def testParse(self, fname='samp1'):
with open('test/' + fname, "rb") as fp:
msg = mime.message_from_file(fp)
self.assertTrue(msg.ismultipart())
parts = msg.get_payload()
self.assertTrue(len(parts) == 2)
txt1 = parts[0].get_payload()
self.assertTrue(txt1.rstrip() == samp1_txt1, txt1)
with open('test/missingboundary', "rb") as fp:
msg = mime.message_from_file(fp)
# should get no exception as long as we don't try to parse
# message attachments
mime.defang(msg, scan_rfc822=False)
with open('test/missingboundary.out', 'wb') as fp:
msg.dump(fp)
with open('test/missingboundary', "rb") as fp:
msg = mime.message_from_file(fp)
try:
mime.defang(msg)
# python 2.4 doesn't get exceptions on missing boundaries, and
# if message is modified, output is readable by mail clients
if sys.hexversion < 0x02040000:
self.fail(
'should get boundary error parsing bad rfc822 attachment')
except errors.BoundaryError:
pass
def testCheckAttach(self,fname="test1"):
# test1 contains a very long filename
msg = mime.message_from_file(open('test/'+fname,'r'))
mime.defang(msg,scan_zip=True)
self.failIf(msg.ismodified())
msg = mime.message_from_file(open('test/test2','r'))
rc = mime.check_attachments(msg,self._chk_attach)
self.assertEquals(self.filename,"7501'S FOR TWO GOLDEN SOURCES SHIPMENTS FOR TAX & DUTY PURPOSES ONLY.PDF")
self.assertEquals(rc,Milter.CONTINUE)
def testDefang6(self,vname="virus6",fname='FAX20.exe'):
msg = mime.message_from_file(open('test/'+vname,"r"))
mime.defang(msg)
oname = vname + '.out'
msg.dump(open('test/'+oname,"w"))
msg = mime.message_from_file(open('test/'+oname,"r"))
self.failIf(msg.ismultipart())
txt2 = msg.get_payload()
self.failUnless(txt2 == mime.virus_msg % \
(fname,hostname,None),txt2)
def testDefang6(self, vname="virus6", fname='FAX20.exe'):
msg = mime.message_from_file(open('test/' + vname, "r"))
mime.defang(msg)
oname = vname + '.out'
msg.dump(open('test/' + oname, "w"))
msg = mime.message_from_file(open('test/' + oname, "r"))
self.failIf(msg.ismultipart())
txt2 = msg.get_payload()
self.failUnless(txt2 == mime.virus_msg % \
(fname,hostname,None),txt2)
def testCheckAttach(self, fname="test1"):
# test1 contains a very long filename
msg = mime.message_from_file(open('test/' + fname, 'r'))
mime.defang(msg, scan_zip=True)
self.failIf(msg.ismodified())
msg = mime.message_from_file(open('test/test2', 'r'))
rc = mime.check_attachments(msg, self._chk_attach)
self.assertEquals(
self.filename,
"7501'S FOR TWO GOLDEN SOURCES SHIPMENTS FOR TAX & DUTY PURPOSES ONLY.PDF"
)
self.assertEquals(rc, Milter.CONTINUE)
def testDefang(self,vname='virus1',part=1,
fname='LOVE-LETTER-FOR-YOU.TXT.vbs'):
msg = mime.message_from_file(open('test/'+vname,"r"))
mime.defang(msg,scan_zip=True)
self.failUnless(msg.ismodified(),"virus not removed")
oname = vname + '.out'
msg.dump(open('test/'+oname,"w"))
msg = mime.message_from_file(open('test/'+oname,"r"))
txt2 = msg.get_payload()
if type(txt2) == list:
txt2 = txt2[part].get_payload()
self.failUnless(
txt2.rstrip()+'\n' == mime.virus_msg % (fname,hostname,None),txt2)
def testDefang6(self, vname="virus6", fname='FAX20.exe'):
with self.zf.open(vname, "r") as fp:
msg = mime.message_from_file(fp)
mime.defang(msg)
oname = vname + '.out'
with open('test/' + oname, "wb") as fp:
msg.dump(fp)
with open('test/' + oname, "rb") as fp:
msg = mime.message_from_file(fp)
self.assertFalse(msg.ismultipart())
txt2 = msg.get_payload()
self.assertTrue(txt2 == mime.virus_msg % \
(fname,hostname,None),txt2)
def testDefang7(self, vname="honey", fname='story[1].scr'):
msg = mime.message_from_file(open('test/' + vname, "r"))
mime.defang(msg)
oname = vname + '.out'
msg.dump(open('test/' + oname, "w"))
msg = mime.message_from_file(open('test/' + oname, "r"))
parts = msg.get_payload()
txt2 = parts[1].get_payload()
txt3 = parts[2].get_payload()
self.failUnless(txt2.rstrip()+'\n' == mime.virus_msg % \
(fname,hostname,None),txt2)
if txt3 != '':
self.failUnless(txt3.rstrip()+'\n' == mime.virus_msg % \
('story[1].asp',hostname,None),txt3)
def testZip(self, vname="zip1", fname='zip.zip'):
self.testDefang(vname, 1, 'zip.zip')
# test scan_zip flag
msg = mime.message_from_file(open('test/' + vname, "r"))
mime.defang(msg, scan_zip=False)
self.failIf(msg.ismodified())
# test ignoring empty zip (often found in DSNs)
msg = mime.message_from_file(open('test/zip2', 'r'))
mime.defang(msg, scan_zip=True)
self.failIf(msg.ismodified())
# test corrupt zip (often an EXE named as a ZIP)
self.testDefang('zip3', 1, 'zip.zip')
# test zip within zip
self.testDefang('ziploop', 1, '*****@*****.**')
def testZip(self,vname="zip1",fname='zip.zip'):
self.testDefang(vname,1,'zip.zip')
# test scan_zip flag
msg = mime.message_from_file(open('test/'+vname,"r"))
mime.defang(msg,scan_zip=False)
self.failIf(msg.ismodified())
# test ignoring empty zip (often found in DSNs)
msg = mime.message_from_file(open('test/zip2','r'))
mime.defang(msg,scan_zip=True)
self.failIf(msg.ismodified())
# test corrupt zip (often an EXE named as a ZIP)
self.testDefang('zip3',1,'zip.zip')
# test zip within zip
self.testDefang('ziploop',1,'*****@*****.**')
def testDefang7(self,vname="honey",fname='story[1].scr'):
msg = mime.message_from_file(open('test/'+vname,"r"))
mime.defang(msg)
oname = vname + '.out'
msg.dump(open('test/'+oname,"w"))
msg = mime.message_from_file(open('test/'+oname,"r"))
parts = msg.get_payload()
txt2 = parts[1].get_payload()
txt3 = parts[2].get_payload()
self.failUnless(txt2.rstrip()+'\n' == mime.virus_msg % \
(fname,hostname,None),txt2)
if txt3 != '':
self.failUnless(txt3.rstrip()+'\n' == mime.virus_msg % \
('story[1].asp',hostname,None),txt3)
def testDefang(self,
vname='virus1',
part=1,
fname='LOVE-LETTER-FOR-YOU.TXT.vbs'):
msg = mime.message_from_file(open('test/' + vname, "r"))
mime.defang(msg, scan_zip=True)
self.failUnless(msg.ismodified(), "virus not removed")
oname = vname + '.out'
msg.dump(open('test/' + oname, "w"))
msg = mime.message_from_file(open('test/' + oname, "r"))
txt2 = msg.get_payload()
if type(txt2) == list:
txt2 = txt2[part].get_payload()
self.failUnless(
txt2.rstrip() + '\n' == mime.virus_msg % (fname, hostname, None),
txt2)
def eom(self):
if not self.fp: return Milter.ACCEPT
self.fp.seek(0)
msg = mime.message_from_file(self.fp)
msg.headerchange = self._headerChange
if not mime.defang(msg,self.tempname):
os.remove(self.tempname)
self.tempname = None # prevent re-removal
self.log("eom")
return Milter.ACCEPT # no suspicious attachments
self.log("Temp file:",self.tempname)
self.tempname = None # prevent removal of original message copy
# copy defanged message to a temp file
out = tempfile.TemporaryFile()
try:
msg.dump(out)
out.seek(0)
msg = rfc822.Message(out)
msg.rewindbody()
while 1:
buf = out.read(8192)
if len(buf) == 0: break
self.replacebody(buf) # feed modified message to sendmail
return Milter.ACCEPT # ACCEPT modified message
finally:
out.close()
return Milter.TEMPFAIL
def testDefang7(self, vname="honey", fname='story[1].scr'):
with open('test/' + vname, "rb") as fp:
msg = mime.message_from_file(fp)
mime.defang(msg)
oname = vname + '.out'
with open('test/' + oname, "wb") as fp:
msg.dump(fp)
with open('test/' + oname, "rb") as fp:
msg = mime.message_from_file(fp)
parts = msg.get_payload()
txt2 = parts[1].get_payload()
txt3 = parts[2].get_payload()
self.assertTrue(txt2.rstrip()+'\n' == mime.virus_msg % \
(fname,hostname,None),txt2)
if txt3 != '':
self.assertTrue(txt3.rstrip()+'\n' == mime.virus_msg % \
('story[1].asp',hostname,None),txt3)
def testParse(self,fname='samp1'):
msg = mime.message_from_file(open('test/'+fname,"r"))
self.failUnless(msg.ismultipart())
parts = msg.get_payload()
self.failUnless(len(parts) == 2)
txt1 = parts[0].get_payload()
self.failUnless(txt1.rstrip() == samp1_txt1,txt1)
msg = mime.message_from_file(open('test/missingboundary',"r"))
# should get no exception as long as we don't try to parse
# message attachments
mime.defang(msg,scan_rfc822=False)
msg.dump(open('test/missingboundary.out','w'))
msg = mime.message_from_file(open('test/missingboundary',"r"))
try:
mime.defang(msg)
# python 2.4 doesn't get exceptions on missing boundaries, and
# if message is modified, output is readable by mail clients
if sys.hexversion < 0x02040000:
self.fail('should get boundary error parsing bad rfc822 attachment')
except Errors.BoundaryError:
pass
def testDefang(self,
vname='virus1',
part=1,
fname='LOVE-LETTER-FOR-YOU.TXT.vbs'):
try:
with self.zf.open(vname, "r") as fp:
msg = mime.message_from_file(fp)
except KeyError:
with open('test/' + vname, "rb") as fp:
msg = mime.message_from_file(fp)
mime.defang(msg, scan_zip=True)
self.assertTrue(msg.ismodified(), "virus not removed")
oname = vname + '.out'
with open('test/' + oname, "wb") as fp:
msg.dump(fp)
with open('test/' + oname, "rb") as fp:
msg = mime.message_from_file(fp)
txt2 = msg.get_payload()
if type(txt2) == list:
txt2 = txt2[part].get_payload()
self.assertTrue(
txt2.rstrip() + '\n' == mime.virus_msg % (fname, hostname, None),
txt2)
def eom(self):
if not self.fp: return Milter.ACCEPT
self.fp.seek(0)
msg = mime.message_from_file(self.fp)
msg.headerchange = self._headerChange
if not mime.defang(msg, self.tempname):
os.remove(self.tempname)
self.tempname = None # prevent re-removal
self.log("eom")
return Milter.ACCEPT # no suspicious attachments
self.log("Temp file:", self.tempname)
self.tempname = None # prevent removal of original message copy
# copy defanged message to a temp file
with tempfile.TemporaryFile() as out:
msg.dump(out)
out.seek(0)
msg = mime.message_from_file(out)
fp = BytesIO(msg.as_bytes().split(b'\n\n', 1)[1])
while 1:
buf = fp.read(8192)
if len(buf) == 0: break
self.replacebody(buf) # feed modified message to sendmail
return Milter.ACCEPT # ACCEPT modified message
return Milter.TEMPFAIL
def eom(self):
if not self.fp: return Milter.ACCEPT
self.fp.seek(0)
msg = mime.message_from_file(self.fp)
msg.headerchange = self._headerChange
if not mime.defang(msg,self.tempname):
os.remove(self.tempname)
self.tempname = None # prevent re-removal
self.log("eom")
return Milter.ACCEPT # no suspicious attachments
self.log("Temp file:",self.tempname)
self.tempname = None # prevent removal of original message copy
# copy defanged message to a temp file
with tempfile.TemporaryFile() as out:
msg.dump(out)
out.seek(0)
msg = mime.message_from_file(out)
fp = BytesIO(msg.as_bytes().split(b'\n\n',1)[1])
while 1:
buf = fp.read(8192)
if len(buf) == 0: break
self.replacebody(buf) # feed modified message to sendmail
return Milter.ACCEPT # ACCEPT modified message
return Milter.TEMPFAIL
self.failIf(msg.ismodified())
msg = mime.message_from_file(open('test/test2','r'))
rc = mime.check_attachments(msg,self._chk_attach)
self.assertEquals(self.filename,"7501'S FOR TWO GOLDEN SOURCES SHIPMENTS FOR TAX & DUTY PURPOSES ONLY.PDF")
self.assertEquals(rc,Milter.CONTINUE)
def testHTML(self,fname=""):
result = StringIO.StringIO()
filter = mime.HTMLScriptFilter(result)
msg = """<! Illegal declaration used as comment>
<![if conditional]> Optional SGML <![endif]>
<!-- Legal SGML comment -->
"""
script = "<script lang=javascript> Dangerous script </script>"
filter.feed(msg + script)
filter.close()
#print result.getvalue()
self.failUnless(result.getvalue() == msg + filter.msg)
def suite(): return unittest.makeSuite(MimeTestCase,'test')
if __name__ == '__main__':
if len(sys.argv) < 2:
unittest.main()
else:
for fname in sys.argv[1:]:
fp = open(fname,'r')
msg = mime.message_from_file(fp)
mime.defang(msg,scan_zip=True)
print msg.as_string()
)
self.assertEquals(rc, Milter.CONTINUE)
def testHTML(self, fname=""):
result = StringIO.StringIO()
filter = mime.HTMLScriptFilter(result)
msg = """<! Illegal declaration used as comment>
<![if conditional]> Optional SGML <![endif]>
<!-- Legal SGML comment -->
"""
script = "<script lang=javascript> Dangerous script </script>"
filter.feed(msg + script)
filter.close()
#print result.getvalue()
self.failUnless(result.getvalue() == msg + filter.msg)
def suite():
return unittest.makeSuite(MimeTestCase, 'test')
if __name__ == '__main__':
if len(sys.argv) < 2:
unittest.main()
else:
for fname in sys.argv[1:]:
fp = open(fname, 'r')
msg = mime.message_from_file(fp)
mime.defang(msg, scan_zip=True)
print msg.as_string()