dnl dnl Поддержка Kaspersky Anti-Spam 3.x dnl dnl ВНИМАНИЕ!!! dnl при использовании kas3 необходимо включить использование dnl системного фильтра (см. параметр confSYSTEM_FILTER) dnl dnl команда получения названия и версии демона KAS3 dnl define(`confKAS3_NAME_VERSION', `rpm -q kas-3 | perl -p -e "s/\n//"') dnl define(`confKAS3_NAME_VERSION', `rpm -q kas-3 | perl -p -e "s/kas-3-/SMTP-Filter Version /;s/\.(\d+)-\d+$/ \[\$1\]/;s/\n//"') dnl define(`confKAS3_NAME_VERSION', `pkg_info -I kas\* | perl -p -e "s/\s+.+\n//"') dnl define(`confKAS3_NAME_VERSION', `pkg_info -I kas\* | perl -p -e "s/\s+.+//;s/kas-3-/SMTP-Filter Version /;s/\.(\d+)$/ \[\$1\]/;s/\n//"') dnl define(`confKAS3_NAME_VERSION_DEFAULT', `SMTP-Filter Version 3') dnl dnl параметры подключения к KAS3 dnl define(`confKAS3_ADDRESS', `tcp:127.0.0.1:2277') dnl dnl действие в случае отсутствия ответа от KAS3 либо возврата кода ошибки dnl NO - возвращать клиенту 4xx dnl YES - продолжать обработку письма dnl define(`confKAS3_DEFER_OK', `YES') dnl dnl действие для писем, опознанных как SPAM dnl REJECT - отказ в приеме письма (возврат клиенту кода 5xx) dnl DENY - синоним для REJECT dnl DROP - отказ в приеме сообщения с обрывом соединения dnl DISCARD - прием письма без доставки получателю dnl QUARANTINE - вывод в лог файл предупреждения и помещение письма в карантин dnl QUARANTINE_MAILLIST - сохранение в карантине писем из списков рассылки вместо отказа в приеме письма dnl (используется только одновременно с REJECT) dnl DISCARD_MAILLIST - игнорирование писем из списков рассылки вместо отказа в приеме письма dnl (используется только одновременно с REJECT) dnl define(`confKAS3_ACTION', `')dnl dnl если не будут указаны действия REJECT, DROP или DISCARD, то письмо будет просто помечено dnl действие QUARANTINE можно указывать вместо с REJECT и DISCARD через пробел dnl действия QUARANTINE_MAILLIST и DISCARD_MAILLIST можно указывать вместе с REJECT и DROP dnl dnl сообщение полностью исключается из проверки, если в значении $acl_m_wl_flag_msg dnl поля white_list_relays, white_list_senders или white_list_compat равны 1 dnl и поле spam_hater не равно 1 dnl dnl действие для старых заголовков dnl RENAME - переименование старых заголовков (в конец имени добавляется -Old) dnl REMOVE - удаление старых заголовков dnl NOTHING - оставлять заголовки без изменений dnl define(`confKAS3_OLD_HEADERS', `RENAME')dnl dnl dnl заголовки KAS3 dnl define(`confKAS3_HEADERS', `:X-SpamTest-Categories:X-SpamTest-Envelope-From:X-SpamTest-Group-ID:X-SpamTest-Info:X-SpamTest-Info:X-SpamTest-Info:X-SpamTest-Method:X-SpamTest-Rate:X-SpamTest-SPF:X-SpamTest-Status:X-SpamTest-Status-Extended:X-SpamTest-Version') dnl ifelse(SECTION, `ACLS_ADDITIONAL', `dnl acl_check_data_kas3: warn set acl_m0 = ${dlfunc{confDLFUNC_PATH/confDLFUNC_FNAME}{kas3}\ {confKAS3_ADDRESS}{defer_ok}{$qualify_domain}} warn condition = ${if eq{$acl_m0}{}{yes}{no}} # logwrite = KAS3 check failed set acl_m_contentscan_result = defer warn condition = ${if match{$acl_m0}{\N^kas3 dlfunc:\s*DEFER(:\s*(.+))?$\N}{yes}{no}} set acl_m1 = ${if match{$acl_m0}{\N^kas3 dlfunc:\s*DEFER(:\s*(.+))?$\N}{: $2}{}} # logwrite = KAS3 check DEFER${acl_m1} set acl_m0 = set acl_m_contentscan_result = defer # warn condition = ${if match{$acl_m0}{\N^kas3 dlfunc:\s*REJECT(:\s*(.+))?$\N}{yes}{no}} # set acl_m1 = ${if match{$acl_m0}{\N^kas3 dlfunc:\s*REJECT(:\s*(.+))?$\N}{: $2}{}} # logwrite = KAS3 check REJECT${acl_m1} # set acl_m0 = # warn condition = ${if match{$acl_m0}{\N^kas3 dlfunc:\s*ACCEPT\N}{yes}{no}} # logwrite = KAS3 check ACCEPT # warn condition = ${if match{$acl_m0}{\N^kas3 dlfunc:\s*ACCEPT\N}{yes}{no}} # set acl_m1 = ${if match{$acl_m0}{\N^kas3 dlfunc:\s*ACCEPT:\s*((.+\r?\n?)+.*)$\N}{$1}{}} # logwrite = headers added by KAS3${if eq{$acl_m1}{}{ not found}{: $acl_m1}} warn condition = ${if eq{$acl_m0}{}{no}{yes}} set acl_m1 = ${sg{$acl_m0}\ {\N(?m)^(?!((?=X-SpamTest-)|(?=\s))).+\r?\n(\s.*\r?\n)*\N}{}} # logwrite = KAS3 check: X-SpamTest headers: ${if eq{$acl_m1}{}{not found}{$acl_m1}} add_header = $acl_m1 # warn condition = ${if match{$acl_m0}{\N^kas3 dlfunc:\s*(ACCEPT|REJECT|CONTINUE)\N}{yes}{no}} # set acl_m1 = ${if match{$acl_m0}\ # {\N^kas3 dlfunc:\s*(ACCEPT|REJECT|CONTINUE): (.+\r?\n)*X-SpamTest-Version:\s*(.*?)\r?\n\N}{$3}{}} # logwrite = KAS3 check: X-SpamTest-Version value ${if eq{$acl_m1}{}{not found}{is $acl_m1}} # warn condition = ${if match{$acl_m0}{\N^kas3 dlfunc:\s*(ACCEPT|REJECT|CONTINUE)\N}{yes}{no}} # set acl_m1 = ${if match{$acl_m0}\ # {\N^kas3 dlfunc:\s*(ACCEPT|REJECT|CONTINUE): (.+\r?\n)*X-SpamTest-Status:\s*(.*?)\r?\n\N}{$3}{}} # logwrite = KAS3 check: X-SpamTest-Status value ${if eq{$acl_m1}{}{not found}{is $acl_m1}} # warn condition = ${if match{$acl_m0}{\N^kas3 dlfunc:\s*(ACCEPT|REJECT|CONTINUE)\N}{yes}{no}} # set acl_m1 = ${if match{$acl_m0}\ # {\N^kas3 dlfunc:\s*(ACCEPT|REJECT|CONTINUE): (.+\r?\n)*X-SpamTest-Status-Extended:\s*(.*?)\r?\n\N}{$3}{}} # logwrite = KAS3 check: X-SpamTest-Status-Extended value ${if eq{$acl_m1}{}{not found}{is $acl_m1}} # warn condition = ${if eq{$acl_m0}{}{no}{yes}} # set acl_m1 = ${sg{$acl_m0}\ # {\N(?m)^(?!((?=X-SpamTest-Info:)|(?=\s))).+\r?\n(\s.*\r?\n)*\N}{}} # set acl_m1 = ${sg{$acl_m1}\ # {\N(?m)^X-SpamTest-Info:\s*\N}{}} # logwrite = KAS3 check: X-SpamTest-Info: ${if eq{$acl_m1}{}{not found}{$acl_m1}} warn set acl_m_certainly_spam = condition = ${if match{$acl_m0}{\N^kas3 dlfunc:\s*(ACCEPT|REJECT|CONTINUE)\N}{yes}{no}} set acl_m1 = ${if match{$acl_m0}\ {\N^kas3 dlfunc:\s*(ACCEPT|REJECT|CONTINUE): (.+\r?\n)*X-SpamTest-Status:\s*(.*?)\r?\n\N}{$3}{}} logwrite = KAS3 check: X-SpamTest-Status value ${if eq{$acl_m1}{}{not found}{is $acl_m1}} condition = ${if eq{$acl_m1}{SPAM}{yes}{no}} set acl_m_certainly_spam = certainly_spam accept ') dnl ifelse(SECTION, `ACLS_ADDITIONAL', `') ifelse(SECTION, `ACL_CHECK_DATA_TOP', `dnl ifelse(confKAS3_OLD_HEADERS, `REMOVE', `dnl warn remove_header = confKAS3_HEADERS ') dnl ifelse(confKAS3_OLD_HEADERS, `REMOVE', `') ifelse(confKAS3_OLD_HEADERS, `RENAME', `dnl warn remove_header = confKAS3_HEADERS RENAME_HEADERS(confKAS3_HEADERS) ') dnl ifelse(confKAS3_OLD_HEADERS, `RENAME', `') ') dnl ifelse(SECTION, `ACL_CHECK_DATA_TOP', `') ifelse(SECTION, `ACL_CHECK_DATA', `dnl # KAS3 ifdef(`confKAS3_NAME_VERSION',`define(`_KAS3_VER_', `esyscmd(confKAS3_NAME_VERSION)')')dnl ifelse(len(X`'_KAS3_VER_), `1', `ifdef(`confKAS3_NAME_VERSION_DEFAULT',`define(`_KAS3_VER_', confKAS3_NAME_VERSION_DEFAULT)',`define(`_KAS3_VER_', `KAS3 Server')')')dnl # добавляем информацию о версии KAS3 # warn add_header = X-KAS3-Version: _KAS3_VER_ on $primary_hostname\n warn condition = ${if eq{$acl_m_contentscan_skip}{skip}{no}{yes}} acl = acl_check_data_kas3 warn set acl_m0 = condition = ${if eq{$acl_m_contentscan_skip}{skip}{no}{yes}} condition = ${if eq{$acl_m_contentscan_result}{defer}{no}{yes}} condition = ${if eq{$acl_m_certainly_spam}{certainly_spam}{yes}{no}} set acl_m0 = certainly_spam add_header = X-Spam-Original-Recipients: $recipients\n dnl ifelse_strstr(confKAS3_ACTION, `SUBMIT_GREYLIST', `ENTERPRISE(`greylist', `submit_kas3')') dnl ifelse_strstr(confKAS3_ACTION, `SUBMIT_MYSQL', `ENTERPRISE(`mysql', `submit_kas3')') dnl ifelse_strstr(confKAS3_ACTION, `SUBMIT_SQLITE', `ENTERPRISE(`sqlite', `submit_kas3')') ifdef(`confKAS3_DEFER_OK', `ifelse(confKAS3_DEFER_OK, `YES', `dnl warn condition = ${if eq{$acl_m_contentscan_skip}{skip}{no}{yes}} condition = ${if eq{$acl_m_contentscan_result}{defer}{yes}{no}} add_header = X-KAS3-Info: KAS3 connection deferred on $primary_hostname\n log_message = KAS3 connection deferred ', ` dnl ifdef(`confKAS3_DEFER_OK', `ifelse(confKAS3_DEFER_OK, `YES', `')') defer condition = ${if eq{$acl_m_contentscan_skip}{skip}{no}{yes}} condition = ${if eq{$acl_m_contentscan_result}{defer}{yes}{no}} message = System busy. Try again later log_message = KAS3 connection deferred ')') dnl ifdef(`confKAS3_DEFER_OK', `ifelse(confKAS3_DEFER_OK, `YES', `')') dnl define(`confKAS3_ACTION', confKAS3_ACTION` ') ifelse_strstr(confKAS3_ACTION` ', `REJECT ', ` dnl ifelse_strstr(confKAS3_ACTION` ', `QUARANTINE_MAILLIST ', ` # Quarantine spam messages warn condition = ${if eq{$acl_m0}{certainly_spam}{yes}{no}} condition = ${if or{{!eq{$h_List-Id:}{}}{eq{$h_Precedence:}{list}}}{yes}{no}} logwrite = KAS3 check: Spam is blocked and quarantined set acl_m_quarantined = $acl_m_quarantined content_scanner add_header = X-Spam-Action: quarantined\n accept condition = ${if eq{$acl_m0}{certainly_spam}{yes}{no}} condition = ${if or{{!eq{$h_List-Id:}{}}{eq{$h_Precedence:}{list}}}{yes}{no}} logwrite = original recipients: $recipients ') dnl ifelse_strstr(confKAS3_ACTION` ', `QUARANTINE_MAILLIST ', `') dnl ifelse_strstr(confKAS3_ACTION` ', `DISCARD_MAILLIST ', ` # Discard spam messages discard condition = ${if eq{$acl_m0}{certainly_spam}{yes}{no}} condition = ${if or{{!eq{$h_List-Id:}{}}{eq{$h_Precedence:}{list}}}{yes}{no}} logwrite = KAS3 check: Spam is discarded ') dnl ifelse_strstr(confKAS3_ACTION` ', `DISCARD_MAILLIST ', `') dnl ifelse_strstr(confKAS3_ACTION` ', `QUARANTINE ', ` # Reject and quarantine spam messages warn condition = ${if eq{$acl_m0}{certainly_spam}{yes}{no}} control = fakereject/Spam is blocked (${message_id}) logwrite = KAS3 check: Spam is blocked and quarantined set acl_m_quarantined = $acl_m_quarantined content_scanner add_header = X-Spam-Action: quarantined\n accept condition = ${if eq{$acl_m0}{certainly_spam}{yes}{no}} logwrite = KAS3 check: original recipients: $recipients ',` dnl ifelse_strstr(confKAS3_ACTION` ', `QUARANTINE ', `') # Reject spam messages deny condition = ${if eq{$acl_m0}{certainly_spam}{yes}{no}} logwrite = KAS3 check: Spam is rejected message = Spam is blocked (${message_id}) ') dnl ifelse_strstr(confKAS3_ACTION` ', `QUARANTINE ', `') ') dnl ifelse_strstr(confKAS3_ACTION` ', `REJECT ', `') ifelse_strstr(confKAS3_ACTION` ', `DROP ', ` dnl ifelse_strstr(confKAS3_ACTION` ', `QUARANTINE_MAILLIST ', ` # Quarantine spam messages warn condition = ${if eq{$acl_m0}{certainly_spam}{yes}{no}} condition = ${if or{{!eq{$h_List-Id:}{}}{eq{$h_Precedence:}{list}}}{yes}{no}} logwrite = KAS3 check: Spam is blocked and quarantined set acl_m_quarantined = $acl_m_quarantined content_scanner add_header = X-Spam-Action: quarantined\n accept condition = ${if eq{$acl_m0}{certainly_spam}{yes}{no}} condition = ${if or{{!eq{$h_List-Id:}{}}{eq{$h_Precedence:}{list}}}{yes}{no}} logwrite = original recipients: $recipients ') dnl ifelse_strstr(confKAS3_ACTION` ', `QUARANTINE_MAILLIST ', `') dnl ifelse_strstr(confKAS3_ACTION` ', `DISCARD_MAILLIST ', ` # Discard spam messages discard condition = ${if eq{$acl_m0}{certainly_spam}{yes}{no}} condition = ${if or{{!eq{$h_List-Id:}{}}{eq{$h_Precedence:}{list}}}{yes}{no}} logwrite = KAS3 check: Spam is discarded ') dnl ifelse_strstr(confKAS3_ACTION` ', `DISCARD_MAILLIST ', `') dnl # Drop spam messages drop condition = ${if eq{$acl_m0}{certainly_spam}{yes}{no}} logwrite = KAS3 check: Spam is rejected message = Spam is blocked (${message_id}) ') dnl ifelse_strstr(confKAS3_ACTION` ', `REJECT ', `') ifelse_strstr(confKAS3_ACTION` ', `DISCARD ', ` ifelse_strstr(confKAS3_ACTION` ', `QUARANTINE ', ` # Discard and quarantine spam messages warn condition = ${if eq{$acl_m0}{certainly_spam}{yes}{no}} logwrite = KAS3 check: Spam is quarantined set acl_m_quarantined = $acl_m_quarantined content_scanner add_header = X-Spam-Action: quarantined\n accept condition = ${if eq{$acl_m0}{certainly_spam}{yes}{no}} logwrite = original recipients: $recipients ',` dnl ifelse_strstr(confKAS3_ACTION` ', `QUARANTINE ', `') # Discard spam messages discard condition = ${if eq{$acl_m0}{certainly_spam}{yes}{no}} logwrite = KAS3 check: Spam is discarded ') dnl ifelse_strstr(confKAS3_ACTION` ', `QUARANTINE ', `') ') dnl ifelse_strstr(confKAS3_ACTION` ', `DISCARD ', `') ') dnl ifelse(SECTION, `ACL_CHECK_DATA', `')