use google safe browsing hits to icrease spam score

diff --git a/PMG/Config.pm b/PMG/Config.pm
index 5970f9d9bfdab53d09e197ed428bf0ba48e3a469..27955ecc18d1221f9b68cbc1aa4cbf302b959284 100755 (executable)
--- a/PMG/Config.pm
+++ b/PMG/Config.pm
@@ -144,6 +144,13 @@ sub properties {
            description => "Whitelist legitimate bounce relays.",
            type => 'string',
        },
+       safe_browsing_score => {
+           description => "Score for mails listed in Google Safe Browsing database.",
+           type => 'integer',
+           minimum => 0,
+           maximum => 1000,
+           default => 3,
+       },
        bounce_score => {
            description => "Additional score for bounce mails.",
            type => 'integer',
@@ -172,6 +179,7 @@ sub options {
        wl_bounce_relays => { optional => 1 },
        languages => { optional => 1 },
        use_bayes => { optional => 1 },
+       safe_browsing_score => { optional => 1 },
        bounce_score => { optional => 1 },
        rbl_checks => { optional => 1 },
        maxspamsize => { optional => 1 },

diff --git a/PMG/RuleDB/Spam.pm b/PMG/RuleDB/Spam.pm
index ef4b118ab49bb9efdf9f4b24ba6684d3204e917a..aa43f6795591824684b9cb273f490214e517fe5a 100644 (file)
--- a/PMG/RuleDB/Spam.pm
+++ b/PMG/RuleDB/Spam.pm
@@ -348,11 +348,20 @@ sub analyze_spam {
     }
     $queue->{all_from_addrs} = [ keys %$fromhash ];
 
+    if (my $hit = $queue->{safe_browsing}) {
+       my $score = $queue->{safe_browsing_score};
+       my $descr = "Found in Google Safe Browsing database.";
+       my $rule = 'Safebrowsing';
+       $sa_score += $score;
+       $list .= $list ? ",$rule" : $rule;
+       push @$sa_scores, { score => $score, rule => $rule, desc => $descr };
+    }
+
     my ($csec, $usec) = gettimeofday ();
 
     my $spamtest = $queue->{sa};
 
-    # only run SA in testmode or when commtouch did not confirm spam (score < 5)
+    # only run SA in testmode or when safe_browsing did not confirm spam (score < 5)
     # do not run SA if mail is too large
     if (($queue->{bytes} <= $maxspamsize) && 
        ($msginfo->{testmode} || ($sa_score < 5))) {

diff --git a/PMG/Utils.pm b/PMG/Utils.pm
index b13bbeb33b95584af3c07170a78763c95a455ed3..994e748c71e4695facfadf8addafa36ac3a5df00 100644 (file)
--- a/PMG/Utils.pm
+++ b/PMG/Utils.pm
@@ -1000,6 +1000,8 @@ sub load_sa_descriptions {
        }
     }
 
+    $res->{'Safebrowsing'}->{desc} = "Found in Google Safe Browsing database.";
+
     return $res;
 }
 

diff --git a/bin/pmg-smtp-filter b/bin/pmg-smtp-filter
index 7cf89b21af08e9881dd227b1493ca6137853d99c..6b3d80d87c821107f0f9e87d41ab892065a68c9a 100755 (executable)
--- a/bin/pmg-smtp-filter
+++ b/bin/pmg-smtp-filter
@@ -624,6 +624,7 @@ sub handle_smtp {
 
     $queue = $smtp->{queue};
     $queue->{sa} = $self->{sa};
+    $queue->{safe_browsing_score} = $pmg_cfg->get('spam', 'safe_browsing_score');
 
     $queue->{lic_valid} = 1;
 
@@ -669,9 +670,18 @@ sub handle_smtp {
 
 
        # test for virus first
-       $queue->{vinfo} = PMG::Utils::analyze_virus(
+       my $vinfo = PMG::Utils::analyze_virus(
            $queue, $queue->{dataname}, $pmg_cfg, $opt_testmode);
 
+       if ($vinfo =~ m/^Safebrowsing\.(.+)$/) {
+           my $hit = $1;
+           $self->log(3, "$queue->{logid}: Google Safe Browsing database hit '%s'", $hit);
+           $queue->{safe_browsing} = $hit;
+           $vinfo = undef;
+       }
+
+       $queue->{vinfo} = $vinfo;
+
        # always add this headers to incoming mails
        # to enable user to report false negatives
        if (!$msginfo->{trusted}) {