def test_filelist(self):
self.assertEqual(
FileList(filename=self.filename,
strip=True,
skip_empty=True,
skip_comments=True,
lowercase=False,
additional_filters=None).get_list(),
['CASE?', 'stripped ?'])
self.assertEqual(
FileList(filename=self.filename,
strip=False,
skip_empty=True,
skip_comments=True,
lowercase=False,
additional_filters=None).get_list(),
['CASE?', ' stripped ? ', ' '])
self.assertEqual(
FileList(filename=self.filename,
strip=True,
skip_empty=False,
skip_comments=False,
lowercase=False,
additional_filters=None).get_list(),
['CASE?', 'stripped ?', '', '', '# no comment!'])
self.assertEqual(
FileList(filename=self.filename,
strip=True,
skip_empty=True,
skip_comments=True,
lowercase=True,
additional_filters=None).get_list(),
['case?', 'stripped ?'])
def __init__(self, config, section=None):
ScannerPlugin.__init__(self, config, section)
self.requiredvars = {
'domainsfile': {
'description':
"File containing a list of domains (one per line) which must be DKIM and/or SPF authenticated",
'default': "/etc/fuglu/auth_required_domains.txt",
},
'failaction': {
'default':
'DUNNO',
'description':
"action if the message doesn't pass authentication (DUNNO, REJECT)",
},
'rejectmessage': {
'default':
'sender domain ${header_from_domain} must pass DKIM and/or SPF authentication',
'description':
"reject message template if running in pre-queue mode",
},
}
self.logger = self._logger()
self.filelist = FileList(filename=None,
strip=True,
skip_empty=True,
skip_comments=True,
lowercase=True)
def __init__(self, config, section=None):
ScannerPlugin.__init__(self, config, section)
self.logger = self._logger()
self.skiplist = FileList(filename=None,
strip=True,
skip_empty=True,
skip_comments=True,
lowercase=True)
self.requiredvars = {
'max_lookups': {
'default': '10',
'description':
'maximum number of lookups (RFC defaults to 10)',
},
'skiplist': {
'default':
'',
'description':
'File containing a list of domains (one per line) which are not checked'
},
'temperror_retries': {
'default': '3',
'description': 'maximum number of retries on temp error',
},
'temperror_sleep': {
'default': '3',
'description':
'waiting interval between retries on temp error',
},
}
def __init__(self, section=None):
ScannerPlugin.__init__(self, section)
self.logger = self._logger()
self.filelist = FileList(strip=True,
skip_empty=True,
skip_comments=True,
lowercase=True,
additional_filters=None,
minimum_time_between_reloads=30)
self.requiredvars = {
'domainsfile': {
'default':
'/etc/fuglu/spearphish-domains',
'description':
'Filename where we load spearphish domains from. One domain per line. If this setting is empty, the check will be applied to all domains.',
},
'virusenginename': {
'default': 'Fuglu SpearPhishing Protection',
'description': 'Name of this plugins av engine',
},
'virusname': {
'default': 'TRAIT.SPEARPHISH',
'description': 'Name to use as virus signature',
},
'virusaction': {
'default':
'DEFAULTVIRUSACTION',
'description':
"action if spear phishing attempt is detected (DUNNO, REJECT, DELETE)",
},
'rejectmessage': {
'default':
'threat detected: ${virusname}',
'description':
"reject message template if running in pre-queue mode and virusaction=REJECT",
},
'dbconnection': {
'default':
"mysql://root@localhost/spfcheck?charset=utf8",
'description':
'SQLAlchemy Connection string. Leave empty to disable SQL lookups',
},
'domain_sql_query': {
'default':
"SELECT check_spearphish from domain where domain_name=:domain",
'description':
'get from sql database :domain will be replaced with the actual domain name. must return boolean field check_spearphish',
},
'check_display_part': {
'default':
'False',
'description':
"set to True to also check display part of From header (else email part only)",
},
}
def _init_nobounce(self):
if self.nobounce is None:
try:
filepath = self.config.get('main', 'nobouncefile')
except Exception:
filepath = None
if filepath and os.path.exists(filepath):
self.nobounce = FileList(filepath)
elif filepath:
self.logger.warning('nobouncefile %s not found' % filepath)
def _is_whitelisted(self, from_domain):
whitelist_file = self.config.get(self.section, 'whitelist_file')
if whitelist_file == '':
return False
if self.whitelist is None:
self.whitelist = FileList(whitelist_file, lowercase=True)
whitelisted = False
if from_domain in self.whitelist.get_list():
whitelisted = True
return whitelisted
def __init__(self, config, section=None):
ScannerPlugin.__init__(self, config, section)
self.logger = self._logger()
self.skiplist = FileList(filename=None,
strip=True,
skip_empty=True,
skip_comments=True,
lowercase=True)
self.requiredvars = {
'skiplist': {
'default':
'',
'description':
'File containing a list of domains (one per line) which are not checked'
},
}
def _init_tldmagic(self):
init_tldmagic = False
extratlds = []
if self.extratlds is None:
extratldfile = self.config.get(self.section, 'extra_tld_file')
if extratldfile and os.path.exists(extratldfile):
self.extratlds = FileList(extratldfile, lowercase=True)
init_tldmagic = True
if self.extratlds is not None:
extratlds = self.extratlds.get_list()
if self.lasttlds != extratlds: # extra tld file changed
self.lasttlds = extratlds
init_tldmagic = True
if self.tldmagic is None or init_tldmagic:
self.tldmagic = TLDMagic()
for tld in extratlds: # add extra tlds to tldmagic
self.tldmagic.add_tld(tld)
def __init__(self, section=None):
ScannerPlugin.__init__(self, section)
self.filelist = FileList(strip=True,
skip_empty=True,
skip_comments=True,
lowercase=True,
additional_filters=None,
minimum_time_between_reloads=30)
self.requiredvars = {
'domainsfile': {
'default':
'/etc/fuglu/spearphish-domains',
'description':
'Filename where we load spearphish domains from. One domain per line. If this setting is empty, the check will be applied to all domains.',
},
'virusenginename': {
'default': 'Fuglu SpearPhishing Protection',
'description': 'Name of this plugins av engine',
},
'virusname': {
'default': 'TRAIT.SPEARPHISH',
'description': 'Name to use as virus signature',
},
'virusaction': {
'default':
'DEFAULTVIRUSACTION',
'description':
"action if spear phishing attempt is detected (DUNNO, REJECT, DELETE)",
},
'rejectmessage': {
'default':
'threat detected: ${virusname}',
'description':
"reject message template if running in pre-queue mode and virusaction=REJECT",
},
}
