def testParse(self, fname='samp1'): with open('test/' + fname, "rb") as fp: msg = mime.message_from_file(fp) self.assertTrue(msg.ismultipart()) parts = msg.get_payload() self.assertTrue(len(parts) == 2) txt1 = parts[0].get_payload() self.assertTrue(txt1.rstrip() == samp1_txt1, txt1) with open('test/missingboundary', "rb") as fp: msg = mime.message_from_file(fp) # should get no exception as long as we don't try to parse # message attachments mime.defang(msg, scan_rfc822=False) with open('test/missingboundary.out', 'wb') as fp: msg.dump(fp) with open('test/missingboundary', "rb") as fp: msg = mime.message_from_file(fp) try: mime.defang(msg) # python 2.4 doesn't get exceptions on missing boundaries, and # if message is modified, output is readable by mail clients if sys.hexversion < 0x02040000: self.fail( 'should get boundary error parsing bad rfc822 attachment') except errors.BoundaryError: pass
def test_update_headers(self, home_dir, tpath): # we can update complete sets of headers milter = PGPTestMilter() milter._body = "1" msg1 = mime.message_from_file(BytesIO(b'A: foo\nB: bar\n\n\ntest\n')) milter._msg = msg1 msg2 = mime.message_from_file(BytesIO(b'C: baz\nD: bat\n\n\ntest\n')) milter.update_headers(msg1, msg2) assert milter._msg.items() == msg2.items()
def testCheckAttach(self,fname="test1"): # test1 contains a very long filename msg = mime.message_from_file(open('test/'+fname,'r')) mime.defang(msg,scan_zip=True) self.failIf(msg.ismodified()) msg = mime.message_from_file(open('test/test2','r')) rc = mime.check_attachments(msg,self._chk_attach) self.assertEquals(self.filename,"7501'S FOR TWO GOLDEN SOURCES SHIPMENTS FOR TAX & DUTY PURPOSES ONLY.PDF") self.assertEquals(rc,Milter.CONTINUE)
def testDefang6(self,vname="virus6",fname='FAX20.exe'): msg = mime.message_from_file(open('test/'+vname,"r")) mime.defang(msg) oname = vname + '.out' msg.dump(open('test/'+oname,"w")) msg = mime.message_from_file(open('test/'+oname,"r")) self.failIf(msg.ismultipart()) txt2 = msg.get_payload() self.failUnless(txt2 == mime.virus_msg % \ (fname,hostname,None),txt2)
def testDefang6(self, vname="virus6", fname='FAX20.exe'): msg = mime.message_from_file(open('test/' + vname, "r")) mime.defang(msg) oname = vname + '.out' msg.dump(open('test/' + oname, "w")) msg = mime.message_from_file(open('test/' + oname, "r")) self.failIf(msg.ismultipart()) txt2 = msg.get_payload() self.failUnless(txt2 == mime.virus_msg % \ (fname,hostname,None),txt2)
def test_update_headers_multiple(self, home_dir, tpath): # we can update headers where some names are repeated milter = PGPTestMilter() milter._body = "1" msg1 = mime.message_from_file( BytesIO(b'A: foo\nB: bar\nA: baz\n\n\ntest\n')) milter._msg = msg1 msg2 = mime.message_from_file( BytesIO(b'A: foo\nC: baz\nA: baz\n\n\ntest\n')) milter.update_headers(msg1, msg2) assert milter._msg.items() == msg2.items()
def testCheckAttach(self, fname="test1"): # test1 contains a very long filename msg = mime.message_from_file(open('test/' + fname, 'r')) mime.defang(msg, scan_zip=True) self.failIf(msg.ismodified()) msg = mime.message_from_file(open('test/test2', 'r')) rc = mime.check_attachments(msg, self._chk_attach) self.assertEquals( self.filename, "7501'S FOR TWO GOLDEN SOURCES SHIPMENTS FOR TAX & DUTY PURPOSES ONLY.PDF" ) self.assertEquals(rc, Milter.CONTINUE)
def testDefang6(self, vname="virus6", fname='FAX20.exe'): with self.zf.open(vname, "r") as fp: msg = mime.message_from_file(fp) mime.defang(msg) oname = vname + '.out' with open('test/' + oname, "wb") as fp: msg.dump(fp) with open('test/' + oname, "rb") as fp: msg = mime.message_from_file(fp) self.assertFalse(msg.ismultipart()) txt2 = msg.get_payload() self.assertTrue(txt2 == mime.virus_msg % \ (fname,hostname,None),txt2)
def testDefang(self,vname='virus1',part=1, fname='LOVE-LETTER-FOR-YOU.TXT.vbs'): msg = mime.message_from_file(open('test/'+vname,"r")) mime.defang(msg,scan_zip=True) self.failUnless(msg.ismodified(),"virus not removed") oname = vname + '.out' msg.dump(open('test/'+oname,"w")) msg = mime.message_from_file(open('test/'+oname,"r")) txt2 = msg.get_payload() if type(txt2) == list: txt2 = txt2[part].get_payload() self.failUnless( txt2.rstrip()+'\n' == mime.virus_msg % (fname,hostname,None),txt2)
def testDefang7(self,vname="honey",fname='story[1].scr'): msg = mime.message_from_file(open('test/'+vname,"r")) mime.defang(msg) oname = vname + '.out' msg.dump(open('test/'+oname,"w")) msg = mime.message_from_file(open('test/'+oname,"r")) parts = msg.get_payload() txt2 = parts[1].get_payload() txt3 = parts[2].get_payload() self.failUnless(txt2.rstrip()+'\n' == mime.virus_msg % \ (fname,hostname,None),txt2) if txt3 != '': self.failUnless(txt3.rstrip()+'\n' == mime.virus_msg % \ ('story[1].asp',hostname,None),txt3)
def testZip(self,vname="zip1",fname='zip.zip'): self.testDefang(vname,1,'zip.zip') # test scan_zip flag msg = mime.message_from_file(open('test/'+vname,"r")) mime.defang(msg,scan_zip=False) self.failIf(msg.ismodified()) # test ignoring empty zip (often found in DSNs) msg = mime.message_from_file(open('test/zip2','r')) mime.defang(msg,scan_zip=True) self.failIf(msg.ismodified()) # test corrupt zip (often an EXE named as a ZIP) self.testDefang('zip3',1,'zip.zip') # test zip within zip self.testDefang('ziploop',1,'*****@*****.**')
def testDefang7(self, vname="honey", fname='story[1].scr'): msg = mime.message_from_file(open('test/' + vname, "r")) mime.defang(msg) oname = vname + '.out' msg.dump(open('test/' + oname, "w")) msg = mime.message_from_file(open('test/' + oname, "r")) parts = msg.get_payload() txt2 = parts[1].get_payload() txt3 = parts[2].get_payload() self.failUnless(txt2.rstrip()+'\n' == mime.virus_msg % \ (fname,hostname,None),txt2) if txt3 != '': self.failUnless(txt3.rstrip()+'\n' == mime.virus_msg % \ ('story[1].asp',hostname,None),txt3)
def testZip(self, vname="zip1", fname='zip.zip'): self.testDefang(vname, 1, 'zip.zip') # test scan_zip flag msg = mime.message_from_file(open('test/' + vname, "r")) mime.defang(msg, scan_zip=False) self.failIf(msg.ismodified()) # test ignoring empty zip (often found in DSNs) msg = mime.message_from_file(open('test/zip2', 'r')) mime.defang(msg, scan_zip=True) self.failIf(msg.ismodified()) # test corrupt zip (often an EXE named as a ZIP) self.testDefang('zip3', 1, 'zip.zip') # test zip within zip self.testDefang('ziploop', 1, '*****@*****.**')
def eom(self): if not self.fp: return Milter.ACCEPT self.fp.seek(0) msg = mime.message_from_file(self.fp) msg.headerchange = self._headerChange if not mime.defang(msg,self.tempname): os.remove(self.tempname) self.tempname = None # prevent re-removal self.log("eom") return Milter.ACCEPT # no suspicious attachments self.log("Temp file:",self.tempname) self.tempname = None # prevent removal of original message copy # copy defanged message to a temp file out = tempfile.TemporaryFile() try: msg.dump(out) out.seek(0) msg = rfc822.Message(out) msg.rewindbody() while 1: buf = out.read(8192) if len(buf) == 0: break self.replacebody(buf) # feed modified message to sendmail return Milter.ACCEPT # ACCEPT modified message finally: out.close() return Milter.TEMPFAIL
def test_getnames(self): names = [] self.sawpif = False def do_part(m): n = m.getnames() a = names a += n return Milter.CONTINUE def chk_part(m): for k, n in m.getnames(): if n and n.lower().endswith('.pif'): self.sawpif = True s = m.get_submsg() print(m.get_content_type(), type(s), 'modified:', m.ismodified()) if isinstance(s, email.message.Message): return mime.check_attachments(s, chk_part) return Milter.CONTINUE with self.zf.open('virus7', 'r') as fp: msg = mime.message_from_file(fp) self.assertTrue(msg.ismultipart()) mime.check_attachments(msg, do_part) self.assertTrue(('filename', 'application.pif') in names) self.assertFalse(self.sawpif) mime.check_attachments(msg, chk_part) self.assertTrue(self.sawpif)
def testCtx(self, fname='virus1'): ctx = TestCtx() Milter.factory = sample.sampleMilter ctx._setsymval('{auth_authen}', 'batman') ctx._setsymval('{auth_type}', 'batcomputer') ctx._setsymval('j', 'mailhost') rc = ctx._connect() self.assertTrue(rc == Milter.CONTINUE) with self.zf.open(fname) as fp: rc = ctx._feedFile(fp) milter = ctx.getpriv() # self.assertTrue(milter.user == 'batman',"getsymval failed: "+ # "%s != %s"%(milter.user,'batman')) self.assertEquals(milter.user, 'batman') self.assertTrue(milter.auth_type != 'batcomputer', "setsymlist failed") self.assertTrue(rc == Milter.ACCEPT) self.assertTrue(ctx._bodyreplaced, "Message body not replaced") fp = ctx._body open('test/' + fname + ".tstout", "wb").write(fp.getvalue()) #self.assertTrue(fp.getvalue() == open("test/virus1.out","r").read()) fp.seek(0) msg = mime.message_from_file(fp) s = msg.get_payload(1).get_payload() milter.log(s) ctx._close()
def testParse2(self, fname="spam7"): msg = mime.message_from_file(open('test/' + fname, "r")) self.failUnless(msg.ismultipart()) parts = msg.get_payload() self.failUnless(len(parts) == 2) name = parts[1].getname() self.failUnless(name == "Jim&amp;Girlz.jpg", "name=%s" % name)
def testParse2(self,fname="spam7"): msg = mime.message_from_file(open('test/'+fname,"r")) self.failUnless(msg.ismultipart()) parts = msg.get_payload() self.failUnless(len(parts) == 2) name = parts[1].getname() self.failUnless(name == "Jim&amp;Girlz.jpg","name=%s"%name)
def testDefang(self, vname='virus1', part=1, fname='LOVE-LETTER-FOR-YOU.TXT.vbs'): msg = mime.message_from_file(open('test/' + vname, "r")) mime.defang(msg, scan_zip=True) self.failUnless(msg.ismodified(), "virus not removed") oname = vname + '.out' msg.dump(open('test/' + oname, "w")) msg = mime.message_from_file(open('test/' + oname, "r")) txt2 = msg.get_payload() if type(txt2) == list: txt2 = txt2[part].get_payload() self.failUnless( txt2.rstrip() + '\n' == mime.virus_msg % (fname, hostname, None), txt2)
def testDefang7(self, vname="honey", fname='story[1].scr'): with open('test/' + vname, "rb") as fp: msg = mime.message_from_file(fp) mime.defang(msg) oname = vname + '.out' with open('test/' + oname, "wb") as fp: msg.dump(fp) with open('test/' + oname, "rb") as fp: msg = mime.message_from_file(fp) parts = msg.get_payload() txt2 = parts[1].get_payload() txt3 = parts[2].get_payload() self.assertTrue(txt2.rstrip()+'\n' == mime.virus_msg % \ (fname,hostname,None),txt2) if txt3 != '': self.assertTrue(txt3.rstrip()+'\n' == mime.virus_msg % \ ('story[1].asp',hostname,None),txt3)
def testParse2(self, fname="spam7"): with open('test/' + fname, "rb") as fp: msg = mime.message_from_file(fp) self.assertTrue(msg.ismultipart()) parts = msg.get_payload() self.assertTrue(len(parts) == 2) name = parts[1].getname() self.assertTrue(name == "Jim&amp;Girlz.jpg", "name=%s" % name)
def feedFile(self, fp, sender="*****@*****.**", rcpt="*****@*****.**", *rcpts): self._body = None self._bodyreplaced = False self._headerschanged = False self._reply = None self._sender = '<%s>' % sender msg = mime.message_from_file(fp) # envfrom self._stage = Milter.M_ENVFROM rc = self.envfrom(self._sender) self._stage = None if rc != Milter.CONTINUE: return rc # envrcpt for rcpt in (rcpt, ) + rcpts: self._stage = Milter.M_ENVRCPT rc = self.envrcpt('<%s>' % rcpt) self._stage = None if rc != Milter.CONTINUE: return rc # data self._stage = Milter.M_DATA rc = self.data() self._stage = None if rc != Milter.CONTINUE: return rc # header for h, val in msg.items(): rc = self.header_bytes(h, val.encode()) if rc != Milter.CONTINUE: return rc # eoh self._stage = Milter.M_EOH rc = self.eoh() self._stage = None if rc != Milter.CONTINUE: return rc # body header, body = msg.as_bytes().split(b'\n\n', 1) bfp = BytesIO(body) while 1: buf = bfp.read(8192) if len(buf) == 0: break rc = self.body(buf) if rc != Milter.CONTINUE: return rc self._msg = msg self._body = BytesIO() self._stage = Milter.M_EOM rc = self.eom() self._stage = None if self._bodyreplaced: body = self._body.getvalue() self._body = BytesIO() self._body.write(header) self._body.write(b'\n\n') self._body.write(body) self.close() self._close() return rc
def testParse(self,fname='samp1'): msg = mime.message_from_file(open('test/'+fname,"r")) self.failUnless(msg.ismultipart()) parts = msg.get_payload() self.failUnless(len(parts) == 2) txt1 = parts[0].get_payload() self.failUnless(txt1.rstrip() == samp1_txt1,txt1) msg = mime.message_from_file(open('test/missingboundary',"r")) # should get no exception as long as we don't try to parse # message attachments mime.defang(msg,scan_rfc822=False) msg.dump(open('test/missingboundary.out','w')) msg = mime.message_from_file(open('test/missingboundary',"r")) try: mime.defang(msg) # python 2.4 doesn't get exceptions on missing boundaries, and # if message is modified, output is readable by mail clients if sys.hexversion < 0x02040000: self.fail('should get boundary error parsing bad rfc822 attachment') except Errors.BoundaryError: pass
def feedFile(self,fp,sender="*****@*****.**",rcpt="*****@*****.**",*rcpts): self._body = None self._bodyreplaced = False self._headerschanged = False self._reply = None self._sender = '<%s>'%sender msg = mime.message_from_file(fp) # envfrom self._stage = Milter.M_ENVFROM rc = self.envfrom(self._sender) self._stage = None if rc != Milter.CONTINUE: return rc # envrcpt for rcpt in (rcpt,) + rcpts: self._stage = Milter.M_ENVRCPT rc = self.envrcpt('<%s>'%rcpt) self._stage = None if rc != Milter.CONTINUE: return rc # data self._stage = Milter.M_DATA rc = self.data() self._stage = None if rc != Milter.CONTINUE: return rc # header for h,val in msg.items(): rc = self.header(h,val) if rc != Milter.CONTINUE: return rc # eoh self._stage = Milter.M_EOH rc = self.eoh() self._stage = None if rc != Milter.CONTINUE: return rc # body header,body = msg.as_bytes().split(b'\n\n',1) bfp = BytesIO(body) while 1: buf = bfp.read(8192) if len(buf) == 0: break rc = self.body(buf) if rc != Milter.CONTINUE: return rc self._msg = msg self._body = BytesIO() self._stage = Milter.M_EOM rc = self.eom() self._stage = None if self._bodyreplaced: body = self._body.getvalue() self._body = BytesIO() self._body.write(header) self._body.write(b'\n\n') self._body.write(body) return rc
def testDefang(self, vname='virus1', part=1, fname='LOVE-LETTER-FOR-YOU.TXT.vbs'): try: with self.zf.open(vname, "r") as fp: msg = mime.message_from_file(fp) except KeyError: with open('test/' + vname, "rb") as fp: msg = mime.message_from_file(fp) mime.defang(msg, scan_zip=True) self.assertTrue(msg.ismodified(), "virus not removed") oname = vname + '.out' with open('test/' + oname, "wb") as fp: msg.dump(fp) with open('test/' + oname, "rb") as fp: msg = mime.message_from_file(fp) txt2 = msg.get_payload() if type(txt2) == list: txt2 = txt2[part].get_payload() self.assertTrue( txt2.rstrip() + '\n' == mime.virus_msg % (fname, hostname, None), txt2)
def eom(self): if not self.fp: return Milter.ACCEPT self.fp.seek(0) msg = mime.message_from_file(self.fp) msg.headerchange = self._headerChange if not mime.defang(msg,self.tempname): os.remove(self.tempname) self.tempname = None # prevent re-removal self.log("eom") return Milter.ACCEPT # no suspicious attachments self.log("Temp file:",self.tempname) self.tempname = None # prevent removal of original message copy # copy defanged message to a temp file with tempfile.TemporaryFile() as out: msg.dump(out) out.seek(0) msg = mime.message_from_file(out) fp = BytesIO(msg.as_bytes().split(b'\n\n',1)[1]) while 1: buf = fp.read(8192) if len(buf) == 0: break self.replacebody(buf) # feed modified message to sendmail return Milter.ACCEPT # ACCEPT modified message return Milter.TEMPFAIL
def testDefang(self,fname='virus1'): milter = TestMilter() rc = milter.connect() self.failUnless(rc == Milter.CONTINUE) rc = milter.feedMsg(fname) self.failUnless(rc == Milter.ACCEPT) self.failUnless(milter._bodyreplaced,"Message body not replaced") fp = milter._body open('test/'+fname+".tstout","w").write(fp.getvalue()) #self.failUnless(fp.getvalue() == open("test/virus1.out","r").read()) fp.seek(0) msg = mime.message_from_file(fp) s = msg.get_payload(1).get_payload() milter.log(s) milter.close()
def testDefang(self, fname="virus1"): milter = TestMilter() rc = milter.connect() self.failUnless(rc == Milter.CONTINUE) rc = milter.feedMsg(fname) self.failUnless(rc == Milter.ACCEPT) self.failUnless(milter._bodyreplaced, "Message body not replaced") fp = milter._body open("test/" + fname + ".tstout", "w").write(fp.getvalue()) # self.failUnless(fp.getvalue() == open("test/virus1.out","r").read()) fp.seek(0) msg = mime.message_from_file(fp) s = msg.get_payload(1).get_payload() milter.log(s) milter.close()
def eom(self): if not self.fp: return Milter.ACCEPT self.fp.seek(0) msg = mime.message_from_file(self.fp) msg.headerchange = self._headerChange if not mime.defang(msg, self.tempname): os.remove(self.tempname) self.tempname = None # prevent re-removal self.log("eom") return Milter.ACCEPT # no suspicious attachments self.log("Temp file:", self.tempname) self.tempname = None # prevent removal of original message copy # copy defanged message to a temp file with tempfile.TemporaryFile() as out: msg.dump(out) out.seek(0) msg = mime.message_from_file(out) fp = BytesIO(msg.as_bytes().split(b'\n\n', 1)[1]) while 1: buf = fp.read(8192) if len(buf) == 0: break self.replacebody(buf) # feed modified message to sendmail return Milter.ACCEPT # ACCEPT modified message return Milter.TEMPFAIL
def eom(self): self.fp.seek(0) msg = mime.message_from_file(self.fp) self._msg = msg db = toDB('root', 'python', 'python.dev.wrtdesign.com', 'EARS') db.newMessage(self.canon_from, self.Subject, self.headers, self._msg, self.R) try: parsed = ProcessMessage(db, self.log, self.F) self._msg, self.subjChange = parsed.ParseAttachments() db.message.body = self._msg out = tempfile.TemporaryFile() try: msg.dump(out) out.seek(0) msg = rfc822.Message(out) msg.rewindbody() while 1: buf = out.read(8192) if len(buf) == 0: break self.replacebody(buf) finally: out.close() db.close() # return Milter.TEMPFAIL return Milter.ACCEPT except Exception, e: self.log.warn(e) exc_type, exc_obj, exc_tb = sys.exc_info() fname = os.path.split(exc_tb.tb_frame.f_code.co_filename)[1] self.log.err(exc_type, fname, exc_tb.tb_lineno) # return Milter.TEMPFAIL return Milter.ACCEPT
def testDefang(self,fname='virus1'): milter = TestMilter() milter.setsymval('{auth_authen}','batman') milter.setsymval('{auth_type}','batcomputer') milter.setsymval('j','mailhost') rc = milter.connect() self.assertTrue(rc == Milter.CONTINUE) rc = milter.feedMsg(fname) self.assertTrue(milter.user == 'batman',"getsymval failed") self.assertTrue(milter.auth_type != 'batcomputer',"setsymlist failed") self.assertTrue(rc == Milter.ACCEPT) self.assertTrue(milter._bodyreplaced,"Message body not replaced") fp = milter._body open('test/'+fname+".tstout","wb").write(fp.getvalue()) #self.assertTrue(fp.getvalue() == open("test/virus1.out","r").read()) fp.seek(0) msg = mime.message_from_file(fp) s = msg.get_payload(1).get_payload() milter.log(s) milter.close()
def testDefang(self,fname='virus1'): milter = TestMilter() milter.setsymval('{auth_authen}','batman') milter.setsymval('{auth_type}','batcomputer') milter.setsymval('j','mailhost') rc = milter.connect() self.assertTrue(rc == Milter.CONTINUE) rc = milter.feedMsg(fname) self.assertTrue(milter.user == 'batman',"getsymval failed") # setsymlist not working in TestBase #self.assertTrue(milter.auth_type != 'batcomputer',"setsymlist failed") self.assertTrue(rc == Milter.ACCEPT) self.assertTrue(milter._bodyreplaced,"Message body not replaced") fp = milter._body open('test/'+fname+".tstout","wb").write(fp.getvalue()) #self.assertTrue(fp.getvalue() == open("test/virus1.out","r").read()) fp.seek(0) msg = mime.message_from_file(fp) s = msg.get_payload(1).get_payload() milter.log(s) milter.close()
def _feedFile(self, fp, sender="*****@*****.**", rcpt="*****@*****.**", *rcpts): self._body = None self._bodyreplaced = False self._headerschanged = False self._reply = None msg = mime.message_from_file(fp) self._msg = msg # envfrom rc = self._envfrom('<%s>' % sender) if rc != Milter.CONTINUE: return rc # envrcpt for rcpt in (rcpt, ) + rcpts: rc = self._envrcpt('<%s>' % rcpt) if rc != Milter.CONTINUE: return rc # data rc = self._data() if rc != Milter.CONTINUE: return rc # header for h, val in msg.items(): rc = self._header(h, val) if rc != Milter.CONTINUE: return rc # eoh rc = self._eoh() if rc != Milter.CONTINUE: return rc # body header, body = msg.as_bytes().split(b'\n\n', 1) rc = self._feed_body(BytesIO(body)) if rc != Milter.CONTINUE: return rc rc = self._eom() if self._bodyreplaced: body = self._body.getvalue() self._body = BytesIO() self._body.write(header) self._body.write(b'\n\n') self._body.write(body) return rc
def testCtx(self,fname='virus1'): ctx = TestCtx() Milter.factory = sample.sampleMilter ctx._setsymval('{auth_authen}','batman') ctx._setsymval('{auth_type}','batcomputer') ctx._setsymval('j','mailhost') rc = ctx._connect() self.assertTrue(rc == Milter.CONTINUE) rc = ctx._feedMsg(fname) milter = ctx.getpriv() # self.assertTrue(milter.user == 'batman',"getsymval failed: "+ # "%s != %s"%(milter.user,'batman')) self.assertEquals(milter.user,'batman') self.assertTrue(milter.auth_type != 'batcomputer',"setsymlist failed") self.assertTrue(rc == Milter.ACCEPT) self.assertTrue(ctx._bodyreplaced,"Message body not replaced") fp = ctx._body open('test/'+fname+".tstout","wb").write(fp.getvalue()) #self.assertTrue(fp.getvalue() == open("test/virus1.out","r").read()) fp.seek(0) msg = mime.message_from_file(fp) s = msg.get_payload(1).get_payload() milter.log(s) ctx._close()
def _feedFile(self,fp,sender="*****@*****.**",rcpt="*****@*****.**",*rcpts): self._body = None self._bodyreplaced = False self._headerschanged = False self._reply = None msg = mime.message_from_file(fp) self._msg = msg # envfrom rc = self._envfrom('<%s>'%sender) if rc != Milter.CONTINUE: return rc # envrcpt for rcpt in (rcpt,) + rcpts: rc = self._envrcpt('<%s>'%rcpt) if rc != Milter.CONTINUE: return rc # data rc = self._data() if rc != Milter.CONTINUE: return rc # header for h,val in msg.items(): rc = self._header(h,val) if rc != Milter.CONTINUE: return rc # eoh rc = self._eoh() if rc != Milter.CONTINUE: return rc # body header,body = msg.as_bytes().split(b'\n\n',1) rc = self._feed_body(BytesIO(body)) if rc != Milter.CONTINUE: return rc rc = self._eom() if self._bodyreplaced: body = self._body.getvalue() self._body = BytesIO() self._body.write(header) self._body.write(b'\n\n') self._body.write(body) return rc
self.failIf(msg.ismodified()) msg = mime.message_from_file(open('test/test2','r')) rc = mime.check_attachments(msg,self._chk_attach) self.assertEquals(self.filename,"7501'S FOR TWO GOLDEN SOURCES SHIPMENTS FOR TAX & DUTY PURPOSES ONLY.PDF") self.assertEquals(rc,Milter.CONTINUE) def testHTML(self,fname=""): result = StringIO.StringIO() filter = mime.HTMLScriptFilter(result) msg = """<! Illegal declaration used as comment> <![if conditional]> Optional SGML <![endif]> <!-- Legal SGML comment --> """ script = "<script lang=javascript> Dangerous script </script>" filter.feed(msg + script) filter.close() #print result.getvalue() self.failUnless(result.getvalue() == msg + filter.msg) def suite(): return unittest.makeSuite(MimeTestCase,'test') if __name__ == '__main__': if len(sys.argv) < 2: unittest.main() else: for fname in sys.argv[1:]: fp = open(fname,'r') msg = mime.message_from_file(fp) mime.defang(msg,scan_zip=True) print msg.as_string()
def eom(self): try: self.fp.seek(0) msg = mime.message_from_file(self.fp) self.logemail(msg) links = set() if (msg.ismultipart()): msg, links = self.setmultifooters(msg) else: email_charset = msg.get_charset() payloadout = msg.get_payload() + self.footer links = self.getlinks(msg.get_payload()) msg.set_payload(payloadout, email_charset) if len(links) > 0: badlink = False # prepend http:// to links that do not have it links = list( set([ "http://" + s if not s.startswith("http") else s for s in links ])) # insert each link into the link api for an id # we will later check each id for theeshold threads = [None] * len(links) for i in range(len(threads)): threads[i] = Thread(target=self.insertLink, args=(links[i], )) threads[i].start() for i in range(len(threads)): threads[i].join() # filter out Nones in case for failed api requests # Threads will set None as the value for URLs if it didnt get an answer, so filter those out # Get the max score , if higher than our threshold that we choose, then we assume its bad highest = max( [urlTup[1] for urlTup in self.linkscoremap.values()]) if highest > self.threshold: badlink = True url = [ urlTup[0] for urlTup in self.linkscoremap.values() if urlTup[1] == highest ] syslog.syslog( syslog.LOG_WARNING, (json.dumps({ "msg": "BADURLPRESENT", "url": str(url), "score": str(highest), "time": time.strftime('%y%b%d %H:%M:%S'), "to": str(msg.getheaders('to')), "from": str(msg.getheaders('from')) }))) if badlink: # set the **WARNING** header in both text/plain and text/html if msg.ismultipart(): msg = self.setmultiheader(msg) else: # set the **WARNING** header in just text/plain payloadout = self.foundheader + msg.get_payload() msg.set_payload(payloadout) # write out to temp file and then encode to forward out to postfix out = tempfile.TemporaryFile() msg.dump(out) out.seek(0) msg = rfc822.Message(out) msg.rewindbody() while 1: buf = out.read(8192) if len(buf) == 0: break self.replacebody(buf) except Exception, e: self.logexception(str(e))
) self.assertEquals(rc, Milter.CONTINUE) def testHTML(self, fname=""): result = StringIO.StringIO() filter = mime.HTMLScriptFilter(result) msg = """<! Illegal declaration used as comment> <![if conditional]> Optional SGML <![endif]> <!-- Legal SGML comment --> """ script = "<script lang=javascript> Dangerous script </script>" filter.feed(msg + script) filter.close() #print result.getvalue() self.failUnless(result.getvalue() == msg + filter.msg) def suite(): return unittest.makeSuite(MimeTestCase, 'test') if __name__ == '__main__': if len(sys.argv) < 2: unittest.main() else: for fname in sys.argv[1:]: fp = open(fname, 'r') msg = mime.message_from_file(fp) mime.defang(msg, scan_zip=True) print msg.as_string()