1#!/usr/local/bin/bash 2# 3# MailScanner - SMTP E-Mail Virus Scanner 4# Copyright (C) 2002-2017 Julian Field, Thom van der Boon 5# 6# $Id: update_bad_safe_phishing_sites 3982 2017-08-22 09:00:39Z sysjkf $ 7# 8# This program is free software; you can redistribute it and/or modify 9# it under the terms of the GNU General Public License as published by 10# the Free Software Foundation; either version 2 of the License, or 11# (at your option) any later version. 12# 13# This program is distributed in the hope that it will be useful, 14# but WITHOUT ANY WARRANTY; without even the implied warranty of 15# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16# GNU General Public License for more details. 17# 18# You should have received a copy of the GNU General Public License 19# along with this program; if not, write to the Free Software 20# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 21# 22# 23 24# set your options here 25# 26#CONFIGDIR='/opt/MailScanner/etc'; 27CONFIGDIR='/etc/MailScanner'; 28BADURL='http://phishing.mailscanner.info/phishing.bad.sites.conf.gz'; 29SAFEURL='http://phishing.mailscanner.info/phishing.safe.sites.conf.gz'; 30MSSTARTSCRIPT='/etc/init.d/mailscanner'; 31MSSERVICENAME='mailscanner.service'; 32PIDFile=`ms-peek 'PID file' $CONFIGDIR/MailScanner.conf` 33 34DEBUG=0 35 36PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/etc:/usr/local/bin:/usr/sfw/bin 37export PATH 38 39if [ -d $CONFIGDIR ]; then 40 cd $CONFIGDIR 41else 42 logger -p mail.warn -t update.phishing.sites Cannot find MailScanner configuration directory, update failed. 43 echo Cannot find MailScanner configuration directory. 44 echo Auto-updates of phishing.bad.sites.conf and phishing.safe.sites.conf will not happen. 45 exit 1 46fi 47 48SYSLOG=`/usr/sbin/ms-peek SyslogFacility MailScanner.conf` 49 50if [ "x$SYSLOG" == "x" ]; then 51 SYSLOG="mail" 52fi 53 54# Load MailScanner Defaults 55if [ -f $CONFIGDIR/defaults ] ; then 56 . $CONFIGDIR/defaults 57fi 58 59gotAnError=0 60 61if [ -z "$ms_cron_ps_restart" ]; then 62 echo 'ms_cron_ps_restart not found in defaults. Adding....' 63 echo '' >> $CONFIGDIR/defaults 64 echo '' >> $CONFIGDIR/defaults 65 echo '# Restart MailScanner after Update Safe/Bad Phishing sites' >> $CONFIGDIR/defaults 66 echo '#' >> $CONFIGDIR/defaults 67 echo '# Restart MailScanner after update of the Safe/Bad Phishing sites files.' >> $CONFIGDIR/defaults 68 echo '# This is disabled by default.' >> $CONFIGDIR/defaults 69 echo '#' >> $CONFIGDIR/defaults 70 echo '# This is executed during the DAILY cron option. 0 = off, 1 = on' >> $CONFIGDIR/defaults 71 echo '#' >> $CONFIGDIR/defaults 72 echo '' >> $CONFIGDIR/defaults 73 echo 'ms_cron_ps_restart=0' >> $CONFIGDIR/defaults 74 ms_cron_ps_restart=0; 75fi 76 77# check for the custom config file and create if missing 78if [ ! -f $CONFIGDIR/phishing.bad.sites.custom ]; then 79 echo '# Add your custom Phishing bad sites to the' > $CONFIGDIR/phishing.bad.sites.custom 80 echo '# phishing.bad.sites.custom file in your MailScanner' >> $CONFIGDIR/phishing.bad.sites.custom 81 echo '# directory. Note that phishing.bad.sites.conf is' >> $CONFIGDIR/phishing.bad.sites.custom 82 echo '# overwritten when ms-update-phishing is executed.' >> $CONFIGDIR/phishing.bad.sites.custom 83 echo '#' >> $CONFIGDIR/phishing.bad.sites.custom 84fi 85 86# check for the custom config file and create if missing 87if [ ! -f $CONFIGDIR/phishing.safe.sites.custom ]; then 88 echo '# Add your custom Phishing safe sites to the' > $CONFIGDIR/phishing.safe.sites.custom 89 echo '# phishing.safe.sites.custom file in your MailScanner' >> $CONFIGDIR/phishing.safe.sites.custom 90 echo '# directory. Note that phishing.safe.sites.conf is' >> $CONFIGDIR/phishing.safe.sites.custom 91 echo '# overwritten when ms-update-phishing is executed.' >> $CONFIGDIR/phishing.safe.sites.custom 92 echo '#' >> $CONFIGDIR/phishing.safe.sites.custom 93fi 94 95# Sanity check for regular config files, create if missing 96[ ! -f $CONFIGDIR/phishing.safe.sites.conf ] && touch $CONFIGDIR/phishing.safe.sites.conf 97[ ! -f $CONFIGDIR/phishing.bad.sites.conf ] && touch $CONFIGDIR/phishing.bad.sites.conf 98 99if hash curl 2>/dev/null; then 100 [ $DEBUG -eq 1 ] && echo 'Found curl' 101 CURLORWGET='curl'; 102else 103 if hash wget 2>/dev/null; then 104 [ $DEBUG -eq 1 ] && echo 'Found wget' 105 CURLORWGET='wget'; 106 else 107 logger -p $SYSLOG.warn -t update.bad.phishing.sites Cannot find wget or curl, update failed. ; echo Cannot find wget or curl to do phishing sites update. ; exit 1 108 fi 109fi 110 111[ $DEBUG -eq 1 ] && echo Trying to update phishing.bad.sites.conf.master.... 112 113bad_updated=1; 114 115if [ $CURLORWGET = 'curl' ]; then 116 curl -S -A "msv5 Update Script v0.2.0" -z $CONFIGDIR/phishing.bad.sites.conf.master.gz -o $CONFIGDIR/phishing.bad.sites.conf.master.gz $BADURL &> /dev/null 117 if [ "$?" = "0" ]; then 118 gunzip -f $CONFIGDIR/phishing.bad.sites.conf.master.gz 119 [ $DEBUG -eq 1 ] && echo Check or download phishing.bad.sites.conf.master completed OK. 120 if [ -r $CONFIGDIR/phishing.bad.sites.conf.master.backup ]; then 121 if [ $CONFIGDIR/phishing.bad.sites.conf.master -nt $CONFIGDIR/phishing.bad.sites.conf.master.backup ]; then 122 filesize=$(wc -l < $CONFIGDIR/phishing.bad.sites.conf.master) 123 if [ $filesize -gt 1000 ]; then 124 [ $DEBUG -eq 1 ] && echo Download fresh phishing.bad.sites.conf.master succeeded, so make a backup 125 cp -f $CONFIGDIR/phishing.bad.sites.conf.master $CONFIGDIR/phishing.bad.sites.conf.master.backup 126 else 127 [ $DEBUG -eq 1 ] && echo Check phishing.bad.sites.conf.master failed: It looks corrupt 128 rm -f $CONFIGDIR/phishing.bad.sites.conf.master 129 logger -p $SYSLOG.warn -t update.bad.phishing.sites Downloaded bad phishing site master file is corrupt, update failed. ; echo "Downloaded bad phishing site master file is corrupt, removing it." ; 130 gotAnError=1 131 fi 132 else 133 [ $DEBUG -eq 1 ] && echo Remote phishing.bad.sites.conf.master not newer than local copy.... everything OK 134 bad_updated=0 135 fi 136 else 137 filesize=$(wc -l < $CONFIGDIR/phishing.bad.sites.conf.master) 138 if [ $filesize -gt 1000 ]; then 139 [ $DEBUG -eq 1 ] && echo Download fresh phishing.bad.sites.conf.master succeeded, so make a backup 140 cp -f $CONFIGDIR/phishing.bad.sites.conf.master $CONFIGDIR/phishing.bad.sites.conf.master.backup 141 else 142 [ $DEBUG -eq 1 ] && echo Check phishing.bad.sites.conf.master failed: It looks corrupt 143 rm -f $CONFIGDIR/phishing.bad.sites.conf.master 144 logger -p $SYSLOG.warn -t update.bad.phishing.sites Downloaded bad phishing site master file is corrupt, update failed. ; echo "Downloaded bad phishing site master file is corrupt, removing it." ; 145 gotAnError=1 146 fi 147 fi 148 else 149 logger -p $SYSLOG.warn -t update.bad.phishing.sites Updating using curl failed, trying wget. ; echo Updating using curl failed, trying wget. ; CURLORWGET='wget'; 150 fi 151fi 152 153if [ $CURLORWGET = 'wget' ]; then 154 echo Trying wget.... 155 wget -q --user-agent="msv5 Update Script v0.2.0" --no-check-certificate -N -O phishing.bad.sites.conf.master.gz $BADURL 156 if [ "$?" = "0" ]; then 157 gunzip -f $CONFIGDIR/phishing.bad.sites.conf.master.gz 158 [ $DEBUG -eq 1 ] && echo Check or download phishing.bad.sites.conf.master completed OK. 159 if [ -r $CONFIGDIR/phishing.bad.sites.conf.master.backup ]; then 160 if [ $CONFIGDIR/phishing.bad.sites.conf.master -nt $CONFIGDIR/phishing.bad.sites.conf.master.backup ]; then 161 filesize=$(wc -l < $CONFIGDIR/phishing.bad.sites.conf.master) 162 if [ $filesize -gt 1000 ]; then 163 [ $DEBUG -eq 1 ] && echo Download fresh phishing.bad.sites.conf.master succeeded, so make a backup 164 cp -f $CONFIGDIR/phishing.bad.sites.conf.master $CONFIGDIR/phishing.bad.sites.conf.master.backup 165 else 166 [ $DEBUG -eq 1 ] && echo Check phishing.bad.sites.conf.master failed: It looks corrupt 167 rm -f $CONFIGDIR/phishing.bad.sites.conf.master 168 logger -p $SYSLOG.warn -t update.bad.phishing.sites Downloaded bad phishing site master file is corrupt, removing it. ; echo "Downloaded bad phishing site master file is corrupt, removing it." ; 169 gotAnError=1 170 fi 171 else 172 [ $DEBUG -eq 1 ] && echo Remote phishing.bad.sites.conf.master not newer than local copy.... everything OK 173 bad_updated=0 174 fi 175 else 176 filesize=$(wc -l < $CONFIGDIR/phishing.bad.sites.conf.master) 177 if [ $filesize -gt 1000 ]; then 178 [ $DEBUG -eq 1 ] && echo Download fresh phishing.bad.sites.conf.master succeeded, so make a backup 179 cp -f $CONFIGDIR/phishing.bad.sites.conf.master $CONFIGDIR/phishing.bad.sites.conf.master.backup 180 else 181 [ $DEBUG -eq 1 ] && echo Check phishing.bad.sites.conf.master failed: It looks corrupt 182 rm -f $CONFIGDIR/phishing.bad.sites.conf.master 183 logger -p $SYSLOG.warn -t update.bad.phishing.sites Downloaded bad phishing site master file is corrupt, removing it. ; echo "Downloaded bad phishing site master file is corrupt, removing it." ; 184 gotAnError=1 185 fi 186 fi 187 else 188 rm -f $CONFIGDIR/phishing.bad.sites.conf.master 189 logger -p $SYSLOG.warn -t update.bad.phishing.sites The curl/wget download of the bad phishing site master file failed. Removing whatever was downloaded.; echo The curl/wget download of the bad phishing site master file failed. Removing whatever was downloaded.; 190 gotAnError=1 191 fi 192fi 193 194bad_custom_time=$(stat -c %Y phishing.bad.sites.custom) 195bad_conf_time=$(stat -c %Y phishing.bad.sites.conf) 196if [ $bad_custom_time -ge $bad_conf_time ]; then 197 bad_updated=1 198fi 199 200if [ $bad_updated -ge 1 ]; then 201 if [ -s phishing.bad.sites.conf.master ]; then 202 [ $DEBUG -eq 1 ] && echo Creating fresh phishing.bad.sites.conf.... 203 cat phishing.bad.sites.custom phishing.bad.sites.conf.master | \ 204 uniq > phishing.bad.sites.conf.new 205 rm -f phishing.bad.sites.conf 206 mv -f phishing.bad.sites.conf.new phishing.bad.sites.conf 207 chmod a+r phishing.bad.sites.conf 208 [ $DEBUG -eq 1 ] && echo Creation of fresh phishing.bad.sites.conf is OK 209 logger -p $SYSLOG.info -t update.bad.phishing.sites Phishing bad sites list updated 210 else 211 logger -p $SYSLOG.info -t update.bad.phishing.sites The phishing bad sites master file does not exist or is not readable. Update failed! ; echo "The phishing bad sites master file does not exist or is not readable. Update failed!" ; 212 gotAnError=1 213 bad_updated=0 214 fi 215fi 216 217[ $DEBUG -eq 1 ] && echo Trying to update phishing.safe.sites.conf.master.... 218 219safe_updated=1; 220 221if [ $CURLORWGET = 'curl' ]; then 222 curl -S -A "msv5 Update Script v0.2.0" -z $CONFIGDIR/phishing.safe.sites.conf.master.gz -o $CONFIGDIR/phishing.safe.sites.conf.master.gz $SAFEURL &> /dev/null 223 if [ "$?" = "0" ]; then 224 gunzip -f $CONFIGDIR/phishing.safe.sites.conf.master.gz 225 [ $DEBUG -eq 1 ] && echo Check or download phishing.safe.sites.conf.master completed OK. 226 if [ -r $CONFIGDIR/phishing.safe.sites.conf.master.backup ]; then 227 if [ $CONFIGDIR/phishing.safe.sites.conf.master -nt $CONFIGDIR/phishing.safe.sites.conf.master.backup ]; then 228 filesize=$(wc -l < $CONFIGDIR/phishing.safe.sites.conf.master) 229 if [ $filesize -gt 500 ]; then 230 [ $DEBUG -eq 1 ] && echo Download fresh phishing.safe.sites.conf.master succeeded, so make a backup 231 cp -f $CONFIGDIR/phishing.safe.sites.conf.master $CONFIGDIR/phishing.safe.sites.conf.master.backup 232 else 233 [ $DEBUG -eq 1 ] && echo Check phishing.safe.sites.conf.master failed: It looks corrupt 234 rm -f $CONFIGDIR/phishing.safe.sites.conf.master 235 logger -p $SYSLOG.warn -t update.safe.phishing.sites Downloaded safe phishing site master file is corrupt, update failed. ; echo "Downloaded safe phishing site master file is corrupt, removing it." ; 236 gotAnError=1 237 fi 238 else 239 [ $DEBUG -eq 1 ] && echo Remote phishing.safe.sites.conf.master not newer than local copy.... everything OK 240 safe_updated=0 241 fi 242 else 243 filesize=$(wc -l < $CONFIGDIR/phishing.safe.sites.conf.master) 244 if [ $filesize -gt 500 ]; then 245 [ $DEBUG -eq 1 ] && echo Download fresh phishing.safe.sites.conf.master succeeded, so make a backup 246 cp -f $CONFIGDIR/phishing.safe.sites.conf.master $CONFIGDIR/phishing.safe.sites.conf.master.backup 247 else 248 [ $DEBUG -eq 1 ] && echo Check phishing.safe.sites.conf.master failed: It looks corrupt 249 rm -f $CONFIGDIR/phishing.safe.sites.conf.master 250 logger -p $SYSLOG.warn -t update.safe.phishing.sites Downloaded safe phishing site master file is corrupt, update failed. ; echo "Downloaded safe phishing site master file is corrupt, removing it." ; 251 gotAnError=1 252 fi 253 fi 254 else 255 logger -p $SYSLOG.warn -t update.safe.phishing.sites Updating using curl failed, trying wget. ; echo Updating using curl failed, trying wget. ; CURLORWGET='wget'; 256 fi 257fi 258 259if [ $CURLORWGET = 'wget' ]; then 260 echo Trying wget.... 261 wget -q --user-agent="msv5 Update Script v0.2.0" --no-check-certificate -N -O phishing.safe.sites.conf.master.gz $SAFEURL 262 if [ "$?" = "0" ]; then 263 gunzip -f $CONFIGDIR/phishing.safe.sites.conf.master.gz 264 [ $DEBUG -eq 1 ] && echo Check or download phishing.safe.sites.conf.master completed OK. 265 if [ -r $CONFIGDIR/phishing.safe.sites.conf.master.backup ]; then 266 if [ $CONFIGDIR/phishing.safe.sites.conf.master -nt $CONFIGDIR/phishing.safe.sites.conf.master.backup ]; then 267 filesize=$(wc -l < $CONFIGDIR/phishing.safe.sites.conf.master) 268 if [ $filesize -gt 500 ]; then 269 [ $DEBUG -eq 1 ] && echo Download fresh phishing.safe.sites.conf.master succeeded, so make a backup 270 cp -f $CONFIGDIR/phishing.safe.sites.conf.master $CONFIGDIR/phishing.safe.sites.conf.master.backup 271 else 272 [ $DEBUG -eq 1 ] && echo Check phishing.safe.sites.conf.master failed: It looks corrupt 273 rm -f $CONFIGDIR/phishing.safe.sites.conf.master 274 logger -p $SYSLOG.warn -t update.safe.phishing.sites Downloaded safe phishing site master file is corrupt, removing it. ; echo "Downloaded safe phishing site master file is corrupt, removing it." ; 275 fi 276 else 277 [ $DEBUG -eq 1 ] && echo Remote phishing.safe.sites.conf.master not newer than local copy.... everything OK 278 safe_updated=0 279 fi 280 else 281 filesize=$(wc -l < $CONFIGDIR/phishing.safe.sites.conf.master) 282 if [ $filesize -gt 500 ]; then 283 [ $DEBUG -eq 1 ] && echo Download fresh phishing.safe.sites.conf.master succeeded, so make a backup 284 cp -f $CONFIGDIR/phishing.safe.sites.conf.master $CONFIGDIR/phishing.safe.sites.conf.master.backup 285 else 286 [ $DEBUG -eq 1 ] && echo Check phishing.safe.sites.conf.master failed: It looks corrupt 287 rm -f $CONFIGDIR/phishing.safe.sites.conf.master 288 logger -p $SYSLOG.warn -t update.safe.phishing.sites Downloaded safe phishing site master file is corrupt, removing it. ; echo "Downloaded safe phishing site master file is corrupt, removing it." ; 289 gotAnError=1 290 fi 291 fi 292 else 293 rm -f $CONFIGDIR/phishing.safe.sites.conf.master 294 logger -p $SYSLOG.warn -t update.safe.phishing.sites The curl/wget download of the safe phishing site master file failed. Removing whatever was downloaded.; echo The curl/wget download of the safe phishing site master file failed. Removing whatever was downloaded.; 295 gotAnError=1 296 fi 297fi 298 299safe_custom_time=$(stat -c %Y phishing.safe.sites.custom) 300safe_conf_time=$(stat -c %Y phishing.safe.sites.conf) 301if [ $safe_custom_time -ge $safe_conf_time ]; then 302 safe_updated=1 303fi 304 305if [ $safe_updated -ge 1 ]; then 306 if [ -s phishing.safe.sites.conf.master ]; then 307 [ $DEBUG -eq 1 ] && echo Creating fresh phishing.safe.sites.conf.... 308 cat phishing.safe.sites.custom phishing.safe.sites.conf.master | \ 309 uniq > phishing.safe.sites.conf.new 310 rm -f phishing.safe.sites.conf 311 mv -f phishing.safe.sites.conf.new phishing.safe.sites.conf 312 chmod a+r phishing.safe.sites.conf 313 [ $DEBUG -eq 1 ] && echo Creation of fresh phishing.safe.sites.conf is OK 314 logger -p $SYSLOG.info -t update.safe.phishing.sites Phishing safe sites list updated 315 else 316 logger -p $SYSLOG.info -t update.safe.phishing.sites The phishing safe sites master file does not exist or is not readable. Update failed! ; echo "The phishing safe sites master file does not exist or is not readable. Update failed!" ; 317 gotAnError=1 318 safe_updated=0 319 fi 320fi 321 322updated=$(($bad_updated + $safe_updated)); 323 324 325if [ $updated -ge 1 ]; then 326 if [ "$ms_cron_ps_restart" = "1" ]; then 327 if [ ! -f /var/lock/subsys/MailScanner.off -a -f $PIDFile ]; then 328 logger -p $SYSLOG.info -t ms-update-phishing restart MailScanner.... 329 if [ -d /etc/systemd ]; then 330 systemctl restart $MSSERVICENAME >/dev/null 2>&1 331 if [ $? != 0 ] ; then 332 [ $DEBUG -eq 1 ] && echo "MailScanner reload failed - Retrying..." 333 systemctl restart $MSSERVICENAME >/dev/null 2>&1 334 if [ $? != 0 ] ; then 335 [ $DEBUG -eq 1 ] && echo "Stopping MailScanner..." 336 systemctl stop $MSSERVICENAME >/dev/null 2>&1 337 [ $DEBUG -eq 1 ] && echo "Waiting for a minute..." 338 perl -e "sleep 60;" 339 [ $DEBUG -eq 1 ] && echo "Attemping to start MailScanner..." 340 systemctl start $MSSERVICENAME >/dev/null 2>&1 341 fi 342 fi 343 else 344 if [ -s $MSSTARTSCRIPT ]; then 345 $MSSTARTSCRIPT restart >/dev/null 2>&1 346 if [ $? != 0 ] ; then 347 [ $DEBUG -eq 1 ] && echo "MailScanner reload failed - Retrying..." 348 $MSSTARTSCRIPT restart >/dev/null 2>&1 349 if [ $? != 0 ] ; then 350 [ $DEBUG -eq 1 ] && echo "Stopping MailScanner..." 351 $MSSTARTSCRIPT stop >/dev/null 2>&1 352 [ $DEBUG -eq 1 ] && echo "Waiting for a minute..." 353 perl -e "sleep 60;" 354 [ $DEBUG -eq 1 ] && echo "Attemping to start MailScanner..." 355 $MSSTARTSCRIPT start >/dev/null 2>&1 356 fi 357 fi 358 fi 359 fi 360 fi 361 fi 362fi 363 364exit ${gotAnError} 365