZHk+PHRyPjx0ZD48L3RkPjx0ZD48L3RkPjx0ZD48
L3RkPjx0ZD48L3RkPjx0ZD48L3RkPjwvdHI+PC90Ym9keT48L3RhYmxlPjwv
dGQ+DQo8L3RyPg0KPHRyPg0KPHRkPjxhIGhyZWY9Imh0dHA6Ly9ob3RtYXJ5
LnN1Ij48aW1nIHNyYz0iaHR0cDovLzI0LWluZm8uaW5mby91cGxvYWRzL3Bv
c3RzLzIwMTgtMTAvMTU0MDI0NTM4OV9lb2xtenV1MGRiYy5qcGciIHdpZHRo
PSIyODAiIGFsdD0icGhvdG8gdGhyZWUiLz48L2E+PC90ZD4NCjx0ZD48YSBo
cmVmPSJodHRwOi8vaG90bWFyeS5zdSI+PGltZyBzcmM9Imh0dHA6Ly8yNC1p
bmZvLmluZm8vdXBsb2Fkcy9wb3N0cy8yMDE4LTEwLzE1NDAyNDU0MThfLWty
YXNpdmF5YS1maWd1cmEta3Jhc2l2YXlhLWRldnVzaGthLWtyYXNpdmF5YS1n
cnVkLTE4NTc2NDAuanBlZyIgd2lkdGg9IjI4MCIgYWx0PSJwaG90byBmb3Vy
Ii8+PC9hPjwvdGQ+DQo8L3RyPg0KPC90Ym9keT4NCjwvdGFibGU+DQo8cD48
YnI+IDwvcD4NCjx0YWJsZSB3aWR0aD0iNjAwIiBib3JkZXI9IjAiIGFsaWdu
PSJjZW50ZXIiPg0KPHRib2R5Pg0KPHRyPg0KPHRkPjxhIGhyZWY9Imh0dHA6
Ly9ob3RtYXJ5LnN1Ij4NCjx0YWJsZT4NCjx0cj4NCjx0ZCB2YWxpZ249InRv
cCIgc3R5bGU9ImJhY2tncm91bmQ6IHVybChodHRwOi8vMjQtaW5mby5pbmZv
L3VwbG9hZHMvcG9zdHMvMjAxOC0wNy9kZXZ1c2hraS1mb3RvZ3JhZmlydXl1
dC1zZWJ5YS1wZXJlZC16ZXJrYWxvbS03MC1mb3RvXzYuanBnKSBuby1yZXBl
YXQgY2VudGVyO2JhY2tncm91bmQtcG9zaXRpb246IHRvcDtiYWNrZ3JvdW5k
LXNpemU6IGNvdmVyOyI+PCEtLVtpZiBndGUgbXNvIDldPiA8djpyZWN0IHht
bG5zOnY9InVybjpzY2hlbWFzLW1pY3Jvc29mdC1jb206dm1sIiBmaWxsPSJ0
cnVlIiBzdHJva2U9ImZhbHNlIiBzdHlsZT0ibXNvLXdpZHRoLXBlcmNlbnQ6
MTAwMDtoZWlnaHQ6NDAwcHg7Ij4gPHY6ZmlsbCB0eXBlPSJ0aWxlIiBzcmM9
Imh0dHA6Ly8yNC1pbmZvLmluZm8vdXBsb2Fkcy9wb3N0cy8yMDE4LTExL2dy
dWRhc3R5ZS1kZXZ1c2hraS1pei1zb2NpYWxueWgtc2V0ZXktNTUtZm90b18x
NS5qcGciIC8+IDx2OnRleHRib3ggaW5zZXQ9IjAsMCwwLDAiPiA8IVtlbmRp
Zl0tLT48b2w+PHA+PC9wPjwvb2w+DQo8ZGl2Pg0KPGNlbnRlcj4NCjx0YWJs
ZSBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiIHdpZHRoPSIyODAi
IGhlaWdodD0iNDAwIj4NCjx0cj4NCjx0ZCB2YWxpZ249Im1pZGRsZSIgc3R5
bGU9InZlcnRpY2FsLWFsaWduOm1pZGRsZTt0ZXh0LWFsaWduOmxlZnQ7IiBj
bGFzcz0ibW9iaWxlLWNlbnRlciIgaGVpZ2h0PSI0MDAiPjxvbD48L29sPiA8
L3RkPg0KPC90cj4NCjwvdGFibGU+DQo8L2NlbnRlcj4NCjwvZGl2Pg0KPCEt
LVtpZiBndGUgbXNvIDldPiA8L3Y6dGV4dGJveD4gPC92OnJlY3Q+IDwhW2Vu
ZGlmXS0tPjwvdGQ+DQo8L3RyPg0KPC90YWJsZT48L2E+DQo8L3RkPg0KPHRk
Pg0KPGEgaHJlZj0iaHR0cDovL2hvdG1hcnkuc3UiPg0KPHRhYmxlPg0KPHRy
Pg0KPHRkIHZhbGlnbj0idG9wIiBzdHlsZT0iYmFja2dyb3VuZDogdXJsKGh0
dHA6Ly8yNC1pbmZvLmluZm8vdXBsb2Fkcy9wb3N0cy8yMDE4LTExL2dydWRh
c3R5ZS1kZXZ1c2hraS1pei1zb2NpYWxueWgtc2V0ZXktNTUtZm90b18yOC5q
cGcpIG5vLXJlcGVhdCBjZW50ZXI7YmFja2dyb3VuZC1wb3NpdGlvbjogdG9w
O2JhY2tncm91bmQtc2l6ZTogY292ZXI7Ij48IS0tW2lmIGd0ZSBtc28gOV0+
IDx2OnJlY3QgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2
bWwiIGZpbGw9InRydWUiIHN0cm9rZT0iZmFsc2UiIHN0eWxlPSJtc28td2lk
dGgtcGVyY2VudDoxMDAwO2hlaWdodDo0MDBweDsiPiA8djpmaWxsIHR5cGU9
InRpbGUiIHNyYz0iaHR0cDovLzI0LWluZm8uaW5mby91cGxvYWRzL3Bvc3Rz
LzIwMTgtMTEvZ3J1ZGFzdHllLWRldnVzaGtpLWl6LXNvY2lhbG55aC1zZXRl
eS01NS1mb3RvXzI1LmpwZyIgLz4gPHY6dGV4dGJveCBpbnNldD0iMCwwLDAs
MCI+IDwhW2VuZGlmXS0tPjxwPjwvcD4NCjxkaXY+DQo8Y2VudGVyPg0KPHRh
YmxlIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCIgd2lkdGg9IjI4
MCIgaGVpZ2h0PSI0MDAiPg0KPHRyPg0KPHRkIHZhbGlnbj0ibWlkZGxlIiBz
dHlsZT0idmVydGljYWwtYWxpZ246bWlkZGxlO3RleHQtYWxpZ246bGVmdDsi
IGNsYXNzPSJtb2JpbGUtY2VudGVyIiBoZWlnaHQ9IjQwMCI+PGRpdj48L2Rp
dj4gPC90ZD4NCjwvdHI+DQo8L3RhYmxlPg0KPC9jZW50ZXI+DQo8L2Rpdj4N
CjwhLS1baWYgZ3RlIG1zbyA5XT4gPC92OnRleHRib3g+IDwvdjpyZWN0PiA8
IVtlbmRpZl0tLT48L3RkPg0KPC90cj4NCjwvdGFibGU+PC9hPg0KPC90ZD4N
CjwvdHI+DQo8dHI+DQo8dGQ+DQo8YSBocmVmPSJodHRwOi8vaG90bWFyeS5z
dSI+DQo8dGFibGU+DQo8dHI+DQo8dGQgdmFsaWduPSJ0b3AiIHN0eWxlPSJi
YWNrZ3JvdW5kOiB1cmwoaHR0cDovLzI0LWluZm8uaW5mby91cGxvYWRzL3Bv
c3RzLzIwMTgtMTEvZ3J1ZGFzdHllLWRldnVzaGtpLWl6LXNvY2lhbG55aC1z
ZXRleS01NS1mb3RvXzQwLmpwZykgbm8tcmVwZWF0IGNlbnRlcjtiYWNrZ3Jv
dW5kLXBvc2l0aW9uOiB0b3A7YmFja2dyb3VuZC1zaXplOiBjb3ZlcjsiPjwh
LS1baWYgZ3RlIG1zbyA5XT4gPHY6cmVjdCB4bWxuczp2PSJ1cm46c2NoZW1h
cy1taWNyb3NvZnQtY29tOnZtbCIgZmlsbD0idHJ1ZSIgc3Ryb2tlPSJmYWxz
ZSIgc3R5bGU9Im1zby13aWR0aC1wZXJjZW50OjEwMDA7aGVpZ2h0OjQwMHB4
OyI+IDx2OmZpbGwgdHlwZT0idGlsZSIgc3JjPSJodHRwOi8vMjQtaW5mby5p
bmZvL3VwbG9hZHMvcG9zdHMvMjAxOC0xMS9kZXZ1c2hraS1zLWtyYXNpdm95
LWdydWR5dS00MC1mb3RvXzUuanBnIiAvPiA8djp0ZXh0Ym94IGluc2V0PSIw
LDAsMCwwIj4gPCFbZW5kaWZdLS0+PG9sPjxwPjwvcD48L29sPg0KPGRpdj4N
CjxjZW50ZXI+DQo8dGFibGUgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5n
PSIwIiB3aWR0aD0iMjgwIiBoZWlnaHQ9IjQwMCI+DQo8dHI+DQo8dGQgdmFs
aWduPSJtaWRkbGUiIHN0eWxlPSJ2ZXJ0aWNhbC1hbGlnbjptaWRkbGU7dGV4
dC1hbGlnbjpsZWZ0OyIgY2xhc3M9Im1vYmlsZS1jZW50ZXIiIGhlaWdodD0i
NDAwIj48b2w+PC9vbD4gPC90ZD4NCjwvdHI+DQo8L3RhYmxlPg0KPC9jZW50
ZXI+DQo8L2Rpdj4NCjwhLS1baWYgZ3RlIG1zbyA5XT4gPC92OnRleHRib3g+
IDwvdjpyZWN0PiA8IVtlbmRpZl0tLT48L3RkPg0KPC90cj4NCjwvdGFibGU+
PC9hPg0KPC90ZD4NCjx0ZD4NCjxhIGhyZWY9Imh0dHA6Ly9ob3RtYXJ5LnN1
Ij4NCjx0YWJsZT4NCjx0cj4NCjx0ZCB2YWxpZ249InRvcCIgc3R5bGU9ImJh
Y2tncm91bmQ6IHVybChodHRwOi8vMjQtaW5mby5pbmZvL3VwbG9hZHMvcG9z
dHMvMjAxOC0xMS9kZXZ1c2hraS1zLWtyYXNpdm95LWdydWR5dS00MC1mb3Rv
XzIwLmpwZykgbm8tcmVwZWF0IGNlbnRlcjtiYWNrZ3JvdW5kLXBvc2l0aW9u
OiB0b3A7YmFja2dyb3VuZC1zaXplOiBjb3ZlcjsiPjwhLS1baWYgZ3RlIG1z
byA5XT4gPHY6cmVjdCB4bWxuczp2PSJ1cm46c2NoZW1hcy1taWNyb3NvZnQt
Y29tOnZtbCIgZmlsbD0idHJ1ZSIgc3Ryb2tlPSJmYWxzZSIgc3R5bGU9Im1z
by13aWR0aC1wZXJjZW50OjEwMDA7aGVpZ2h0OjQwMHB4OyI+IDx2OmZpbGwg
dHlwZT0idGlsZSIgc3JjPSJodHRwczovL3NleHluYS5vcmcvd3AtY29udGVu
dC91cGxvYWRzLzIwMTkvMDEvTmFoJUMzJUE5LWhvbGt5LXplLXNuYXBjaGF0
dS0wMDI2LmpwZyIgLz4gPHY6dGV4dGJveCBpbnNldD0iMCwwLDAsMCI+IDwh
W2VuZGlmXS0tPjxoZWFkZXI+PC9oZWFkZXI+DQo8ZGl2Pg0KPGNlbnRlcj4N
Cjx0YWJsZSBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiIHdpZHRo
PSIyODAiIGhlaWdodD0iNDAwIj4NCjx0cj4NCjx0ZCB2YWxpZ249Im1pZGRs
ZSIgc3R5bGU9InZlcnRpY2FsLWFsaWduOm1pZGRsZTt0ZXh0LWFsaWduOmxl
ZnQ7IiBjbGFzcz0ibW9iaWxlLWNlbnRlciIgaGVpZ2h0PSI0MDAiPjxuYXY+
PC9uYXY+IDwvdGQ+DQo8L3RyPg0KPC90YWJsZT4NCjwvY2VudGVyPg0KPC9k
aXY+DQo8IS0tW2lmIGd0ZSBtc28gOV0+IDwvdjp0ZXh0Ym94PiA8L3Y6cmVj
dD4gPCFbZW5kaWZdLS0+PC90ZD4NCjwvdHI+DQo8L3RhYmxlPjwvYT4NCjwv
dGQ+DQo8L3RyPg0KPC90Ym9keT4NCjwvdGFibGU+DQoNCjxkaXY+PC9kaXY+
DQo8L2JvZHk+DQo8L2h0bWw+DQo=
--_=_swift_v4_1610836918_a9651a24a0eda1c77c572d4cb05bc287_=_
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Email marketing to your target audience(any city/any country) from our
database will generate massive leads and set appointments, we have
verified and targeted 60Mil B2B and 180 Mil B2C data for all
categories globally. We will share opens and clicks also with the
complete=C2=A0report
=C2=A0 *=C2=A0 =C2=A0Basic Plan: At=C2=A0$250=C2=A0we will send 100,000 Ema=
ils within a
month to your target audience
=C2=A0 *=C2=A0 =C2=A0Standard Plan: At $750 we will send 1Mil Emails within=
a
month to your target audience
=C2=A0 *=C2=A0 =C2=A0Premium plan: At $1,999 we will send 5Mil Emails withi=
n a
month to your target audience
Thanks and let me know if you wish to know more.
Rachel Griffin
Email Marketing
Unsubscribe
http://presidentsummit2021.info/emm/index.php/lists/mz251dhqpz1e6/unsubscri=
be/gl421xmhpg4c3/zl108ds17n2de
--_=_swift_v4_1610836918_a9651a24a0eda1c77c572d4cb05bc287_=_
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE html>
<html>
<head><meta charset=3D"utf-8"/>
<title></title>
</head>
<body>
<p>Email marketing to your target audience(any city/any country) from our d=
atabase will generate massive leads and set appointments, we have verified =
and targeted 60Mil B2B and 180 Mil B2C data for all categories globally. We=
will share opens and clicks also with the complete=C2=A0report</p>
<p>=C2=A0 *=C2=A0 =C2=A0Basic Plan: At=C2=A0$250=C2=A0we will send 100,000 =
Emails within a month to your target audience<br />
=C2=A0 *=C2=A0 =C2=A0Standard Plan: At $750 we will send 1Mil Emails within=
a month to your target audience<br />
=C2=A0 *=C2=A0 =C2=A0Premium plan: At $1,999 we will send 5Mil Emails withi=
n a month to your target audience<br />
<br />
Thanks and let me know if you wish to know more.</p>
<p><b>Rachel Griffin<br />
Email Marketing</b></p>
<p><br />
<br />
<br />
<a href=3D"http://presidentsummit2021.info/emm/index.php/lists/mz251dhqpz1e=
6/unsubscribe/gl421xmhpg4c3/zl108ds17n2de">Unsubscribe</a></p>
<img width=3D"1" height=3D"1" src=3D"http://presidentsummit2021.info/emm/in=
dex.php/campaigns/zl108ds17n2de/track-opening/gl421xmhpg4c3" alt=3D"" />
</body>
</html>
--_=_swift_v4_1610836918_a9651a24a0eda1c77c572d4cb05bc287_=_--

5
upstream/t/dkim.t
View File

@ -4,6 +4,7 @@ use strict;
use warnings;
use re 'taint';
use lib '.'; use lib 't';
use version 0.77;
use SATest; sa_t_init("dkim");
@ -11,13 +12,13 @@ use vars qw(%patterns %anti_patterns);
use constant HAS_DKIM_VERIFIER => eval {
require Mail::DKIM::Verifier;
Mail::DKIM::Verifier->VERSION >= 0.31;
version->parse(Mail::DKIM::Verifier->VERSION) >= version->parse->(0.31);
};
use Test::More;
plan skip_all => "Net tests disabled" unless conf_bool('run_net_tests');
plan skip_all => "Needs Mail::DKIM::Verifier >= 0.31" unless HAS_DKIM_VERIFIER ;
plan tests => 226;
plan tests => 258;
BEGIN {
if (-e 't/test_dir') {

2
upstream/t/sa_awl.t
View File

@ -21,7 +21,7 @@ sarun("--add-addr-to-whitelist whitelist_test\@whitelist.spamassassin.taint.org"
\&patterns_run_cb);
untaint_system("pwd");
untaint_system("../sa-awl --clean --min 9999 ./log/awltest");
saawlrun("--clean --min 9999 ./log/awltest");
sarun ("-L -t < data/spam/004", \&patterns_run_cb);
ok_all_patterns();

4
upstream/t/sa_check_spamd.t
View File

@ -22,10 +22,10 @@ ok(spamcrun("< data/spam/001", \&patterns_run_cb));
ok_all_patterns();
my $p = $spamdport;
untaint_system("../sa-check_spamd --hostname $spamdhost --port $p --verbose");
sacheckspamdrun("--hostname $spamdhost --port $p --verbose");
ok (($? >> 8) == 0);
ok(stop_spamd());
untaint_system("../sa-check_spamd --hostname $spamdhost --port $p --verbose");
sacheckspamdrun("--hostname $spamdhost --port $p --verbose");
ok (($? >> 8) != 0);

5
upstream/t/spamd_ssl.t
View File

@ -24,7 +24,8 @@ q{ This must be the very last line}, 'lastline',
);
ok (sdrun ("-L --ssl --server-key data/etc/testhost.key --server-cert data/etc/testhost.cert",
"--ssl < data/spam/001",
my $port = probably_unused_spamd_port();
ok (sdrun ("-L --ssl --port $port --server-key data/etc/testhost.key --server-cert data/etc/testhost.cert",
"--ssl --port $port < data/spam/001",
\&patterns_run_cb));
ok_all_patterns();

7
upstream/t/spamd_ssl_accept_fail.t
View File

@ -25,9 +25,10 @@ q{ This must be the very last line}, 'lastline',
);
ok (start_spamd ("-L --ssl --server-key data/etc/testhost.key --server-cert data/etc/testhost.cert"));
ok (spamcrun ("< data/spam/001", \&patterns_run_cb));
ok (spamcrun ("--ssl < data/spam/001", \&patterns_run_cb));
my $port = probably_unused_spamd_port();
ok (start_spamd ("-L --ssl --port $port --server-key data/etc/testhost.key --server-cert data/etc/testhost.cert"));
ok (spamcrun ("--port $port < data/spam/001", \&patterns_run_cb));
ok (spamcrun ("--ssl --port $port < data/spam/001", \&patterns_run_cb));
ok (stop_spamd ());
ok_all_patterns();

31
upstream/t/spf.t
View File

@ -22,15 +22,14 @@ use constant HAS_UNSAFE_HOSTNAME => # Bug 3806 - module exists and is old
plan skip_all => "Long running tests disabled" unless conf_bool('run_long_tests');
plan skip_all => "Net tests disabled" unless conf_bool('run_net_tests');
plan skip_all => "Need Mail::SPF or Mail::SPF::Query" unless (HAS_SPFQUERY || HAS_MAILSPF);
plan skip_all => "root required" unless AM_ROOT;
plan skip_all => "Sys::Hostname::Long > 1.4 required." if HAS_UNSAFE_HOSTNAME;
plan skip_all => "Test only designed for Windows, Linux or OpenBSD" unless (IS_LINUX || IS_OPENBSD || IS_WINDOWS);
if(HAS_SPFQUERY && HAS_MAILSPF) {
plan tests => 106;
plan tests => 110;
}
else {
plan tests => 58; # TODO: These should be skips down in the code, not changing the test count.
plan tests => 62; # TODO: These should be skips down in the code, not changing the test count.
}
# ---------------------------------------------------------------------------
@ -504,3 +503,29 @@ sarun ("-t < data/nice/spf3-received-spf", \&patterns_run_cb);
ok_all_patterns();
# test unwhitelist_auth and unwhitelist_from_spf
tstprefs("
whitelist_auth newsalerts-noreply\@dnsbltest.spamassassin.org
def_whitelist_auth newsalerts-noreply\@dnsbltest.spamassassin.org
unwhitelist_auth newsalerts-noreply\@dnsbltest.spamassassin.org
whitelist_from_spf *\@dnsbltest.spamassassin.org
def_whitelist_from_spf *\@dnsbltest.spamassassin.org
unwhitelist_from_spf *\@dnsbltest.spamassassin.org
");
%patterns = (
q{ SPF_HELO_PASS }, 'helo_pass',
q{ SPF_PASS }, 'pass',
);
%anti_patterns = (
q{ USER_IN_SPF_WHITELIST }, 'spf_whitelist',
q{ USER_IN_DEF_SPF_WL }, 'default_spf_whitelist',
);
sarun ("-t < data/nice/spf1", \&patterns_run_cb);
ok_all_patterns();