maildiode 0.0.2

data/lib/engine.rb

@@ -0,0 +1,344 @@
+# Copyright 2007-2008 Kevin B. Smith
+# This file is part of MailDiode.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 3, as 
+# published by the Free Software Foundation.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+
+module MailDiode
+  NOOP = 'NOOP'
+  HELO = 'HELO'
+  EHLO = 'EHLO'
+  QUIT = 'QUIT'
+  RSET = 'RSET'
+  VRFY = 'VRFY'
+  MAIL = 'MAIL'
+  RCPT = 'RCPT'
+  DATA = 'DATA'
+
+  RESULT_BYE = '221 Bye'
+  RESULT_OK = '250 Ok'
+  RESULT_UNSURE = '252'
+  RESULT_DATA_OK = '354'
+  
+  ACCEPTED = :accepted
+  NO_OPINION = :no_opinion
+end
+
+module MailDiode
+
+  class FilterableData
+  	attr_accessor :sender_ip
+    attr_accessor :helo
+    attr_accessor :sender
+    attr_accessor :recipient
+  end
+  
+  class Filter
+    def process(filterable_data)
+      filterable_data
+    end
+  end
+  
+  class MailHandler
+    def valid_recipient?(recipient)
+  		false
+    end
+    
+	  def process_message(sender, recipient, message)
+	    nil
+  	end
+  end
+  
+  
+  class Envelope
+    def initialize(from_address)
+      @from = from_address
+      @to = []
+    end
+    
+    def add_recipient(to_address)
+      @to << to_address
+    end
+    
+    def sender
+      @from
+    end
+    
+    def recipients
+      @to
+    end
+  end
+
+  # State machine that handles incoming SMTP commands
+  class Engine
+    def initialize(hostname)
+      @hostname = hostname
+      @greeting = "220 #{hostname} ESMTP"
+      @helo_response = "250 #{hostname}"
+      @filters = []
+    end
+    
+    def set_mail_handler(handler)
+      @mail_handler = handler
+    end
+    
+    def add_filter(filter)
+      @filters << filter
+    end
+    
+    def start(sender_ip)
+      @sender_ip = sender_ip
+      return @greeting
+    end
+  
+    def process_line(line)
+      begin
+        if @message_text
+          return do_message_text(line)
+        end
+        
+        command, args = extract_args(line)
+            result = process_command(command, args)
+            MailDiode::log_success(command, args, result)
+            return result
+      rescue SMTPError => error
+    		MailDiode.log_info(error.text)
+        return error.text
+      end
+
+    end
+    
+    def terminate?
+      return @should_terminate
+    end
+
+    def process_command(command, args)
+      case command.upcase
+        when NOOP then return do_noop(args)
+        when QUIT then return do_quit(args)
+        when HELO then return do_helo(args)
+        when EHLO then return do_helo(args)
+        when VRFY then return do_vrfy(args)
+        when RSET then return do_rset(args)
+        when MAIL then return do_mail(args)
+        when RCPT then return do_rcpt(args)
+        when DATA then return do_data(args)
+      end
+      
+      raise_smtp_error(SMTPError::BAD_COMMAND + ': ' + command)
+    end
+        
+    def do_noop(args)
+      enforce_no_args(args, SMTPError::SYNTAX_NOOP)
+      return RESULT_OK
+    end
+    
+    def do_quit(args)
+      enforce_no_args(args, SMTPError::SYNTAX_QUIT)
+      @should_terminate = true
+      return RESULT_BYE
+    end
+
+    def do_helo(args)
+      enforce_host_arg(args, SMTPError::SYNTAX_HELO)
+      @helo = args
+      @filters.each do | filter |
+        if filter.respond_to? :helo
+          filter.helo @helo
+        end
+      end
+      return @helo_response
+    end
+    
+    def do_vrfy(args)
+      enforce_host_arg(args, SMTPError::SYNTAX_VRFY)
+      return RESULT_UNSURE
+    end
+    
+    def do_rset(args)
+      enforce_no_args(args, SMTPError::SYNTAX_RSET)
+      @envelope = nil
+      return RESULT_OK
+    end
+    
+    def do_mail(args)
+      from_address = enforce_address_arg(args, 'from', SMTPError::SYNTAX_MAIL)
+      @envelope = Envelope.new(from_address)
+      @filters.each do | filter |
+        if filter.respond_to? :mail
+          filter.mail from_address
+        end
+      end
+  	  return RESULT_OK
+    end
+    
+    def do_rcpt(args)
+      if(! @envelope)
+        raise_smtp_error(SMTPError::NEED_MAIL_BEFORE_RCPT)
+      end
+      if(@envelope.recipients.size >= 100)
+        raise_smtp_error(SMTPError::TOO_MANY_RECIPIENTS)
+      end
+      recipient = enforce_address_arg(args, 'to', SMTPError::SYNTAX_RCPT)
+      @filters.each do | filter |
+        if filter.respond_to? :rcpt
+          filter.rcpt recipient
+        end
+      end
+      filterable_data = apply_filters(@envelope.sender, recipient)
+      if !@mail_handler.valid_recipient?(filterable_data.recipient)
+        raise_smtp_error(SMTPError::UNKNOWN_RECIPIENT)
+      end
+      @envelope.add_recipient(recipient)
+      return RESULT_OK
+    end
+    
+    def do_data(args)
+      if(! @envelope || ! @envelope.sender)
+        raise_smtp_error(SMTPError::NEED_RCPT_BEFORE_DATA)
+      end
+      enforce_no_args(args, SMTPError::SYNTAX_DATA)
+      @message_text = []
+      return RESULT_DATA_OK
+    end
+    
+    
+    
+    
+    
+    def apply_filters(sender, recipient)
+      filterable_data = FilterableData.new
+      filterable_data.sender_ip = @sender_ip
+      filterable_data.helo = @helo
+      filterable_data.sender = sender
+      filterable_data.recipient = recipient
+      @filters.each do | filter |
+        if filter.respond_to? :process
+          filter.process(filterable_data)
+        end
+      end
+      return filterable_data
+    end
+    
+    def do_message_text(line)
+      if line == '.'
+        return terminate_message
+      end
+      
+      if line[0..0] == '.'
+        line = line[1..-1]
+      end
+      
+      @message_text << line
+      return nil
+    end
+	
+    def terminate_message  
+      sender = @envelope.sender
+      recipients = @envelope.recipients
+      text = @message_text
+      @envelope = nil
+      @message_text = nil
+
+      ids = []
+      recipients.each do | recipient |
+        ids << process_message(sender, recipient, text)
+      end
+      return "#{RESULT_OK} #{ids.join(';')}"
+    end
+	
+    def process_message(sender, recipient, text)
+      received = "Received: from #{@helo} (#{@sender_ip}) " + 
+            "by #{@hostname} " +
+            "for <#{recipient}> " + 
+            "at #{Time.now.to_s}"
+      full_text = received + NEWLINE + text.join(NEWLINE)
+
+      filterable_data = apply_filters(sender, recipient)
+      id = @mail_handler.process_message(filterable_data.recipient, full_text)
+      return id
+    end
+    
+    def enforce_no_args(args, error_text)
+      if ! args.empty?
+        raise_smtp_error(error_text)
+      end
+    end
+    
+    def enforce_host_arg(args, error_text)
+      args = args.split(/\s+/)
+      if args.size != 1
+        raise_smtp_error(error_text)
+      end
+    end
+    
+    def enforce_address_arg(args, keyword, error_text)
+      re = /#{keyword}:\s*(.+)/i
+      match = re.match(args)
+      if !match
+        raise_smtp_error(error_text)
+      end
+      candidate = match[1].strip
+      strip_brackets = /<(.*)>/
+      match = strip_brackets.match(candidate)
+      if(match)
+        candidate = match[1]
+      end
+      
+      return candidate
+    end
+    
+    def extract_args(line)
+      command, args = line.split(nil, 2)
+      if command.nil?
+        command = ''
+      end
+      if args.nil?
+        args = ''
+      end
+      return command, args
+    end
+    
+    def raise_smtp_error(text)
+  	  raise SMTPError.new(text)
+    end
+    
+  end
+end
+
+module MailDiode
+
+  # SMTP errors (not success results)
+  class SMTPError < RuntimeError
+    attr_reader :text
+    
+    def initialize(text)
+      @text = text
+    end
+    
+    MESSAGE_NOT_HANDLED = "451 Failed: message not handled"
+    SYNTAX_NOOP = "501 Syntax: NOOP"
+    SYNTAX_QUIT = "501 Syntax: QUIT"
+    SYNTAX_HELO = "501 Syntax: HELO"
+    SYNTAX_RSET = "501 Syntax: RSET"
+    SYNTAX_VRFY = "501 Syntax: VRFY"
+    SYNTAX_MAIL = "501 Syntax: MAIL"
+    SYNTAX_RCPT = "501 Syntax: RCPT"
+    SYNTAX_DATA = "501 Syntax: DATA"
+    BAD_COMMAND = '502 Error: command not implemented'
+    TOO_MANY_RECIPIENTS = '552 Error: Too many recipients'
+    NEED_MAIL_BEFORE_RCPT = '503 Error: need MAIL before RCPT'
+    NEED_RCPT_BEFORE_DATA = '503 Error: need RCPT before DATA'
+    UNKNOWN_RECIPIENT = "550 Error: No such recipient here"
+  end
+end

data/lib/greylist.rb

@@ -0,0 +1,137 @@
+# Copyright 2007-2008 Kevin B. Smith
+# This file is part of MailDiode.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 3, as 
+# published by the Free Software Foundation.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+require 'kirbybase'
+
+ONE_HOUR_IN_SECONDS = 60*60
+
+module MailDiode
+	class GreylistFilter < Filter
+	#  Traditional (client IP, sender address, recipient address)
+	#  or selective (client IP, HELO name, sender domain)? 
+		GREYLIST_ADDED = "450 You are being put on a waiting list--please try again later"
+		GREYLIST_WAITING = "450 You are still on the waiting list--please try later"
+		GREYLIST_DELAY_IN_SECONDS = 60
+		
+		def initialize(settings)
+			@delay_minutes = 60
+			load_settings(settings)
+			@kirby = KirbyBase.new(:local, nil, nil, '/var/local/maildiode/')
+			ensure_database_table_exists
+		end
+		
+		def delay_seconds
+			@settings.delay_minutes * 60
+		end
+		
+		def process(filterable_data)
+			ip = filterable_data.sender_ip
+			helo = filterable_data.helo
+			from = filterable_data.sender
+			to = filterable_data.recipient
+			
+			if is_bounce_message(from)
+				MailDiode::log_info "Greylist allowing bounce message"
+				return true
+			end
+			from_user, from_domain = from.split('@')
+			table = get_database_table
+			found = table.select { | r | (r.ip == ip && r.helo == helo && r.from_domain = from_domain) }
+			case found.size
+				when 0
+					record = create_record(ip, helo, from_user, from_domain, to)
+					MailDiode::log_info "Greylist added #{key(record)}"
+					raise SMTPError.new(GREYLIST_ADDED)
+				when 1
+					if !check_existing_record(found[0])
+						raise SMTPError.new(GREYLIST_WAITING)
+					end
+				else
+					MailDiode::log_warning "Greylist found multiple entries for #{ip};#{helo};#{from};#{to}"
+			end
+		end
+		
+		def is_bounce_message(from)
+			return from.empty?
+		end
+		
+		def key(record)
+			return "#{record.ip};#{record.helo};#{record.from_domain}"
+		end
+		
+		def create_record(ip, helo, from_user, from_domain, to)
+			recno = get_database_table.insert do |r|
+				r.ip = ip
+				r.helo = helo
+				r.from_user = from_user
+				r.from_domain = from_domain
+				r.to = to
+				r.first_seen = now
+				r.last_seen = now
+				r.approved = false
+				record = r
+			end
+			return get_database_table.select { | r | r.recno == recno }
+		end
+		
+		def check_existing_record(record)
+			if(record.approved)
+				MailDiode::log_info "Greylist approved"
+				return true
+			end
+			
+			table = get_database_table
+			delay_until = record.first_seen + delay_seconds
+			if now > delay_until
+				table.update(:approved => true) { | r | r.recno == record.recno }
+				MailDiode::log_info "Greylist approved #{key(record)}"
+				return true
+			end
+			
+			table.update(:last_seen => now) { | r | r.recno == record.recno }
+			MailDiode::log_info "Greylist delaying #{key(record)} until #{Time.at(delay_until)}"
+			return false
+		end
+		
+		def now
+			return Time.now.to_i
+		end
+		
+		def get_database_table
+			return @kirby.get_table(:greylist)
+		end
+		
+		def ensure_database_table_exists
+			if @kirby.table_exists?(:greylist)
+				return
+			end
+			MailDiode::log_info "Creating greylist database"
+			@kirby.create_table(:greylist, 
+				:ip, :String, 
+				:helo, :String,
+				:from_user, :String,
+				:from_domain, :String,
+				:to, :String,
+				:first_seen, :Integer,
+				:last_seen, :Integer,
+				:approved, :Boolean
+				)
+		end
+
+		def load_settings(settings)
+			@delay_minutes = settings.get_setting('greylist', 'delayminutes').to_i
+		end
+	end
+end

data/lib/maildir.rb

@@ -0,0 +1,113 @@
+# Copyright 2007-2008 Kevin B. Smith
+# This file is part of MailDiode.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 3, as 
+# published by the Free Software Foundation.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+require 'gurgitate/deliver'
+
+module MailDiode
+	class FolderMissingError < IOError
+		attr_reader :folder
+		
+		def initialize(folder_name)
+			@folder = folder_name
+		end
+	end
+
+	class DeliverableMessage 
+		include Gurgitate::Deliver::Maildir
+		
+		def initialize(message_content)
+			@message = message_content
+		end
+		
+		def save(maildir)
+			deliver_message(maildir)
+		end
+		
+		def to_s
+			@message
+		end
+	end
+
+	class MaildirMessageHandler < MailHandler
+		def initialize(settings)
+			@maildirs = {}
+			load_settings(settings)
+		end
+		
+		def valid_recipient?(recipient)
+			return get_maildir(recipient)
+		end
+		
+		def process_message(recipient, full_text)
+			message = DeliverableMessage.new(full_text)
+			raw_dir = get_maildir(recipient)
+			folder = ''
+			dir = "#{raw_dir.chomp('/')}#{folder}/"
+			MailDiode::log_info "Delivering to #{dir}"
+			if !File.exist?(dir)
+				MailDiode::log_error "ERROR: Missing maildir folder: #{dir}"
+				raise FolderMissingError.new(File.basename(dir))
+			end
+			message.save(dir)
+		end
+
+		def get_maildir(recipient)
+			return @maildirs[recipient]
+		end
+=begin		
+		def valid_recipient?(recipient)
+			if (get_maildir(recipient))
+				return true
+			end
+		#	@core.log.debug "Rejecting recipient: #{recipient}"
+			return false
+		end
+		
+		def deliver_message(recipient, envelope_to, folder, raw_message_object)
+			received = "Received: from #{raw_message_object.heloname} " + 
+						"(#{raw_message_object.origin_ip}) " +
+						"by #{raw_message_object.myhostname} " + 
+						"with SMTP ID #{raw_message_object.smtp_id} " +
+						"for <#{recipient}>; " +
+						#"#{raw_message_object.timestamp.to_s}\n"
+						"#{Time.now.to_s}\n"
+			full_text = received + raw_message_object.content.gsub("\r","")
+			message = DeliverableMessage.new(full_text)
+			dir = "#{get_maildir(recipient).chomp('/')}#{folder}/"
+		#	@core.log.info "Delivering for #{envelope_to} to #{dir}"
+			if !File.exist?(dir)
+		#		@core.log.error "ERROR: Missing maildir folder: #{dir}"
+				raise FolderMissingError.new(File.basename(dir))
+			end
+			message.save(dir)
+			
+			return true
+		end
+		
+=end
+
+		def load_settings(settings)
+			settings.get_settings('maildir').each do | setting |
+				name, maildir = setting
+				if(maildir.index('/') != 0)
+					raise "Maildir must start with slash (/): #{maildir}"
+				end
+				maildir.untaint
+				@maildirs[name] = maildir
+			end
+		end
+	end
+end
+

data/lib/server.rb

@@ -0,0 +1,93 @@
+# Copyright 2007-2008 Kevin B. Smith
+# This file is part of MailDiode.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 3, as 
+# published by the Free Software Foundation.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+require 'gserver'
+require 'engine'
+require 'io/wait'
+
+module MailDiode
+	class Server < GServer
+    def initialize(engine_factory, settings)
+      load_settings(settings)
+
+      @factory = engine_factory
+      super(@port, @ip, @max_connections)
+    end
+
+    def serve(client)
+      begin
+        MailDiode::log_debug("Accepting client")
+        MailDiode::log_info("Connections: #{connections}")
+        client.binmode
+        engine = @factory.create_engine(@hostname)
+        family, port, hostname, ip = client.addr
+        greeting = engine.start(ip)
+        MailDiode::log_info("Greeting: #{greeting}")
+        client << response(greeting)
+        while !engine.terminate?
+          line = get_line(client, TIMEOUT_SECONDS)
+          if(!line)
+            MailDiode::log_info("---client disconnected")
+            return
+          end
+          line.chomp!(NEWLINE)
+          result = engine.process_line(line)
+          if(result)
+            discard_early_input(client)
+            client << response(result)
+          end
+        end
+      rescue Errno::ECONNRESET
+        MailDiode::log_info "---client dropped connection"
+      rescue Exception => e
+        MailDiode::log_error("Exception #{e.class}: #{e}")
+        e.backtrace.each do | line |
+          MailDiode::log_error(line)
+        end
+        client << response("451 Internal Server Error")
+      end
+    end
+	  
+    def get_line(input, timeout_seconds)
+      line = nil
+      t = Thread.new { line = input.gets(NEWLINE) }
+      t.join(timeout_seconds)
+      return line
+    end
+
+    def discard_early_input(client)
+      while(client.ready?)
+        client.getc
+      end
+    end
+      
+    def response(text)
+      return "#{text}#{NEWLINE}"
+    end
+	  
+		def load_settings(settings)
+      @hostname = settings.get_setting('server', 'hostname')
+      @ip = settings.get_setting('server', 'ip')
+      @ip.untaint
+      @port = settings.get_int('server', 'port', DEFAULT_PORT)
+      @port.untaint
+      @max_connections = settings.get_int('server', 'maxconnections', DEFAULT_MAX_CONNECTIONS)
+		end
+
+    DEFAULT_PORT = 10025
+		DEFAULT_MAX_CONNECTIONS = 20 
+		TIMEOUT_SECONDS = 1200 # djb recommends 1200
+	end
+end