spacefreak/pyquarantine-milter
1
0
Fork 0
Code Issues Pull Requests Releases Activity

add quarantine functionality and refactor

Browse Source
This commit is contained in:
Thomas Oettli
2021-09-21 00:06:15 +02:00
parent 42e65848c4
commit cd470e8947
8 changed files with 157 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
pymodmilter/__init__.py
View File

@@ -132,7 +132,7 @@ class ModifyMilterConfig(BaseConfig):
rule_cfg["loglevel"] = self.loglevel rule_cfg["loglevel"] = self.loglevel
if "pretend" not in rule_cfg: if "pretend" not in rule_cfg:
rule_cfg["pretend"] = self.pretend rule_cfg["pretend"] = self.pretend
self.rules.append(RuleConfig(rule_cfg, debug)) self.rules.append(RuleConfig(rule_cfg, self.local_addrs, debug))
class ModifyMilter(Milter.Base): class ModifyMilter(Milter.Base):
@@ -148,7 +148,7 @@ class ModifyMilter(Milter.Base):
ModifyMilter._loglevel = cfg.loglevel ModifyMilter._loglevel = cfg.loglevel
for rule_cfg in cfg.rules: for rule_cfg in cfg.rules:
ModifyMilter._rules.append( ModifyMilter._rules.append(
Rule(rule_cfg, cfg.local_addrs)) Rule(rule_cfg))
def __init__(self): def __init__(self):
self.logger = logging.getLogger(__name__) self.logger = logging.getLogger(__name__)
@@ -362,14 +362,15 @@ class ModifyMilter(Milter.Base):
del data del data
if milter_action is not None: if milter_action is not None:
if milter_action["action"] == "reject": action, reason = milter_action
self.setreply("554", "5.7.0", milter_action["reason"]) if action == "REJECT":
self.setreply("554", "5.7.0", reason)
return Milter.REJECT return Milter.REJECT
if milter_action["action"] == "accept": if action == "ACCEPT":
return Milter.ACCEPT return Milter.ACCEPT
if milter_action["action"] == "discard": if action == "DISCARD":
return Milter.DISCARD return Milter.DISCARD
except Exception as e: except Exception as e:

86
pymodmilter/action.py
View File

@@ -29,11 +29,15 @@ class ActionConfig(BaseConfig):
"add_disclaimer": "_add_disclaimer", "add_disclaimer": "_add_disclaimer",
"rewrite_links": "_rewrite_links", "rewrite_links": "_rewrite_links",
"store": "_store", "store": "_store",
"notify": "_notify"} "notify": "_notify",
"quarantine": "_quarantine"}
def __init__(self, cfg, debug): def __init__(self, cfg, local_addrs, debug):
super().__init__(cfg, debug) super().__init__(cfg, debug)
self.local_addrs = local_addrs
self.debug = debug
self.pretend = False self.pretend = False
if "pretend" in cfg: if "pretend" in cfg:
assert isinstance(cfg["pretend"], bool), \ assert isinstance(cfg["pretend"], bool), \
@@ -47,7 +51,7 @@ class ActionConfig(BaseConfig):
assert cfg["type"] in ActionConfig.TYPES, \ assert cfg["type"] in ActionConfig.TYPES, \
f"{self.name}: type: invalid action type" f"{self.name}: type: invalid action type"
getattr(self, cfg["type"])(cfg) getattr(self, ActionConfig.TYPES[cfg["type"]])(cfg)
if "conditions" in cfg: if "conditions" in cfg:
assert isinstance(cfg["conditions"], dict), \ assert isinstance(cfg["conditions"], dict), \
@@ -55,7 +59,8 @@ class ActionConfig(BaseConfig):
cfg["conditions"]["name"] = f"{self.name}: condition" cfg["conditions"]["name"] = f"{self.name}: condition"
if "loglevel" not in cfg["conditions"]: if "loglevel" not in cfg["conditions"]:
cfg["conditions"]["loglevel"] = self.loglevel cfg["conditions"]["loglevel"] = self.loglevel
self.conditions = ConditionsConfig(cfg["conditions"], debug) self.conditions = ConditionsConfig(
cfg["conditions"], local_addrs, debug)
else: else:
self.conditions = None self.conditions = None
@@ -64,32 +69,28 @@ class ActionConfig(BaseConfig):
f"type={cfg['type']}, " f"type={cfg['type']}, "
f"args={self.args}") f"args={self.args}")
def add_header(self, cfg): def _add_header(self, cfg):
self.action = modify.AddHeader self.action = modify.AddHeader
self.headersonly = True
self.add_string_arg(cfg, ["field", "value"]) self.add_string_arg(cfg, ["field", "value"])
def mod_header(self, cfg): def _mod_header(self, cfg):
self.action = modify.ModHeader self.action = modify.ModHeader
self.headersonly = True
args = ["field", "value"] args = ["field", "value"]
if "search" in cfg: if "search" in cfg:
args.append("search") args.append("search")
self.add_string_arg(cfg, args) self.add_string_arg(cfg, args)
def del_header(self, cfg): def _del_header(self, cfg):
self.action = modify.DelHeader self.action = modify.DelHeader
self.headersonly = True
args = ["field"] args = ["field"]
if "value" in cfg: if "value" in cfg:
args.append("value") args.append("value")
self.add_string_arg(cfg, args) self.add_string_arg(cfg, args)
def add_disclaimer(self, cfg): def _add_disclaimer(self, cfg):
self.action = modify.AddDisclaimer self.action = modify.AddDisclaimer
self.headersonly = False
if "error_policy" not in cfg: if "error_policy" not in cfg:
cfg["error_policy"] = "wrap" cfg["error_policy"] = "wrap"
@@ -105,14 +106,11 @@ class ActionConfig(BaseConfig):
f"{self.name}: error_policy: invalid value, " \ f"{self.name}: error_policy: invalid value, " \
f"should be 'wrap', 'ignore' or 'reject'" f"should be 'wrap', 'ignore' or 'reject'"
def rewrite_links(self, cfg): def _rewrite_links(self, cfg):
self.action = modify.RewriteLinks self.action = modify.RewriteLinks
self.headersonly = False
self.add_string_arg(cfg, "repl") self.add_string_arg(cfg, "repl")
def store(self, cfg): def _store(self, cfg):
self.headersonly = False
assert "storage_type" in cfg, \ assert "storage_type" in cfg, \
f"{self.name}: mandatory parameter 'storage_type' not found" f"{self.name}: mandatory parameter 'storage_type' not found"
assert isinstance(cfg["storage_type"], str), \ assert isinstance(cfg["storage_type"], str), \
@@ -126,9 +124,6 @@ class ActionConfig(BaseConfig):
self.action = storage.FileMailStorage self.action = storage.FileMailStorage
self.add_string_arg(cfg, "directory") self.add_string_arg(cfg, "directory")
if "skip_metadata" in cfg:
self.add_bool_arg(cfg, "skip_metadata")
if "metavar" in cfg: if "metavar" in cfg:
self.add_string_arg(cfg, "metavar") self.add_string_arg(cfg, "metavar")
@@ -136,16 +131,15 @@ class ActionConfig(BaseConfig):
raise RuntimeError( raise RuntimeError(
f"{self.name}: storage_type: invalid storage type") f"{self.name}: storage_type: invalid storage type")
def notify(self, cfg): def _notify(self, cfg):
self.headersonly = False
self.action = notify.EMailNotification self.action = notify.EMailNotification
args = ["smtp_host", "envelope_from", "from_header", "subject", args = ["smtp_host", "envelope_from", "from_header", "subject",
"template"] "template"]
if "repl_img" in cfg: if "repl_img" in cfg:
args.append("repl_img") args.append("repl_img")
self.add_string_arg(cfg, args) self.add_string_arg(cfg, args)
self.add_int_arg(cfg, "smtp_port") self.add_int_arg(cfg, "smtp_port")
if "embed_imgs" in cfg: if "embed_imgs" in cfg:
@@ -155,25 +149,63 @@ class ActionConfig(BaseConfig):
f"should be list of strings" f"should be list of strings"
self.args["embed_imgs"] = cfg["embed_imgs"] self.args["embed_imgs"] = cfg["embed_imgs"]
def _quarantine(self, cfg):
self.action = storage.Quarantine
assert "storage" in cfg, \
f"{self.name}: mandatory parameter 'storage' not found"
assert isinstance(cfg["storage"], dict), \
f"{self.name}: storage: invalid value, " \
f"should be dict"
cfg["storage"]["type"] = "store"
cfg["storage"]["name"] = f"{self.name}: storage"
args = ["storage"]
if "notification" in cfg:
assert isinstance(cfg["notification"], dict), \
f"{self.name}: notification: invalid value, " \
f"should be dict"
cfg["notification"]["type"] = "notify"
cfg["notification"]["name"] = f"{self.name}: notification"
args.append("notification")
for arg in args:
if "loglevel" not in cfg[arg]:
cfg[arg]["loglevel"] = self.loglevel
if "pretend" not in cfg[arg]:
cfg[arg]["pretend"] = self.pretend
self.args[arg] = ActionConfig(
cfg[arg], self.local_addrs, self.debug)
if "milter_action" in cfg:
self.add_string_arg(cfg, "milter_action")
self.args["milter_action"] = self.args["milter_action"].upper()
assert self.args["milter_action"] in ["REJECT", "DISCARD",
"ACCEPT"], \
f"{self.name}: milter_action: invalid value, " \
f"should be 'ACCEPT', 'REJECT' or 'DISCARD'"
if self.args["milter_action"] == "REJECT":
if "reject_reason" in cfg:
self.add_string_arg(cfg, "reject_reason")
class Action: class Action:
"""Action to implement a pre-configured action to perform on e-mails.""" """Action to implement a pre-configured action to perform on e-mails."""
def __init__(self, cfg, local_addrs): def __init__(self, cfg):
self.logger = cfg.logger self.logger = cfg.logger
if cfg.conditions is None: if cfg.conditions is None:
self.conditions = None self.conditions = None
else: else:
self.conditions = Conditions(cfg.conditions, local_addrs) self.conditions = Conditions(cfg.conditions)
self.pretend = cfg.pretend self.pretend = cfg.pretend
self.name = cfg.name self.name = cfg.name
self.action = cfg.action(**cfg.args) self.action = cfg.action(**cfg.args)
self._headersonly = cfg.headersonly
def headersonly(self): def headersonly(self):
"""Return the needs of this action.""" """Return the needs of this action."""
return self._headersonly return self.action._headersonly
def execute(self, milter): def execute(self, milter):
"""Execute configured action.""" """Execute configured action."""

1
pymodmilter/base.py
View File

@@ -61,6 +61,7 @@ class BaseConfig:
self.loglevel = logging.INFO self.loglevel = logging.INFO
self.logger.setLevel(self.loglevel) self.logger.setLevel(self.loglevel)
self.debug = debug
# the keys/values in args are used as parameters # the keys/values in args are used as parameters
# to initialize action classes # to initialize action classes

8
pymodmilter/conditions.py
View File

@@ -23,9 +23,11 @@ from pymodmilter import BaseConfig, CustomLogger
class ConditionsConfig(BaseConfig): class ConditionsConfig(BaseConfig):
def __init__(self, cfg, debug): def __init__(self, cfg, local_addrs, debug):
super().__init__(cfg, debug) super().__init__(cfg, debug)
self.local_addrs = local_addrs
if "local" in cfg: if "local" in cfg:
self.add_bool_arg(cfg, "local") self.add_bool_arg(cfg, "local")
@@ -58,10 +60,10 @@ class ConditionsConfig(BaseConfig):
class Conditions: class Conditions:
"""Conditions to implement conditions for rules and actions.""" """Conditions to implement conditions for rules and actions."""
def __init__(self, cfg, local_addrs): def __init__(self, cfg):
self.logger = cfg.logger self.logger = cfg.logger
self.name = cfg.name self.name = cfg.name
self.local_addrs = local_addrs self.local_addrs = cfg.local_addrs
for arg in ("local", "hosts", "envfrom", "envto", "header", "metavar", for arg in ("local", "hosts", "envfrom", "envto", "header", "metavar",
"var"): "var"):

10
pymodmilter/modify.py
View File

@@ -34,6 +34,8 @@ from pymodmilter import replace_illegal_chars
class AddHeader: class AddHeader:
"""Add a mail header field.""" """Add a mail header field."""
_headersonly = True
def __init__(self, field, value): def __init__(self, field, value):
self.field = field self.field = field
self.value = value self.value = value
@@ -54,6 +56,8 @@ class AddHeader:
class ModHeader: class ModHeader:
"""Change the value of a mail header field.""" """Change the value of a mail header field."""
_headersonly = True
def __init__(self, field, value, search=None): def __init__(self, field, value, search=None):
self.value = value self.value = value
@@ -110,6 +114,8 @@ class ModHeader:
class DelHeader: class DelHeader:
"""Delete a mail header field.""" """Delete a mail header field."""
_headersonly = True
def __init__(self, field, value=None): def __init__(self, field, value=None):
try: try:
self.field = re.compile(field, re.IGNORECASE) self.field = re.compile(field, re.IGNORECASE)
@@ -212,6 +218,8 @@ def _wrap_message(milter):
class AddDisclaimer: class AddDisclaimer:
"""Append or prepend a disclaimer to the mail body.""" """Append or prepend a disclaimer to the mail body."""
_headersonly = False
def __init__(self, text_template, html_template, action, error_policy): def __init__(self, text_template, html_template, action, error_policy):
try: try:
with open(text_template, "r") as f: with open(text_template, "r") as f:
@@ -312,6 +320,8 @@ class AddDisclaimer:
class RewriteLinks: class RewriteLinks:
"""Rewrite link targets in the mail html body.""" """Rewrite link targets in the mail html body."""
_headersonly = False
def __init__(self, repl): def __init__(self, repl):
self.repl = repl self.repl = repl

7
pymodmilter/notify.py
View File

@@ -12,6 +12,10 @@
# along with PyMod-Milter. If not, see <http://www.gnu.org/licenses/>. # along with PyMod-Milter. If not, see <http://www.gnu.org/licenses/>.
# #
__all__ = [
"BaseNotification",
"EMailNotification"]
import email import email
import logging import logging
import re import re
@@ -30,6 +34,7 @@ from pymodmilter import mailer
class BaseNotification: class BaseNotification:
"Notification base class" "Notification base class"
_headersonly = True
def __init__(self): def __init__(self):
self.logger = logging.getLogger(__name__) self.logger = logging.getLogger(__name__)
@@ -41,7 +46,7 @@ class BaseNotification:
class EMailNotification(BaseNotification): class EMailNotification(BaseNotification):
"Notification class to send notifications via mail." "Notification class to send notifications via mail."
notification_type = "email" _headersonly = False
_bad_tags = [ _bad_tags = [
"applet", "applet",
"embed", "embed",

13
pymodmilter/rule.py
View File

@@ -22,7 +22,7 @@ from pymodmilter.conditions import ConditionsConfig, Conditions
class RuleConfig(BaseConfig): class RuleConfig(BaseConfig):
def __init__(self, cfg, debug=False): def __init__(self, cfg, local_addrs, debug=False):
super().__init__(cfg, debug) super().__init__(cfg, debug)
self.conditions = None self.conditions = None
@@ -49,7 +49,8 @@ class RuleConfig(BaseConfig):
cfg["conditions"]["name"] = f"{self.name}: condition" cfg["conditions"]["name"] = f"{self.name}: condition"
if "loglevel" not in cfg["conditions"]: if "loglevel" not in cfg["conditions"]:
cfg["conditions"]["loglevel"] = self.loglevel cfg["conditions"]["loglevel"] = self.loglevel
self.conditions = ConditionsConfig(cfg["conditions"], debug) self.conditions = ConditionsConfig(
cfg["conditions"], local_addrs, debug)
else: else:
self.conditions = None self.conditions = None
@@ -67,7 +68,7 @@ class RuleConfig(BaseConfig):
if "pretend" not in action_cfg: if "pretend" not in action_cfg:
action_cfg["pretend"] = self.pretend action_cfg["pretend"] = self.pretend
self.actions.append( self.actions.append(
ActionConfig(action_cfg, debug)) ActionConfig(action_cfg, local_addrs, debug))
class Rule: class Rule:
@@ -75,17 +76,17 @@ class Rule:
Rule to implement multiple actions on emails. Rule to implement multiple actions on emails.
""" """
def __init__(self, cfg, local_addrs): def __init__(self, cfg):
self.logger = cfg.logger self.logger = cfg.logger
if cfg.conditions is None: if cfg.conditions is None:
self.conditions = None self.conditions = None
else: else:
self.conditions = Conditions(cfg.conditions, local_addrs) self.conditions = Conditions(cfg.conditions)
self.actions = [] self.actions = []
for action_cfg in cfg.actions: for action_cfg in cfg.actions:
self.actions.append(Action(action_cfg, local_addrs)) self.actions.append(Action(action_cfg))
self.pretend = cfg.pretend self.pretend = cfg.pretend

88
pymodmilter/storage.py
View File

@@ -12,6 +12,11 @@
# along with PyMod-Milter. If not, see <http://www.gnu.org/licenses/>. # along with PyMod-Milter. If not, see <http://www.gnu.org/licenses/>.
# #
__all__ = [
"BaseMailStorage",
"FileMailStorage",
"Quarantine"]
import json import json
import logging import logging
import os import os
@@ -24,7 +29,12 @@ from time import gmtime
class BaseMailStorage: class BaseMailStorage:
"Mail storage base class" "Mail storage base class"
def __init__(self): _headersonly = True
def __init__(self, original=False, metadata=False, metavar=None):
self.original = original
self.metadata = metadata
self.metavar = metavar
return return
def add(self, data, qid, mailfrom="", recipients=[]): def add(self, data, qid, mailfrom="", recipients=[]):
@@ -54,9 +64,11 @@ class BaseMailStorage:
class FileMailStorage(BaseMailStorage): class FileMailStorage(BaseMailStorage):
"Storage class to store mails on filesystem." "Storage class to store mails on filesystem."
def __init__(self, directory, original=False, skip_metadata=False, _headersonly = False
def __init__(self, directory, original=False, metadata=False,
metavar=None): metavar=None):
super().__init__() super().__init__(original, metadata, metavar)
# check if directory exists and is writable # check if directory exists and is writable
if not os.path.isdir(directory) or \ if not os.path.isdir(directory) or \
not os.access(directory, os.W_OK): not os.access(directory, os.W_OK):
@@ -64,9 +76,6 @@ class FileMailStorage(BaseMailStorage):
f"directory '{directory}' does not exist or is " f"directory '{directory}' does not exist or is "
f"not writable") f"not writable")
self.directory = directory self.directory = directory
self.original = original
self.skip_metadata = skip_metadata
self.metavar = metavar
self._metadata_suffix = ".metadata" self._metadata_suffix = ".metadata"
def get_storageid(self, qid): def get_storageid(self, qid):
@@ -96,7 +105,7 @@ class FileMailStorage(BaseMailStorage):
metafile, datafile = self._get_file_paths(storage_id) metafile, datafile = self._get_file_paths(storage_id)
try: try:
if not self.skip_metadata: if self.metadata:
os.remove(metafile) os.remove(metafile)
os.remove(datafile) os.remove(datafile)
@@ -113,22 +122,22 @@ class FileMailStorage(BaseMailStorage):
# save mail # save mail
self._save_datafile(datafile, data) self._save_datafile(datafile, data)
if self.skip_metadata: if not self.metadata:
metafile = None return storage_id, None, datafile
else:
# save metadata
metadata = {
"mailfrom": mailfrom,
"recipients": recipients,
"subject": subject,
"timestamp": timegm(gmtime()),
"queue_id": qid}
try: # save metadata
self._save_metafile(metafile, metadata) metadata = {
except RuntimeError as e: "mailfrom": mailfrom,
os.remove(datafile) "recipients": recipients,
raise e "subject": subject,
"timestamp": timegm(gmtime()),
"queue_id": qid}
try:
self._save_metafile(metafile, metadata)
except RuntimeError as e:
os.remove(datafile)
raise e
return storage_id, metafile, datafile return storage_id, metafile, datafile
@@ -157,14 +166,14 @@ class FileMailStorage(BaseMailStorage):
if self.metavar: if self.metavar:
milter.msginfo["vars"][f"{self.metavar}_ID"] = storage_id milter.msginfo["vars"][f"{self.metavar}_ID"] = storage_id
milter.msginfo["vars"][f"{self.metavar}_DATAFILE"] = datafile milter.msginfo["vars"][f"{self.metavar}_DATAFILE"] = datafile
if not self.skip_metadata: if self.metadata:
milter.msginfo["vars"][f"{self.metavar}_METAFILE"] = metafile milter.msginfo["vars"][f"{self.metavar}_METAFILE"] = metafile
def get_metadata(self, storage_id): def get_metadata(self, storage_id):
"Return metadata of email in storage." "Return metadata of email in storage."
super(FileMailStorage, self).get_metadata(storage_id) super(FileMailStorage, self).get_metadata(storage_id)
if self.skip_metadata: if not self.metadata:
return None return None
metafile, _ = self._get_file_paths(storage_id) metafile, _ = self._get_file_paths(storage_id)
@@ -191,6 +200,9 @@ class FileMailStorage(BaseMailStorage):
if isinstance(recipients, str): if isinstance(recipients, str):
recipients = [recipients] recipients = [recipients]
if not self.metadata:
return {}
emails = {} emails = {}
metafiles = glob(os.path.join( metafiles = glob(os.path.join(
self.directory, f"*{self._metadata_suffix}")) self.directory, f"*{self._metadata_suffix}"))
@@ -225,7 +237,7 @@ class FileMailStorage(BaseMailStorage):
"Delete email from storage." "Delete email from storage."
super(FileMailStorage, self).delete(storage_id, recipients) super(FileMailStorage, self).delete(storage_id, recipients)
if not recipients or self.skip_metadata: if not recipients or not self.metadata:
self._remove(storage_id) self._remove(storage_id)
return return
@@ -257,4 +269,28 @@ class FileMailStorage(BaseMailStorage):
data = open(datafile, "rb").read() data = open(datafile, "rb").read()
except IOError as e: except IOError as e:
raise RuntimeError(f"unable to open email data file: {e}") raise RuntimeError(f"unable to open email data file: {e}")
return (data, metadata) return (metadata, data)
class Quarantine:
"Quarantine class."
_headersonly = False
def __init__(self, storage, notification=None, milter_action=None,
reject_reason="Message rejected"):
self.storage = storage.action(**storage.args, metadata=True)
self.notification = notification
if self.notification is not None:
self.notification = notification.action(**notification.args)
self.milter_action = milter_action
self.reject_reason = reject_reason
def execute(self, milter, pretend=False,
logger=logging.getLogger(__name__)):
self.storage.execute(milter, pretend, logger)
if self.notification is not None:
self.notification.execute(milter, pretend, logger)
milter.msginfo["rcpts"] = []
if self.milter_action is not None:
return (self.milter_action, self.reject_reason)