1 /*
2  * Copyright (c) 2007-2012, Vsevolod Stakhov
3  * All rights reserved.
4 
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions are met:
7  * Redistributions of source code must retain the above copyright notice, this
8  * list of conditions and the following disclaimer. Redistributions in binary form
9  * must reproduce the above copyright notice, this list of conditions and the
10  * following disclaimer in the documentation and/or other materials provided with
11  * the distribution. Neither the name of the author nor the names of its
12  * contributors may be used to endorse or promote products derived from this
13  * software without specific prior written permission.
14 
15  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
16  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
17  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
18  * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
19  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
21  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
22  * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
23  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
24  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25  */
26 
27 
28 #ifndef CFG_FILE_H
29 #define CFG_FILE_H
30 
31 #include "config.h"
32 #include "util.h"
33 #include "pcre.h"
34 #include "upstream.h"
35 #include "radix.h"
36 #include "uthash.h"
37 
38 #ifdef WITH_DKIM
39 #include <dkim.h>
40 #endif
41 
42 #define COND_CONNECT_FLAG 0x1
43 #define COND_HELO_FLAG 0x2
44 #define COND_ENVFROM_FLAG 0x4
45 #define COND_ENVRCPT_FLAG 0x8
46 #define COND_HEADER_FLAG 0x10
47 #define COND_BODY_FLAG 0x20
48 
49 #define MAX_SPF_DOMAINS 1024
50 #define MAX_CLAMAV_SERVERS 32
51 #define MAX_SPAMD_SERVERS 32
52 #define MAX_CACHE_SERVERS 32
53 #define DEFAULT_MEMCACHED_PORT 11211
54 #define DEFAULT_CLAMAV_PORT 3310
55 #define DEFAULT_SPAMD_PORT 11333
56 /* Clamav timeouts */
57 #define DEFAULT_CLAMAV_CONNECT_TIMEOUT 1000
58 #define DEFAULT_CLAMAV_PORT_TIMEOUT 3000
59 #define DEFAULT_CLAMAV_RESULTS_TIMEOUT 20000
60 /* Spamd timeouts */
61 #define DEFAULT_SPAMD_CONNECT_TIMEOUT 1000
62 #define DEFAULT_SPAMD_RESULTS_TIMEOUT 20000
63 #define DEFAULT_SPAMD_RETRY_TIMEOUT 1000
64 #define DEFAULT_SPAMD_RETRY_COUNT 5
65 #define DEFAULT_RSPAMD_METRIC "default"
66 /* Memcached timeouts */
67 #define DEFAULT_MEMCACHED_CONNECT_TIMEOUT 1000
68 /* Upstream timeouts */
69 #define DEFAULT_UPSTREAM_ERROR_TIME 10
70 #define DEFAULT_UPSTREAM_DEAD_TIME 300
71 #define DEFAULT_UPSTREAM_MAXERRORS 10
72 
73 #define CACHE_SERVER_LIMITS 0
74 #define CACHE_SERVER_GREY 1
75 #define CACHE_SERVER_WHITE 2
76 #define CACHE_SERVER_ID 3
77 #define CACHE_SERVER_COPY 4
78 #define CACHE_SERVER_SPAM 5
79 
80 #define DEFAUL_SPAMD_REJECT "Spam message rejected; If this is not spam contact abuse team"
81 #define DEFAULT_GREYLISTED_MESSAGE "Try again later"
82 #define DEFAULT_SPAM_HEADER "X-Spam"
83 #define DEFAULT_SPAM_HEADER_VALUE "yes"
84 
85 #define MD5_SIZE 16
86 
87 #define yyerror parse_err
88 #define yywarn parse_warn
89 #define CFG_RLOCK() do { pthread_rwlock_rdlock (&cfg_mtx); } while (0)
90 #define CFG_WLOCK() do { pthread_rwlock_wrlock (&cfg_mtx); } while (0)
91 #define CFG_UNLOCK() do { pthread_rwlock_unlock (&cfg_mtx); } while (0)
92 
93 extern pthread_rwlock_t cfg_mtx;
94 
95 enum spamd_type {
96 	SPAMD_RSPAMD = 0
97 };
98 
99 typedef struct bucket_s {
100 	unsigned int burst;
101 	double rate;
102 } bucket_t;
103 
104 struct clamav_server {
105 	struct upstream up;
106 	int port;
107 	char *name;
108 };
109 
110 struct spamd_server {
111 	struct upstream up;
112 	enum spamd_type type;
113 	char *name;
114 	int port;
115 };
116 
117 struct cache_server {
118 	struct upstream up;
119 	char *addr;
120 	int port;
121 	bool is_redis;
122 };
123 
124 struct beanstalk_server {
125 	struct upstream up;
126 	int port;
127 	char *name;
128 };
129 
130 struct addr_list_entry {
131 	char *addr;
132 	size_t len;
133 	UT_hash_handle hh;
134 };
135 
136 struct dkim_hash_entry {
137 	char *name;
138 	UT_hash_handle hh;
139 };
140 
141 struct dkim_domain_entry {
142 	char *domain;
143 	char *selector;
144 	char *key;
145 	char *keyfile;
146 	size_t keylen;
147 	UT_hash_handle hh;
148 	unsigned int is_wildcard;
149 	unsigned int is_loaded;
150 };
151 
152 struct whitelisted_rcpt_entry {
153 	char *rcpt;
154 	size_t len;
155 	enum {
156 		WLIST_RCPT_USER = 0,
157 		WLIST_RCPT_DOMAIN,
158 		WLIST_RCPT_USERDOMAIN
159 	} type;
160 	UT_hash_handle hh;
161 };
162 
163 struct config_file {
164 	char *cfg_name;
165 	char *pid_file;
166 	char *temp_dir;
167 
168 	char *sock_cred;
169 	size_t sizelimit;
170 
171 	struct clamav_server clamav_servers[MAX_CLAMAV_SERVERS];
172 	unsigned int clamav_servers_num;
173 	unsigned int clamav_error_time;
174 	unsigned int clamav_dead_time;
175 	unsigned int clamav_maxerrors;
176 	unsigned int clamav_connect_timeout;
177 	unsigned int clamav_port_timeout;
178 	unsigned int clamav_results_timeout;
179 	radix_compressed_t *clamav_whitelist;
180 	unsigned int tempfiles_mode;
181 
182 	struct spamd_server spamd_servers[MAX_SPAMD_SERVERS];
183 	unsigned int spamd_servers_num;
184 	struct spamd_server extra_spamd_servers[MAX_SPAMD_SERVERS];
185 	unsigned int extra_spamd_servers_num;
186 	unsigned int spamd_error_time;
187 	unsigned int spamd_dead_time;
188 	unsigned int spamd_maxerrors;
189 	unsigned int spamd_connect_timeout;
190 	unsigned int spamd_results_timeout;
191 	radix_compressed_t *spamd_whitelist;
192 	char *spamd_reject_message;
193 	char *rspamd_metric;
194 	char *diff_dir;
195 	char *check_symbols;
196 	char *symbols_dir;
197 	char *trace_symbol;
198 	char *trace_addr;
199 	char *spam_header;
200 	char *spam_header_value;
201 	char *spam_bar_char;
202 	char *spamd_settings_id;
203 	struct whitelisted_rcpt_entry *extended_rcpts;
204 
205 	unsigned int spamd_retry_timeout;
206 	unsigned int spamd_retry_count;
207 
208 	pcre* special_mid_re;
209 
210 	struct cache_server cache_servers_limits[MAX_CACHE_SERVERS];
211 	unsigned int  cache_servers_limits_num;
212 	struct cache_server cache_servers_grey[MAX_CACHE_SERVERS];
213 	unsigned int  cache_servers_grey_num;
214 	struct cache_server cache_servers_white[MAX_CACHE_SERVERS];
215 	unsigned int  cache_servers_white_num;
216 	struct cache_server cache_servers_id[MAX_CACHE_SERVERS];
217 	unsigned int  cache_servers_id_num;
218 	struct cache_server cache_servers_copy[MAX_CACHE_SERVERS];
219 	unsigned int  cache_servers_copy_num;
220 	struct cache_server cache_servers_spam[MAX_CACHE_SERVERS];
221 	unsigned int  cache_servers_spam_num;
222 	unsigned int cache_error_time;
223 	unsigned int cache_dead_time;
224 	unsigned int cache_maxerrors;
225 	unsigned int cache_connect_timeout;
226 	char *cache_password;
227 	char *cache_dbname;
228 	char *cache_spam_channel;
229 	char *cache_copy_channel;
230 
231 	double cache_copy_prob;
232 
233 	unsigned send_cache_copy:1;
234 	unsigned send_cache_spam:1;
235 	unsigned send_cache_headers:1;
236 	unsigned send_cache_extra_diff:1;
237 	unsigned cache_use_redis:1;
238 	unsigned spamd_soft_fail:1;
239 	unsigned spamd_greylist:1;
240 	unsigned spamd_spam_add_header:1;
241 	unsigned spam_no_auth_header:1;
242 	unsigned extended_spam_headers:1;
243 	unsigned spamd_temp_fail:1;
244 	unsigned spamd_never_reject:1;
245 	unsigned use_dcc:1;
246 	unsigned strict_auth:1;
247 	unsigned weighted_clamav:1;
248 	unsigned greylisting_enable:1;
249 	unsigned ratelimit_enable:1;
250 	unsigned dkim_enable:1;
251 	unsigned compression_enable:1;
252 	unsigned rspamd_dkim_sign:1;
253 
254 	/* limits section */
255 	bucket_t limit_to;
256 	bucket_t limit_to_ip;
257 	bucket_t limit_to_ip_from;
258 	bucket_t limit_bounce_to;
259 	bucket_t limit_bounce_to_ip;
260 
261 	struct whitelisted_rcpt_entry *wlist_rcpt_limit;
262 	struct whitelisted_rcpt_entry *wlist_rcpt_global;
263 	struct addr_list_entry *bounce_addrs;
264 
265 	unsigned int greylisting_timeout;
266 	unsigned int greylisting_expire;
267 	unsigned int whitelisting_expire;
268 	char *id_prefix;
269 	char *grey_prefix;
270 	char *white_prefix;
271 	char *greylisted_message;
272 	radix_compressed_t *grey_whitelist_tree;
273 	radix_compressed_t *limit_whitelist_tree;
274 	radix_compressed_t *our_networks;
275 
276 	/* DKIM section */
277 	struct dkim_domain_entry *dkim_domains;
278 	unsigned dkim_relaxed_header:1;
279 	unsigned dkim_relaxed_body:1;
280 	unsigned dkim_sign_sha256:1;
281 	unsigned dkim_auth_only:1;
282 	unsigned dkim_fold_header:1;
283 	radix_compressed_t *dkim_ip_tree;
284 #ifdef WITH_DKIM
285 	DKIM_LIB *dkim_lib;
286 	struct dkim_hash_entry *headers;
287 #endif
288 
289 	/* Number of config reloads */
290 	unsigned int serial;
291 };
292 
293 int add_cache_server (struct config_file *cf, char *str, char *str2, int type);
294 int add_clamav_server (struct config_file *cf, char *str);
295 int add_spamd_server (struct config_file *cf, char *str, int is_extra);
296 void init_defaults (struct config_file *cfg);
297 void free_config (struct config_file *cfg);
298 int add_ip_radix (radix_compressed_t **tree, char *ipnet);
299 void add_rcpt_whitelist (struct whitelisted_rcpt_entry **head,
300 		const char *rcpt);
301 int is_whitelisted_rcpt (struct whitelisted_rcpt_entry **head, const char *str);
302 void clear_rcpt_whitelist (struct whitelisted_rcpt_entry **head);
303 char *trim_quotes (char *in);
304 
305 int yylex (void);
306 int yyparse (void);
307 void yyrestart (FILE *);
308 
309 void parse_err (const char *fmt, ...);
310 void parse_warn (const char *fmt, ...);
311 
312 struct mlfi_priv;
313 
314 #endif /* ifdef CFG_FILE_H */
315 /*
316  * vi:ts=4
317  */
318