spam.m4: Quote the arguments to the Userv service properly.

[exim-config] / spam.m4

### -*-m4-*-
###
### Spam filtering for distorted.org.uk Exim configuration
###
### (c) 2012 Mark Wooding
###

###----- Licensing notice ---------------------------------------------------
###
### This program is free software; you can redistribute it and/or modify
### it under the terms of the GNU General Public License as published by
### the Free Software Foundation; either version 2 of the License, or
### (at your option) any later version.
###
### This program is distributed in the hope that it will be useful,
### but WITHOUT ANY WARRANTY; without even the implied warranty of
### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
### GNU General Public License for more details.
###
### You should have received a copy of the GNU General Public License
### along with this program; if not, write to the Free Software Foundation,
### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

DIVERT(null)
###--------------------------------------------------------------------------
### Spam filtering.

## The Exim documentation tells lies.
##
## : *${run{*<_command_>* *<_args_>*}{*<_string1_>*}{*<_string2_>*}}*
## :     The command and its arguments are first expanded separately, [...]
##
## They aren't.  The whole command-and-args are expanded together, and then
## split at unquoted spaces.  This unpleasant hack sorts out the mess.
m4_define(<:SHQUOTE:>, <:"${rxquote:$1}":>)

SECTION(global, policy)m4_dnl
spamd_address = CONF_spamd_address CONF_spamd_port

SECTION(routers, allspam)m4_dnl
## If we're verifying an address and the recipient has a `~/.mail/spam-limit'
## file, then look up the recipient and sender addresses to find a plausible
## limit and insert it into the `address_data' where the RCPT ACL can find
## it.  This router always declines, so it doesn't affect the overall outcome
## of the verification.
fetch_spam_limit:
        driver = redirect
        data = :unknown:
        verify_only = true
        local_part_suffix = CONF_user_suffix_list
        local_part_suffix_optional = true
        check_local_user
        address_data = \
                ${if def:address_data {$address_data}{}} \
                ${if and {{!eq{$acl_c_mode}{submission}} \
                          {exists {CONF_userconf_dir/spam-limit}}} \
                     {${lookup {$local_part_prefix\
                                        $local_part\
                                        $local_part_suffix\
                                        @$domain/\
                                        $sender_address} \
                               nwildlsearch {CONF_userconf_dir/spam-limit} \
                               {${if match{$value}{\N^-?[0-9]+$\N} \
                                     {spam_limit=$value} \
                                     {}}} \
                               {}}} \
                     {}} \
                ${if and {{!eq{$acl_c_mode}{submission}} \
                          {exists {CONF_userconf_dir/spam-limit.userv}}} \
                     {${run {timeout 5s -- \
                                userv SHQUOTE($local_part) exim-spam-limit \
                                        SHQUOTE($sender_address) \
                                        SHQUOTE($local_part_prefix) \
                                        SHQUOTE($local_part) \
                                        SHQUOTE($local_part_suffix) \
                                        SHQUOTE(@$domain)} \
                            {${if match{$value}{\N^-?[0-9]+$\N} \
                                  {spam_limit=$value} \
                                  {}}} \
                            {}}} \
                     {}}

SECTION(acl, rcpt-hooks)m4_dnl
        ## Do per-recipient spam-filter processing.
        require  acl = rcpt_spam

SECTION(acl, misc)m4_dnl
skip_spam_check:

        ## If the client is trusted, or this is a new submission, don't
        ## bother with any of this.  We will have verified the sender
        ## fairly aggressively before granting this level of trust.
        accept   hosts = +trusted
        accept   condition = ${if eq{$acl_c_mode}{submission}}

        ## Otherwise we should check.
        deny

rcpt_spam:

        ## See if we should do this check.
        accept   acl = skip_spam_check

        ## Always accept mail to `postmaster'.  Currently this is not
        ## negotiable; maybe a tweak can be added to `domains.conf' if
        ## necessary.
        accept   local_parts = postmaster

        ## Collect the user's spam threshold from the `address_data'
        ## variable, where it was left by the `fetch_spam_limit' router
        ## during recipient verification.  (This just saves duplicating this
        ## enormous expression.)
        warn     set acl_m_this_spam_limit = \
                        ${sg {${extract {spam_limit} \
                                        {${if def:address_data \
                                              {$address_data}{}}} \
                                        {$value}{nil}}} \
                             {^(|.*\\D.*)\$}{CONF_spam_max}}

        ## If there's a spam limit already established, and it's different
        ## from this user's limit, then the sender will have to try this user
        ## again later.
        defer   !hosts = +trusted
                 message = "You'd better try this one later"
                 condition = ${if def:acl_m_spam_limit {true}{false}}
                 condition = ${if ={$acl_m_spam_limit} \
                                   {$acl_m_this_spam_limit} \
                                  {false}{true}}

        ## There's no limit set yet, or the user's limit is the same as the
        ## existing one, or the client's local and we're not checking for
        ## spam anyway.  Whichever way, it's safe to set it now.
        warn     set acl_m_spam_limit = $acl_m_this_spam_limit

        ## All done.
        accept

SECTION(acl, data-spam)m4_dnl
        ## Do spam checking.
        require  acl = data_spam

SECTION(acl, misc)m4_dnl
data_spam:

        ## See if we should do this check.
        accept   acl = skip_spam_check

        ## Check header validity.
        require  verify = header_syntax

        ## Check the message for spam, comparing to the configured limit.
        deny     spam = exim:true
                 message = Tinned meat product detected ($spam_score)
                 condition = ${if >{$spam_score_int}{$acl_m_spam_limit} \
                                  {true}{false}}

        ## Insert headers from the spam check now that we've decided to
        ## accept the message.
        warn

                 ## Convert the limit (currently 10x fixed point) into a
                 ## decimal for presentation.
                 set acl_m_spam_limit_presentation = \
                        ${sg{$acl_m_spam_limit}{\N(\d)$\N}{.\$1}}

                 ## Convert the report into something less obnoxious.  Plain
                 ## old SpamAssassin has an `X-Spam-Status' header which
                 ## lists the matched rules and provides some other basic
                 ## information.  Try to extract something similar from the
                 ## report.
                 ##
                 ## This is rather fiddly.

                 ## Firstly, escape angle brackets, because we'll be using
                 ## them for our own purposes.
                 set acl_m_spam_tests = ${sg{$spam_report}{([!<>])}{!\$1}}

                 ## Trim off the blurb paragraph and the preview.  The rest
                 ## should be fairly well behaved.  Wrap double angle-
                 ## brackets around the remainder; these can't appear in the
                 ## body because we escaped them all earlier.
                 set acl_m_spam_tests = \
                        ${sg{$acl_m_spam_tests} \
                            {\N^(?s).*\n Content analysis details:(.*)$\N} \
                            {<<\$1>>}}

                 ## Extract the information about the matching rules and
                 ## their scores.  Leave `<<...>>' around everything else.
                 set acl_m_spam_tests = \
                        ${sg{$acl_m_spam_tests} \
                            {\N(?s)\n\s*(-?[\d.]+)\s+([-\w]+)\s\N} \
                            {>>\$2:\$1,<<}}

                 ## Strip everything still in `<<...>>' pairs, including any
                 ## escaped characters inside.
                 set acl_m_spam_tests = \
                        ${sg{$acl_m_spam_tests}{\N(?s)<<([^!>]+|!.)*>>\N}{}}

                 ## Trim off a trailing comma.
                 set acl_m_spam_tests = ${sg{$acl_m_spam_tests}{,\s*\$}{}}

                 ## Undo the escaping.
                 set acl_m_spam_tests = ${sg{$acl_m_spam_tests}{!(.)}{\$1}}

                 ## Insert the headers.
                 add_header = X-SpamAssassin-Score: \
                        $spam_score/$acl_m_spam_limit_presentation \
                        ($spam_bar)
                 add_header = X-SpamAssassin-Status: \
                        score=$spam_score, \
                        limit=$acl_m_spam_limit_presentation, \n\t\
                        tests=$acl_m_spam_tests

        ## We're good.
        accept

DIVERT(null)
###----- That's all, folks --------------------------------------------------