1 /* 2 * Copyright (c) 2007-2012, Vsevolod Stakhov 3 * All rights reserved. 4 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions are met: 7 * Redistributions of source code must retain the above copyright notice, this 8 * list of conditions and the following disclaimer. Redistributions in binary form 9 * must reproduce the above copyright notice, this list of conditions and the 10 * following disclaimer in the documentation and/or other materials provided with 11 * the distribution. Neither the name of the author nor the names of its 12 * contributors may be used to endorse or promote products derived from this 13 * software without specific prior written permission. 14 15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND 16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 17 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 18 * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 21 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 22 * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 23 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 24 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26 27 28 #ifndef CFG_FILE_H 29 #define CFG_FILE_H 30 31 #include "config.h" 32 #include "util.h" 33 #include "pcre.h" 34 #include "upstream.h" 35 #include "radix.h" 36 #include "uthash.h" 37 38 #ifdef WITH_DKIM 39 #include <dkim.h> 40 #endif 41 42 #define COND_CONNECT_FLAG 0x1 43 #define COND_HELO_FLAG 0x2 44 #define COND_ENVFROM_FLAG 0x4 45 #define COND_ENVRCPT_FLAG 0x8 46 #define COND_HEADER_FLAG 0x10 47 #define COND_BODY_FLAG 0x20 48 49 #define MAX_SPF_DOMAINS 1024 50 #define MAX_CLAMAV_SERVERS 32 51 #define MAX_SPAMD_SERVERS 32 52 #define MAX_CACHE_SERVERS 32 53 #define DEFAULT_MEMCACHED_PORT 11211 54 #define DEFAULT_CLAMAV_PORT 3310 55 #define DEFAULT_SPAMD_PORT 11333 56 /* Clamav timeouts */ 57 #define DEFAULT_CLAMAV_CONNECT_TIMEOUT 1000 58 #define DEFAULT_CLAMAV_PORT_TIMEOUT 3000 59 #define DEFAULT_CLAMAV_RESULTS_TIMEOUT 20000 60 /* Spamd timeouts */ 61 #define DEFAULT_SPAMD_CONNECT_TIMEOUT 1000 62 #define DEFAULT_SPAMD_RESULTS_TIMEOUT 20000 63 #define DEFAULT_SPAMD_RETRY_TIMEOUT 1000 64 #define DEFAULT_SPAMD_RETRY_COUNT 5 65 #define DEFAULT_RSPAMD_METRIC "default" 66 /* Memcached timeouts */ 67 #define DEFAULT_MEMCACHED_CONNECT_TIMEOUT 1000 68 /* Upstream timeouts */ 69 #define DEFAULT_UPSTREAM_ERROR_TIME 10 70 #define DEFAULT_UPSTREAM_DEAD_TIME 300 71 #define DEFAULT_UPSTREAM_MAXERRORS 10 72 73 #define CACHE_SERVER_LIMITS 0 74 #define CACHE_SERVER_GREY 1 75 #define CACHE_SERVER_WHITE 2 76 #define CACHE_SERVER_ID 3 77 #define CACHE_SERVER_COPY 4 78 #define CACHE_SERVER_SPAM 5 79 80 #define DEFAUL_SPAMD_REJECT "Spam message rejected; If this is not spam contact abuse team" 81 #define DEFAULT_GREYLISTED_MESSAGE "Try again later" 82 #define DEFAULT_SPAM_HEADER "X-Spam" 83 #define DEFAULT_SPAM_HEADER_VALUE "yes" 84 85 #define MD5_SIZE 16 86 87 #define yyerror parse_err 88 #define yywarn parse_warn 89 #define CFG_RLOCK() do { pthread_rwlock_rdlock (&cfg_mtx); } while (0) 90 #define CFG_WLOCK() do { pthread_rwlock_wrlock (&cfg_mtx); } while (0) 91 #define CFG_UNLOCK() do { pthread_rwlock_unlock (&cfg_mtx); } while (0) 92 93 extern pthread_rwlock_t cfg_mtx; 94 95 enum spamd_type { 96 SPAMD_RSPAMD = 0 97 }; 98 99 typedef struct bucket_s { 100 unsigned int burst; 101 double rate; 102 } bucket_t; 103 104 struct clamav_server { 105 struct upstream up; 106 int port; 107 char *name; 108 }; 109 110 struct spamd_server { 111 struct upstream up; 112 enum spamd_type type; 113 char *name; 114 int port; 115 }; 116 117 struct cache_server { 118 struct upstream up; 119 char *addr; 120 int port; 121 bool is_redis; 122 }; 123 124 struct beanstalk_server { 125 struct upstream up; 126 int port; 127 char *name; 128 }; 129 130 struct addr_list_entry { 131 char *addr; 132 size_t len; 133 UT_hash_handle hh; 134 }; 135 136 struct dkim_hash_entry { 137 char *name; 138 UT_hash_handle hh; 139 }; 140 141 struct dkim_domain_entry { 142 char *domain; 143 char *selector; 144 char *key; 145 char *keyfile; 146 size_t keylen; 147 UT_hash_handle hh; 148 unsigned int is_wildcard; 149 unsigned int is_loaded; 150 }; 151 152 struct whitelisted_rcpt_entry { 153 char *rcpt; 154 size_t len; 155 enum { 156 WLIST_RCPT_USER = 0, 157 WLIST_RCPT_DOMAIN, 158 WLIST_RCPT_USERDOMAIN 159 } type; 160 UT_hash_handle hh; 161 }; 162 163 struct config_file { 164 char *cfg_name; 165 char *pid_file; 166 char *temp_dir; 167 168 char *sock_cred; 169 size_t sizelimit; 170 171 struct clamav_server clamav_servers[MAX_CLAMAV_SERVERS]; 172 unsigned int clamav_servers_num; 173 unsigned int clamav_error_time; 174 unsigned int clamav_dead_time; 175 unsigned int clamav_maxerrors; 176 unsigned int clamav_connect_timeout; 177 unsigned int clamav_port_timeout; 178 unsigned int clamav_results_timeout; 179 radix_compressed_t *clamav_whitelist; 180 unsigned int tempfiles_mode; 181 182 struct spamd_server spamd_servers[MAX_SPAMD_SERVERS]; 183 unsigned int spamd_servers_num; 184 struct spamd_server extra_spamd_servers[MAX_SPAMD_SERVERS]; 185 unsigned int extra_spamd_servers_num; 186 unsigned int spamd_error_time; 187 unsigned int spamd_dead_time; 188 unsigned int spamd_maxerrors; 189 unsigned int spamd_connect_timeout; 190 unsigned int spamd_results_timeout; 191 radix_compressed_t *spamd_whitelist; 192 char *spamd_reject_message; 193 char *rspamd_metric; 194 char *diff_dir; 195 char *check_symbols; 196 char *symbols_dir; 197 char *trace_symbol; 198 char *trace_addr; 199 char *spam_header; 200 char *spam_header_value; 201 char *spam_bar_char; 202 char *spamd_settings_id; 203 struct whitelisted_rcpt_entry *extended_rcpts; 204 205 unsigned int spamd_retry_timeout; 206 unsigned int spamd_retry_count; 207 208 pcre* special_mid_re; 209 210 struct cache_server cache_servers_limits[MAX_CACHE_SERVERS]; 211 unsigned int cache_servers_limits_num; 212 struct cache_server cache_servers_grey[MAX_CACHE_SERVERS]; 213 unsigned int cache_servers_grey_num; 214 struct cache_server cache_servers_white[MAX_CACHE_SERVERS]; 215 unsigned int cache_servers_white_num; 216 struct cache_server cache_servers_id[MAX_CACHE_SERVERS]; 217 unsigned int cache_servers_id_num; 218 struct cache_server cache_servers_copy[MAX_CACHE_SERVERS]; 219 unsigned int cache_servers_copy_num; 220 struct cache_server cache_servers_spam[MAX_CACHE_SERVERS]; 221 unsigned int cache_servers_spam_num; 222 unsigned int cache_error_time; 223 unsigned int cache_dead_time; 224 unsigned int cache_maxerrors; 225 unsigned int cache_connect_timeout; 226 char *cache_password; 227 char *cache_dbname; 228 char *cache_spam_channel; 229 char *cache_copy_channel; 230 231 double cache_copy_prob; 232 233 unsigned send_cache_copy:1; 234 unsigned send_cache_spam:1; 235 unsigned send_cache_headers:1; 236 unsigned send_cache_extra_diff:1; 237 unsigned cache_use_redis:1; 238 unsigned spamd_soft_fail:1; 239 unsigned spamd_greylist:1; 240 unsigned spamd_spam_add_header:1; 241 unsigned spam_no_auth_header:1; 242 unsigned extended_spam_headers:1; 243 unsigned spamd_temp_fail:1; 244 unsigned spamd_never_reject:1; 245 unsigned use_dcc:1; 246 unsigned strict_auth:1; 247 unsigned weighted_clamav:1; 248 unsigned greylisting_enable:1; 249 unsigned ratelimit_enable:1; 250 unsigned dkim_enable:1; 251 unsigned compression_enable:1; 252 unsigned rspamd_dkim_sign:1; 253 254 /* limits section */ 255 bucket_t limit_to; 256 bucket_t limit_to_ip; 257 bucket_t limit_to_ip_from; 258 bucket_t limit_bounce_to; 259 bucket_t limit_bounce_to_ip; 260 261 struct whitelisted_rcpt_entry *wlist_rcpt_limit; 262 struct whitelisted_rcpt_entry *wlist_rcpt_global; 263 struct addr_list_entry *bounce_addrs; 264 265 unsigned int greylisting_timeout; 266 unsigned int greylisting_expire; 267 unsigned int whitelisting_expire; 268 char *id_prefix; 269 char *grey_prefix; 270 char *white_prefix; 271 char *greylisted_message; 272 radix_compressed_t *grey_whitelist_tree; 273 radix_compressed_t *limit_whitelist_tree; 274 radix_compressed_t *our_networks; 275 276 /* DKIM section */ 277 struct dkim_domain_entry *dkim_domains; 278 unsigned dkim_relaxed_header:1; 279 unsigned dkim_relaxed_body:1; 280 unsigned dkim_sign_sha256:1; 281 unsigned dkim_auth_only:1; 282 unsigned dkim_fold_header:1; 283 radix_compressed_t *dkim_ip_tree; 284 #ifdef WITH_DKIM 285 DKIM_LIB *dkim_lib; 286 struct dkim_hash_entry *headers; 287 #endif 288 289 /* Number of config reloads */ 290 unsigned int serial; 291 }; 292 293 int add_cache_server (struct config_file *cf, char *str, char *str2, int type); 294 int add_clamav_server (struct config_file *cf, char *str); 295 int add_spamd_server (struct config_file *cf, char *str, int is_extra); 296 void init_defaults (struct config_file *cfg); 297 void free_config (struct config_file *cfg); 298 int add_ip_radix (radix_compressed_t **tree, char *ipnet); 299 void add_rcpt_whitelist (struct whitelisted_rcpt_entry **head, 300 const char *rcpt); 301 int is_whitelisted_rcpt (struct whitelisted_rcpt_entry **head, const char *str); 302 void clear_rcpt_whitelist (struct whitelisted_rcpt_entry **head); 303 char *trim_quotes (char *in); 304 305 int yylex (void); 306 int yyparse (void); 307 void yyrestart (FILE *); 308 309 void parse_err (const char *fmt, ...); 310 void parse_warn (const char *fmt, ...); 311 312 struct mlfi_priv; 313 314 #endif /* ifdef CFG_FILE_H */ 315 /* 316 * vi:ts=4 317 */ 318