dnl
dnl Поддержка DSPAM
dnl
dnl ВНИМАНИЕ!!!
dnl при использовании DSPAM необходимо включить использование
dnl системного фильтра (см. параметр confSYSTEM_FILTER)
dnl
dnl команда получения названия и версии демона DSPAM
dnl define(`confDSPAM_NAME_VERSION', `echo quit | nc localhost 24 | head -n 1 | grep -i dspam | perl -p -e "s/^\d+\s+//;s/\s*ready\s*//i"')
dnl define(`confDSPAM_NAME_VERSION', `echo quit | socat -v STDIN GOPEN:/var/run/dspam.sock 2>&1 | grep -i dspam | perl -p -e "s/^< \d+\s+//;s/\s*ready.+//i"')
dnl define(`confDSPAM_NAME_VERSION_DEFAULT', `DSPAM Server')
dnl
dnl параметры подключения к DSPAM
dnl define(`confDSPAM_ADDRESS', `/var/run/dspam.sock')
dnl define(`confDSPAM_ADDRESS', `127.0.0.1 24')
dnl define(`confDSPAM_IDENT', `ident@localhost')
dnl
dnl пользователь, от имени которого выполняются запросы к dspam
dnl define(`confDSPAM_USER', `mailnull')dnl
dnl
dnl действие в случае отсутствия ответа от DSPAM либо возврата кода ошибки
dnl NO		- возвращать клиенту 4xx
dnl YES		- продолжать обработку письма
dnl define(`confDSPAM_DEFER_OK', `YES')
dnl
dnl действие для писем, опознанных как SPAM
dnl REJECT		- отказ в приеме письма (возврат клиенту кода 5xx)
dnl DENY		- синоним для REJECT
dnl DROP		- отказ в приеме сообщения с обрывом соединения
dnl DISCARD		- прием письма без доставки получателю
dnl QUARANTINE		- вывод в лог файл предупреждения и помещение письма в карантин
dnl QUARANTINE_MAILLIST	- сохранение в карантине писем из списков рассылки вместо отказа в приеме письма
dnl			(используется только одновременно с REJECT)
dnl DISCARD_MAILLIST	- игнорирование писем из списков рассылки вместо отказа в приеме письма
dnl			(используется только одновременно с REJECT)
dnl define(`confDSPAM_ACTION', `NO')dnl
dnl если не будут указаны действия REJECT, DROP или DISCARD, то письмо будет просто помечено
dnl действие QUARANTINE можно указывать вместо с REJECT и DISCARD через пробел
dnl действия QUARANTINE_MAILLIST и DISCARD_MAILLIST можно указывать вместе с REJECT и DROP
dnl
dnl значение по умолчанию времени жизни записи о хосте в кеше greylisting'а в минутах
dnl define(`confDSPAM_GREYLIST_PERIOD', `eval(24*60)')dnl
dnl
dnl сообщение полностью исключается из проверки, если в значении $acl_m_wl_flag_msg
dnl поля white_list_relays, white_list_senders или white_list_compat равны 1
dnl и поле spam_hater не равно 1
dnl
dnl действие для старых заголовков
dnl RENAME	- переименование старых заголовков (в конец имени добавляется -Old)
dnl REMOVE	- удаление старых заголовков
dnl NOTHING	- оставлять заголовки без изменений
dnl define(`confDSPAM_OLD_HEADERS', `RENAME')dnl
dnl
dnl заголовки DSPAM
dnl define(`confDSPAM_HEADERS', `:X-DSPAM-Info:X-DSPAM-Version:X-Daemon-Classification:X-DSPAM-Result:X-DSPAM-Processed:X-DSPAM-Confidence:X-DSPAM-Improbability:X-DSPAM-Probability:X-DSPAM-Signature:X-DSPAM-Factors')
dnl

ifelse(SECTION, `ACLS_ADDITIONAL', `dnl

acl_check_data_dspam:

	warn	set acl_m_contentscan_result =
		set acl_m0	= ${dlfunc{confDLFUNC_PATH/confDLFUNC_FNAME}{dspam}\
				{confDSPAM_ADDRESS}{confDSPAM_IDENT}{defer_ok}{confDSPAM_USER}}

	warn	condition	= ${if eq{$acl_m0}{}{yes}{no}}
#		logwrite	= DSPAM check failed
		set acl_m_contentscan_result = defer
	warn	condition	= ${if match{$acl_m0}{\N^dspam dlfunc:\s*DEFER(:\s*(.+))?$\N}{yes}{no}}
		set acl_m1	= ${if match{$acl_m0}{\N^dspam dlfunc:\s*DEFER(:\s*(.+))?$\N}{: $2}{}}
#		logwrite	= DSPAM check DEFER${acl_m1}
		set acl_m0	= 
		set acl_m_contentscan_result = defer

	warn	set acl_m_Daemon_Classification	= 
		condition	= ${if eq{$acl_m0}{}{no}{yes}}
		condition	= ${if eq{$acl_m_contentscan_result}{defer}{no}{yes}}
		set acl_m_Daemon_Classification	= ${if match{$acl_m0}\
				{\N^DSPAM answer: (.+\r?\n)*X-Daemon-Classification:\s*(\S+)(.*\r?\n)*.*$\N}{$2}{}}
		logwrite	= DSPAM check: X-Daemon-Classification value ${if eq{$acl_m_Daemon_Classification}{}{not found}{is $acl_m_Daemon_Classification}}
		add_header	= X-Daemon-Classification: $acl_m_Daemon_Classification
#	warn	condition	= ${if eq{$acl_m0}{}{no}{yes}}
#		set acl_m1	= ${if match{$acl_m0}\
#				{\N^DSPAM answer: (.+\r?\n)*X-DSPAM-Signature:\s*(\S+)(.*\r?\n)*.*$\N}{$2}{}}
#		logwrite	= DSPAM check: X-DSPAM-Signature value ${if eq{$acl_m1}{}{not found}{is $acl_m1}}
#	warn	condition	= ${if eq{$acl_m0}{}{no}{yes}}
#		set acl_m1	= ${if match{$acl_m0}\
#				{\N^DSPAM answer: (.+\r?\n)*X-DSPAM-Factors:\s*(.+(\n\s+.+)*)((\r?\n)?.*\r?\n)*.*$\N}{$2}{}}
#		logwrite	= DSPAM check: X-DSPAM-Factors value ${if eq{$acl_m1}{}{not found}{is $acl_m1}}

	warn	condition	= ${if eq{$acl_m0}{}{no}{yes}}
		condition	= ${if eq{$acl_m_contentscan_result}{defer}{no}{yes}}
		set acl_m1	= ${sg{$acl_m0}\
				{\N(?m)^(?!((?=X-DSPAM-)|(?=\s))).+\r?\n(\s.*\r?\n)*\N}{}}
#		logwrite	= DSPAM check: DSPAM headers: ${if eq{$acl_m1}{}{not found}{$acl_m1}}
		add_header	= $acl_m1

	warn	set acl_m_certainly_spam	=
		condition	= ${if eq{$acl_m_Daemon_Classification}{SPAM}{yes}{no}}
		set acl_m_certainly_spam = certainly_spam

	accept
') dnl ifelse(SECTION, `ACLS_ADDITIONAL', `')


ifelse(SECTION, `ACL_CHECK_DATA_TOP', `dnl

ifelse(confDSPAM_OLD_HEADERS, `REMOVE', `dnl
	warn	remove_header	= confDSPAM_HEADERS
') dnl ifelse(confDSPAM_OLD_HEADERS, `REMOVE', `')

ifelse(confDSPAM_OLD_HEADERS, `RENAME', `dnl
	warn	remove_header	= confDSPAM_HEADERS
RENAME_HEADERS(confDSPAM_HEADERS)
') dnl ifelse(confDSPAM_OLD_HEADERS, `RENAME', `')

') dnl ifelse(SECTION, `ACL_CHECK_DATA_TOP', `')


ifelse(SECTION, `ACL_CHECK_DATA', `dnl
	# DSPAM

ifdef(`confDSPAM_NAME_VERSION',`define(`_DSPAM_VER_', `esyscmd(confDSPAM_NAME_VERSION)')')dnl
ifelse(len(X`'_DSPAM_VER_), `1', `ifdef(`confDSPAM_NAME_VERSION_DEFAULT',`define(`_DSPAM_VER_', confDSPAM_NAME_VERSION_DEFAULT)',`define(`_DSPAM_VER_', `DSPAM Server')')')dnl
	# добавляем информацию о версии DSPAM
#	warn	add_header	= X-DSPAM-Version: _DSPAM_VER_ on $primary_hostname\n

	warn	condition	= ${if eq{$acl_m_contentscan_skip}{skip}{no}{yes}}
		acl		= acl_check_data_dspam

	warn	set acl_m0	= 
		condition	= ${if eq{$acl_m_contentscan_skip}{skip}{no}{yes}}
		condition	= ${if eq{$acl_m_contentscan_result}{defer}{no}{yes}}
		condition	= ${if eq{$acl_m_certainly_spam}{certainly_spam}{yes}{no}}
		set acl_m0	= certainly_spam
		add_header	= X-Spam-Original-Recipients: $recipients\n

dnl ifelse_strstr(confDSPAM_ACTION, `SUBMIT_GREYLIST', `ENTERPRISE(`greylist', `submit_dspam')')
dnl ifelse_strstr(confDSPAM_ACTION, `SUBMIT_MYSQL',    `ENTERPRISE(`mysql', `submit_dspam')')
dnl ifelse_strstr(confDSPAM_ACTION, `SUBMIT_SQLITE',   `ENTERPRISE(`sqlite', `submit_dspam')')

ifdef(`confDSPAM_DEFER_OK', `ifelse(confDSPAM_DEFER_OK, `YES', `dnl
	warn	condition	= ${if eq{$acl_m_contentscan_skip}{skip}{no}{yes}}
		condition	= ${if eq{$acl_m_contentscan_result}{defer}{yes}{no}}
		add_header	= X-DSPAM-Info: DSPAM connection deferred on $primary_hostname\n
		log_message	= DSPAM connection deferred
', ` dnl ifdef(`confDSPAM_DEFER_OK', `ifelse(confDSPAM_DEFER_OK, `YES', `')')
	defer	condition	= ${if eq{$acl_m_contentscan_skip}{skip}{no}{yes}}
		condition	= ${if eq{$acl_m_contentscan_result}{defer}{yes}{no}}
		message		= System busy. Try again later
		log_message	= DSPAM connection deferred
')') dnl ifdef(`confDSPAM_DEFER_OK', `ifelse(confDSPAM_DEFER_OK, `YES', `')')

dnl define(`confDSPAM_ACTION', confDSPAM_ACTION` ')

ifelse_strstr(confDSPAM_ACTION` ', `REJECT ', `
dnl
ifelse_strstr(confDSPAM_ACTION` ', `QUARANTINE_MAILLIST ', `
	# Quarantine spam messages
	warn	condition	= ${if eq{$acl_m0}{certainly_spam}{yes}{no}}
		condition	= ${if or{{!eq{$h_List-Id:}{}}{eq{$h_Precedence:}{list}}}{yes}{no}}
		logwrite	= Spam is blocked and quarantined
		set acl_m_quarantined = $acl_m_quarantined content_scanner
		add_header	= X-Spam-Action: quarantined\n
	accept	condition	= ${if eq{$acl_m0}{certainly_spam}{yes}{no}}
		condition	= ${if or{{!eq{$h_List-Id:}{}}{eq{$h_Precedence:}{list}}}{yes}{no}}
		logwrite	= original recipients: $recipients
') dnl ifelse_strstr(confDSPAM_ACTION` ', `QUARANTINE_MAILLIST ', `')
dnl
ifelse_strstr(confDSPAM_ACTION` ', `DISCARD_MAILLIST ', `
	# Discard spam messages
	discard	condition	= ${if eq{$acl_m0}{certainly_spam}{yes}{no}}
		condition	= ${if or{{!eq{$h_List-Id:}{}}{eq{$h_Precedence:}{list}}}{yes}{no}}
		logwrite	= Spam is discarded
') dnl ifelse_strstr(confDSPAM_ACTION` ', `DISCARD_MAILLIST ', `')
dnl
ifelse_strstr(confDSPAM_ACTION` ', `QUARANTINE ', `
	# Reject and quarantine spam messages
	warn	condition	= ${if eq{$acl_m0}{certainly_spam}{yes}{no}}
		control		= fakereject/Spam is blocked (${message_id})
		logwrite	= Spam is blocked and quarantined
		set acl_m_quarantined = $acl_m_quarantined content_scanner
		add_header	= X-Spam-Action: quarantined\n
	accept	condition	= ${if eq{$acl_m0}{certainly_spam}{yes}{no}}
		logwrite	= original recipients: $recipients
',` ifelse_strstr(confDSPAM_ACTION` ', `QUARANTINE ', `')
	# Reject spam messages
	deny	condition	= ${if eq{$acl_m0}{certainly_spam}{yes}{no}}
		logwrite	= Spam is rejected
		message		= Spam is blocked (${message_id})
') dnl ifelse_strstr(confDSPAM_ACTION` ', `QUARANTINE ', `')
') dnl ifelse_strstr(confDSPAM_ACTION` ', `REJECT ', `')


ifelse_strstr(confDSPAM_ACTION` ', `DROP ', `
dnl
ifelse_strstr(confDSPAM_ACTION` ', `QUARANTINE_MAILLIST ', `
	# Quarantine spam messages
	warn	condition	= ${if eq{$acl_m0}{certainly_spam}{yes}{no}}
		condition	= ${if or{{!eq{$h_List-Id:}{}}{eq{$h_Precedence:}{list}}}{yes}{no}}
		logwrite	= Spam is blocked and quarantined
		set acl_m_quarantined = $acl_m_quarantined content_scanner
		add_header	= X-Spam-Action: quarantined\n
	accept	condition	= ${if eq{$acl_m0}{certainly_spam}{yes}{no}}
		condition	= ${if or{{!eq{$h_List-Id:}{}}{eq{$h_Precedence:}{list}}}{yes}{no}}
		logwrite	= original recipients: $recipients
') dnl ifelse_strstr(confDSPAM_ACTION` ', `QUARANTINE_MAILLIST ', `')
dnl
ifelse_strstr(confDSPAM_ACTION` ', `DISCARD_MAILLIST ', `
	# Discard spam messages
	discard	condition	= ${if eq{$acl_m0}{certainly_spam}{yes}{no}}
		condition	= ${if or{{!eq{$h_List-Id:}{}}{eq{$h_Precedence:}{list}}}{yes}{no}}
		logwrite	= Spam is discarded
') dnl ifelse_strstr(confDSPAM_ACTION` ', `DISCARD_MAILLIST ', `')
dnl
	# Drop spam messages
	drop	condition	= ${if eq{$acl_m0}{certainly_spam}{yes}{no}}
		logwrite	= Spam is rejected
		message		= Spam is blocked (${message_id})
') dnl ifelse_strstr(confDSPAM_ACTION` ', `DROP ', `')


ifelse_strstr(confDSPAM_ACTION` ', `DISCARD ', `
ifelse_strstr(confDSPAM_ACTION` ', `QUARANTINE ', `
	# Discard and quarantine spam messages
	warn	condition	= ${if eq{$acl_m0}{certainly_spam}{yes}{no}}
		logwrite	= Spam is quarantined
		set acl_m_quarantined = $acl_m_quarantined content_scanner
		add_header	= X-Spam-Action: quarantined\n
	accept	condition	= ${if eq{$acl_m0}{certainly_spam}{yes}{no}}
		logwrite	= original recipients: $recipients
',` dnl ifelse_strstr(confDSPAM_ACTION` ', `QUARANTINE ', `')
	# Discard spam messages
	discard	condition	= ${if eq{$acl_m0}{certainly_spam}{yes}{no}}
		logwrite	= Spam is discarded
') dnl ifelse_strstr(confDSPAM_ACTION` ', `QUARANTINE ', `')
') dnl ifelse_strstr(confDSPAM_ACTION` ', `DISCARD ', `')

') dnl ifelse(SECTION, `ACL_CHECK_DATA', `')