[Rspamd] Place socket in _rspamd home and fix permissions

[Compose] Remove volume for Rspamd socket
[Web] Do not exit loop on fuzzy errors when learning a message as spam

data/Dockerfiles/dovecot/rspamd-pipe-ham

@@ -3,7 +3,7 @@ FILE=/tmp/mail$$
 cat > $FILE
 trap "/bin/rm -f $FILE" 0 1 2 3 13 15
 
-cat ${FILE} | /usr/bin/curl -s --data-binary @- --unix-socket /rspamd-sock/rspamd.sock http://rspamd/learnham
-cat ${FILE} | /usr/bin/curl -H "Flag: 13" -s --data-binary @- --unix-socket /rspamd-sock/rspamd.sock http://rspamd/fuzzyadd
+cat ${FILE} | /usr/bin/curl -s --data-binary @- --unix-socket /var/lib/rspamd/rspamd.sock http://rspamd/learnham
+cat ${FILE} | /usr/bin/curl -H "Flag: 13" -s --data-binary @- --unix-socket /var/lib/rspamd/rspamd.sock http://rspamd/fuzzyadd
 
 exit 0

data/Dockerfiles/dovecot/rspamd-pipe-spam

@@ -3,7 +3,7 @@ FILE=/tmp/mail$$
 cat > $FILE
 trap "/bin/rm -f $FILE" 0 1 2 3 13 15
 
-cat ${FILE} | /usr/bin/curl -s --data-binary @- --unix-socket /rspamd-sock/rspamd.sock http://rspamd/learnspam
-cat ${FILE} | /usr/bin/curl -H "Flag: 11" -s --data-binary @- --unix-socket /rspamd-sock/rspamd.sock http://rspamd/fuzzyadd
+cat ${FILE} | /usr/bin/curl -s --data-binary @- --unix-socket /var/lib/rspamd/rspamd.sock http://rspamd/learnspam
+cat ${FILE} | /usr/bin/curl -H "Flag: 11" -s --data-binary @- --unix-socket /var/lib/rspamd/rspamd.sock http://rspamd/fuzzyadd
 
 exit 0

data/Dockerfiles/postfix/rspamd-pipe-ham

@@ -3,7 +3,7 @@ FILE=/tmp/mail$$
 cat > $FILE
 trap "/bin/rm -f $FILE" 0 1 2 3 13 15
 
-cat ${FILE} | /usr/bin/curl -s --data-binary @- --unix-socket /rspamd-sock/rspamd.sock http://rspamd/learnham
-cat ${FILE} | /usr/bin/curl -H "Flag: 13" -s --data-binary @- --unix-socket /rspamd-sock/rspamd.sock http://rspamd/fuzzyadd
+cat ${FILE} | /usr/bin/curl -s --data-binary @- --unix-socket /var/lib/rspamd/rspamd.sock http://rspamd/learnham
+cat ${FILE} | /usr/bin/curl -H "Flag: 13" -s --data-binary @- --unix-socket /var/lib/rspamd/rspamd.sock http://rspamd/fuzzyadd
 
 exit 0

data/Dockerfiles/postfix/rspamd-pipe-spam

@@ -3,7 +3,7 @@ FILE=/tmp/mail$$
 cat > $FILE
 trap "/bin/rm -f $FILE" 0 1 2 3 13 15
 
-cat ${FILE} | /usr/bin/curl -s --data-binary @- --unix-socket /rspamd-sock/rspamd.sock http://rspamd/learnspam
-cat ${FILE} | /usr/bin/curl -H "Flag: 11" -s --data-binary @- --unix-socket /rspamd-sock/rspamd.sock http://rspamd/fuzzyadd
+cat ${FILE} | /usr/bin/curl -s --data-binary @- --unix-socket /var/lib/rspamd/rspamd.sock http://rspamd/learnspam
+cat ${FILE} | /usr/bin/curl -H "Flag: 11" -s --data-binary @- --unix-socket /var/lib/rspamd/rspamd.sock http://rspamd/fuzzyadd
 
 exit 0

data/Dockerfiles/rspamd/docker-entrypoint.sh

@@ -1,6 +1,7 @@
 #!/bin/bash
 
 chown -R _rspamd:_rspamd /var/lib/rspamd
+chmod 755 /var/lib/rspamd
 [[ ! -f /etc/rspamd/override.d/worker-controller-password.inc ]] && echo '# Placeholder' > /etc/rspamd/override.d/worker-controller-password.inc
 [[ ! -f /etc/rspamd/custom/sa-rules-heinlein ]] && echo '# to be auto-filled by dovecot-mailcow' > /etc/rspamd/custom/sa-rules-heinlein
 

data/Dockerfiles/watchdog/watchdog.sh

@@ -226,7 +226,7 @@ rspamd_checks() {
   while [ ${err_count} -lt ${THRESHOLD} ]; do
     host_ip=$(get_container_ip rspamd-mailcow)
     err_c_cur=${err_count}
-    SCORE=$(/usr/bin/curl -s --data-binary @- --unix-socket /rspamd-sock/rspamd.sock http://rspamd/scan -d '
+    SCORE=$(/usr/bin/curl -s --data-binary @- --unix-socket /var/lib/rspamd/rspamd.sock http://rspamd/scan -d '
 To: null@localhost
 From: watchdog@localhost
 

data/conf/rspamd/override.d/worker-controller.inc

@@ -2,6 +2,6 @@ bind_socket = "*:11334";
 count = 1;
 secure_ip = "127.0.0.1";
 secure_ip = "::1";
-bind_socket = "/rspamd-sock/rspamd.sock mode=0666 owner=nobody";
+bind_socket = "/var/lib/rspamd/rspamd.sock mode=0666 owner=nobody";
 .include(try=true; priority=10) "$CONFDIR/override.d/worker-controller-password.inc"
 .include(try=true; priority=20) "$CONFDIR/override.d/worker-controller.custom.inc" 

data/web/inc/functions.inc.php

@@ -1409,7 +1409,7 @@ function get_logs($container, $lines = false) {
   }
   if ($container == "rspamd-history") {
     $curl = curl_init();
-    curl_setopt($curl, CURLOPT_UNIX_SOCKET_PATH, '/rspamd-sock/rspamd.sock');
+    curl_setopt($curl, CURLOPT_UNIX_SOCKET_PATH, '/var/lib/rspamd/rspamd.sock');
     if (!is_numeric($lines)) {
       list ($from, $to) = explode('-', $lines);
       curl_setopt($curl, CURLOPT_URL,"http://rspamd/history?from=" . intval($from) . "&to=" . intval($to));

data/web/inc/functions.quarantine.inc.php

@@ -221,13 +221,13 @@ function quarantine($_action, $_data = null) {
             continue;
           }
           $curl = curl_init();
-          curl_setopt($curl, CURLOPT_UNIX_SOCKET_PATH, '/rspamd-sock/rspamd.sock');
+          curl_setopt($curl, CURLOPT_UNIX_SOCKET_PATH, '/var/lib/rspamd/rspamd.sock');
           curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
           curl_setopt($curl, CURLOPT_POST, 1);
           curl_setopt($curl, CURLOPT_TIMEOUT, 30);
-          curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: text/plain')); 
+          curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: text/plain'));
           curl_setopt($curl, CURLOPT_URL,"http://rspamd/learnspam");
-          curl_setopt($curl, CURLOPT_POSTFIELDS, $row['msg']); 
+          curl_setopt($curl, CURLOPT_POSTFIELDS, $row['msg']);
           $response = curl_exec($curl);
           if (!curl_errno($curl)) {
             $response = json_decode($response, true);
@@ -243,23 +243,22 @@ function quarantine($_action, $_data = null) {
             }
             curl_close($curl);
             $curl = curl_init();
-            curl_setopt($curl, CURLOPT_UNIX_SOCKET_PATH, '/rspamd-sock/rspamd.sock');
+            curl_setopt($curl, CURLOPT_UNIX_SOCKET_PATH, '/var/lib/rspamd/rspamd.sock');
             curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
             curl_setopt($curl, CURLOPT_POST, 1);
             curl_setopt($curl, CURLOPT_TIMEOUT, 30);
-            curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: text/plain', 'Flag: 11')); 
+            curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: text/plain', 'Flag: 11'));
             curl_setopt($curl, CURLOPT_URL,"http://rspamd/fuzzyadd");
-            curl_setopt($curl, CURLOPT_POSTFIELDS, $row['msg']); 
+            curl_setopt($curl, CURLOPT_POSTFIELDS, $row['msg']);
             $response = curl_exec($curl);
             if (!curl_errno($curl)) {
               $response = json_decode($response, true);
               if (isset($response['error'])) {
                 $_SESSION['return'][] = array(
-                  'type' => 'danger',
+                  'type' => 'warning',
                   'log' => array(__FUNCTION__),
                   'msg' => array('fuzzy_learn_error', $response['error'])
                 );
-                continue;
               }
               curl_close($curl);
               try {
@@ -279,7 +278,7 @@ function quarantine($_action, $_data = null) {
               $_SESSION['return'][] = array(
                 'type' => 'success',
                 'log' => array(__FUNCTION__),
-                'msg' => 'qlearn_spam'
+                'msg' => array('qlearn_spam', $id)
               );
               continue;
             }
@@ -288,7 +287,7 @@ function quarantine($_action, $_data = null) {
               $_SESSION['return'][] = array(
                 'type' => 'danger',
                 'log' => array(__FUNCTION__),
-                'msg' => array('spam_learn_error', 'curl error ' . curl_errno($curl))
+                'msg' => array('spam_learn_error', 'Curl: ' . curl_strerror(curl_errno($curl)))
               );
               continue;
             }
@@ -301,12 +300,12 @@ function quarantine($_action, $_data = null) {
             continue;
           }
           else {
-            curl_close($curl);
             $_SESSION['return'][] = array(
               'type' => 'danger',
               'log' => array(__FUNCTION__),
-              'msg' => array('spam_learn_error', 'curl error ' . curl_errno($curl))
+              'msg' => array('spam_learn_error', 'Curl: ' . curl_strerror(curl_errno($curl)))
             );
+            curl_close($curl);
             continue;
           }
           curl_close($curl);

data/web/json_api.php

@@ -164,7 +164,7 @@ if (isset($_SESSION['mailcow_cc_role']) || isset($_SESSION['pending_mailcow_cc_u
             switch ($object) {
               case "actions":
                 $curl = curl_init();
-                curl_setopt($curl, CURLOPT_UNIX_SOCKET_PATH, '/rspamd-sock/rspamd.sock');
+                curl_setopt($curl, CURLOPT_UNIX_SOCKET_PATH, '/var/lib/rspamd/rspamd.sock');
                 curl_setopt($curl, CURLOPT_URL,"http://rspamd/stat");
                 curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
                 $data = curl_exec($curl);

data/web/lang/lang.de.php

@@ -618,7 +618,7 @@ $lang['quarantine']['subj'] = "Betreff";
 $lang['quarantine']['text_plain_content'] = "Inhalt (text/plain)";
 $lang['quarantine']['text_from_html_content'] = "Inhalt (html, konvertiert)";
 $lang['quarantine']['atts'] = "Anhänge";
-$lang['danger']['fuzzy_learn_error'] = "Fuzzy Lernfehler: %s";
+$lang['warning']['fuzzy_learn_error'] = "Fuzzy Lernfehler: %s";
 $lang['danger']['spam_learn_error'] = "Spam Lernfehler: %s";
 $lang['success']['qlearn_spam'] = "Nachricht ID %s wurde als Spam gelernt und gelöscht";
 

data/web/lang/lang.en.php

@@ -631,7 +631,7 @@ $lang['quarantine']['subj'] = "Subject";
 $lang['quarantine']['text_plain_content'] = "Content (text/plain)";
 $lang['quarantine']['text_from_html_content'] = "Content (converted html)";
 $lang['quarantine']['atts'] = "Attachments";
-$lang['danger']['fuzzy_learn_error'] = "Fuzzy hash learn error: %s";
+$lang['warning']['fuzzy_learn_error'] = "Fuzzy hash learn error: %s";
 $lang['danger']['spam_learn_error'] = "Spam learn error: %s";
 $lang['success']['qlearn_spam'] = "Message ID %s was learned as spam and deleted";
 

data/web/lang/lang.nl.php

@@ -592,7 +592,7 @@ $lang['quarantine']['subj'] = "Onderwerp";
 $lang['quarantine']['text_plain_content'] = "Inhoud (tekst)";
 $lang['quarantine']['text_from_html_content'] = "Inhoud (geconverteerde html)";
 $lang['quarantine']['atts'] = "Bijlagen";
-$lang['danger']['fuzzy_learn_error'] = "Fuzzy hash training-fout: %s";
+$lang['warning']['fuzzy_learn_error'] = "Fuzzy hash training-fout: %s";
 $lang['danger']['spam_learn_error'] = "Spamtraining-fout: %s";
 $lang['success']['qlearn_spam'] = "Bericht %s werd als spam geclassificeerd en is verwijderd";
 

docker-compose.yml

@@ -84,7 +84,6 @@ services:
         - ./data/conf/rspamd/override.d/:/etc/rspamd/override.d
         - ./data/conf/rspamd/local.d/:/etc/rspamd/local.d
         - ./data/conf/rspamd/lua/:/etc/rspamd/lua/:ro
-        - rspamd-sock:/rspamd-sock
         - rspamd-vol-1:/var/lib/rspamd
       restart: always
       dns:
@@ -104,7 +103,7 @@ services:
       volumes:
         - ./data/web:/web:rw
         - ./data/conf/rspamd/dynmaps:/dynmaps:ro
-        - rspamd-sock:/rspamd-sock
+        - rspamd-vol-1:/var/lib/rspamd
         - mysql-socket-vol-1:/var/run/mysqld/
         - ./data/conf/rspamd/meta_exporter:/meta_exporter:ro
         - ./data/conf/phpfpm/php-fpm.d/pools.conf:/usr/local/etc/php-fpm.d/z-pools.conf
@@ -171,7 +170,7 @@ services:
         - vmail-vol-1:/var/vmail
         - crypt-vol-1:/mail_crypt/
         - ./data/conf/rspamd/custom/:/etc/rspamd/custom
-        - rspamd-sock:/rspamd-sock
+        - rspamd-vol-1:/var/lib/rspamd
         - mysql-socket-vol-1:/var/run/mysqld/
       environment:
         - LOG_LINES=${LOG_LINES:-9999}
@@ -209,7 +208,7 @@ services:
         - ./data/assets/ssl:/etc/ssl/mail/:ro
         - postfix-vol-1:/var/spool/postfix
         - crypt-vol-1:/var/lib/zeyple
-        - rspamd-sock:/rspamd-sock
+        - rspamd-vol-1:/var/lib/rspamd
         - mysql-socket-vol-1:/var/run/mysqld/
       environment:
         - LOG_LINES=${LOG_LINES:-9999}
@@ -343,7 +342,7 @@ services:
       build: ./data/Dockerfiles/watchdog
       oom_kill_disable: true
       volumes:
-        - rspamd-sock:/rspamd-sock
+        - rspamd-vol-1:/var/lib/rspamd
         - mysql-socket-vol-1:/var/run/mysqld/
       restart: always
       environment:
@@ -406,4 +405,3 @@ volumes:
   rspamd-vol-1:
   postfix-vol-1:
   crypt-vol-1:
-  rspamd-sock: