diff --git a/server/conf/rspamd_antivirus.conf.master b/server/conf/rspamd_antivirus.conf.master index 71427d762079bed5517f344ea348d093990f4aa5..f88d81ac7ce94c881087b93e0d08bc2f1849f429 100644 --- a/server/conf/rspamd_antivirus.conf.master +++ b/server/conf/rspamd_antivirus.conf.master @@ -2,7 +2,7 @@ clamav { # If set force this action if any virus is found (default unset: no action is forced) #action = "reject"; # if `true` only messages with non-image attachments will be checked (default true) - attachments_only = true; + scan_mime_parts = true; # If `max_size` is set, messages > n bytes in size are not scanned #max_size = 20000000; # symbol to add (add it to metric if you want non-zero weight) diff --git a/server/conf/rspamd_metrics.conf.master b/server/conf/rspamd_metrics.conf.master deleted file mode 100644 index f59eff0f0171e06e4d701ba53b9ce221164a6b4b..0000000000000000000000000000000000000000 --- a/server/conf/rspamd_metrics.conf.master +++ /dev/null @@ -1,17 +0,0 @@ -subject = "***SPAM*** %s"; - -symbol { - weight = 50; - name = "CLAM_VIRUS"; - description = "Clamav has found a virus."; -} -symbol { - weight = 50; - name = "JUST_EICAR"; - description = "Clamav has found a virus."; -} -symbol { - weight = 0.0; - name = "R_DUMMY"; - description = "Dummy symbol"; -} \ No newline at end of file diff --git a/server/conf/rspamd_metrics_override.conf.master b/server/conf/rspamd_metrics_override.conf.master deleted file mode 100644 index 8e3df15eddaf429312b6e313f52b649ac4703260..0000000000000000000000000000000000000000 --- a/server/conf/rspamd_metrics_override.conf.master +++ /dev/null @@ -1,159 +0,0 @@ -# RBL -symbol "RBL_SENDERSCORE" { - weight = 4.0; - description = "From address is listed in senderscore.com BL"; -} -symbol "RBL_SPAMHAUS_SBL" { - weight = 2.0; - description = "From address is listed in zen sbl"; -} -symbol "RBL_SPAMHAUS_CSS" { - weight = 2.0; - description = "From address is listed in zen css"; -} -symbol "RBL_SPAMHAUS_XBL" { - weight = 4.0; - description = "From address is listed in zen xbl"; -} -symbol "RBL_SPAMHAUS_XBL_ANY" { - weight = 4.0; - description = "From or receive address is listed in zen xbl (any list)"; -} -symbol "RBL_SPAMHAUS_PBL" { - weight = 2.0; - description = "From address is listed in zen pbl (ISP list)"; -} -symbol "RBL_SPAMHAUS_DROP" { - weight = 7.0; - description = "From address is listed in zen drop bl"; -} -symbol "RECEIVED_SPAMHAUS_XBL" { - weight = 3.0; - description = "Received address is listed in zen xbl"; - one_shot = true; -} -symbol "RBL_MAILSPIKE_WORST" { - weight = 2.0; - description = "From address is listed in RBL - worst possible reputation"; -} -symbol "RBL_MAILSPIKE_VERYBAD" { - weight = 1.5; - description = "From address is listed in RBL - very bad reputation"; -} -symbol "RBL_MAILSPIKE_BAD" { - weight = 1.0; - description = "From address is listed in RBL - bad reputation"; -} -symbol "RBL_SEM" { - weight = 1.0; - description = "Address is listed in Spameatingmonkey RBL"; -} -# /RBL -# SURBL -symbol "PH_SURBL_MULTI" { - weight = 5.5; - description = "SURBL: Phishing sites"; -} -symbol "MW_SURBL_MULTI" { - weight = 5.5; - description = "SURBL: Malware sites"; -} -symbol "ABUSE_SURBL" { - weight = 5.5; - description = "SURBL: ABUSE"; -} -symbol "CRACKED_SURBL" { - weight = 4.0; - description = "SURBL: cracked site"; -} -symbol "RAMBLER_URIBL" { - weight = 4.5; - description = "Rambler uribl"; - one_shot = true; -} -symbol "RAMBLER_EMAILBL" { - weight = 9.5; - description = "Rambler emailbl"; - one_shot = true; -} -symbol "MSBL_EBL" { - weight = 7.5; - description = "MSBL emailbl"; - one_shot = true; -} -symbol "SEM_URIBL" { - weight = 3.5; - description = "Spameatingmonkey uribl"; -} -symbol "SEM_URIBL_FRESH15" { - weight = 3.0; - description = "Spameatingmonkey uribl. Domains registered in the last 15 days (.AERO,.BIZ,.COM,.INFO,.NAME,.NET,.PRO,.SK,.TEL,.US)"; -} -symbol "DBL" { - weight = 0.0; - description = "DBL unknown result"; -} -symbol "DBL_SPAM" { - weight = 6.5; - description = "DBL uribl spam"; -} -symbol "DBL_PHISH" { - weight = 6.5; - description = "DBL uribl phishing"; -} -symbol "DBL_MALWARE" { - weight = 6.5; - description = "DBL uribl malware"; -} -symbol "DBL_BOTNET" { - weight = 5.5; - description = "DBL uribl botnet C&C domain"; -} -symbol "DBL_ABUSE" { - weight = 6.5; - description = "DBL uribl abused legit spam"; -} -symbol "DBL_ABUSE_REDIR" { - weight = 1.5; - description = "DBL uribl abused spammed redirector domain"; -} -symbol "DBL_ABUSE_PHISH" { - weight = 7.5; - description = "DBL uribl abused legit phish"; -} -symbol "DBL_ABUSE_MALWARE" { - weight = 7.5; - description = "DBL uribl abused legit malware"; -} -symbol "DBL_ABUSE_BOTNET" { - weight = 5.5; - description = "DBL uribl abused legit botnet C&C"; -} -symbol "URIBL_BLACK" { - weight = 7.5; - description = "uribl.com black url"; -} -symbol "URIBL_RED" { - weight = 3.5; - description = "uribl.com red url"; -} -symbol "URIBL_GREY" { - weight = 1.5; - description = "uribl.com grey url"; - one_shot = true; -} -symbol "URIBL_SBL" { - weight = 6.5; - description = "Spamhaus SBL URIBL"; -} -symbol "URIBL_SBL_CSS" { - weight = 6.5; - description = "Spamhaus SBL CSS URIBL"; -} -symbol "RBL_SARBL_BAD" { - weight = 2.5; - description = "A domain listed in the mail is blacklisted in SARBL"; -} -# /SURBL -actions { -} \ No newline at end of file diff --git a/server/conf/rspamd_override_rbl.conf.master b/server/conf/rspamd_override_rbl.conf.master new file mode 100644 index 0000000000000000000000000000000000000000..310e722832376f6e049fc2e1ac4c4179a3c3259e --- /dev/null +++ b/server/conf/rspamd_override_rbl.conf.master @@ -0,0 +1,53 @@ +# RBL +symbols = { + "RBL_SENDERSCORE" { + weight = 4.0; + description = "From address is listed in senderscore.com BL"; + } + "RBL_SPAMHAUS_SBL" { + weight = 2.0; + description = "From address is listed in zen sbl"; + } + "RBL_SPAMHAUS_CSS" { + weight = 2.0; + description = "From address is listed in zen css"; + } + "RBL_SPAMHAUS_XBL" { + weight = 4.0; + description = "From address is listed in zen xbl"; + } + "RBL_SPAMHAUS_XBL_ANY" { + weight = 4.0; + description = "From or receive address is listed in zen xbl (any list)"; + } + "RBL_SPAMHAUS_PBL" { + weight = 2.0; + description = "From address is listed in zen pbl (ISP list)"; + } + "RBL_SPAMHAUS_DROP" { + weight = 7.0; + description = "From address is listed in zen drop bl"; + } + "RECEIVED_SPAMHAUS_XBL" { + weight = 3.0; + description = "Received address is listed in zen xbl"; + one_shot = true; + } + "RBL_MAILSPIKE_WORST" { + weight = 2.0; + description = "From address is listed in RBL - worst possible reputation"; + } + "RBL_MAILSPIKE_VERYBAD" { + weight = 1.5; + description = "From address is listed in RBL - very bad reputation"; + } + "RBL_MAILSPIKE_BAD" { + weight = 1.0; + description = "From address is listed in RBL - bad reputation"; + } + "RBL_SEM" { + weight = 1.0; + description = "Address is listed in Spameatingmonkey RBL"; + } + # /RBL +} diff --git a/server/conf/rspamd_override_surbl.conf.master b/server/conf/rspamd_override_surbl.conf.master new file mode 100644 index 0000000000000000000000000000000000000000..30676a46fde75e4e4d21bf3e5cc1e6aabc4e749d --- /dev/null +++ b/server/conf/rspamd_override_surbl.conf.master @@ -0,0 +1,108 @@ +symbols = { + # SURBL + "PH_SURBL_MULTI" { + weight = 5.5; + description = "SURBL: Phishing sites"; + } + "MW_SURBL_MULTI" { + weight = 5.5; + description = "SURBL: Malware sites"; + } + "ABUSE_SURBL" { + weight = 5.5; + description = "SURBL: ABUSE"; + } + "CRACKED_SURBL" { + weight = 4.0; + description = "SURBL: cracked site"; + } + "RAMBLER_URIBL" { + weight = 4.5; + description = "Rambler uribl"; + one_shot = true; + } + "RAMBLER_EMAILBL" { + weight = 9.5; + description = "Rambler emailbl"; + one_shot = true; + } + "MSBL_EBL" { + weight = 7.5; + description = "MSBL emailbl"; + one_shot = true; + } + "SEM_URIBL" { + weight = 3.5; + description = "Spameatingmonkey uribl"; + } + "SEM_URIBL_FRESH15" { + weight = 3.0; + description = "Spameatingmonkey uribl. Domains registered in the last 15 days (.AERO,.BIZ,.COM,.INFO,.NAME,.NET,.PRO,.SK,.TEL,.US)"; + } + "DBL" { + weight = 0.0; + description = "DBL unknown result"; + } + "DBL_SPAM" { + weight = 6.5; + description = "DBL uribl spam"; + } + "DBL_PHISH" { + weight = 6.5; + description = "DBL uribl phishing"; + } + "DBL_MALWARE" { + weight = 6.5; + description = "DBL uribl malware"; + } + "DBL_BOTNET" { + weight = 5.5; + description = "DBL uribl botnet C&C domain"; + } + "DBL_ABUSE" { + weight = 6.5; + description = "DBL uribl abused legit spam"; + } + "DBL_ABUSE_REDIR" { + weight = 1.5; + description = "DBL uribl abused spammed redirector domain"; + } + "DBL_ABUSE_PHISH" { + weight = 7.5; + description = "DBL uribl abused legit phish"; + } + "DBL_ABUSE_MALWARE" { + weight = 7.5; + description = "DBL uribl abused legit malware"; + } + "DBL_ABUSE_BOTNET" { + weight = 5.5; + description = "DBL uribl abused legit botnet C&C"; + } + "URIBL_BLACK" { + weight = 7.5; + description = "uribl.com black url"; + } + "URIBL_RED" { + weight = 3.5; + description = "uribl.com red url"; + } + "URIBL_GREY" { + weight = 1.5; + description = "uribl.com grey url"; + one_shot = true; + } + "URIBL_SBL" { + weight = 6.5; + description = "Spamhaus SBL URIBL"; + } + "URIBL_SBL_CSS" { + weight = 6.5; + description = "Spamhaus SBL CSS URIBL"; + } + "RBL_SARBL_BAD" { + weight = 2.5; + description = "A domain listed in the mail is blacklisted in SARBL"; + } + # /SURBL +} diff --git a/server/conf/rspamd_symbols_antivirus.conf.master b/server/conf/rspamd_symbols_antivirus.conf.master new file mode 100644 index 0000000000000000000000000000000000000000..8c2d93d89eeacf816ad870f5bab97a7d406cc143 --- /dev/null +++ b/server/conf/rspamd_symbols_antivirus.conf.master @@ -0,0 +1,15 @@ +subject = "***SPAM*** %s"; +symbols = { + "CLAM_VIRUS" { + weight = 50; + description = "Clamav has found a virus."; + } + "JUST_EICAR" { + weight = 50; + description = "Clamav has found a virus."; + } + "R_DUMMY" { + weight = 0.0; + description = "Dummy symbol"; + } +} \ No newline at end of file diff --git a/server/lib/classes/letsencrypt.inc.php b/server/lib/classes/letsencrypt.inc.php index 9983354c7160b7fe6144dfd54081ae6680f8e639..e38d4df6468186441afeb5276650dc85b62177de 100644 --- a/server/lib/classes/letsencrypt.inc.php +++ b/server/lib/classes/letsencrypt.inc.php @@ -67,7 +67,7 @@ class letsencrypt { return false; } - $cmd = $letsencrypt . " --issue $cmd -w /usr/local/ispconfig/interface/acme && " . $letsencrypt . " --install-cert " . $cmd . " --key-file " . escapeshellarg($key_file) . " --fullchain-file " . escapeshellarg($bundle_file) . " --cert-file " . escapeshellarg($cert_file) . " --reloadcmd " . escapeshellarg($this->get_reload_command()); + $cmd = 'R=0 ; C=0 ; ' . $letsencrypt . ' --issue ' . $cmd . ' -w /usr/local/ispconfig/interface/acme ; R=$? ; if [[ $R -eq 0 || $R -eq 2 ]] ; then ' . $letsencrypt . ' --install-cert ' . $cmd . ' --key-file ' . escapeshellarg($key_file) . ' --fullchain-file ' . escapeshellarg($bundle_file) . ' --cert-file ' . escapeshellarg($cert_file) . ' --reloadcmd ' . escapeshellarg($this->get_reload_command()) . '; C=$? ; fi ; if [[ $C -eq 0 ]] ; then exit $R ; else exit $C ; fi'; return $cmd; } diff --git a/server/lib/classes/plugin_webserver_apache.inc.php b/server/lib/classes/plugin_webserver_apache.inc.php index bed651b680e222c11aac51b924b812b333077838..027a8f18ab5723fd024700911b64e3ae52f75c14 100644 --- a/server/lib/classes/plugin_webserver_apache.inc.php +++ b/server/lib/classes/plugin_webserver_apache.inc.php @@ -394,7 +394,7 @@ class plugin_webserver_apache { * @param array $data * @param array $vhost_data */ - public function processVhosts(&$tpl, &$data, &$vhost_data, $ssl_data) { + public function processVhosts(&$tpl, &$data, &$vhost_data) { global $app, $conf; $web_config = $app->getconf->get_server_config($conf['server_id'], 'web'); @@ -419,7 +419,7 @@ class plugin_webserver_apache { unset($tmp_vhost_arr); //* Add vhost for ipv4 IP with SSL - if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($ssl_data['crt_file']) && @is_file($ssl_data['key_file']) && (@filesize($ssl_data['crt_file'])>0) && (@filesize($ssl_data['key_file'])>0)) { + if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($vhost_data['ssl_crt_file']) && @is_file($vhost_data['ssl_key_file']) && (@filesize($vhost_data['ssl_crt_file'])>0) && (@filesize($vhost_data['ssl_key_file'])>0)) { $tmp_vhost_arr = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 1, 'port' => '443'); if(count($this->rewrite_rules) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('redirects' => $this->rewrite_rules); $ipv4_ssl_alias_seo_redirects = $this->alias_seo_redirects; @@ -456,7 +456,7 @@ class plugin_webserver_apache { unset($tmp_vhost_arr); //* Add vhost for ipv6 IP with SSL - if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($ssl_data['crt_file']) && @is_file($ssl_data['key_file']) && (@filesize($ssl_data['crt_file'])>0) && (@filesize($ssl_data['key_file'])>0)) { + if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($vhost_data['ssl_crt_file']) && @is_file($vhost_data['ssl_key_file']) && (@filesize($vhost_data['ssl_crt_file'])>0) && (@filesize($vhost_data['ssl_key_file'])>0)) { $tmp_vhost_arr = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 1, 'port' => '443'); if(count($this->rewrite_rules) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('redirects' => $this->rewrite_rules); $ipv6_ssl_alias_seo_redirects = $this->alias_seo_redirects; @@ -470,7 +470,7 @@ class plugin_webserver_apache { unset($tmp_vhost_arr, $ipv6_ssl_alias_seo_redirects); } } - + //* Set the vhost loop $tpl->setLoop('vhosts', $vhosts); return; diff --git a/server/lib/classes/plugin_webserver_base.inc.php b/server/lib/classes/plugin_webserver_base.inc.php index 2d162e959a87a325d8ce36175435a8e83ed5ab7b..ea9ab8aa54102438a03c7b6596fbaa6e25ca94b3 100644 --- a/server/lib/classes/plugin_webserver_base.inc.php +++ b/server/lib/classes/plugin_webserver_base.inc.php @@ -1337,16 +1337,11 @@ class plugin_webserver_base { $config_prefix = ''; if($server_type === 'apache') { - $ssl_data = array( - 'crt_file' => $crt_file, - 'key_file' => $key_file, - ); - $tpl->setVar('apache_version', $app->system->getapacheversion()); $tpl->setVar('apache_full_version', $app->system->getapacheversion(true)); $app->plugin_webserver_apache->processRewriteRules($tpl, $data, $vhost_data); $app->plugin_webserver_apache->processPhpStarters($tpl, $data, $vhost_data); - $app->plugin_webserver_apache->processVhosts($tpl, $data, $vhost_data, $ssl_data); + $app->plugin_webserver_apache->processVhosts($tpl, $data, $vhost_data); } elseif($server_type === 'nginx') { $app->plugin_webserver_nginx->processStatsAuth($tpl, $data, $vhost_data); $config_prefix = 'nginx_'; diff --git a/server/plugins-available/postfix_server_plugin.inc.php b/server/plugins-available/postfix_server_plugin.inc.php index 2d517bd6bb2a01189355fb67c00fb33600a6833b..772ce71133fe4b45ee4e4039a625815176c317e9 100644 --- a/server/plugins-available/postfix_server_plugin.inc.php +++ b/server/plugins-available/postfix_server_plugin.inc.php @@ -228,16 +228,22 @@ class postfix_server_plugin { exec('cp '.$conf['rootpath'].'/conf/rspamd_greylist.conf.master /etc/rspamd/local.d/greylist.conf'); } - if(file_exists($conf['rootpath'].'/conf-custom/rspamd_metrics.conf.master')) { - exec('cp '.$conf['rootpath'].'/conf-custom/rspamd_metrics.conf.master /etc/rspamd/local.d/metrics.conf'); + if(file_exists($conf['rootpath'].'/conf-custom/rspamd_symbols_antivirus.conf.master')) { + exec('cp '.$conf['rootpath'].'/conf-custom/rspamd_symbols_antivirus.conf.master /etc/rspamd/local.d/antivirus_group.conf'); } else { - exec('cp '.$conf['rootpath'].'/conf/rspamd_metrics.conf.master /etc/rspamd/local.d/metrics.conf'); + exec('cp '.$conf['rootpath'].'/conf/rspamd_symbols_antivirus.conf.master /etc/rspamd/local.d/antivirus_group.conf'); } - if(file_exists($conf['rootpath'].'/conf-custom/rspamd_metrics_override.conf.master')) { - exec('cp '.$conf['rootpath'].'/conf-custom/rspamd_metrics_override.conf.master /etc/rspamd/override.d/metrics.conf'); + if(file_exists($conf['rootpath'].'/conf-custom/rspamd_override_rbl.conf.master')) { + exec('cp '.$conf['rootpath'].'/conf-custom/rspamd_override_rbl.conf.master /etc/rspamd/override.d/group_rbl.conf'); } else { - exec('cp '.$conf['rootpath'].'/conf/rspamd_metrics_override.conf.master /etc/rspamd/override.d/metrics.conf'); + exec('cp '.$conf['rootpath'].'/conf/rspamd_override_rbl.conf.master /etc/rspamd/override.d/group_rbl.conf'); + } + + if(file_exists($conf['rootpath'].'/conf-custom/rspamd_override_surbl.conf.master')) { + exec('cp '.$conf['rootpath'].'/conf-custom/rspamd_override_surbl.conf.master /etc/rspamd/override.d/group_surbl.conf'); + } else { + exec('cp '.$conf['rootpath'].'/conf/rspamd_override_surbl.conf.master /etc/rspamd/override.d/group_surbl.conf'); } if(file_exists($conf['rootpath'].'/conf-custom/rspamd_mx_check.conf.master')) {