]>
git.proxmox.com Git - proxmox-spamassassin.git/blob - upstream/lib/Mail/SpamAssassin/Plugin/PhishTag.pm
2 # Licensed to the Apache Software Foundation (ASF) under one or more
3 # contributor license agreements. See the NOTICE file distributed with
4 # this work for additional information regarding copyright ownership.
5 # The ASF licenses this file to you under the Apache License, Version 2.0
6 # (the "License"); you may not use this file except in compliance with
7 # the License. You may obtain a copy of the License at:
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
18 ###########################################################################
20 package Mail
::SpamAssassin
::Plugin
::PhishTag
;
25 use Mail
::SpamAssassin
;
26 use Mail
::SpamAssassin
::Logger
;
28 our @ISA = qw(Mail::SpamAssassin::Plugin);
31 my ($class, $mailsa)=@_;
32 $class=ref($class) ||$class;
33 my $self = $class->SUPER::new
($mailsa);
35 $self->set_config($mailsa->{conf
});
40 my($self, $conf) = @_;
44 setting
=> 'trigger_target',
45 type
=> $Mail::SpamAssassin
::Conf
::CONF_TYPE_HASH_KEY_VALUE
,
50 setting
=> 'trigger_config',
51 type
=> $Mail::SpamAssassin
::Conf
::CONF_TYPE_STRING
,
57 setting
=> 'trigger_ratio',
58 type
=> $Mail::SpamAssassin
::Conf
::CONF_TYPE_NUMERIC
,
63 $conf->{parser
}->register_commands(\
@cmds);
68 my ($self, $params) = @_;
69 my $pms = $params->{permsgstatus
};
71 #initialize the PHISHTAG data structure for
72 #saving configuration information
73 $pms->{PHISHTAG
} = {};
74 $pms->{PHISHTAG
}->{triggers
}={};
75 $pms->{PHISHTAG
}->{targets
}=[];
77 #read the configuration info
78 $self->read_configfile($params);
79 $self->read_settings($params);
83 my ($self, $params) = @_;
84 my $pms = $params->{permsgstatus
};
86 my $triggers= $pms->{PHISHTAG
}->{triggers
};
87 my $targets= $pms->{PHISHTAG
}->{targets
};
88 while (my ($tname,$ttarget)=each %{$pms->{conf
}->{trigger_target
}}){
89 push @$targets, [$ttarget, $tname];
96 my ($self, $params) = @_;
97 my $pms = $params->{permsgstatus
};
99 #nothing interesting here if there is not a configuration file
100 return if($pms->{conf
}->{trigger_config
} !~/\S/);
102 my $triggers= $pms->{PHISHTAG
}->{triggers
};
103 my $targets= $pms->{PHISHTAG
}->{targets
};
107 open(F
, '<', $pms->{conf
}->{trigger_config
});
108 for ($!=0; <F
>; $!=0) {
109 #each entry is separated by blank lines
110 undef($target) if(!/\S/);
112 #lines that start with pound are comments
115 #an entry starts with a URL line prefixed with the word "target"
116 if(/^target\s+(\S+)/){
118 push @$targets,$target;
120 #add the test to the list of listened triggers
121 #and to the triggers of the last target
122 elsif(defined $target){
128 defined $_ || $!==0 or
129 $!==EBADF ? dbg
("PHISHTAG: error reading config file: $!")
130 : die "error reading config file: $!";
131 close(F
) or die "error closing config file: $!";
135 my ($self, $params) = @_;
136 my $pms = $params->{permsgstatus
};
137 my $rulename = $params->{rulename
};
139 #mark the rule as hit
140 if(defined($pms->{PHISHTAG
}->{triggers
}->{$rulename})){
141 $pms->{PHISHTAG
}->{triggers
}->{$rulename}=1;
142 dbg
("PHISHTAG: $rulename has been caught\n");
146 sub check_post_learn
{
147 my ($self, $params) = @_;
148 my $pms = $params->{permsgstatus
};
150 #find out which targets have fulfilled their requirements
151 my $triggers= $pms->{PHISHTAG
}->{triggers
};
152 my $targets= $pms->{PHISHTAG
}->{targets
};
154 foreach my $target(@$targets){
155 my $uri= $$target[0];
157 #all the triggers of a target have to exist for it to be fulfilled
158 foreach my $i(1..$#$target){
159 if(! $triggers->{$$target[$i]}){
166 dbg
("PHISHTAG: Fulfilled $uri\n");
170 if(scalar(@filled) &&
171 $pms->{conf
}->{trigger_ratio
} > rand(100)){
172 $pms->{PHISHTAG
}->{letgo
}=0;
173 $pms->{PHISHTAG
}->{uri
}=$filled[int(rand(scalar(@filled)))];
175 dbg
("PHISHTAG: Decided to keep this email and point to ".
176 $pms->{PHISHTAG
}->{uri
});
177 #make sure that SpamAssassin does not remove this email
178 $pms->got_hit("PHISHTAG_TOSS",
183 dbg
("PHISHTAG: Will let this email to SpamAssassin's discretion\n");
184 $pms->{PHISHTAG
}->{letgo
}=1;
188 #nothing interesting here, if we will not rewrite the email
189 if($pms->{PHISHTAG
}->{letgo
}){
193 my $pristine_body=\
$pms->{msg
}->{pristine_body
};
194 #dbg("PRISTINE>>\n".$$pristine_body);
196 my $uris = $pms->get_uri_detail_list();
198 while (my($uri, $info) = each %{$uris}) {
199 if(defined ($info->{types
}->{a
})){
200 $$pristine_body=~s/$uri/$pms->{PHISHTAG}->{uri}/mg;
203 dbg
("PRISTINE>>\n".$$pristine_body);
211 PhishTag - SpamAssassin plugin for redirecting links in incoming emails.
215 loadplugin Mail::SpamAssassin::Plugin::PhishTag
218 trigger_target RULE_NAME http://www.antiphishing.org/consumer_recs.html
222 PhishTag enables administrators to rewrite links in emails that trigger certain
223 tests, preferably anti-phishing blacklist tests. The plugin will inhibit the
224 blocking of a portion of the emails that trigger the test by SpamAssassin, and
225 let them pass to the users' inbox after the rewrite. It is useful in providing
226 training to email users about company policies and general email usage.
230 The following options can be set by modifying the configuration file.
234 =item * trigger_ratio percentage_value
236 Sets the probability in percentage that a positive test will trigger the
237 email rewrite, e.g. 0.1 will rewrite on the average 1 in 1000 emails that
240 =item * trigger_target RULE_NAME http_url
242 The name of the test which would trigger the email rewrite; all the URLs
243 will be replaced by http_url.
249 The source of this plugin is available at:
250 http://umut.topkara.org/PhishTag/PhishTag.pm
251 a sample configuration file is also available:
252 http://umut.topkara.org/PhishTag/PhishTag.cf
256 Check the list of tests performed by SpamAssassin to modify the
257 configuration file to match your needs from
258 https://spamassassin.apache.org/tests.html
262 Umut Topkara, 2008, E<lt>umut@topkara.orgE<gt>
263 http://umut.topkara.org
265 =head1 COPYRIGHT AND LICENSE
267 This plugin is free software; you can redistribute it and/or modify
268 it under the same terms as SpamAssassin itself, either version 3.2.4
269 or, at your option, any later version of SpamAssassin you may have