def testParse(self, fname='samp1'):
with open('test/' + fname, "rb") as fp:
msg = mime.message_from_file(fp)
self.assertTrue(msg.ismultipart())
parts = msg.get_payload()
self.assertTrue(len(parts) == 2)
txt1 = parts[0].get_payload()
self.assertTrue(txt1.rstrip() == samp1_txt1, txt1)
with open('test/missingboundary', "rb") as fp:
msg = mime.message_from_file(fp)
# should get no exception as long as we don't try to parse
# message attachments
mime.defang(msg, scan_rfc822=False)
with open('test/missingboundary.out', 'wb') as fp:
msg.dump(fp)
with open('test/missingboundary', "rb") as fp:
msg = mime.message_from_file(fp)
try:
mime.defang(msg)
# python 2.4 doesn't get exceptions on missing boundaries, and
# if message is modified, output is readable by mail clients
if sys.hexversion < 0x02040000:
self.fail(
'should get boundary error parsing bad rfc822 attachment')
except errors.BoundaryError:
pass
def test_update_headers(self, home_dir, tpath):
# we can update complete sets of headers
milter = PGPTestMilter()
milter._body = "1"
msg1 = mime.message_from_file(BytesIO(b'A: foo\nB: bar\n\n\ntest\n'))
milter._msg = msg1
msg2 = mime.message_from_file(BytesIO(b'C: baz\nD: bat\n\n\ntest\n'))
milter.update_headers(msg1, msg2)
assert milter._msg.items() == msg2.items()
def testCheckAttach(self,fname="test1"):
# test1 contains a very long filename
msg = mime.message_from_file(open('test/'+fname,'r'))
mime.defang(msg,scan_zip=True)
self.failIf(msg.ismodified())
msg = mime.message_from_file(open('test/test2','r'))
rc = mime.check_attachments(msg,self._chk_attach)
self.assertEquals(self.filename,"7501'S FOR TWO GOLDEN SOURCES SHIPMENTS FOR TAX & DUTY PURPOSES ONLY.PDF")
self.assertEquals(rc,Milter.CONTINUE)
def testDefang6(self,vname="virus6",fname='FAX20.exe'):
msg = mime.message_from_file(open('test/'+vname,"r"))
mime.defang(msg)
oname = vname + '.out'
msg.dump(open('test/'+oname,"w"))
msg = mime.message_from_file(open('test/'+oname,"r"))
self.failIf(msg.ismultipart())
txt2 = msg.get_payload()
self.failUnless(txt2 == mime.virus_msg % \
(fname,hostname,None),txt2)
def testDefang6(self, vname="virus6", fname='FAX20.exe'):
msg = mime.message_from_file(open('test/' + vname, "r"))
mime.defang(msg)
oname = vname + '.out'
msg.dump(open('test/' + oname, "w"))
msg = mime.message_from_file(open('test/' + oname, "r"))
self.failIf(msg.ismultipart())
txt2 = msg.get_payload()
self.failUnless(txt2 == mime.virus_msg % \
(fname,hostname,None),txt2)
def test_update_headers_multiple(self, home_dir, tpath):
# we can update headers where some names are repeated
milter = PGPTestMilter()
milter._body = "1"
msg1 = mime.message_from_file(
BytesIO(b'A: foo\nB: bar\nA: baz\n\n\ntest\n'))
milter._msg = msg1
msg2 = mime.message_from_file(
BytesIO(b'A: foo\nC: baz\nA: baz\n\n\ntest\n'))
milter.update_headers(msg1, msg2)
assert milter._msg.items() == msg2.items()
def testCheckAttach(self, fname="test1"):
# test1 contains a very long filename
msg = mime.message_from_file(open('test/' + fname, 'r'))
mime.defang(msg, scan_zip=True)
self.failIf(msg.ismodified())
msg = mime.message_from_file(open('test/test2', 'r'))
rc = mime.check_attachments(msg, self._chk_attach)
self.assertEquals(
self.filename,
"7501'S FOR TWO GOLDEN SOURCES SHIPMENTS FOR TAX & DUTY PURPOSES ONLY.PDF"
)
self.assertEquals(rc, Milter.CONTINUE)
def testDefang6(self, vname="virus6", fname='FAX20.exe'):
with self.zf.open(vname, "r") as fp:
msg = mime.message_from_file(fp)
mime.defang(msg)
oname = vname + '.out'
with open('test/' + oname, "wb") as fp:
msg.dump(fp)
with open('test/' + oname, "rb") as fp:
msg = mime.message_from_file(fp)
self.assertFalse(msg.ismultipart())
txt2 = msg.get_payload()
self.assertTrue(txt2 == mime.virus_msg % \
(fname,hostname,None),txt2)
def testDefang(self,vname='virus1',part=1,
fname='LOVE-LETTER-FOR-YOU.TXT.vbs'):
msg = mime.message_from_file(open('test/'+vname,"r"))
mime.defang(msg,scan_zip=True)
self.failUnless(msg.ismodified(),"virus not removed")
oname = vname + '.out'
msg.dump(open('test/'+oname,"w"))
msg = mime.message_from_file(open('test/'+oname,"r"))
txt2 = msg.get_payload()
if type(txt2) == list:
txt2 = txt2[part].get_payload()
self.failUnless(
txt2.rstrip()+'\n' == mime.virus_msg % (fname,hostname,None),txt2)
def testDefang7(self,vname="honey",fname='story[1].scr'):
msg = mime.message_from_file(open('test/'+vname,"r"))
mime.defang(msg)
oname = vname + '.out'
msg.dump(open('test/'+oname,"w"))
msg = mime.message_from_file(open('test/'+oname,"r"))
parts = msg.get_payload()
txt2 = parts[1].get_payload()
txt3 = parts[2].get_payload()
self.failUnless(txt2.rstrip()+'\n' == mime.virus_msg % \
(fname,hostname,None),txt2)
if txt3 != '':
self.failUnless(txt3.rstrip()+'\n' == mime.virus_msg % \
('story[1].asp',hostname,None),txt3)
def testZip(self,vname="zip1",fname='zip.zip'):
self.testDefang(vname,1,'zip.zip')
# test scan_zip flag
msg = mime.message_from_file(open('test/'+vname,"r"))
mime.defang(msg,scan_zip=False)
self.failIf(msg.ismodified())
# test ignoring empty zip (often found in DSNs)
msg = mime.message_from_file(open('test/zip2','r'))
mime.defang(msg,scan_zip=True)
self.failIf(msg.ismodified())
# test corrupt zip (often an EXE named as a ZIP)
self.testDefang('zip3',1,'zip.zip')
# test zip within zip
self.testDefang('ziploop',1,'*****@*****.**')
def testDefang7(self, vname="honey", fname='story[1].scr'):
msg = mime.message_from_file(open('test/' + vname, "r"))
mime.defang(msg)
oname = vname + '.out'
msg.dump(open('test/' + oname, "w"))
msg = mime.message_from_file(open('test/' + oname, "r"))
parts = msg.get_payload()
txt2 = parts[1].get_payload()
txt3 = parts[2].get_payload()
self.failUnless(txt2.rstrip()+'\n' == mime.virus_msg % \
(fname,hostname,None),txt2)
if txt3 != '':
self.failUnless(txt3.rstrip()+'\n' == mime.virus_msg % \
('story[1].asp',hostname,None),txt3)
def testZip(self, vname="zip1", fname='zip.zip'):
self.testDefang(vname, 1, 'zip.zip')
# test scan_zip flag
msg = mime.message_from_file(open('test/' + vname, "r"))
mime.defang(msg, scan_zip=False)
self.failIf(msg.ismodified())
# test ignoring empty zip (often found in DSNs)
msg = mime.message_from_file(open('test/zip2', 'r'))
mime.defang(msg, scan_zip=True)
self.failIf(msg.ismodified())
# test corrupt zip (often an EXE named as a ZIP)
self.testDefang('zip3', 1, 'zip.zip')
# test zip within zip
self.testDefang('ziploop', 1, '*****@*****.**')
def eom(self):
if not self.fp: return Milter.ACCEPT
self.fp.seek(0)
msg = mime.message_from_file(self.fp)
msg.headerchange = self._headerChange
if not mime.defang(msg,self.tempname):
os.remove(self.tempname)
self.tempname = None # prevent re-removal
self.log("eom")
return Milter.ACCEPT # no suspicious attachments
self.log("Temp file:",self.tempname)
self.tempname = None # prevent removal of original message copy
# copy defanged message to a temp file
out = tempfile.TemporaryFile()
try:
msg.dump(out)
out.seek(0)
msg = rfc822.Message(out)
msg.rewindbody()
while 1:
buf = out.read(8192)
if len(buf) == 0: break
self.replacebody(buf) # feed modified message to sendmail
return Milter.ACCEPT # ACCEPT modified message
finally:
out.close()
return Milter.TEMPFAIL
def test_getnames(self):
names = []
self.sawpif = False
def do_part(m):
n = m.getnames()
a = names
a += n
return Milter.CONTINUE
def chk_part(m):
for k, n in m.getnames():
if n and n.lower().endswith('.pif'):
self.sawpif = True
s = m.get_submsg()
print(m.get_content_type(), type(s), 'modified:', m.ismodified())
if isinstance(s, email.message.Message):
return mime.check_attachments(s, chk_part)
return Milter.CONTINUE
with self.zf.open('virus7', 'r') as fp:
msg = mime.message_from_file(fp)
self.assertTrue(msg.ismultipart())
mime.check_attachments(msg, do_part)
self.assertTrue(('filename', 'application.pif') in names)
self.assertFalse(self.sawpif)
mime.check_attachments(msg, chk_part)
self.assertTrue(self.sawpif)
def testCtx(self, fname='virus1'):
ctx = TestCtx()
Milter.factory = sample.sampleMilter
ctx._setsymval('{auth_authen}', 'batman')
ctx._setsymval('{auth_type}', 'batcomputer')
ctx._setsymval('j', 'mailhost')
rc = ctx._connect()
self.assertTrue(rc == Milter.CONTINUE)
with self.zf.open(fname) as fp:
rc = ctx._feedFile(fp)
milter = ctx.getpriv()
# self.assertTrue(milter.user == 'batman',"getsymval failed: "+
# "%s != %s"%(milter.user,'batman'))
self.assertEquals(milter.user, 'batman')
self.assertTrue(milter.auth_type != 'batcomputer', "setsymlist failed")
self.assertTrue(rc == Milter.ACCEPT)
self.assertTrue(ctx._bodyreplaced, "Message body not replaced")
fp = ctx._body
open('test/' + fname + ".tstout", "wb").write(fp.getvalue())
#self.assertTrue(fp.getvalue() == open("test/virus1.out","r").read())
fp.seek(0)
msg = mime.message_from_file(fp)
s = msg.get_payload(1).get_payload()
milter.log(s)
ctx._close()
def testParse2(self, fname="spam7"):
msg = mime.message_from_file(open('test/' + fname, "r"))
self.failUnless(msg.ismultipart())
parts = msg.get_payload()
self.failUnless(len(parts) == 2)
name = parts[1].getname()
self.failUnless(name == "Jim&amp;Girlz.jpg", "name=%s" % name)
def testParse2(self,fname="spam7"):
msg = mime.message_from_file(open('test/'+fname,"r"))
self.failUnless(msg.ismultipart())
parts = msg.get_payload()
self.failUnless(len(parts) == 2)
name = parts[1].getname()
self.failUnless(name == "Jim&amp;Girlz.jpg","name=%s"%name)
def testDefang(self,
vname='virus1',
part=1,
fname='LOVE-LETTER-FOR-YOU.TXT.vbs'):
msg = mime.message_from_file(open('test/' + vname, "r"))
mime.defang(msg, scan_zip=True)
self.failUnless(msg.ismodified(), "virus not removed")
oname = vname + '.out'
msg.dump(open('test/' + oname, "w"))
msg = mime.message_from_file(open('test/' + oname, "r"))
txt2 = msg.get_payload()
if type(txt2) == list:
txt2 = txt2[part].get_payload()
self.failUnless(
txt2.rstrip() + '\n' == mime.virus_msg % (fname, hostname, None),
txt2)
def testDefang7(self, vname="honey", fname='story[1].scr'):
with open('test/' + vname, "rb") as fp:
msg = mime.message_from_file(fp)
mime.defang(msg)
oname = vname + '.out'
with open('test/' + oname, "wb") as fp:
msg.dump(fp)
with open('test/' + oname, "rb") as fp:
msg = mime.message_from_file(fp)
parts = msg.get_payload()
txt2 = parts[1].get_payload()
txt3 = parts[2].get_payload()
self.assertTrue(txt2.rstrip()+'\n' == mime.virus_msg % \
(fname,hostname,None),txt2)
if txt3 != '':
self.assertTrue(txt3.rstrip()+'\n' == mime.virus_msg % \
('story[1].asp',hostname,None),txt3)
def testParse2(self, fname="spam7"):
with open('test/' + fname, "rb") as fp:
msg = mime.message_from_file(fp)
self.assertTrue(msg.ismultipart())
parts = msg.get_payload()
self.assertTrue(len(parts) == 2)
name = parts[1].getname()
self.assertTrue(name == "Jim&amp;Girlz.jpg", "name=%s" % name)
def feedFile(self,
fp,
sender="*****@*****.**",
rcpt="*****@*****.**",
*rcpts):
self._body = None
self._bodyreplaced = False
self._headerschanged = False
self._reply = None
self._sender = '<%s>' % sender
msg = mime.message_from_file(fp)
# envfrom
self._stage = Milter.M_ENVFROM
rc = self.envfrom(self._sender)
self._stage = None
if rc != Milter.CONTINUE: return rc
# envrcpt
for rcpt in (rcpt, ) + rcpts:
self._stage = Milter.M_ENVRCPT
rc = self.envrcpt('<%s>' % rcpt)
self._stage = None
if rc != Milter.CONTINUE: return rc
# data
self._stage = Milter.M_DATA
rc = self.data()
self._stage = None
if rc != Milter.CONTINUE: return rc
# header
for h, val in msg.items():
rc = self.header_bytes(h, val.encode())
if rc != Milter.CONTINUE: return rc
# eoh
self._stage = Milter.M_EOH
rc = self.eoh()
self._stage = None
if rc != Milter.CONTINUE: return rc
# body
header, body = msg.as_bytes().split(b'\n\n', 1)
bfp = BytesIO(body)
while 1:
buf = bfp.read(8192)
if len(buf) == 0: break
rc = self.body(buf)
if rc != Milter.CONTINUE: return rc
self._msg = msg
self._body = BytesIO()
self._stage = Milter.M_EOM
rc = self.eom()
self._stage = None
if self._bodyreplaced:
body = self._body.getvalue()
self._body = BytesIO()
self._body.write(header)
self._body.write(b'\n\n')
self._body.write(body)
self.close()
self._close()
return rc
def testParse(self,fname='samp1'):
msg = mime.message_from_file(open('test/'+fname,"r"))
self.failUnless(msg.ismultipart())
parts = msg.get_payload()
self.failUnless(len(parts) == 2)
txt1 = parts[0].get_payload()
self.failUnless(txt1.rstrip() == samp1_txt1,txt1)
msg = mime.message_from_file(open('test/missingboundary',"r"))
# should get no exception as long as we don't try to parse
# message attachments
mime.defang(msg,scan_rfc822=False)
msg.dump(open('test/missingboundary.out','w'))
msg = mime.message_from_file(open('test/missingboundary',"r"))
try:
mime.defang(msg)
# python 2.4 doesn't get exceptions on missing boundaries, and
# if message is modified, output is readable by mail clients
if sys.hexversion < 0x02040000:
self.fail('should get boundary error parsing bad rfc822 attachment')
except Errors.BoundaryError:
pass
def feedFile(self,fp,sender="*****@*****.**",rcpt="*****@*****.**",*rcpts):
self._body = None
self._bodyreplaced = False
self._headerschanged = False
self._reply = None
self._sender = '<%s>'%sender
msg = mime.message_from_file(fp)
# envfrom
self._stage = Milter.M_ENVFROM
rc = self.envfrom(self._sender)
self._stage = None
if rc != Milter.CONTINUE: return rc
# envrcpt
for rcpt in (rcpt,) + rcpts:
self._stage = Milter.M_ENVRCPT
rc = self.envrcpt('<%s>'%rcpt)
self._stage = None
if rc != Milter.CONTINUE: return rc
# data
self._stage = Milter.M_DATA
rc = self.data()
self._stage = None
if rc != Milter.CONTINUE: return rc
# header
for h,val in msg.items():
rc = self.header(h,val)
if rc != Milter.CONTINUE: return rc
# eoh
self._stage = Milter.M_EOH
rc = self.eoh()
self._stage = None
if rc != Milter.CONTINUE: return rc
# body
header,body = msg.as_bytes().split(b'\n\n',1)
bfp = BytesIO(body)
while 1:
buf = bfp.read(8192)
if len(buf) == 0: break
rc = self.body(buf)
if rc != Milter.CONTINUE: return rc
self._msg = msg
self._body = BytesIO()
self._stage = Milter.M_EOM
rc = self.eom()
self._stage = None
if self._bodyreplaced:
body = self._body.getvalue()
self._body = BytesIO()
self._body.write(header)
self._body.write(b'\n\n')
self._body.write(body)
return rc
def testDefang(self,
vname='virus1',
part=1,
fname='LOVE-LETTER-FOR-YOU.TXT.vbs'):
try:
with self.zf.open(vname, "r") as fp:
msg = mime.message_from_file(fp)
except KeyError:
with open('test/' + vname, "rb") as fp:
msg = mime.message_from_file(fp)
mime.defang(msg, scan_zip=True)
self.assertTrue(msg.ismodified(), "virus not removed")
oname = vname + '.out'
with open('test/' + oname, "wb") as fp:
msg.dump(fp)
with open('test/' + oname, "rb") as fp:
msg = mime.message_from_file(fp)
txt2 = msg.get_payload()
if type(txt2) == list:
txt2 = txt2[part].get_payload()
self.assertTrue(
txt2.rstrip() + '\n' == mime.virus_msg % (fname, hostname, None),
txt2)
def eom(self):
if not self.fp: return Milter.ACCEPT
self.fp.seek(0)
msg = mime.message_from_file(self.fp)
msg.headerchange = self._headerChange
if not mime.defang(msg,self.tempname):
os.remove(self.tempname)
self.tempname = None # prevent re-removal
self.log("eom")
return Milter.ACCEPT # no suspicious attachments
self.log("Temp file:",self.tempname)
self.tempname = None # prevent removal of original message copy
# copy defanged message to a temp file
with tempfile.TemporaryFile() as out:
msg.dump(out)
out.seek(0)
msg = mime.message_from_file(out)
fp = BytesIO(msg.as_bytes().split(b'\n\n',1)[1])
while 1:
buf = fp.read(8192)
if len(buf) == 0: break
self.replacebody(buf) # feed modified message to sendmail
return Milter.ACCEPT # ACCEPT modified message
return Milter.TEMPFAIL
def testDefang(self,fname='virus1'):
milter = TestMilter()
rc = milter.connect()
self.failUnless(rc == Milter.CONTINUE)
rc = milter.feedMsg(fname)
self.failUnless(rc == Milter.ACCEPT)
self.failUnless(milter._bodyreplaced,"Message body not replaced")
fp = milter._body
open('test/'+fname+".tstout","w").write(fp.getvalue())
#self.failUnless(fp.getvalue() == open("test/virus1.out","r").read())
fp.seek(0)
msg = mime.message_from_file(fp)
s = msg.get_payload(1).get_payload()
milter.log(s)
milter.close()
def testDefang(self, fname="virus1"):
milter = TestMilter()
rc = milter.connect()
self.failUnless(rc == Milter.CONTINUE)
rc = milter.feedMsg(fname)
self.failUnless(rc == Milter.ACCEPT)
self.failUnless(milter._bodyreplaced, "Message body not replaced")
fp = milter._body
open("test/" + fname + ".tstout", "w").write(fp.getvalue())
# self.failUnless(fp.getvalue() == open("test/virus1.out","r").read())
fp.seek(0)
msg = mime.message_from_file(fp)
s = msg.get_payload(1).get_payload()
milter.log(s)
milter.close()
def eom(self):
if not self.fp: return Milter.ACCEPT
self.fp.seek(0)
msg = mime.message_from_file(self.fp)
msg.headerchange = self._headerChange
if not mime.defang(msg, self.tempname):
os.remove(self.tempname)
self.tempname = None # prevent re-removal
self.log("eom")
return Milter.ACCEPT # no suspicious attachments
self.log("Temp file:", self.tempname)
self.tempname = None # prevent removal of original message copy
# copy defanged message to a temp file
with tempfile.TemporaryFile() as out:
msg.dump(out)
out.seek(0)
msg = mime.message_from_file(out)
fp = BytesIO(msg.as_bytes().split(b'\n\n', 1)[1])
while 1:
buf = fp.read(8192)
if len(buf) == 0: break
self.replacebody(buf) # feed modified message to sendmail
return Milter.ACCEPT # ACCEPT modified message
return Milter.TEMPFAIL
def eom(self):
self.fp.seek(0)
msg = mime.message_from_file(self.fp)
self._msg = msg
db = toDB('root', 'python', 'python.dev.wrtdesign.com', 'EARS')
db.newMessage(self.canon_from, self.Subject, self.headers, self._msg,
self.R)
try:
parsed = ProcessMessage(db, self.log, self.F)
self._msg, self.subjChange = parsed.ParseAttachments()
db.message.body = self._msg
out = tempfile.TemporaryFile()
try:
msg.dump(out)
out.seek(0)
msg = rfc822.Message(out)
msg.rewindbody()
while 1:
buf = out.read(8192)
if len(buf) == 0: break
self.replacebody(buf)
finally:
out.close()
db.close()
# return Milter.TEMPFAIL
return Milter.ACCEPT
except Exception, e:
self.log.warn(e)
exc_type, exc_obj, exc_tb = sys.exc_info()
fname = os.path.split(exc_tb.tb_frame.f_code.co_filename)[1]
self.log.err(exc_type, fname, exc_tb.tb_lineno)
# return Milter.TEMPFAIL
return Milter.ACCEPT
def testDefang(self,fname='virus1'):
milter = TestMilter()
milter.setsymval('{auth_authen}','batman')
milter.setsymval('{auth_type}','batcomputer')
milter.setsymval('j','mailhost')
rc = milter.connect()
self.assertTrue(rc == Milter.CONTINUE)
rc = milter.feedMsg(fname)
self.assertTrue(milter.user == 'batman',"getsymval failed")
self.assertTrue(milter.auth_type != 'batcomputer',"setsymlist failed")
self.assertTrue(rc == Milter.ACCEPT)
self.assertTrue(milter._bodyreplaced,"Message body not replaced")
fp = milter._body
open('test/'+fname+".tstout","wb").write(fp.getvalue())
#self.assertTrue(fp.getvalue() == open("test/virus1.out","r").read())
fp.seek(0)
msg = mime.message_from_file(fp)
s = msg.get_payload(1).get_payload()
milter.log(s)
milter.close()
def testDefang(self,fname='virus1'):
milter = TestMilter()
milter.setsymval('{auth_authen}','batman')
milter.setsymval('{auth_type}','batcomputer')
milter.setsymval('j','mailhost')
rc = milter.connect()
self.assertTrue(rc == Milter.CONTINUE)
rc = milter.feedMsg(fname)
self.assertTrue(milter.user == 'batman',"getsymval failed")
# setsymlist not working in TestBase
#self.assertTrue(milter.auth_type != 'batcomputer',"setsymlist failed")
self.assertTrue(rc == Milter.ACCEPT)
self.assertTrue(milter._bodyreplaced,"Message body not replaced")
fp = milter._body
open('test/'+fname+".tstout","wb").write(fp.getvalue())
#self.assertTrue(fp.getvalue() == open("test/virus1.out","r").read())
fp.seek(0)
msg = mime.message_from_file(fp)
s = msg.get_payload(1).get_payload()
milter.log(s)
milter.close()
def _feedFile(self,
fp,
sender="*****@*****.**",
rcpt="*****@*****.**",
*rcpts):
self._body = None
self._bodyreplaced = False
self._headerschanged = False
self._reply = None
msg = mime.message_from_file(fp)
self._msg = msg
# envfrom
rc = self._envfrom('<%s>' % sender)
if rc != Milter.CONTINUE: return rc
# envrcpt
for rcpt in (rcpt, ) + rcpts:
rc = self._envrcpt('<%s>' % rcpt)
if rc != Milter.CONTINUE: return rc
# data
rc = self._data()
if rc != Milter.CONTINUE: return rc
# header
for h, val in msg.items():
rc = self._header(h, val)
if rc != Milter.CONTINUE: return rc
# eoh
rc = self._eoh()
if rc != Milter.CONTINUE: return rc
# body
header, body = msg.as_bytes().split(b'\n\n', 1)
rc = self._feed_body(BytesIO(body))
if rc != Milter.CONTINUE: return rc
rc = self._eom()
if self._bodyreplaced:
body = self._body.getvalue()
self._body = BytesIO()
self._body.write(header)
self._body.write(b'\n\n')
self._body.write(body)
return rc
def testCtx(self,fname='virus1'):
ctx = TestCtx()
Milter.factory = sample.sampleMilter
ctx._setsymval('{auth_authen}','batman')
ctx._setsymval('{auth_type}','batcomputer')
ctx._setsymval('j','mailhost')
rc = ctx._connect()
self.assertTrue(rc == Milter.CONTINUE)
rc = ctx._feedMsg(fname)
milter = ctx.getpriv()
# self.assertTrue(milter.user == 'batman',"getsymval failed: "+
# "%s != %s"%(milter.user,'batman'))
self.assertEquals(milter.user,'batman')
self.assertTrue(milter.auth_type != 'batcomputer',"setsymlist failed")
self.assertTrue(rc == Milter.ACCEPT)
self.assertTrue(ctx._bodyreplaced,"Message body not replaced")
fp = ctx._body
open('test/'+fname+".tstout","wb").write(fp.getvalue())
#self.assertTrue(fp.getvalue() == open("test/virus1.out","r").read())
fp.seek(0)
msg = mime.message_from_file(fp)
s = msg.get_payload(1).get_payload()
milter.log(s)
ctx._close()
def _feedFile(self,fp,sender="*****@*****.**",rcpt="*****@*****.**",*rcpts):
self._body = None
self._bodyreplaced = False
self._headerschanged = False
self._reply = None
msg = mime.message_from_file(fp)
self._msg = msg
# envfrom
rc = self._envfrom('<%s>'%sender)
if rc != Milter.CONTINUE: return rc
# envrcpt
for rcpt in (rcpt,) + rcpts:
rc = self._envrcpt('<%s>'%rcpt)
if rc != Milter.CONTINUE: return rc
# data
rc = self._data()
if rc != Milter.CONTINUE: return rc
# header
for h,val in msg.items():
rc = self._header(h,val)
if rc != Milter.CONTINUE: return rc
# eoh
rc = self._eoh()
if rc != Milter.CONTINUE: return rc
# body
header,body = msg.as_bytes().split(b'\n\n',1)
rc = self._feed_body(BytesIO(body))
if rc != Milter.CONTINUE: return rc
rc = self._eom()
if self._bodyreplaced:
body = self._body.getvalue()
self._body = BytesIO()
self._body.write(header)
self._body.write(b'\n\n')
self._body.write(body)
return rc
self.failIf(msg.ismodified())
msg = mime.message_from_file(open('test/test2','r'))
rc = mime.check_attachments(msg,self._chk_attach)
self.assertEquals(self.filename,"7501'S FOR TWO GOLDEN SOURCES SHIPMENTS FOR TAX & DUTY PURPOSES ONLY.PDF")
self.assertEquals(rc,Milter.CONTINUE)
def testHTML(self,fname=""):
result = StringIO.StringIO()
filter = mime.HTMLScriptFilter(result)
msg = """<! Illegal declaration used as comment>
<![if conditional]> Optional SGML <![endif]>
<!-- Legal SGML comment -->
"""
script = "<script lang=javascript> Dangerous script </script>"
filter.feed(msg + script)
filter.close()
#print result.getvalue()
self.failUnless(result.getvalue() == msg + filter.msg)
def suite(): return unittest.makeSuite(MimeTestCase,'test')
if __name__ == '__main__':
if len(sys.argv) < 2:
unittest.main()
else:
for fname in sys.argv[1:]:
fp = open(fname,'r')
msg = mime.message_from_file(fp)
mime.defang(msg,scan_zip=True)
print msg.as_string()
def eom(self):
try:
self.fp.seek(0)
msg = mime.message_from_file(self.fp)
self.logemail(msg)
links = set()
if (msg.ismultipart()):
msg, links = self.setmultifooters(msg)
else:
email_charset = msg.get_charset()
payloadout = msg.get_payload() + self.footer
links = self.getlinks(msg.get_payload())
msg.set_payload(payloadout, email_charset)
if len(links) > 0:
badlink = False
# prepend http:// to links that do not have it
links = list(
set([
"http://" + s if not s.startswith("http") else s
for s in links
]))
# insert each link into the link api for an id
# we will later check each id for theeshold
threads = [None] * len(links)
for i in range(len(threads)):
threads[i] = Thread(target=self.insertLink,
args=(links[i], ))
threads[i].start()
for i in range(len(threads)):
threads[i].join()
# filter out Nones in case for failed api requests
# Threads will set None as the value for URLs if it didnt get an answer, so filter those out
# Get the max score , if higher than our threshold that we choose, then we assume its bad
highest = max(
[urlTup[1] for urlTup in self.linkscoremap.values()])
if highest > self.threshold:
badlink = True
url = [
urlTup[0] for urlTup in self.linkscoremap.values()
if urlTup[1] == highest
]
syslog.syslog(
syslog.LOG_WARNING,
(json.dumps({
"msg": "BADURLPRESENT",
"url": str(url),
"score": str(highest),
"time": time.strftime('%y%b%d %H:%M:%S'),
"to": str(msg.getheaders('to')),
"from": str(msg.getheaders('from'))
})))
if badlink:
# set the **WARNING** header in both text/plain and text/html
if msg.ismultipart():
msg = self.setmultiheader(msg)
else:
# set the **WARNING** header in just text/plain
payloadout = self.foundheader + msg.get_payload()
msg.set_payload(payloadout)
# write out to temp file and then encode to forward out to postfix
out = tempfile.TemporaryFile()
msg.dump(out)
out.seek(0)
msg = rfc822.Message(out)
msg.rewindbody()
while 1:
buf = out.read(8192)
if len(buf) == 0: break
self.replacebody(buf)
except Exception, e:
self.logexception(str(e))
)
self.assertEquals(rc, Milter.CONTINUE)
def testHTML(self, fname=""):
result = StringIO.StringIO()
filter = mime.HTMLScriptFilter(result)
msg = """<! Illegal declaration used as comment>
<![if conditional]> Optional SGML <![endif]>
<!-- Legal SGML comment -->
"""
script = "<script lang=javascript> Dangerous script </script>"
filter.feed(msg + script)
filter.close()
#print result.getvalue()
self.failUnless(result.getvalue() == msg + filter.msg)
def suite():
return unittest.makeSuite(MimeTestCase, 'test')
if __name__ == '__main__':
if len(sys.argv) < 2:
unittest.main()
else:
for fname in sys.argv[1:]:
fp = open(fname, 'r')
msg = mime.message_from_file(fp)
mime.defang(msg, scan_zip=True)
print msg.as_string()
