8 years ago · f13df1ec46
--- a/data/Dockerfiles/rspamd/Dockerfile
+++ b/data/Dockerfiles/rspamd/Dockerfile
@@ -12,12 +12,14 @@ RUN dpkg-divert --local --rename --add /sbin/initctl \
 
				 RUN apt-key adv --fetch-keys http://rspamd.com/apt-stable/gpg.key \
			
 
				     && echo "deb http://rspamd.com/apt-stable/ xenial main" > /etc/apt/sources.list.d/rspamd.list \
			
 
				     && apt-get update \
			
 
				-    && apt-get -y install rspamd ca-certificates
			
 
				+    && apt-get -y install rspamd ca-certificates python-pip
			
 
				 
			
 
				 RUN echo '.include $LOCAL_CONFDIR/local.d/rspamd.conf.local' > /etc/rspamd/rspamd.conf.local
			
 
				 # "Hardcoded" - we need them
			
 
				 RUN echo 'settings = "http://nginx:8081/settings.php";' > /etc/rspamd/modules.d/settings.conf
			
 
				 
			
 
				+RUN pip install -U oletools
			
 
				+
			
 
				 CMD ["/usr/bin/rspamd","-f", "-u", "_rspamd", "-g", "_rspamd"]
			
 
				 
			
 
				 RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
			
--- a/data/conf/rspamd/lua/rspamd.local.lua
+++ b/data/conf/rspamd/lua/rspamd.local.lua
@@ -74,3 +74,39 @@ rspamd_config.ADD_DELIMITER_TAG = {
 
				     return false
			
 
				   end
			
 
				 }
			
 
				+
			
 
				+rspamd_config.MRAPTOR = {
			
 
				+  callback = function(task)
			
 
				+    local parts = task:get_parts()
			
 
				+    local rspamd_logger = require "rspamd_logger"
			
 
				+    local rspamd_regexp = require "rspamd_regexp"
			
 
				+
			
 
				+    if parts then
			
 
				+      for _,p in ipairs(parts) do
			
 
				+        local mtype,subtype = p:get_type()
			
 
				+        local re = rspamd_regexp.create_cached('/(office|word|excel)/i')
			
 
				+        if re:match(subtype) then
			
 
				+          local content = tostring(p:get_content())
			
 
				+          local filename = p:get_filename()
			
 
				+
			
 
				+          local file = os.tmpname()
			
 
				+          f = io.open(file, "a+")
			
 
				+          f:write(content)
			
 
				+          f:close()
			
 
				+
			
 
				+          local scan = assert(io.popen('PATH=/usr/bin:/usr/local/bin mraptor ' .. file .. '> /dev/null 2>&1; echo $?', 'r'))
			
 
				+          local result = scan:read('*all')
			
 
				+          local exit_code = string.match(result, "%d+")
			
 
				+          rspamd_logger.infox(exit_code)
			
 
				+          scan:close()
			
 
				+
			
 
				+          if exit_code == "20" then
			
 
				+            rspamd_logger.infox("Reject dangerous macro in office file " .. filename)
			
 
				+            task:set_pre_result(rspamd_actions['reject'], 'Dangerous macro in office file ' .. filename)
			
 
				+          end
			
 
				+
			
 
				+        end
			
 
				+      end
			
 
				+    end
			
 
				+  end
			
 
				+}