dnl dnl анализ содержимого письма dnl ifelse(SECTION, `ACL_CHECK_DATA_TOP', `dnl # # Content Scanning # определение необходимости исключения письма из проверки # # проверяем, надо ли делать исключение из проверки warn set acl_m_contentscan_skip = no_skip # делаем исключение, если это письмо для postmaster или abuse warn condition = ${if eq{${extract{abuse_or_postmaster}{$acl_m_wl_flag_msg}}}{1}{yes}{no}} add_header = X-Spam-Info: skip content checks on confCONTENT_SCANNING_HOSTNAME for abuse addresses\n logwrite = skip content checks for abuse addresses set acl_m_contentscan_skip = skip # делаем исключение, если хост отправителя указан в глобальном white list warn condition = ${if eq{${extract{white_list_relays}{$acl_m_wl_flag_msg}}}{1}{yes}{no}} add_header = X-Spam-Info: skip content checks on confCONTENT_SCANNING_HOSTNAME for white listed relay ($sender_host_address)\n logwrite = skip content checks for white listed relay set acl_m_contentscan_skip = skip warn condition = ${if eq{${extract{white_list_senders}{$acl_m_wl_flag_msg}}}{1}{yes}{no}} add_header = X-Spam-Info: skip content checks on confCONTENT_SCANNING_HOSTNAME for white listed sender ($sender_address)\n logwrite = skip content checks for white listed sender set acl_m_contentscan_skip = skip ifelse_strstr(confCONTENT_SCANNING_SKIP, `RELAY_FROM', `dnl # делаем исключение, если хост отправителя указан в +relay_from_hosts warn hosts = +relay_from_hosts add_header = X-Spam-Info: skip content checks on confCONTENT_SCANNING_HOSTNAME for relay from host ($sender_host_address)\n logwrite = skip content checks for relay from host set acl_m_contentscan_skip = skip ') dnl ifelse_strstr(confCONTENT_SCANNING_SKIP, `RELAY_FROM', `') ifelse_strstr(confCONTENT_SCANNING_SKIP, `AUTH', `dnl # делаем исключение, если отправитель аутентифицировался warn authenticated = * add_header = X-Spam-Info: skip content checks on confCONTENT_SCANNING_HOSTNAME for authenticated sender\n logwrite = skip content checks for authenticated sender set acl_m_contentscan_skip = skip ') dnl ifelse_strstr(confCONTENT_SCANNING_SKIP, `AUTH', `') ifdef(`confCONTENT_SCANNING_MAX_MSG_SIZE', `ifelse(confCONTENT_SCANNING_MAX_MSG_SIZE, `NO', `dnl', `dnl # делаем исключение, если размер сообщения превышает confCONTENT_SCANNING_MAX_MSG_SIZE warn condition = ${if >{$message_size}{confCONTENT_SCANNING_MAX_MSG_SIZE}{yes}{no}} add_header = X-Spam-Info: skip content checks on confCONTENT_SCANNING_HOSTNAME for large message ($message_size>confCONTENT_SCANNING_MAX_MSG_SIZE)\n logwrite = skip content checks for large message (>confCONTENT_SCANNING_MAX_MSG_SIZE) set acl_m_contentscan_skip = skip ')') dnl ifdef(`confCONTENT_SCANNING_MAX_MSG_SIZE', `ifelse(confCONTENT_SCANNING_MAX_MSG_SIZE, `NO', `', `')') ') dnl ifelse(SECTION, `ACL_CHECK_DATA_TOP', `') ifelse(SECTION, `ACL_CHECK_DATA', `dnl ifdef(`_CS_NO', ` define(`_CS_TMP', `eval(_CS_NO + 1)') define(`_CS_NO', _CS_TMP) ',` define(`_CS_NO', `0') ') define(`_CS_ACT', `confCONTENT_SCANNER'_CS_NO`_ACT')dnl define(`_CS_NAME', `confCONTENT_SCANNER'_CS_NO`_NAME')dnl define(`_CS_SCAN', `confCONTENT_SCANNER'_CS_NO`_SCAN')dnl define(`_CS_OPT', `confCONTENT_SCANNER'_CS_NO`_OPT')dnl dnl define(`_CS_NAME_CMD', `confCONTENT_SCANNER'_CS_NO`_NAME_CMD')dnl undefine(`_CS_NAME_CMD_TMP')dnl define(`_CS_NAME_CMD_TMP', `confCONTENT_SCANNER'_CS_NO`_NAME_CMD')dnl define(`_CS_NAME_CMD', `truncate_by_char(_CS_NAME_CMD_TMP, chr10)')dnl dnl define(`_CS_NAME_DEFAULT', `confCONTENT_SCANNER'_CS_NO`_NAME_DEFAULT')dnl undefine(`_CS_NAME_DEFAULT_TMP')dnl define(`_CS_NAME_DEFAULT_TMP', `confCONTENT_SCANNER'_CS_NO`_NAME_DEFAULT')dnl define(`_CS_NAME_DEFAULT', `truncate_by_char(_CS_NAME_DEFAULT_TMP, chr10)')dnl dnl define(`_CS_MAX_SIZE', `confCONTENT_SCANNER'_CS_NO`_MAX_SIZE')dnl undefine(`_CS_MAX_SIZE_TMP')dnl define(`_CS_MAX_SIZE_TMP', `confCONTENT_SCANNER'_CS_NO`_MAX_SIZE')dnl define(`_CS_MAX_SIZE', `truncate_by_char(_CS_MAX_SIZE_TMP, chr10)')dnl dnl если для предыдущего демона был указан параметр defer_next ifelse(_CS_DEFER_NEXT_,`YES',` define(`_CS_DEFER_PREV_',`condition = ${if eq{$acl_m_prev_result}{defer}{yes}{no}}') ',` define(`_CS_DEFER_PREV_',`\') ') ifelse_strstr(_CS_OPT,`defer_next',` define(`_CS_DEFER_NEXT_', `YES') ',` define(`_CS_DEFER_NEXT_', `NO') ') ifelse_strstr(_CS_OPT,`defer_ok',` define(`_CS_DEFER_OK_', `YES') ',` define(`_CS_DEFER_OK_', `NO') ') ifelse(_CS_OPT,`confCONTENT_SCANNER'_CS_NO`_OPT', `define(`_CS_OPT',`')', `ifelse(_CS_DEFER_OK_,`YES', `define(`_CS_OPT',`/defer_ok')', `define(`_CS_OPT',`')' )' ) ifelse(_CS_ACT,`confCONTENT_SCANNER'_CS_NO`_ACT',`',` ifelse(_CS_NO, `0', ` # # Content Scanning # # Присвоение значения флагу warn set acl_m_contentscan_result = clean ') define(`_CS_ACT', _CS_ACT` ') ifelse(confQUARANTINE_MAILDIR,`',`undefine(`confQUARANTINE_MAILDIR')') undefine(`_CS_NAME_MSG')dnl ifdef(`_CS_NAME_DEFAULT',`define(`_CS_NAME_MSG', _CS_NAME_DEFAULT)')dnl ifelse(_CS_NAME_MSG, `', `undefine(`_CS_NAME_MSG')')dnl ifdef(`_CS_NAME_MSG', `', `define(`_CS_NAME_MSG', _CS_NAME)')dnl ifdef(`_CS_NAME_CMD', `ifelse(_CS_NAME_CMD, `', `', `define(`_CS_NAME_MSG', `esyscmd(_CS_NAME_CMD)')')')dnl # Проверка письма warn set acl_m_prev_result = $acl_m_contentscan_result set acl_m_contentscan_result = clean ifdef(`_CS_MAX_SIZE',`dnl ifelse(len(X`'_CS_MAX_SIZE), `1', `', `dnl _CS_DEFER_PREV_ condition = ${if >{$message_size}{_CS_MAX_SIZE}{yes}{no}} set acl_m_contentscan_result = skip add_header = X-AV-Status: _CS_NAME_MSG on confCONTENT_SCANNING_HOSTNAME at $tod_log: skip checks for large message ($message_size>_CS_MAX_SIZE) log_message = _CS_NAME: skip checks for large message ($message_size>_CS_MAX_SIZE) warn condition = ${if eq{$acl_m_contentscan_result}{clean}{yes}{no}} ') dnl ifelse(len(X`'_CS_MAX_SIZE), `1', `', `') ') dnl ifdef(`_CS_MAX_SIZE',`') ifdef(`confRECIPIENTS_ANTIVIRUS_HATERS', `ifelse(confRECIPIENTS_ANTIVIRUS_HATERS, `NO', `dnl', `dnl _CS_DEFER_PREV_ condition = ${if eq{${extract{antivirus_friends}{$acl_c2}}}{}{no}{yes}} condition = ${if eq{${extract{antivirus_friends}{$acl_c2}}}{0}{yes}{no}} condition = ${if >{${extract{antivirus_haters}{$acl_c2}}}{0}{yes}{no}} set acl_m_contentscan_result = skip add_header = X-AV-Status: _CS_NAME_MSG on confCONTENT_SCANNING_HOSTNAME at $tod_log: skip checks for recipients antivirus haters log_message = _CS_NAME: skip checks for recipients antivirus haters warn condition = ${if eq{$acl_m_contentscan_result}{clean}{yes}{no}} ')') dnl ifdef(`confRECIPIENTS_ANTIVIRUS_HATERS', `ifelse(confRECIPIENTS_ANTIVIRUS_HATERS, `NO', `')') set acl_m0 = _CS_SCAN _CS_DEFER_PREV_ acl = acl_check_data_av warn condition = ${if eq{$acl_m_contentscan_result}{clean}{yes}{no}} ifelse(_CS_DEFER_PREV_,`\',`',` condition = ${if eq{$acl_m_prev_result}{defer}{yes}{no}} ') add_header = X-AV-Status: _CS_NAME_MSG on confCONTENT_SCANNING_HOSTNAME at $tod_log: clean warn _CS_DEFER_PREV_ condition = ${if eq{$acl_m_contentscan_result}{defer}{yes}{no}} log_message = _CS_NAME: error while scanning message add_header = X-AV-Status: _CS_NAME_MSG on confCONTENT_SCANNING_HOSTNAME at $tod_log: deferred ifelse_strstr(_CS_ACT, `SUBMIT_MYSQL ', `ENTERPRISE(`mysql', `submit_av')') ifelse_strstr(_CS_ACT, `SUBMIT_SQLITE ', `ENTERPRISE(`sqlite', `submit_av')') ifelse_strstr(_CS_DEFER_OK_`'_CS_DEFER_NEXT_,`YES',`',` # Возврат SMTP клиенту мягкой ошибки в случае DEFERа от content scanner # в параметреах не был указан defer_ok или defer_next defer _CS_DEFER_PREV_ condition = ${if eq{$acl_m_contentscan_result}{defer}{yes}{no}} message = Content scanner unreachable. Please try again later ($message_exim_id) log_message = _CS_NAME: error while scanning message. Message deferred ') ifelse_strstr(_CS_ACT, `DISCARD ', ` dnl ifelse_strstr(_CS_ACT, `QUARANTINE ', ` # Пометка зараженного письма для помещения в карантин # DISCARD, QUARANTINE warn _CS_DEFER_PREV_ condition = ${if eq{$acl_m_contentscan_result}{infected}{yes}{no}} set acl_m_contentscan_result = quarantine log_message = _CS_NAME found a virus: $malware_name add_header = X-AV-Status: _CS_NAME_MSG on confCONTENT_SCANNING_HOSTNAME at $tod_log: \ infected, malware $malware_name has been found\n\ X-Original-Recipients: $recipients logwrite = original recipients: $recipients set acl_m_avir_notification = _CS_NOTIFICATION_PARAMETERS accept condition = ${if eq{$acl_m_contentscan_result}{quarantine}{yes}{no}} ',` # Удаление зараженного письма # DISCARD discard _CS_DEFER_PREV_ condition = ${if eq{$acl_m_contentscan_result}{infected}{yes}{no}} set acl_m_contentscan_result = discard log_message = _CS_NAME found a virus: $malware_name ') dnl ifelse_strstr(_CS_ACT, `QUARANTINE ', `', `') dnl ',` dnl ifelse_strstr(_CS_ACT, `DISCARD ', `') dnl ifelse_strstr(_CS_ACT, `DISCARD_MAILLIST ', ` # Удаление зараженного письма # DISCARD_MAILLIST discard _CS_DEFER_PREV_ condition = ${if eq{$acl_m_contentscan_result}{infected}{yes}{no}} condition = ${if or{{!eq{$h_List-Id:}{}}{eq{$h_Precedence:}{list}}}{yes}{no}} set acl_m_contentscan_result = discard log_message = _CS_NAME found a virus: $malware_name ') dnl ifelse_strstr(_CS_ACT, `DROP_MAILLIST ', `', `') dnl ifelse_strstr(_CS_ACT, `QUARANTINE_MAILLIST ', ` # Фиктивный отказ от приема зараженного письма с пометкой письма # для помещения в карантин # QUARANTINE_MAILLIST warn _CS_DEFER_PREV_ condition = ${if eq{$acl_m_contentscan_result}{infected}{yes}{no}} condition = ${if or{{!eq{$h_List-Id:}{}}{eq{$h_Precedence:}{list}}}{yes}{no}} set acl_m_contentscan_result = quarantine logwrite = original recipients: $recipients add_header = X-AV-Status: _CS_NAME_MSG on confCONTENT_SCANNING_HOSTNAME at $tod_log: \ infected, malware $malware_name has been found\n\ X-Original-Recipients: $recipients log_message = _CS_NAME found a virus: $malware_name set acl_m_avir_notification = _CS_NOTIFICATION_PARAMETERS accept condition = ${if eq{$acl_m_contentscan_result}{quarantine}{yes}{no}} ') dnl ifelse_strstr(_CS_ACT, `QUARANTINE_MAILLIST ', `', `') dnl ifelse_strstr(_CS_ACT, `QUARANTINE ', ` # Фиктивный отказ от приема зараженного письма с пометкой письма # для помещения в карантин # REJECT, QUARANTINE warn _CS_DEFER_PREV_ condition = ${if eq{$acl_m_contentscan_result}{infected}{yes}{no}} set acl_m_contentscan_result = quarantine control = fakereject/_CS_NAME found a virus: $malware_name logwrite = original recipients: $recipients add_header = X-AV-Status: _CS_NAME_MSG on confCONTENT_SCANNING_HOSTNAME at $tod_log: \ infected, malware $malware_name has been found\n\ X-Original-Recipients: $recipients log_message = _CS_NAME found a virus: $malware_name set acl_m_avir_notification = _CS_NOTIFICATION_PARAMETERS accept condition = ${if eq{$acl_m_contentscan_result}{quarantine}{yes}{no}} ',` # Отказ от приема зараженного писема # REJECT deny _CS_DEFER_PREV_ condition = ${if eq{$acl_m_contentscan_result}{infected}{yes}{no}} message = _CS_NAME found a virus: $malware_name ') dnl ifelse_strstr(_CS_ACT, `QUARANTINE ', `', `') dnl ') dnl ifelse_strstr(_CS_ACT, `DISCARD ', `') FEATURE(`content_scanner') ') dnl ifelse(_CS_ACT,`confCONTENT_SCANNER'_CS_NO`_ACT',`',`') ') dnl ifelse(SECTION, `ACL_CHECK_DATA', `')