%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /scripts/
Upload File :
Create Path :
Current File : //scripts/update_spamassassin_config

#!/usr/local/cpanel/3rdparty/bin/perl

package scripts::update_spamassassin_config;

# cpanel - scripts/update_spamassassin_config        Copyright 2022 cPanel L.L.C.
#                                                           All rights reserved.
# copyright@cpanel.net                                         http://cpanel.net
# This code is subject to the cPanel license. Unauthorized copying is prohibited

use strict;
use warnings;
use Cpanel::Daemonizer::Tiny    ();
use Cpanel::StringFunc::Replace ();
use Cpanel::StringFunc::File    ();
use Cpanel::FileUtils::Write    ();
use Cpanel::SafeRun::Errors     ();
use Cpanel::LoadFile            ();
use Cpanel::Logger              ();
use Cpanel::Rand                ();
use Cpanel::SafeDir::RM         ();
use Cpanel::Binaries            ();
use Cpanel::Unix::PID::Tiny     ();
use Getopt::Long;
eval { require Mail::SpamAssassin; };
use Cpanel::SpamAssassin::Rules  ();
use Cpanel::Exim::RemoteMX::Read ();

our $STATE_ENABLED  = 1;
our $STATE_DISABLED = 0;

our $SPAMASSASSIN_CONFIG_DIR = "/etc/mail/spamassassin";

my $made_changes_to_config = 0;
my $pidfile                = '/var/run/update_spamassassin_config.pid';
my $help                   = 0;
my $verbose                = 0;
my $background             = 0;

if ( !caller() ) {
    GetOptions( 'background' => \$background, 'help' => \$help, 'verbose' => \$verbose );
    usage() if $help;
    if ( $ENV{CPANEL_BASE_INSTALL} ) {
        print STDERR "“$0” refuses to run during a cPanel installation.\n";
        exit(0);
    }

    if ($background) {

        my $pid = Cpanel::Daemonizer::Tiny::run_as_daemon(
            sub {
                open( STDERR, '>>', '/usr/local/cpanel/logs/error_log' ) || die "Could not redirect STDERR to /usr/local/cpanel/logs/error_log: $!";

                __PACKAGE__->script() && exit(0);
                exit(1);
            }
        );
    }
    else {
        __PACKAGE__->script();
    }
}

sub compile_rules {
    print "Compiling SpamAssassin rules\n" if $verbose;
    my $saxsok = compile_sa_rules_if_needed();

    if ($saxsok) {
        Cpanel::FileUtils::Write::overwrite( '/var/cpanel/sa-compile-time', $Mail::SpamAssassin::VERSION, 0644 );
        if ( set_plugin_state( 'v320.pre', 'Rule2XSBody', $STATE_ENABLED ) ) {
            print "Mail::SpamAssassin::Plugin::Rule2XSBody test passed: enabled\n" if $verbose;
        }
    }
    else {
        if ( set_plugin_state( 'v320.pre', 'Rule2XSBody', $STATE_DISABLED ) ) {
            print "Mail::SpamAssassin::Plugin::Rule2XSBody is not available: disabled\n" if $verbose;
        }
    }
    return;
}

sub enable_pyzor {
    print "Enabling the Pyzor plugin\n" if $verbose;
    if ( eval { require Mail::Pyzor; } ) {
        if ( set_plugin_state( 'v310.pre', 'Pyzor', $STATE_ENABLED ) ) {
            print "pyzor is installed, enabled in SpamAssassin!\n" if $verbose;
        }
    }
    else {
        if ( set_plugin_state( 'v310.pre', 'Pyzor', $STATE_DISABLED ) ) {
            print "pyzor is not installed, disabling it in SpamAssassin to save memory\n" if $verbose;
        }

    }
    return;
}

sub enable_razor {
    print "Enabling the Razor2 plugin\n" if $verbose;
    if ( eval { require Razor2::Client::Agent; } ) {
        if ( set_plugin_state( 'v310.pre', 'Razor2', $STATE_ENABLED ) ) {
            print "razor2 is installed, enabled in SpamAssassin!\n" if $verbose;
        }
    }
    else {
        if ( set_plugin_state( 'v310.pre', 'Razor2', $STATE_DISABLED ) ) {
            print "razor2 is not installed, disabling it in SpamAssassin to save memory\n" if $verbose;
        }
    }
    return;
}

sub script {
    my ($class) = @_;
    my $upid = Cpanel::Unix::PID::Tiny->new();

    if ( !$upid->pid_file($pidfile) ) {
        my $pid = $upid->get_pid_from_pidfile($pidfile);
        print "$0: already running with pid: $pid\n";
        return 0;
    }

    my $logger    = Cpanel::Logger->new();
    my $spamd_bin = Cpanel::Binaries::path('spamd');
    if ( !-x $spamd_bin ) {
        print "Spamd binary not found.  Is Apache SpamAssassin™ installed?\nTry: /usr/local/cpanel/scripts/upcp --force" if $verbose;
        return 1;
    }

    my $has_rules = Cpanel::SpamAssassin::Rules::has_rules_installed();

    if ( !$has_rules ) {
        print "The Apache SpamAssassin™ rule update has not yet run.\n" if $verbose;
        require Cpanel::SafeRun::Object;

        warn if !eval {
            my $run = Cpanel::SafeRun::Object->new_or_die(
                program => '/usr/local/cpanel/scripts/sa-update_wrapper',
                stdout  => \*STDOUT,
                stderr  => \*STDERR,
            );
        };

        $made_changes_to_config = 1;
    }

    # This module can give us up to 20% more cpu time free on a loaded mail server
    print "Enabling the Shortcircuit plugin\n" if $verbose;
    set_plugin_state( 'v320.pre', 'Shortcircuit', $STATE_ENABLED );

    enable_pyzor();
    enable_razor();

    my $envtype = Cpanel::LoadFile::loadfile('/var/cpanel/envtype');
    if ( $envtype && $envtype ne 'standard' ) {
        print "Enabling the SpamCop plugin\n" if $verbose;
        set_plugin_state( 'v310.pre', 'SpamCop', $STATE_ENABLED );
    }

    my $local_cf = Cpanel::LoadFile::loadfile("$SPAMASSASSIN_CONFIG_DIR/local.cf");

    # Configure missing trusted networks
    if ( $local_cf !~ m{\n[ \t]*trusted_networks}s || $local_cf =~ m{\n[ \t]*trusted_networks[^\n]+# Autoconfigured by cPanel}s ) {
        print "Autoconfiguring trusted networks\n" if $verbose;
        require Cpanel::IP::Neighbors;
        require Cpanel::SocketIP;
        require Cpanel::Net::Whois::IP::Cached;
        Cpanel::IP::Neighbors::update_neighbor_netblocks_or_log();
        my %ranges        = map { $_ => 1 } Cpanel::IP::Neighbors::get_netblocks();
        my @trueaddresses = Cpanel::SocketIP::_resolveIpAddress('mail.cpanel.net');
        foreach my $public_ip (@trueaddresses) {
            my $whois_response = Cpanel::Net::Whois::IP::Cached->new()->lookup_address($public_ip) or next;

            # The cidr attribute is an array
            my $cidr_ar = $whois_response->get('cidr');

            next if !$cidr_ar || 'ARRAY' ne ref $cidr_ar || !scalar @{$cidr_ar};

            foreach ( @{$cidr_ar} ) { $ranges{$_} = 1; }
        }

        my @remote_mx_ips = Cpanel::Exim::RemoteMX::Read::all_ips();
        @ranges{@remote_mx_ips} = (1) x @remote_mx_ips;

        my $range_list = join( ' ', sort keys %ranges );
        if ( $local_cf !~ m{\n[ \t]*#?[ \t]*trusted_networks[ \t]*\Q$range_list\E}s ) {
            print "Autoconfigured trusted_networks setting.\n" if $verbose;
            Cpanel::StringFunc::Replace::regsrep( "$SPAMASSASSIN_CONFIG_DIR/local.cf", '^\s*#?\s*trusted_networks', 'trusted_networks ' . $range_list . " # Autoconfigured by cPanel - Remove this end of line comment to avoid future updates" );
            $made_changes_to_config = 1;
        }
    }

    if ( $local_cf !~ m{\n[ \t]*#?[ \t]*dns_available}s ) {
        print "Setting dns_available = yes\n" if $verbose;

        # spamassassin takes about 5 times longer if dns_available is not set
        Cpanel::StringFunc::File::addlinefile( "$SPAMASSASSIN_CONFIG_DIR/local.cf", "\n" . 'dns_available yes # Autoconfigured by cPanel - comment out this line or set to no to avoid future updates' );
        $made_changes_to_config = 1;
    }

    compile_rules();

    if ($made_changes_to_config) {
        require Cpanel::ServerTasks;
        print "Queued spamd restart in the background.\n" if $verbose;
        Cpanel::ServerTasks::schedule_task( ['CpServicesTasks'], 1, "restartsrv spamd" );
    }

    return 0;
}

sub system_verbose_aware {
    my (@args) = @_;
    if ($verbose) {
        return system(@args);
    }
    else {
        return Cpanel::SafeRun::Errors::saferunnoerror(@args);
    }
}

sub usage {
    return print q{
update_spamassassin_config [options]

    Options:
      --help       Brief help message
      --verbose    Display verbose output from each test performed

};
}

sub compile_sa_rules_if_needed {
    my ($perl_version) = ( $] =~ /^(\d\.\d\d\d)/ );

    my $dir_sa_compiled = (
        -e "/var/lib/spamassassin/compiled/$perl_version/$Mail::SpamAssassin::VERSION"
        ? "/var/lib/spamassassin/compiled/$perl_version/$Mail::SpamAssassin::VERSION"
        : "/var/lib/spamassassin/compiled/$Mail::SpamAssassin::VERSION"
    );

    my $saxtest = Cpanel::SafeRun::Errors::saferunnoerror( '/usr/local/cpanel/scripts/test_sa_compiled', $dir_sa_compiled );
    my $saxsok  = ( $saxtest =~ /ok/ ? 1 : 0 );

    my $lastver       = Cpanel::LoadFile::loadfile('/var/cpanel/sa-compile-time');
    my $compile_mtime = ( stat('/var/cpanel/sa-compile-time') )[9] || 0;
    my $sa_rule_mtime = Cpanel::SpamAssassin::Rules::get_mtime_of_newest_rule();

    if ( !$saxsok || $sa_rule_mtime >= $compile_mtime || $lastver != $Mail::SpamAssassin::VERSION ) {
        my $sa_compile_bin = Cpanel::Binaries::path('sa-compile');
        if ( -x $sa_compile_bin ) {
            my $tmpdir = Cpanel::Rand::gettmpdir();    # audit case 46806 ok
            if ($tmpdir) {
                local $ENV{'TMP'}    = $tmpdir;
                local $ENV{'TMPDIR'} = $tmpdir;
                system_verbose_aware($sa_compile_bin);
                $made_changes_to_config = 1;
                Cpanel::SafeDir::RM::safermdir($tmpdir);
            }
            else {
                system_verbose_aware($sa_compile_bin);
            }
        }

        system_verbose_aware( '/usr/local/cpanel/scripts/patch_mail_spamassassin_compiledregexps_body_0', $dir_sa_compiled );

        $saxtest = Cpanel::SafeRun::Errors::saferunnoerror( '/usr/local/cpanel/scripts/test_sa_compiled', $dir_sa_compiled );
    }
    return ( $saxtest =~ /ok/ ? 1 : 0 );
}

sub set_plugin_state {
    my ( $conf_file, $plugin, $state ) = @_;
    my $conf_path      = "$SPAMASSASSIN_CONFIG_DIR/$conf_file";
    my $current_config = Cpanel::LoadFile::loadfile($conf_path);
    my $current_state  = ( $current_config =~ m{\n[ \t]*loadplugin[ \t]+Mail::SpamAssassin::Plugin::\Q$plugin\E}s ) ? $STATE_ENABLED : $STATE_DISABLED;
    if ( $current_state != $state ) {
        Cpanel::StringFunc::Replace::regsrep( $conf_path, '^\s*#?\s*loadplugin[ \t]*Mail::SpamAssassin::Plugin::' . $plugin, ( $state == $STATE_DISABLED ? '#' : '' ) . 'loadplugin Mail::SpamAssassin::Plugin::' . $plugin );
        print "Updated plugin “$plugin” state in “$conf_file” to " . ( $state == $STATE_ENABLED ? 'enabled' : 'disabled' ) . "\n" if $verbose;
        $made_changes_to_config = 1;
        return 1;
    }
    return 0;
}

1;

__END__

=encoding utf-8

=head1 NAME

update_spamassassin_config - Optimize Apache SpamAssassin™ if possible and update compiled rulesets

=head1 SYNOPSIS

update_spamassassin_config [options]

    Options:
      --help       Brief help message
      --verbose    Display verbose output from each test preformed

=cut

Zerion Mini Shell 1.0