haraka-plugin-spamassassin 1.1.0 → 1.1.1

package/CHANGELOG.md

@@ -4,6 +4,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/).
 
 ### Unreleased
 
+### [1.1.1] - 2026-06-20
+
+- fix(spamd_socket): support `[ipv6]:port` via net_utils.endpoint #7
+- deps(dev): bump haraka-test-fixtures to ^1.7.0
+- refactor: rename hook_data_post to spamassassin_data_post
+- split into reusable `parse_spamassassin` + `handle_spamassassin`
+  related to haraka/Haraka#3604
+
 ### [1.1.0] - 2026-05-17
 
 - changed: dep address-rfc2821 -> @haraka/email-address
@@ -40,3 +48,4 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/).
 [1.0.3]: https://github.com/haraka/haraka-plugin-spamassassin/releases/tag/v1.0.3
 [1.0.4]: https://github.com/haraka/haraka-plugin-spamassassin/releases/tag/v1.0.4
 [1.1.0]: https://github.com/haraka/haraka-plugin-spamassassin/releases/tag/v1.1.0
+[1.1.1]: https://github.com/haraka/haraka-plugin-spamassassin/releases/tag/v1.1.1

package/README.md

@@ -1,4 +1,5 @@
 [![CI Test Status][ci-img]][ci-url]
+[![Code Coverage][cov-img]][cov-url]
 [![Code Climate][clim-img]][clim-url]
 
 # haraka-plugin-spamassassin
@@ -183,5 +184,7 @@ Other headers options you might find interesting or useful are:
 
 [ci-img]: https://github.com/haraka/haraka-plugin-spamassassin/actions/workflows/ci.yml/badge.svg
 [ci-url]: https://github.com/haraka/haraka-plugin-spamassassin/actions/workflows/ci.yml
-[clim-img]: https://codeclimate.com/github/haraka/haraka-plugin-spamassassin/badges/gpa.svg
-[clim-url]: https://codeclimate.com/github/haraka/haraka-plugin-spamassassin
+[cov-img]: https://codecov.io/github/haraka/haraka-plugin-spamassassin/coverage.svg
+[cov-url]: https://codecov.io/github/haraka/haraka-plugin-spamassassin
+[clim-img]: https://qlty.sh/gh/haraka/projects/haraka-plugin-spamassassin/maintainability.svg
+[clim-url]: https://qlty.sh/gh/haraka/projects/haraka-plugin-spamassassin

package/index.js

@@ -8,6 +8,10 @@ const net_utils = require('haraka-net-utils')
 
 exports.register = function () {
   this.load_spamassassin_ini()
+  // explicit hook (not magic hook_data_post) so the plugin can be inherited;
+  // don't rename. guarded so inheritors don't re-register. haraka/Haraka#3604
+  if (this.name === 'spamassassin')
+    this.register_hook('data_post', 'spamassassin_data_post')
 }
 
 exports.load_spamassassin_ini = function () {
@@ -55,7 +59,7 @@ exports.load_spamassassin_ini = function () {
   }
 }
 
-exports.hook_data_post = function (next, connection) {
+exports.spamassassin_data_post = function (next, connection) {
   if (this.should_skip(connection)) return next()
 
   const txn = connection.transaction
@@ -65,14 +69,30 @@ exports.hook_data_post = function (next, connection) {
   const headers = this.get_spamd_headers(connection, username)
   const socket = this.get_spamd_socket(next, connection, headers)
 
-  const spamd_response = { headers: {} }
-  let state = 'line0'
-  let last_header
+  const lines = []
   const start = Date.now()
 
   socket.on('line', (line) => {
-    connection.logprotocol(this, `Spamd C: ${line} state=${state}`)
-    line = line.replace(/\r?\n/, '')
+    connection.logprotocol(this, `Spamd C: ${line}`)
+    lines.push(line.replace(/\r?\n/, ''))
+  })
+
+  socket.once('end', () => {
+    if (!connection.transaction) return next() // client gone
+    const spamd_response = this.parse_spamassassin(lines.join('\n'))
+    socket.nextOnce(
+      ...this.handle_spamassassin(connection, spamd_response, start),
+    )
+  })
+}
+
+// parse a raw spamd response into a result object. reusable by inheriting
+// plugins (e.g. @haraka/plugin-ecsd). See haraka/Haraka#3604.
+exports.parse_spamassassin = function (raw) {
+  const spamd_response = { headers: {} }
+  let state = 'line0'
+  let last_header
+  for (const line of String(raw).split(/\r?\n/)) {
     if (state === 'line0') {
       spamd_response.line0 = line
       state = 'response'
@@ -92,57 +112,59 @@ exports.hook_data_post = function (next, connection) {
     } else if (state === 'headers') {
       const m = line.match(/^X-Spam-([\x21-\x39\x3B-\x7E]+):\s*(.*)/)
       if (m) {
-        connection.logdebug(this, `header: ${line}`)
         last_header = m[1]
         spamd_response.headers[m[1]] = m[2]
-        return
+        continue
       }
       let fold
       if (last_header && (fold = line.match(/^(\s+.*)/))) {
         spamd_response.headers[last_header] += `\r\n${fold[1]}`
-        return
+        continue
       }
       last_header = ''
     }
-  })
-
-  socket.once('end', () => {
-    if (!connection.transaction) return next() // client gone
+  }
+  extract_tests(spamd_response)
+  return spamd_response
+}
 
-    if (spamd_response.headers?.Tests) {
-      spamd_response.tests = spamd_response.headers.Tests.replace(/\s/g, '')
-    }
-    if (spamd_response.tests === undefined) {
-      // strip the 'tests' from the X-Spam-Status header
-      if (spamd_response.headers?.Status) {
-        // SpamAssassin appears to have a bug that causes a space not to
-        // be added before autolearn= when the header line has been folded.
-        // So we modify the regexp here not to match autolearn onwards.
-        const tests = /tests=((?:(?!autolearn)[^ ])+)/.exec(
-          spamd_response.headers.Status.replace(/\r?\n\t/g, ''),
-        )
-        if (tests) spamd_response.tests = tests[1]
-      }
-    }
+function extract_tests(spamd_response) {
+  if (spamd_response.headers?.Tests) {
+    spamd_response.tests = spamd_response.headers.Tests.replace(/\s/g, '')
+    return
+  }
+  // SpamAssassin omits a space before autolearn= on folded header lines, so
+  // don't match autolearn onwards.
+  if (spamd_response.headers?.Status) {
+    const tests = /tests=((?:(?!autolearn)[^ ])+)/.exec(
+      spamd_response.headers.Status.replace(/\r?\n\t/g, ''),
+    )
+    if (tests) spamd_response.tests = tests[1]
+  }
+}
 
-    // do stuff with the results...
-    txn.notes.spamassassin = spamd_response
-    connection.results.add(this, {
-      time: (Date.now() - start) / 1000,
-      flag: spamd_response.flag,
-    })
+// handle a parsed spamd response (annotate + headers + reject decision).
+// I/O-free so inheriting plugins can reuse it; returns next() args ([] = CONT).
+// See haraka/Haraka#3604.
+exports.handle_spamassassin = function (connection, spamd_response, start) {
+  const txn = connection.transaction
+  if (!txn) return []
 
-    this.fixup_old_headers(txn)
-    this.do_header_updates(connection, spamd_response)
-    this.log_results(connection, spamd_response)
+  txn.notes.spamassassin = spamd_response
+  connection.results.add(this, {
+    time: start === undefined ? undefined : (Date.now() - start) / 1000,
+    flag: spamd_response.flag,
+  })
 
-    const exceeds_err = this.score_too_high(connection, spamd_response)
-    if (exceeds_err) return socket.nextOnce(DENY, exceeds_err)
+  this.fixup_old_headers(txn)
+  this.do_header_updates(connection, spamd_response)
+  this.log_results(connection, spamd_response)
 
-    this.munge_subject(connection, spamd_response.score)
+  const exceeds_err = this.score_too_high(connection, spamd_response)
+  if (exceeds_err) return [DENY, exceeds_err]
 
-    socket.nextOnce()
-  })
+  this.munge_subject(connection, spamd_response.score)
+  return []
 }
 
 exports.fixup_old_headers = function (txn) {
@@ -333,12 +355,12 @@ exports.get_spamd_socket = function (next, conn, headers) {
   const connect_timeout = parseInt(plugin.cfg.main.connect_timeout) || 30
   socket.setTimeout(connect_timeout * 1000)
 
-  if (plugin.cfg.main.spamd_socket.match(/\//)) {
-    // assume unix socket
-    socket.connect(plugin.cfg.main.spamd_socket)
+  const ep = net_utils.endpoint(plugin.cfg.main.spamd_socket, 783)
+  if (ep instanceof Error) throw ep
+  if (ep.path) {
+    socket.connect(ep.path)
   } else {
-    const hostport = plugin.cfg.main.spamd_socket.split(/:/)
-    socket.connect(hostport[1] || 783, hostport[0])
+    socket.connect(ep.port, ep.host)
   }
 
   return socket

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "haraka-plugin-spamassassin",
-  "version": "1.1.0",
+  "version": "1.1.1",
   "description": "Haraka plugin that scans messages with SpamAssassin",
   "main": "index.js",
   "files": [
@@ -8,16 +8,18 @@
     "config"
   ],
   "scripts": {
+    "prepare": "git rev-parse --git-dir >/dev/null 2>&1 && git config core.hooksPath .githooks || true",
     "format": "npm run prettier:fix && npm run lint:fix",
     "lint": "npx eslint *.js test",
     "lint:fix": "npx eslint *.js test --fix",
     "prettier": "npx prettier . --check",
     "prettier:fix": "npx prettier . --write --log-level=warn",
+    "qlty": "qlty smells --all",
     "test": "node --test",
-    "versions": "npx npm-dep-mgr check",
-    "versions:fix": "npx npm-dep-mgr update",
     "test:coverage": "node --test --experimental-test-coverage --test-coverage-exclude=package.json --test-coverage-exclude=test/*.js",
-    "test:coverage:lcov": "mkdir -p coverage && node --test --experimental-test-coverage --test-reporter=lcov --test-reporter-destination=coverage/lcov.info test/*.js"
+    "test:coverage:lcov": "mkdir -p coverage && node --test --experimental-test-coverage --test-reporter=lcov --test-reporter-destination=coverage/lcov.info test/*.js",
+    "versions": "npx npm-dep-mgr check",
+    "versions:fix": "npx npm-dep-mgr update"
   },
   "repository": {
     "type": "git",
@@ -35,13 +37,13 @@
   },
   "homepage": "https://github.com/haraka/haraka-plugin-spamassassin#readme",
   "dependencies": {
-    "haraka-net-utils": "^1.8.2",
-    "haraka-utils": "^1.1.4"
+    "haraka-net-utils": "^1.9.2",
+    "haraka-utils": "^2.2.1"
   },
   "devDependencies": {
-    "@haraka/eslint-config": "^2.0.4",
-    "@haraka/email-address": "^3.1.4",
-    "haraka-test-fixtures": "^1.6.0"
+    "@haraka/email-address": "^3.1.6",
+    "@haraka/eslint-config": "^3.0.0",
+    "haraka-test-fixtures": "^1.7.2"
   },
   "prettier": {
     "singleQuote": true,