|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
function imapFolder($cf, $username) { |
|
4
|
|
|
$open='{'.$cf['mailhost'].':143/imap/novalidate-cert/authuser='.$cf['authuser'].'}'; |
|
5
|
|
|
$m_mail = imap_open($open, $username, $cf['authpassword'], OP_READONLY) |
|
6
|
|
|
or syslog (LOG_EMERG, $cf['user'].': Error in IMAP connection to <'.$cf['mailhost'].'>: ' . imap_last_error()); |
|
7
|
|
|
if ( !$m_mail ) exit(254); |
|
|
|
|
|
|
8
|
|
|
|
|
9
|
|
|
|
|
10
|
|
|
syslog (LOG_INFO,$cf['user'].': Successfully connected to <'.$cf['mailhost'].'>; Listing folders of account <'.$username.'>...'); |
|
11
|
|
|
//get all folder |
|
12
|
|
|
$list = imap_list($m_mail, $open, "*"); |
|
13
|
|
|
imap_close($m_mail); |
|
14
|
|
|
if (is_array($list)) |
|
15
|
|
|
foreach ($list as $mbox) |
|
16
|
|
|
$return[] = explode($open,$mbox,2)[1]; |
|
|
|
|
|
|
17
|
|
|
else |
|
18
|
|
|
syslog (LOG_INFO,$cf['user'] . ': imap_list failed: ' . imap_last_error() ); |
|
19
|
|
|
return $return; |
|
|
|
|
|
|
20
|
|
|
} |
|
21
|
|
|
|
|
22
|
|
|
function imapFind ($cf, $username, $folder) { |
|
23
|
|
|
$head=array(); |
|
24
|
|
|
$m_mail = imap_open('{'.$cf['mailhost'].':143/imap/novalidate-cert/authuser='.$cf['authuser'].'}'.$folder, $username,$cf['authpassword'], OP_READONLY) |
|
25
|
|
|
or syslog (LOG_EMERG, $cf['user'].': Error in IMAP connection to <'.$cf['mailhost'].'>: ' . imap_last_error()); |
|
|
|
|
|
|
26
|
|
|
if ( !$m_mail ) exit(254); |
|
|
|
|
|
|
27
|
|
|
|
|
28
|
|
|
|
|
29
|
|
|
syslog (LOG_INFO,$cf['user'].': Successfully connected to <'.$cf['mailhost'].">; Reading <$folder> messages of last ".$cf['oldestday'].' days on account <'.$username.'>...'); |
|
30
|
|
|
//get all messages |
|
31
|
|
|
$dateTh = date ( "d-M-Y", strToTime ( '-'.$cf['oldestday'].' days' ) ); |
|
32
|
|
|
$m_search=imap_search ($m_mail, "SINCE \"$dateTh\" TEXT \"Authentication-Results: \"" ); |
|
33
|
|
|
|
|
34
|
|
|
|
|
35
|
|
|
// Order results starting from newest message |
|
36
|
|
|
if ( empty($m_search) ) { |
|
37
|
|
|
syslog (LOG_INFO,$cf['user'].": No suitable mail found in <$folder> folder."); |
|
38
|
|
View Code Duplication |
if ( $ierr = imap_errors() ) |
|
|
|
|
|
|
39
|
|
|
foreach ( $ierr as $thiserr ) |
|
40
|
|
|
syslog (LOG_ERR, $cf['user'].": IMAP Error: $thiserr"); |
|
41
|
|
View Code Duplication |
if ( $ierr = imap_alerts() ) |
|
|
|
|
|
|
42
|
|
|
foreach ( $ierr as $thiserr ) |
|
43
|
|
|
syslog (LOG_ALERT, $cf['user'].": IMAP Alert: $thiserr"); |
|
44
|
|
|
imap_close( $m_mail ); |
|
45
|
|
|
return FALSE; |
|
46
|
|
|
} |
|
47
|
|
|
$nmes = count ($m_search); |
|
48
|
|
|
syslog (LOG_INFO,$cf['user'].": Found $nmes mail in <$folder> folder."); |
|
49
|
|
|
if ($nmes>0) rsort($m_search); |
|
50
|
|
|
|
|
51
|
|
|
// loop for each message |
|
52
|
|
|
foreach ($m_search as $onem) |
|
53
|
|
|
$head[] = imap_fetchheader($m_mail, $onem ); |
|
54
|
|
|
imap_close($m_mail); |
|
55
|
|
|
return $head; |
|
56
|
|
|
} |
|
57
|
|
|
|
|
58
|
|
|
function dspamLevel($prob, $conf) { |
|
59
|
|
|
/* Calculate DSPAM Level as the Spamassassin Plugin */ |
|
60
|
|
|
if (is_null($prob) or is_null($conf)) return '-'; |
|
|
|
|
|
|
61
|
|
|
$t_prob = abs((($prob - 0.5) * 2) * 100); |
|
62
|
|
|
return round(($t_prob + ($conf*100)) / 2); |
|
63
|
|
|
} |
|
64
|
|
|
|
|
65
|
|
|
function imapInfo($header,$ARhosts,$dpl=false, $learn=false) { |
|
66
|
|
|
/* Get relevant Info from header's mail */ |
|
67
|
|
|
/* Each line must end with /r/n */ |
|
68
|
|
|
|
|
69
|
|
|
$dateC = NULL; |
|
|
|
|
|
|
70
|
|
|
$mid = NULL; |
|
|
|
|
|
|
71
|
|
|
$result = array( |
|
72
|
|
|
'date' => NULL, |
|
73
|
|
|
'from' => NULL, |
|
74
|
|
|
'messageid' => NULL, |
|
75
|
|
|
'dmarc' => array( |
|
76
|
|
|
'result' => NULL, |
|
77
|
|
|
'dom' => NULL |
|
78
|
|
|
), |
|
79
|
|
|
'spf' => array( |
|
80
|
|
|
'result' => NULL, |
|
81
|
|
|
'dom' => NULL |
|
82
|
|
|
), |
|
83
|
|
|
'dkim' => array( |
|
84
|
|
|
'result' => NULL, |
|
85
|
|
|
'dom' => NULL |
|
86
|
|
|
), |
|
87
|
|
|
'spam' => array( |
|
88
|
|
|
'status' => NULL, |
|
89
|
|
|
'score' => NULL, |
|
90
|
|
|
'th' => NULL, |
|
91
|
|
|
), |
|
92
|
|
|
'dspam' => array( |
|
93
|
|
|
'type' => NULL, |
|
94
|
|
|
'level' => NULL, |
|
95
|
|
|
'learn' => NULL |
|
96
|
|
|
), |
|
97
|
|
|
'warn' => NULL |
|
98
|
|
|
); |
|
99
|
|
|
|
|
100
|
|
|
|
|
101
|
|
View Code Duplication |
if ( preg_match_all ('/^Authentication\-Results:\s+(?<host>[\w\.]+);(?:\s+|\r\n\s+)dmarc=(?<dmarc>\w+)\s+\(p=\w+\s+dis=\w+\)\s+header\.from=(?<DMARCfrom>[\w\.]+)/m',$header,$received) ) { |
|
|
|
|
|
|
102
|
|
|
$k=0; |
|
103
|
|
|
for ($i = count($received[0])-1;$i>=0;$i--) { |
|
104
|
|
|
foreach ($ARhosts as $mx) { |
|
105
|
|
|
if ($mx == $received['host'][$i]) { |
|
106
|
|
|
/* This is a trusted AR result */ |
|
107
|
|
|
$result['dmarc']['result']=$received['dmarc'][$i]; |
|
108
|
|
|
$result['dmarc']['dom'] = $received['DMARCfrom'][$i]; |
|
109
|
|
|
$k++; |
|
110
|
|
|
} |
|
111
|
|
|
} |
|
112
|
|
|
} |
|
113
|
|
|
} |
|
114
|
|
|
$received=NULL; |
|
115
|
|
|
if ($k>1) $result['warn'][] = 'The trusted DMARC AR Headers are present more than once. Something wrong.'; |
|
|
|
|
|
|
116
|
|
|
|
|
117
|
|
View Code Duplication |
if ( preg_match_all('/^Authentication\-Results:\s+(?<host>[\w\.]+);(?:\s+|\r\n\s+)spf=(?<spf>\w+)\s+smtp\.(?:mailfrom|helo)=(?<SPFfrom>[\w\.]+)/m',$header,$received) ) { |
|
|
|
|
|
|
118
|
|
|
$k=0; |
|
119
|
|
|
for ($i = count($received[0])-1;$i>=0;$i--) { |
|
120
|
|
|
foreach ($ARhosts as $mx) { |
|
121
|
|
|
if ($mx == $received['host'][$i]) { |
|
122
|
|
|
/* This is a trusted AR result */ |
|
123
|
|
|
$result['spf']['result']=$received['spf'][$i]; |
|
124
|
|
|
$result['spf']['dom'] = $received['SPFfrom'][$i]; |
|
125
|
|
|
$k++; |
|
126
|
|
|
} |
|
127
|
|
|
} |
|
128
|
|
|
} |
|
129
|
|
|
} |
|
130
|
|
|
$received=NULL; |
|
131
|
|
|
if ($k>1) $result['warn'][] = 'The trusted SPF AR Headers are present more than once. Something wrong.'; |
|
132
|
|
|
|
|
133
|
|
View Code Duplication |
if ( preg_match_all('/^Authentication\-Results:\s+(?<host>[\w\.]+);(?:\s+|\r\n\s+)dkim=(?<dkim>\w+)\s+[\w\s\(\)\-]+header\.d=(?<DKIMdom>[\w\.]+)/m',$header,$received) ) { |
|
|
|
|
|
|
134
|
|
|
$k=0; |
|
135
|
|
|
for ($i = count($received[0])-1;$i>=0;$i--) { |
|
136
|
|
|
foreach ($ARhosts as $mx) { |
|
137
|
|
|
if ($mx == $received['host'][$i]) { |
|
138
|
|
|
/* This is a trusted AR result */ |
|
139
|
|
|
$result['dkim']['result']=$received['dkim'][$i]; |
|
140
|
|
|
$result['dkim']['dom'] = $received['DKIMdom'][$i]; |
|
141
|
|
|
$k++; |
|
142
|
|
|
} |
|
143
|
|
|
} |
|
144
|
|
|
} |
|
145
|
|
|
} |
|
146
|
|
|
$received=NULL; |
|
147
|
|
|
if ($k>1) $result['warn'][] = 'The trusted DKIM AR Headers are present more than once. Something wrong.'; |
|
148
|
|
|
|
|
149
|
|
|
if ($dpl) { /* Use Spamassassin Plugin */ |
|
150
|
|
|
if ( preg_match_all('/^X\-Spam\-Status:\s(?P<spamstatus>\w+)\,(?:\s+|\r\n\s+)score=(?P<score>[\-\.\d]+)(?:\s+|\r\n\s+)tagged_above=\-{0,1}\d+(?:\s+|\r\n\s+)required=(?P<th>[\-\.\d]+)(?:\s+|\r\n\s+)tests=\[(?:.|\r\n\s+)*DSPAM_(?P<dtype>SPAM|HAM)_(?P<dlevel>\d\d)(?:.|\r\n\s+)*\]/m',$header,$received) ) { |
|
151
|
|
|
$result['spam']['status']=$received['spamstatus'][0]; |
|
152
|
|
|
$result['spam']['score'] = $received['score'][0]; |
|
153
|
|
|
$result['spam']['th'] = $received['th'][0]; |
|
154
|
|
|
$result['dspam']['type'] = $received['dtype'][0]; |
|
155
|
|
|
$result['dspam']['level'] =$received['dlevel'][0]; |
|
156
|
|
|
} |
|
157
|
|
|
if (count($received[0])>1) $result['warn'][] = 'The Spamassassin Headers are present more than once. I consider only the last one.'; |
|
158
|
|
|
} |
|
159
|
|
|
else { /* Parse apart all DSPAM Header and calculate a level */ |
|
160
|
|
|
if ( preg_match_all('/^X\-Spam\-Status:\s(?P<spamstatus>\w+)\,(?:\s+|\r\n\s+)score=(?P<score>[\-\.\d]+)(?:\s+|\r\n\s+)tagged_above=\-{0,1}\d+(?:\s+|\r\n\s+)required=(?P<th>[\-\.\d]+)(?:\s+|\r\n\s+)tests=\[(?:.|\r\n\s+)*\]/m',$header,$received) ) { |
|
161
|
|
|
$result['spam']['status']=$received['spamstatus'][0]; |
|
162
|
|
|
$result['spam']['score'] = $received['score'][0]; |
|
163
|
|
|
$result['spam']['th'] = $received['th'][0]; |
|
164
|
|
|
if (count($received[0])>1) |
|
165
|
|
|
$result['warn'][]= 'The Spamassassin Headers are present more than once. I consider only the last one.'; |
|
166
|
|
|
} |
|
167
|
|
View Code Duplication |
if ( preg_match ('/\r\nX\-DSPAM\-Result:\s(?P<result>.*)\r\n/',$header,$received) != 1) |
|
|
|
|
|
|
168
|
|
|
$result['warn'] = 'DSPAM Result invalid, not present or present more than once.'; |
|
169
|
|
|
else |
|
170
|
|
|
$result['dspam']['type']=$received['result']; |
|
171
|
|
|
$prob = NULL; |
|
172
|
|
|
$conf = NULL; |
|
173
|
|
View Code Duplication |
if ( preg_match ('/\r\nX\-DSPAM\-Probability:\s(?P<prob>.*)\r\n/',$header,$received) != 1) |
|
|
|
|
|
|
174
|
|
|
$result['warn'][] = 'DSPAM Probability invalid, not present or present more than once.'; |
|
175
|
|
|
else |
|
176
|
|
|
$prob = $received['prob']; |
|
177
|
|
View Code Duplication |
if ( preg_match ('/\r\nX\-DSPAM\-Confidence:\s(?P<conf>.*)\r\n/',$header,$received) != 1) |
|
|
|
|
|
|
178
|
|
|
$result['warn'][] = 'DSPAM Confidence invalid, not present or present more than once.'; |
|
179
|
|
|
else |
|
180
|
|
|
$conf = $received['conf']; |
|
181
|
|
|
$result['dspam']['level'] = dspamLevel($prob,$conf); |
|
182
|
|
|
} |
|
183
|
|
|
$received=NULL; |
|
184
|
|
View Code Duplication |
if ( preg_match ('/\r\nFrom:\s(?P<from>.*)\r\n/',$header,$received) != 1) |
|
|
|
|
|
|
185
|
|
|
$result['warn'][] = 'From header invalid or not present'; |
|
186
|
|
|
else |
|
187
|
|
|
$result['from'] = $received['from']; |
|
188
|
|
|
|
|
189
|
|
View Code Duplication |
if ( preg_match ('/\r\nDate:\s(?P<date>.*)\r\n/',$header,$received) != 1) |
|
|
|
|
|
|
190
|
|
|
$result['warn'][] = 'Date header invalid or not present'; |
|
191
|
|
|
else |
|
192
|
|
|
$result['date'] = $received['date']; |
|
193
|
|
|
|
|
194
|
|
|
$received=NULL; |
|
195
|
|
View Code Duplication |
if ( preg_match ('/\r\nMessage\-I(?:D|d):\s(?P<mid>.*)\r\n/',$header,$received) != 1) |
|
|
|
|
|
|
196
|
|
|
$result['warn'][] = 'Message-ID invalid, not present or present more than once.'; |
|
197
|
|
|
else |
|
198
|
|
|
$result['messageid']=$received['mid']; |
|
199
|
|
|
|
|
200
|
|
|
$received=NULL; |
|
201
|
|
|
|
|
202
|
|
|
switch ($learn) { |
|
203
|
|
|
case 'dspamc': |
|
204
|
|
View Code Duplication |
if ( preg_match ('/\r\nX\-DSPAM\-Signature:\s(?P<sig>.*)\r\n/',$header,$received) != 1) |
|
|
|
|
|
|
205
|
|
|
$result['warn'] = 'DSPAM Signature invalid, not present or present more than once.'; |
|
206
|
|
|
else |
|
207
|
|
|
$result['dspam']['learn']=$received['sig']; |
|
208
|
|
|
break; |
|
209
|
|
|
case false: |
|
210
|
|
|
break; |
|
211
|
|
|
default: |
|
212
|
|
|
syslog (LOG_INFO,$user.': Error in "learn" imap configuration value. Please, set "dspamc" or "false".'); |
|
|
|
|
|
|
213
|
|
|
} |
|
214
|
|
|
|
|
215
|
|
|
return $result; |
|
216
|
|
|
} |
|
217
|
|
|
|
|
218
|
|
|
|
|
219
|
|
|
|
|
220
|
|
|
|
|
221
|
|
|
function printTableHeader($title,$content,$footer=FALSE,$fcontent) { |
|
222
|
|
|
print <<<END |
|
223
|
|
|
<caption>$title</caption> |
|
224
|
|
|
<thead> |
|
225
|
|
|
<tr> |
|
226
|
|
|
END; |
|
227
|
|
|
$kcontent = array_keys($content); |
|
228
|
|
|
$cols = count($kcontent); |
|
229
|
|
|
for ($i=0; $i<$cols; $i++) { |
|
230
|
|
|
$key = $kcontent[$i]; |
|
231
|
|
|
printf ('<th colspan="%d" rowspan="%d">%s</th>', |
|
232
|
|
|
!is_array($content[$key]) ?: |
|
233
|
|
|
count(array_keys($content[$key])) ?: '1', |
|
234
|
|
|
!is_array($content[$key]) ?: |
|
235
|
|
|
empty(array_keys($content[$key])) ? '2' : '1', |
|
236
|
|
|
$kcontent[$i]); |
|
237
|
|
|
} |
|
238
|
|
|
print '</tr><tr>'; |
|
239
|
|
|
for ($i=0; $i<$cols; $i++) { |
|
240
|
|
|
$key = $kcontent[$i]; |
|
241
|
|
|
if (is_array($content[$key])&&($hs = array_keys($content[$key]))) { |
|
242
|
|
|
foreach ($hs as $h) |
|
243
|
|
|
printf('<th>%s</th>',$h); |
|
244
|
|
|
} |
|
245
|
|
|
} |
|
246
|
|
|
|
|
247
|
|
|
print '</tr></thead>'; |
|
248
|
|
|
if ($footer) { |
|
249
|
|
|
print '<tfoot><tr>'; |
|
250
|
|
|
print "<th colspan=\"$cols\">".$fcontent.'</th>'; |
|
251
|
|
|
print '</tr></tfoot>'; |
|
252
|
|
|
} |
|
253
|
|
|
return TRUE; |
|
254
|
|
|
} |
|
255
|
|
|
|
|
256
|
|
|
|
|
257
|
|
|
function formatVal($val, $learn) { |
|
258
|
|
|
foreach (array_keys($val) as $key) { |
|
259
|
|
|
if (is_array($val["$key"]) and ($key!='warn')) |
|
|
|
|
|
|
260
|
|
|
$val["$key"] = formatVal($val["$key"], $learn); |
|
261
|
|
|
else { |
|
262
|
|
|
switch ($key) { |
|
263
|
|
|
case 'warn': |
|
264
|
|
|
if (empty($val["$key"])) |
|
265
|
|
|
$val["$key"] = '-'; |
|
266
|
|
|
else |
|
267
|
|
|
$val["$key"] = sprintf('<div title="%s">Y</div>',implode($val["$key"],"\n")); |
|
268
|
|
|
break; |
|
269
|
|
|
case 'learn': |
|
270
|
|
|
$val["$key"] = formLearn($learn, $val); |
|
271
|
|
|
break; |
|
272
|
|
|
default: |
|
273
|
|
|
$val["$key"] = htmlentities($val["$key"]); |
|
274
|
|
|
} |
|
275
|
|
|
} |
|
276
|
|
|
} |
|
277
|
|
|
return $val; |
|
278
|
|
|
} |
|
279
|
|
|
|
|
280
|
|
|
function formLearn($type, $par) { |
|
281
|
|
|
$return = NULL; |
|
282
|
|
|
switch ($type) { |
|
283
|
|
|
case 'dspamc': |
|
|
|
|
|
|
284
|
|
|
$classes = array('Spam', 'Innocent'); |
|
285
|
|
|
foreach ($classes as $class) { |
|
286
|
|
|
$par['class'] = $class; |
|
287
|
|
|
$val["$class"] = sprintf('dspamc --user dspam --deliver=summary --class=%s --source=error --signature=%s', |
|
|
|
|
|
|
288
|
|
|
strtolower($class), $par['learn']); |
|
289
|
|
|
if (($class != $par['type'])||($par['level']<99)) |
|
290
|
|
|
$return .= sprintf(file_get_contents('formLearnDSPAM.htm'), |
|
291
|
|
|
$class,$class,$val["$class"],base64_encode(json_encode($par)),$class); |
|
|
|
|
|
|
292
|
|
|
} |
|
293
|
|
|
default: |
|
294
|
|
|
return $return; |
|
295
|
|
|
} |
|
296
|
|
|
return $return; |
|
|
|
|
|
|
297
|
|
|
} |
|
298
|
|
|
|
|
299
|
|
|
function printTableRow($row, $learn, $init=true) { |
|
300
|
|
|
$bg = NULL; |
|
|
|
|
|
|
301
|
|
|
$color = 'inherit'; |
|
302
|
|
|
if ($init) |
|
303
|
|
|
$row=formatVal($row,$learn); |
|
304
|
|
|
foreach( $row as $key => $val) { |
|
305
|
|
|
if (is_array($val)) |
|
306
|
|
|
printTableRow($val, $learn, false); |
|
307
|
|
|
else { |
|
308
|
|
|
/* DSPAM format */ |
|
309
|
|
|
if (isset($row['type'])) |
|
310
|
|
|
switch($row['type']) { |
|
311
|
|
|
case 'Innocent': |
|
312
|
|
|
case 'HAM': |
|
313
|
|
|
$color = 'rgba(0,255,0, %.1f)'; |
|
314
|
|
|
break; |
|
315
|
|
|
case 'Spam': |
|
316
|
|
|
case 'SPAM': |
|
317
|
|
|
$color = 'rgba(255,0,0,%.1f)'; |
|
318
|
|
|
} |
|
319
|
|
|
/* DMARC, DKIM, SPF format */ |
|
320
|
|
|
if (isset($row['result'])) |
|
321
|
|
|
switch($row['result']) { |
|
322
|
|
|
case 'pass': |
|
323
|
|
|
$color = 'rgba(0,255,0, %.1f)'; |
|
324
|
|
|
break; |
|
325
|
|
|
case 'fail': |
|
326
|
|
|
$color = 'rgba(255,0,0,%.1f)'; |
|
327
|
|
|
} |
|
328
|
|
|
/* Spamassassin format */ |
|
329
|
|
|
if (isset($row['status'])) |
|
330
|
|
|
switch($row['status']) { |
|
331
|
|
|
case 'No': |
|
332
|
|
|
$color = 'rgba(0,255,0, %.1f)'; |
|
333
|
|
|
break; |
|
334
|
|
|
case 'Yes': |
|
335
|
|
|
$color = 'rgba(255,0,0,%.1f)'; |
|
336
|
|
|
} |
|
337
|
|
|
|
|
338
|
|
|
$alpha = (is_numeric($val)AND($key=='type')) ? round($val/100,1) : 1.0; |
|
|
|
|
|
|
339
|
|
|
$bg = sprintf(" style=\"background-color: $color\"", $alpha); |
|
340
|
|
|
printf ('<td%s>%s</td>',$bg, $val); |
|
341
|
|
|
} |
|
342
|
|
|
} |
|
343
|
|
|
} |
|
344
|
|
|
?> |
|
|
|
|
|
|
345
|
|
|
|
falon /
RBL
Loading history...
An exit expression should only be used in rare cases. For example, if you write a short command line script.
In most cases however, using an
exitexpression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.