ze-filter  (ze-filter-0.8.0-develop-180218)
ze-oracle-scores.c
Go to the documentation of this file.
1 
2 /*
3  *
4  * ze-filter - Mail Server Filter for sendmail
5  *
6  * Copyright (c) 2001-2018 - Jose-Marcio Martins da Cruz
7  *
8  * Auteur : Jose Marcio Martins da Cruz
9  * jose.marcio.mc@gmail.org
10  *
11  * Historique :
12  * Creation : Mon Apr 24 22:00:19 CEST 2006
13  *
14  * This program is free software, but with restricted license :
15  *
16  *
17  * This program is distributed in the hope that it will be useful,
18  * but WITHOUT ANY WARRANTY; without even the implied warranty of
19  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
20  *
21  * More details about ze-filter license can be found at ze-filter
22  * web site : http://foss.jose-marcio.org
23  */
24 
25 
26 #include <ze-sys.h>
27 #include <ze-filter.h>
28 #include <ze-oracle-scores.h>
29 
30 
31 /* ****************************************************************************
32  * *
33  * *
34  **************************************************************************** */
35 typedef struct {
36  int type;
37  int ind;
38  double score;
39  double pOdds;
40  double nOdds;
41  long count;
42  bool enable;
43  char *msg;
44 } oracle_message_T;
45 
46 static oracle_message_T oracle_messages[] = {
47  /*
48  ** CONNECTION CHECKS
49  */
50  {
51  ORACLE_TYPE_CONN,
52  SPAM_CONN_RESOLVE_FAIL,
53  0.4, 0.0, 0.0, 0, TRUE,
54  "SMTP client resolve failed"},
55  {
56  ORACLE_TYPE_CONN,
57  SPAM_CONN_RESOLVE_FORGED,
58  0.4, 0.0, 0.0, 0, TRUE,
59  "SMTP client resolve forged"},
60  {
61  ORACLE_TYPE_CONN,
62  SPAM_CONN_RESOLVE_TEMPFAIL,
63  0.5, 0.0, 0.0, 0, TRUE,
64  "SMTP client resolve tempfail"},
65  {
66  ORACLE_TYPE_CONN,
67  SPAM_CONN_FALSE_LOCALHOST,
68  1.2, 0.0, 0.0, 0, TRUE,
69  "False localhost DNS declaration"},
70  {
71  ORACLE_TYPE_CONN,
72  SPAM_CONN_BL_SPAMTRAP,
73  1.2, 0.0, 0.0, 0, TRUE,
74  "SMTP client sending mail to spamtrap"},
75  {
76  ORACLE_TYPE_CONN,
77  SPAM_CONN_BAD_EHLO,
78  1.2, 0.0, 0.0, 0, TRUE,
79  "Bad EHLO parameter"},
80  {
81  ORACLE_TYPE_CONN,
82  SPAM_CONN_FORGED_EHLO,
83  1.2, 0.0, 0.0, 0, TRUE,
84  "Myself EHLO parameter - forged"},
85  {
86  ORACLE_TYPE_CONN,
87  SPAM_CONN_RBL,
88  1.2, 0.0, 0.0, 0, TRUE,
89  "SMTP client listed at some RBL"},
90 
91  /*
92  ** MSG CHECKS
93  */
94  {ORACLE_TYPE_MSG,
95  SPAM_MSG_NO_TEXT_PART,
96  0.5, 0.0, 0.0, 0, TRUE,
97  "No HTML nor TEXT parts"},
98  {
99  ORACLE_TYPE_MSG,
100  SPAM_MSG_TOO_MUCH_HTML,
101  0.2, 0.0, 0.0, 0, TRUE, /* 0.5 -> 0.2 14/02/2005 */
102  "text/html without text/plain"},
103  {
104  ORACLE_TYPE_MSG,
105  SPAM_MSG_BAD_DATE,
106  0.4, 50.0, 0.0, 0, TRUE,
107  "bad date"},
108  {
109  ORACLE_TYPE_MSG,
110  SPAM_MSG_FUTURE_DATE,
111  0.4, 50.0, 0.0, 0, TRUE,
112  "date in the future"},
113  {
114  ORACLE_TYPE_MSG,
115  SPAM_MSG_TOO_OLD_DATE,
116  0.4, 1.0, 0.0, 0, TRUE,
117  "too old message"},
118  {
119  ORACLE_TYPE_MSG,
120  SPAM_MSG_UNWANTED_CHARSET,
121  0.4, 0.0, 0.0, 0, TRUE,
122  "unwanted charset"},
123  {
124  ORACLE_TYPE_MSG,
125  SPAM_MSG_BAD_EXPRESSIONS,
126  1., 0.0, 0.0, 0, TRUE, /* XXX */
127  "BAD EXPRESSIONS"},
128  {
129  ORACLE_TYPE_MSG,
130  SPAM_MSG_FORGED_POSTMASTER,
131  1., 0.0, 0.0, 0, TRUE,
132  "Forged postmaster"},
133  {
134  ORACLE_TYPE_MSG,
135  SPAM_MSG_BAD_SENDER_ADDRESS,
136  1., 0.0, 0.0, 0, TRUE,
137  "Invalid sender address"},
138  {
139  ORACLE_TYPE_MSG,
140  SPAM_MSG_BAD_DOMAIN_ADDRESS,
141  1., 0.0, 0.0, 0, TRUE,
142  "Invalid domain address"},
143  {
144  ORACLE_TYPE_MSG,
145  SPAM_MSG_NO_SUBJECT,
146  1., 0.0, 0.0, 0, TRUE,
147  "No Subject header"},
148  {
149  ORACLE_TYPE_MSG,
150  SPAM_MSG_RFC2822_HEADERS,
151  1., 0.0, 0.0, 0, TRUE,
152  "RFC2822 headers compliance"},
153  {
154  ORACLE_TYPE_MSG,
155  SPAM_MSG_HEADERS_SYNTAX,
156  0.5, 0.0, 0.0, 0, TRUE,
157  "Header syntax"},
158  {
159  ORACLE_TYPE_MSG,
160  SPAM_MSG_BASE64,
161  1., 0.0, 0.0, 0, TRUE,
162  "Base 64 encoded message"},
163  {
164  ORACLE_TYPE_MSG,
165  SPAM_MSG_BASE64_SUBJECT,
166  0.5, 0.0, 0.0, 0, TRUE,
167  "Base 64 encoded Subject"},
168  {
169  ORACLE_TYPE_MSG,
170  SPAM_MSG_UNWANTED_BOUNDARY,
171  1., 0.0, 0.0, 0, TRUE, /* XXX */
172  "multipart/* unwanted boundary"},
173  {
174  ORACLE_TYPE_MSG,
175  SPAM_MSG_HAS_BADRCPT,
176  1.2, 0.0, 0.0, 0, TRUE,
177  "message with bad recipients"},
178  {
179  ORACLE_TYPE_MSG,
180  SPAM_MSG_MIME_ERRORS,
181  1., 0.0, 0.0, 0, TRUE,
182  "MIME errors"},
183  {
184  ORACLE_TYPE_MSG,
185  SPAM_MSG_UNWANTED_MAILER,
186  1., 0.0, 0.0, 0, TRUE,
187  "unwanted mailer"},
188  {
189  ORACLE_TYPE_MSG,
190  SPAM_MSG_MATCH_MIME_PARTS,
191  0.5, 0.0, 0.0, 0, TRUE,
192  "text text/html parts don't match"},
193  {
194  ORACLE_TYPE_MSG,
195  SPAM_MSG_HAS_SPAMTRAP,
196  2., 0.0, 0.0, 0, TRUE,
197  "message with spamtrap recipient"},
198  {
199  ORACLE_TYPE_MSG,
200  SPAM_MSG_TOO_SHORT,
201  1., 0.0, 0.0, 0, TRUE, /* XXX */
202  "message too short"},
203  {
204  ORACLE_TYPE_MSG,
205  SPAM_MSG_BAD_NULL_SENDER,
206  2., 0.0, 0.0, 0, TRUE,
207  "bad NULL sender"},
208  {
209  ORACLE_TYPE_MSG,
210  SPAM_MSG_SUBJECT_HI_CAPS,
211  0.5, 0.0, 0.0, 0, TRUE,
212  "HI CAPS Subject"},
213  {
214  ORACLE_TYPE_MSG,
215  SPAM_MSG_CONTENT_ID,
216  2., 0.0, 0.0, 0, TRUE,
217  "Unwanted MIME part with Content-ID"},
218  {
219  ORACLE_TYPE_MSG,
220  SPAM_MSG_EMPTY_ATTACHMENT,
221  2., 0.0, 0.0, 0, TRUE,
222  "Message with an empty attachment"},
223  {
224  ORACLE_TYPE_MSG,
225  SPAM_MSG_SUBJECT_NO_ALPHA,
226  0.5, 0.0, 0.0, 0, TRUE,
227  "No alpha Subject"},
228 
229  /*
230  ** TEXT/PLAIN CHECKS
231  */
232  {
233  ORACLE_TYPE_PLAIN,
234  SPAM_PLAIN_EMPTY,
235  1., 0.0, 0.0, 0, TRUE,
236  "text/plain empty"},
237  {
238  ORACLE_TYPE_PLAIN,
239  SPAM_PLAIN_BASE64,
240  0.5, 0.0, 0.0, 0, TRUE,
241  "text/plain encoded base64"},
242  {
243  ORACLE_TYPE_PLAIN,
244  SPAM_PLAIN_NO_CHARSET,
245  0.2, 0., 0.0, 0, TRUE,
246  "text/plain wo charset"},
247  {
248  ORACLE_TYPE_PLAIN,
249  SPAM_PLAIN_TOO_SHORT,
250  0.2, 0.0, 0.0, 0, TRUE,
251  "text/plain too short"},
252 
253  /*
254  ** TEXT/HTML CHECKS
255  */
256  {
257  ORACLE_TYPE_HTML,
258  SPAM_HTML_CLEAN_TOO_SHORT,
259  0.8, 0.0, 0.0, 0, TRUE,
260  "cleaned HTML part too short"},
261  {
262  ORACLE_TYPE_HTML,
263  SPAM_HTML_BASE64,
264  0.5, 0.0, 0.0, 0, TRUE,
265  "text/html encoded base64"},
266  {
267  ORACLE_TYPE_HTML,
268  SPAM_HTML_UNWANTED_TAGS, /* XXX */
269  0.5, 0.0, 0.0, 0, TRUE, /* 1.0 -> 0.5 x nb of tags 28/09/2005 */
270  "HTML with unwanted tags"},
271  {
272  ORACLE_TYPE_HTML,
273  SPAM_HTML_TAGS_RATIO,
274  0.5, 0.0, 0.0, 0, TRUE, /* 1.0 -> 0.5 14/02/2005 */
275  "HTML tag/text ratio"},
276  {
277  ORACLE_TYPE_HTML,
278  SPAM_HTML_INVALID_TAGS,
279  0.3, 0.0, 0.0, 0, TRUE,
280  "invalid HTML tags"},
281 
282  {
283  ORACLE_TYPE_GLOB,
284  SPAM_GLOB_TAGGED,
285  0.0, 0.0, 0.0, 0, TRUE,
286  "number of tagged messages"},
287 
288  {-1, -1, 0., 0.0, 0.0, 0, TRUE, NULL}
289 };
290 
291 /* ****************************************************************************
292  * *
293  * *
294  **************************************************************************** */
295 static pthread_mutex_t ora_mutex = PTHREAD_MUTEX_INITIALIZER;
296 
297 #define ORACLE_DATA_LOCK() MUTEX_LOCK(&ora_mutex)
298 #define ORACLE_DATA_UNLOCK() MUTEX_UNLOCK(&ora_mutex)
299 
300 static kstats_T st_ora_global = KSTATS_INITIALIZER;
301 static kstats_T st_ora_tagged = KSTATS_INITIALIZER;
302 static long nb_tag = 0;
303 static long nb_tot = 0;
304 
305 /* ****************************************************************************
306  * *
307  * *
308  **************************************************************************** */
309 void
310 oracle_stats_update(score)
311  int score;
312 {
313  ORACLE_DATA_LOCK();
314  zeKStatsUpdate(&st_ora_global, (double) score);
315  nb_tot++;
316  if (score > 0) {
317  zeKStatsUpdate(&st_ora_tagged, (double) score);
318  nb_tag++;
319  }
320  ORACLE_DATA_UNLOCK();
321 }
322 
323 /* ****************************************************************************
324  * *
325  * *
326  **************************************************************************** */
327 void
328 oracle_stats_get(gm, gs, gnb, tm, ts, tnb)
329  double *gm;
330  double *gs;
331  long *gnb;
332  double *tm;
333  double *ts;
334  long *tnb;
335 {
336  ORACLE_DATA_LOCK();
337  if (gm != NULL)
338  *gm = zeKMean(&st_ora_global);
339  if (gs != 0)
340  *gs = zeKStdDev(&st_ora_global);
341  if (gnb != NULL)
342  *gnb = nb_tot;
343 
344  if (tm != NULL)
345  *tm = zeKMean(&st_ora_tagged);
346  if (ts != 0)
347  *ts = zeKStdDev(&st_ora_tagged);
348  if (tnb != NULL)
349  *tnb = nb_tag;
350 
351  ORACLE_DATA_UNLOCK();
352 }
353 
354 
355 /* ****************************************************************************
356  * *
357  * *
358  **************************************************************************** */
359 char *
360 oracle_get_label(type, ind)
361  int type;
362  int ind;
363 {
364  oracle_message_T *p = oracle_messages;
365 
366  while (p->type >= 0) {
367  if ((p->type == type) && (p->ind == ind))
368  return p->msg;
369  p++;
370  }
371  return "";
372 }
373 
374 /* ****************************************************************************
375  * *
376  * *
377  **************************************************************************** */
378 double
379 oracle_get_podds(type, ind)
380  int type;
381  int ind;
382 {
383  double odds = 0.;
384  oracle_message_T *p = oracle_messages;
385 
386  ORACLE_DATA_LOCK();
387  while (p->type >= 0) {
388  if ((p->type == type) && (p->ind == ind)) {
389  odds = p->pOdds;
390  break;
391  }
392  p++;
393  }
394  ORACLE_DATA_UNLOCK();
395 
396  return odds;
397 }
398 
399 /* ****************************************************************************
400  * *
401  * *
402  **************************************************************************** */
403 bool
404 oracle_set_podds(type, ind, value)
405  int type;
406  int ind;
407  double value;
408 {
409  bool result = FALSE;
410  oracle_message_T *p = oracle_messages;
411 
412  ORACLE_DATA_LOCK();
413  while (p->type >= 0) {
414  if ((p->type == type) && (p->ind == ind)) {
415  p->pOdds = value;
416  result = TRUE;
417  break;
418  }
419  p++;
420  }
421  ORACLE_DATA_UNLOCK();
422 
423  return result;
424 }
425 
426 /* ****************************************************************************
427  * *
428  * *
429  **************************************************************************** */
430 double
431 oracle_get_nodds(type, ind)
432  int type;
433  int ind;
434 {
435  double odds = 0.;
436  oracle_message_T *p = oracle_messages;
437 
438  ORACLE_DATA_LOCK();
439  while (p->type >= 0) {
440  if ((p->type == type) && (p->ind == ind)) {
441  odds = p->nOdds;
442  break;
443  }
444  p++;
445  }
446  ORACLE_DATA_UNLOCK();
447 
448  return odds;
449 }
450 
451 /* ****************************************************************************
452  * *
453  * *
454  **************************************************************************** */
455 bool
456 oracle_set_nodds(type, ind, value)
457  int type;
458  int ind;
459  double value;
460 {
461  bool result = FALSE;
462  oracle_message_T *p = oracle_messages;
463 
464  ORACLE_DATA_LOCK();
465  while (p->type >= 0) {
466  if ((p->type == type) && (p->ind == ind)) {
467  p->nOdds = value;
468  result = TRUE;
469  break;
470  }
471  p++;
472  }
473  ORACLE_DATA_UNLOCK();
474 
475  return result;
476 }
477 
478 /* ****************************************************************************
479  * *
480  * *
481  **************************************************************************** */
482 double
483 oracle_get_score(type, ind)
484  int type;
485  int ind;
486 {
487  double score = 0.;
488  oracle_message_T *p = oracle_messages;
489 
490  ORACLE_DATA_LOCK();
491  while (p->type >= 0) {
492  if ((p->type == type) && (p->ind == ind)) {
493  score = p->score;
494  break;
495  }
496  p++;
497  }
498  ORACLE_DATA_UNLOCK();
499 
500  return score;
501 }
502 
503 /* ****************************************************************************
504  * *
505  * *
506  **************************************************************************** */
507 bool
508 oracle_set_score(type, ind, value)
509  int type;
510  int ind;
511  double value;
512 {
513  bool result = FALSE;
514  oracle_message_T *p = oracle_messages;
515 
516  ORACLE_DATA_LOCK();
517  while (p->type >= 0) {
518  if ((p->type == type) && (p->ind == ind)) {
519  p->score = value;
520  result = TRUE;
521  break;
522  }
523  p++;
524  }
525  ORACLE_DATA_UNLOCK();
526 
527  return result;
528 }
529 
530 /* ****************************************************************************
531  * *
532  * *
533  **************************************************************************** */
534 
535 long
536 oracle_get_count(type, ind)
537  int type;
538  int ind;
539 {
540  long count = 0;
541  oracle_message_T *p = oracle_messages;
542 
543  ORACLE_DATA_LOCK();
544  while (p->type >= 0) {
545  if ((p->type == type) && (p->ind == ind)) {
546  count = p->count;
547  break;
548  }
549  p++;
550  }
551  ORACLE_DATA_UNLOCK();
552 
553  return count;
554 }
555 
556 /* ****************************************************************************
557  * *
558  * *
559  **************************************************************************** */
560 long
561 oracle_set_count(type, ind, value)
562  int type;
563  int ind;
564  long value;
565 {
566  long count = 0;
567  oracle_message_T *p = oracle_messages;
568 
569  ORACLE_DATA_LOCK();
570  while (p->type >= 0) {
571  if ((p->type == type) && (p->ind == ind)) {
572  count = p->count = value;
573  break;
574  }
575  p++;
576  }
577  ORACLE_DATA_UNLOCK();
578 
579  return count;
580 }
581 
582 /* ****************************************************************************
583  * *
584  * *
585  **************************************************************************** */
586 long
587 oracle_inc_count(type, ind)
588  int type;
589  int ind;
590 {
591  long count = 0;
592  oracle_message_T *p = oracle_messages;
593 
594  ORACLE_DATA_LOCK();
595  while (p->type >= 0) {
596  if ((p->type == type) && (p->ind == ind)) {
597  count = ++p->count;
598  break;
599  }
600  p++;
601  }
602  ORACLE_DATA_UNLOCK();
603 
604  return count;
605 }
606 
607 /* ****************************************************************************
608  * *
609  * *
610  **************************************************************************** */
611 #define MINCNT 0
612 
613 bool
614 oracle_dump_counters(fd, verbose)
615  int fd;
616  bool verbose;
617 {
618 #if 0
619  int type;
620  int ind;
621  oracle_message_T *p = oracle_messages;
622 #endif
623  char *p;
624 
625  bool CloseOnQuit = (fd < 0);
626 
627  if (fd < 0) {
628  char fname[256];
629 
630  if (((p = cf_get_str(CF_ORACLE_STATS_FILE)) == NULL) || (strlen(p) == 0))
631  return TRUE;
632 
633  if (p[0] == '/')
634  strlcpy(fname, p, sizeof (fname));
635  else
636  snprintf(fname, sizeof (fname), "%s/%s", cf_get_str(CF_WORKDIR), p);
637 
638  if ((fd = open(fname, O_WRONLY | O_TRUNC | O_CREAT, 0644)) < 0) {
639  ZE_LogSysError("Error opening %s file ", fname);
640  return FALSE;
641  }
642  }
643 
644  if (fd >= 0) {
645  char s[256];
646  struct tm tm;
647  time_t now = time(NULL);
648  int i;
649  long nb;
650  long total = 0;
651  char *label;
652 
653  if (localtime_r(&now, &tm) != NULL)
654  strftime(s, sizeof (s), "%b %e %T", &tm);
655  else
656  memset(s, 0, sizeof (s));
657 
658  FD_PRINTF(fd, "++++++++++++++++ %ld %s\n", (long) now, s);
659 
660  /*
661  **
662  */
663  for (i = 0; i < SPAM_CONN_NB; i++) {
664  nb = oracle_get_count(ORACLE_TYPE_CONN, i);
665  if (verbose)
666  label = oracle_get_label(ORACLE_TYPE_CONN, i);
667  else
668  label = "";
669 
670  if (nb <= MINCNT)
671  continue;
672 
673  total += nb;
674 
675  FD_PRINTF(fd, "C%02d %6ld - %5.2f %s\n", i, nb,
676  oracle_get_score(ORACLE_TYPE_CONN, i), STRNULL(label, ""));
677  }
678 
679  /*
680  **
681  */
682  for (i = 0; i < SPAM_MSG_NB; i++) {
683  nb = oracle_get_count(ORACLE_TYPE_MSG, i);
684  if (verbose)
685  label = oracle_get_label(ORACLE_TYPE_MSG, i);
686  else
687  label = "";
688 
689  if (nb <= MINCNT)
690  continue;
691 
692  total += nb;
693 
694  FD_PRINTF(fd, "M%02d %6ld - %5.2f %s\n", i, nb,
695  oracle_get_score(ORACLE_TYPE_MSG, i), STRNULL(label, ""));
696  }
697 
698  /*
699  **
700  */
701  for (i = 0; i < SPAM_PLAIN_NB; i++) {
702  nb = oracle_get_count(ORACLE_TYPE_PLAIN, i);
703  if (verbose)
704  label = oracle_get_label(ORACLE_TYPE_PLAIN, i);
705  else
706  label = "";
707 
708  if (nb <= MINCNT)
709  continue;
710 
711  total += nb;
712 
713  FD_PRINTF(fd, "P%02d %6ld - %5.2f %s\n", i, nb,
714  oracle_get_score(ORACLE_TYPE_PLAIN, i), STRNULL(label, ""));
715  }
716 
717  /*
718  **
719  */
720  for (i = 0; i < SPAM_HTML_NB; i++) {
721  nb = oracle_get_count(ORACLE_TYPE_HTML, i);
722  if (verbose)
723  label = oracle_get_label(ORACLE_TYPE_HTML, i);
724  else
725  label = "";
726 
727  if (nb <= MINCNT)
728  continue;
729 
730  total += nb;
731 
732  FD_PRINTF(fd, "H%02d %6ld - %5.2f %s\n", i, nb,
733  oracle_get_score(ORACLE_TYPE_HTML, i), STRNULL(label, ""));
734  }
735 
736  if (total > 0)
737  FD_PRINTF(fd, "TOTAL %6ld\n", total);
738 
739  {
740  double gm, gs, tm, ts;
741  long gnb, tnb;
742 
743  oracle_stats_get(&gm, &gs, &gnb, &tm, &ts, &tnb);
744 
745  FD_PRINTF(fd, "MSGS : TOTAL - NB %8ld - MEAN %6.3f - STDDEV %6.3f\n",
746  gnb, gm, gs);
747  FD_PRINTF(fd, "MSGS : TAGGED - NB %8ld - MEAN %6.3f - STDDEV %6.3f\n",
748  tnb, tm, ts);
749  }
750 
751  if (CloseOnQuit)
752  close(fd);
753  }
754 
755  return TRUE;
756 }
757 
758 /* ****************************************************************************
759  * *
760  * *
761  **************************************************************************** */
762 bool
763 oracle_read_counters()
764 {
765 #if 0
766  int type;
767  int ind;
768  oracle_message_T *p = oracle_messages;
769 
770  ORACLE_DATA_LOCK();
771 
772  ORACLE_DATA_UNLOCK();
773 #endif
774  return TRUE;
775 }
776 
777 /* ****************************************************************************
778  * *
779  * *
780  **************************************************************************** */
781 bool
782 oracle_save_counters()
783 {
784 #if 0
785  int type;
786  int ind;
787  oracle_message_T *p = oracle_messages;
788 
789  ORACLE_DATA_LOCK();
790 
791  ORACLE_DATA_UNLOCK();
792 #endif
793  return TRUE;
794 }
795 
796 /* ****************************************************************************
797  * *
798  * *
799  **************************************************************************** */
800 bool
801 oracle_read_scores()
802 {
803 #if 0
804  int type;
805  int ind;
806  oracle_message_T *p = oracle_messages;
807 
808  ORACLE_DATA_LOCK();
809 
810  ORACLE_DATA_UNLOCK();
811 #endif
812  return TRUE;
813 }
814 
815 /* ****************************************************************************
816  * *
817  * *
818  **************************************************************************** */
819 #define KEYVALUE "^[a-z0-9_-]+=[^ \t]+"
820 
821 static int
822 read_oracle_def_string(v, arg)
823  void *v;
824  void *arg;
825 {
826  char *s = (char *) v;
827  int type = -1;
828  int ind = -1;
829  bool enable = TRUE;
830  double score = -1.;
831  double odds = 0.;
832 
833  switch (tolower(*s)) {
834  case 'c':
835  type = ORACLE_TYPE_CONN;
836  break;
837  case 'm':
838  type = ORACLE_TYPE_MSG;
839  break;
840  case 'p':
841  type = ORACLE_TYPE_PLAIN;
842  break;
843  case 'h':
844  type = ORACLE_TYPE_HTML;
845  break;
846  default:
847  type = -1;
848  }
849  if (type < 0)
850  return 0;
851 
852  s++;
853  if (!isdigit(*s))
854  return 0;
855  ind = atoi(s);
856  SKIP_DIGITS(s);
857  if (!isspace(*s))
858  return 0;
859 
860  enable = FALSE;
861 
862  SKIP_SPACES(s);
863 
864  while (strlen(s) > 0) {
865  long pi, pf;
866 
867  if (strncasecmp(s, "ENABLE", strlen("ENABLE")) == 0) {
868  enable = TRUE;
869  SKIP_ALPHAS(s);
870  SKIP_SPACES(s);
871  continue;
872  }
873 
874  if (strncasecmp(s, "DISABLE", strlen("DISABLE")) == 0) {
875  enable = FALSE;
876  SKIP_ALPHAS(s);
877  SKIP_SPACES(s);
878  continue;
879  }
880 
881  while (zeStrRegex(s, KEYVALUE, &pi, &pf, TRUE)) {
882  char *key, *val;
883 
884  if (pi != 0)
885  break;
886 
887  key = s;
888  val = strchr(s, '=');
889  *val++ = '\0';
890 
891  s += pf;
892  *s++ = '\0';
893 
894  ZE_MessageInfo(19, "KEY = (%s) VALUE = (%s)\n", key, val);
895 
896  if (STRCASEEQUAL(key, "score")) {
897  if (strspn(val, "0123456789.") == strlen(val))
898  score = atof(val);
899  else
900  ZE_MessageWarning(9, "Non numeric value found... %s=%s", key, val);
901  }
902 
903  if (STRCASEEQUAL(key, "odds")) {
904  if (strspn(val, "0123456789.") == strlen(val)) {
905  double v;
906 
907  v = atof(val);
908  if (v > 0.)
909  odds = log(v);
910  } else
911  ZE_MessageWarning(9, "Non numeric value found... %s=%s", key, val);
912  }
913 #if 0
914  if (STRCASEEQUAL(key, "action")) {
915  strlcpy(r.action, val, sizeof (r.action));
916  }
917 #endif
918 
919  SKIP_SPACES(s);
920  continue;
921  }
922 
923  break;
924  }
925 
926  {
927  oracle_message_T *p = oracle_messages;
928 
929  ORACLE_DATA_LOCK();
930 
931  while (p->type >= 0) {
932  if ((p->type == type) && (p->ind == ind)) {
933  if (score >= 0)
934  p->score = score;
935  /*
936  * if (odds != 0.)
937  */
938  p->pOdds = odds;
939  p->enable = enable;
940  /*
941  * result = TRUE;
942  */
943  break;
944  }
945  p++;
946  }
947 
948  ORACLE_DATA_UNLOCK();
949  }
950 
951  return 0;
952 }
953 
954 static bool
955 read_it(path, tag)
956  char *path;
957  char *tag;
958 {
959  int r;
960 
961  r = zm_RdFile(path, tag, read_oracle_def_string, NULL);
962 
963  return r >= 0;
964 }
965 
966 bool
967 load_oracle_defs(cfdir, fname)
968  char *cfdir;
969  char *fname;
970 {
971  bool result;
972 
973  ASSERT(fname != NULL);
974 
975  result =
976  read_conf_data_file(cfdir, fname, "ze-oracle:oracle-scores", read_it);
977 
978  return result;
979 }
980 
981 /* ****************************************************************************
982  * *
983  * *
984  **************************************************************************** */
985 void
986 dump_oracle_defs()
987 {
988  oracle_message_T *q = oracle_messages;
989  char *prefix = "RCMHP.";
990  int otype = -1;
991 
992  printf("\n");
993  printf("<ORACLE-SCORES>\n");
994  for (q = oracle_messages; q->type >= 0; q++) {
995  char c = '.';
996  char sa[16];
997 
998  if (otype != q->type)
999  printf("\n");
1000  otype = q->type;
1001 
1002  if (q->type >= 0 && q->type < strlen(prefix))
1003  c = prefix[q->type];
1004 
1005  if (c == '.')
1006  continue;
1007 
1008  memset(sa, 0, sizeof (sa));
1009  snprintf(sa, sizeof (sa), "odds=%.3f", exp(q->pOdds));
1010  printf("%c%02d %-8s %-15s %s\n", c, q->ind,
1011  STRBOOL(q->enable, "ENABLE", "DISABLE"), sa, q->msg);
1012  }
1013  printf("</ORACLE-SCORES>\n");
1014  printf("\n");
1015 }
1016 
1017 /* ****************************************************************************
1018  * *
1019  * *
1020  **************************************************************************** */
1021 bool
1022 oracle_check_enabled(type, ind)
1023  int type;
1024  int ind;
1025 {
1026  bool enable = FALSE;
1027 
1028  oracle_message_T *p = oracle_messages;
1029 
1030  /*
1031  * XXX shall this loop be locked ???
1032  */
1033  ORACLE_DATA_LOCK();
1034  while (p->type >= 0) {
1035  if ((p->type == type) && (p->ind == ind)) {
1036  enable = p->enable;
1037  break;
1038  }
1039  p++;
1040  }
1041  ORACLE_DATA_UNLOCK();
1042 
1043  return enable;
1044 }
1045 
1046 /* ****************************************************************************
1047  * *
1048  * *
1049  **************************************************************************** */
1050 int
1051 oracle_compute_score(id, ip, data)
1052  char *id;
1053  char *ip;
1054  spamchk_T *data;
1055 {
1056  int i;
1057  char *msg = NULL;
1058  double value = 0., score = 0., v;
1059 
1060  double odds;
1061 
1062  if (data == NULL)
1063  return 0;
1064 
1065  id = STRNULL(id, "00000000.000");
1066  ip = STRNULL(ip, "0.0.0.0");
1067 
1068  bestof_init(&data->best, 5, NULL);
1069 
1070  for (i = 0; i < (8 * sizeof (uint32_t)); i++) {
1071  if (oracle_check_enabled(ORACLE_TYPE_CONN, i)) {
1072  if (GET_BIT(data->flags.conn, i)) {
1073  odds = oracle_get_podds(ORACLE_TYPE_CONN, i);
1074  bestof_add(&data->best, odds);
1075 
1076  value = oracle_get_score(ORACLE_TYPE_CONN, i);
1077  if (TRUE || value > 0) {
1078  oracle_inc_count(ORACLE_TYPE_CONN, i);
1079  v = 1.;
1080  switch (i) {
1081  case SPAM_CONN_RESOLVE_FAIL:
1082  break;
1083  case SPAM_CONN_RESOLVE_FORGED:
1084  break;
1085  case SPAM_CONN_RESOLVE_TEMPFAIL:
1086  break;
1087  case SPAM_CONN_BL_SPAMTRAP:
1088  break;
1089  case SPAM_CONN_FALSE_LOCALHOST:
1090  break;
1091  case SPAM_CONN_BAD_EHLO:
1092  break;
1093  case SPAM_CONN_FORGED_EHLO:
1094  break;
1095  case SPAM_CONN_RBL:
1096  break;
1097  }
1098  msg = oracle_get_label(ORACLE_TYPE_CONN, i);
1099  if (cf_get_int(CF_LOG_LEVEL_ORACLE) >= 1)
1100  ZE_MessageInfo(9, "%s ORACLE - C%02d %s (%6.1f)", id, i, msg,
1101  value * v);
1102  score += value * v;
1103  }
1104  } else {
1105  odds = oracle_get_nodds(ORACLE_TYPE_CONN, i);
1106  bestof_add(&data->best, odds);
1107  }
1108  }
1109  }
1110 
1111  for (i = 0; i < (8 * sizeof (uint32_t)); i++) {
1112  if (oracle_check_enabled(ORACLE_TYPE_MSG, i)) {
1113  if (GET_BIT(data->flags.msg, i)) {
1114  odds = oracle_get_podds(ORACLE_TYPE_MSG, i);
1115  bestof_add(&data->best, odds);
1116 
1117  value = oracle_get_score(ORACLE_TYPE_MSG, i);
1118  if (TRUE || value > 0) {
1119  oracle_inc_count(ORACLE_TYPE_MSG, i);
1120  v = 1.;
1121  switch (i) {
1122  case SPAM_MSG_NO_TEXT_PART:
1123  break;
1124  case SPAM_MSG_TOO_MUCH_HTML:
1125  break;
1126  case SPAM_MSG_BAD_DATE:
1127  break;
1128  case SPAM_MSG_FUTURE_DATE:
1129  break;
1130  case SPAM_MSG_TOO_OLD_DATE:
1131  break;
1132  case SPAM_MSG_UNWANTED_CHARSET:
1133  break;
1134  case SPAM_MSG_BAD_EXPRESSIONS:
1135  v = data->msg_bad_expressions;
1136  break;
1137  case SPAM_MSG_FORGED_POSTMASTER:
1138  break;
1139  case SPAM_MSG_BAD_SENDER_ADDRESS:
1140  break;
1141  case SPAM_MSG_BAD_DOMAIN_ADDRESS:
1142  break;
1143  case SPAM_MSG_NO_SUBJECT:
1144  break;
1145  case SPAM_MSG_RFC2822_HEADERS:
1146  v = data->nb_rfc2822_hdrs_errors;
1147  break;
1148  case SPAM_MSG_HEADERS_SYNTAX:
1149  v = data->headers_syntax_errors;
1150  break;
1151  case SPAM_MSG_BASE64:
1152  break;
1153  case SPAM_MSG_BASE64_SUBJECT:
1154  break;
1155  case SPAM_MSG_UNWANTED_BOUNDARY:
1156  break;
1157  case SPAM_MSG_HAS_BADRCPT:
1158  v = data->nb_badrcpt;
1159  if (v > 4.)
1160  v = 4.;
1161  break;
1162  case SPAM_MSG_MIME_ERRORS:
1163  v = (double) data->mime_errors;
1164  break;
1165  case SPAM_MSG_UNWANTED_MAILER:
1166  break;
1167  case SPAM_MSG_MATCH_MIME_PARTS:
1168  /*
1169  * v = data->nb_diff_html_plain;
1170  */
1171  break;
1172  case SPAM_MSG_HAS_SPAMTRAP:
1173  break;
1174  case SPAM_MSG_TOO_SHORT:
1175  break;
1176  case SPAM_MSG_BAD_NULL_SENDER:
1177  break;
1178  case SPAM_MSG_SUBJECT_HI_CAPS:
1179  break;
1180  case SPAM_MSG_CONTENT_ID:
1181  break;
1182  case SPAM_MSG_EMPTY_ATTACHMENT:
1183  break;
1184  case SPAM_MSG_SUBJECT_NO_ALPHA:
1185  break;
1186  }
1187  msg = oracle_get_label(ORACLE_TYPE_MSG, i);
1188  if (cf_get_int(CF_LOG_LEVEL_ORACLE) >= 1)
1189  ZE_MessageInfo(9, "%s ORACLE - M%02d %s (%6.1f)", id, i, msg,
1190  value * v);
1191  score += value * v;
1192  }
1193  } else {
1194  odds = oracle_get_nodds(ORACLE_TYPE_MSG, i);
1195  bestof_add(&data->best, odds);
1196  }
1197  }
1198  }
1199 
1200  for (i = 0; i < (8 * sizeof (uint32_t)); i++) {
1201  if (oracle_check_enabled(ORACLE_TYPE_PLAIN, i)) {
1202  if (GET_BIT(data->flags.plain, i)) {
1203  odds = oracle_get_podds(ORACLE_TYPE_PLAIN, i);
1204  bestof_add(&data->best, odds);
1205 
1206  value = oracle_get_score(ORACLE_TYPE_PLAIN, i);
1207  if (TRUE || value > 0) {
1208  oracle_inc_count(ORACLE_TYPE_PLAIN, i);
1209  v = 1.;
1210  switch (i) {
1211  case SPAM_PLAIN_EMPTY:
1212  break;
1213  case SPAM_PLAIN_BASE64:
1214  break;
1215  case SPAM_PLAIN_NO_CHARSET:
1216  break;
1217  case SPAM_PLAIN_TOO_SHORT:
1218  break;
1219  }
1220  msg = oracle_get_label(ORACLE_TYPE_PLAIN, i);
1221  if (cf_get_int(CF_LOG_LEVEL_ORACLE) >= 1)
1222  ZE_MessageInfo(9, "%s ORACLE - P%02d %s (%6.1f)", id, i, msg,
1223  value * v);
1224  score += value * v;
1225  }
1226  } else {
1227  odds = oracle_get_nodds(ORACLE_TYPE_PLAIN, i);
1228  bestof_add(&data->best, odds);
1229  }
1230  }
1231  }
1232 
1233  for (i = 0; i < (8 * sizeof (uint32_t)); i++) {
1234  if (oracle_check_enabled(ORACLE_TYPE_HTML, i)) {
1235  if (GET_BIT(data->flags.html, i)) {
1236  odds = oracle_get_podds(ORACLE_TYPE_HTML, i);
1237  bestof_add(&data->best, odds);
1238 
1239  value = oracle_get_score(ORACLE_TYPE_HTML, i);
1240  if (TRUE || value > 0) {
1241  oracle_inc_count(ORACLE_TYPE_HTML, i);
1242  v = 1.;
1243  switch (i) {
1244  case SPAM_HTML_CLEAN_TOO_SHORT:
1245  break;
1246  case SPAM_HTML_BASE64:
1247  break;
1248  case SPAM_HTML_UNWANTED_TAGS:
1249  v = data->html_unwanted_tags;
1250  break;
1251  case SPAM_HTML_TAGS_RATIO:
1252  break;
1253  case SPAM_HTML_INVALID_TAGS:
1254  v = data->html_invalid_tags;
1255  break;
1256  }
1257  msg = oracle_get_label(ORACLE_TYPE_HTML, i);
1258  if (cf_get_int(CF_LOG_LEVEL_ORACLE) >= 1)
1259  ZE_MessageInfo(9, "%s ORACLE - H%02d %s (%6.1f)", id, i, msg,
1260  value * v);
1261  score += value * v;
1262  }
1263  } else {
1264  odds = oracle_get_nodds(ORACLE_TYPE_HTML, i);
1265  bestof_add(&data->best, odds);
1266  }
1267  }
1268  }
1269 
1270  ZE_MessageInfo(12, "%s ->Computed ORACLE score is %5.2f ...", id, score);
1271 
1272  {
1273  double lam = 0.0;
1274 
1275  odds = bestof_average(&data->best);
1276  lam = 1. / (1 + exp(-odds));
1277 
1278  data->scores.noracle = lam;
1279 
1280  ZE_MessageInfo(12,
1281  "%s ->Computed ORACLE score is %5.2f odds=%6.3f lam=%6.3f...",
1282  id, score, odds, lam);
1283  }
1284 
1285  return ((int) floor(score + 0.5));
1286 }
spamchk_T::msg_bad_expressions
int msg_bad_expressions
Definition: ze-chkcontent.h:113
oracle_save_counters
bool oracle_save_counters()
Definition: ze-oracle-scores.c:782
SKIP_DIGITS
#define SKIP_DIGITS(s)
Definition: macros.h:185
oracle_message_T::ind
int ind
Definition: ze-oracle-scores.c:37
STRBOOL
#define STRBOOL(x, t, f)
Definition: macros.h:87
oracle_set_nodds
bool oracle_set_nodds(int type, int ind, double value)
Definition: ze-oracle-scores.c:456
zm_RdFile
int zm_RdFile(char *fname, char *tag, RDFILE_F f, void *arg)
Definition: zeRdFile.c:185
SPAM_MSG_NO_SUBJECT
#define SPAM_MSG_NO_SUBJECT
Definition: ze-oracle-scores.h:66
spamchk_T::html_unwanted_tags
int html_unwanted_tags
Definition: ze-chkcontent.h:111
KEYVALUE
#define KEYVALUE
Definition: ze-oracle-scores.c:819
ORACLE_TYPE_GLOB
#define ORACLE_TYPE_GLOB
Definition: ze-oracle-scores.h:101
spamchk_T
Definition: ze-chkcontent.h:55
ASSERT
#define ASSERT(a)
Definition: macros.h:27
SPAM_MSG_BASE64
#define SPAM_MSG_BASE64
Definition: ze-oracle-scores.h:69
bestof_init
bool bestof_init(bestof_T *b, int dim, bestcomp_F bcmp)
Definition: ze-bestof-n.c:51
SPAM_MSG_TOO_OLD_DATE
#define SPAM_MSG_TOO_OLD_DATE
Definition: ze-oracle-scores.h:60
SPAM_CONN_RESOLVE_FAIL
#define SPAM_CONN_RESOLVE_FAIL
Definition: ze-oracle-scores.h:33
oracle_message_T
Definition: ze-oracle-scores.c:35
CF_ORACLE_STATS_FILE
#define CF_ORACLE_STATS_FILE
Definition: cfh-defs.h:127
SPAM_MSG_BAD_SENDER_ADDRESS
#define SPAM_MSG_BAD_SENDER_ADDRESS
Definition: ze-oracle-scores.h:64
SPAM_CONN_FALSE_LOCALHOST
#define SPAM_CONN_FALSE_LOCALHOST
Definition: ze-oracle-scores.h:36
SPAM_MSG_HAS_SPAMTRAP
#define SPAM_MSG_HAS_SPAMTRAP
Definition: ze-oracle-scores.h:76
STRNULL
#define STRNULL(x, r)
Definition: macros.h:81
SPAM_HTML_UNWANTED_TAGS
#define SPAM_HTML_UNWANTED_TAGS
Definition: ze-oracle-scores.h:45
SPAM_MSG_TOO_MUCH_HTML
#define SPAM_MSG_TOO_MUCH_HTML
Definition: ze-oracle-scores.h:57
oracle_read_counters
bool oracle_read_counters()
Definition: ze-oracle-scores.c:763
msg_flags_T::conn
uint32_t conn
Definition: ze-chkcontent.h:36
SKIP_SPACES
#define SKIP_SPACES(s)
Definition: macros.h:171
oracle_compute_score
int oracle_compute_score(char *id, char *ip, spamchk_T *data)
Definition: ze-oracle-scores.c:1051
bestof_average
double bestof_average(bestof_T *b)
Definition: ze-bestof-n.c:97
FALSE
#define FALSE
Definition: macros.h:160
SPAM_PLAIN_TOO_SHORT
#define SPAM_PLAIN_TOO_SHORT
Definition: ze-oracle-scores.h:53
ORACLE_DATA_LOCK
#define ORACLE_DATA_LOCK()
Definition: ze-oracle-scores.c:297
oracle_get_count
long oracle_get_count(int type, int ind)
Definition: ze-oracle-scores.c:536
strlcpy
#define strlcpy
Definition: zeString.h:32
SPAM_MSG_TOO_SHORT
#define SPAM_MSG_TOO_SHORT
Definition: ze-oracle-scores.h:77
oracle_message_T::nOdds
double nOdds
Definition: ze-oracle-scores.c:40
zeStrRegex
bool zeStrRegex(char *, char *, long *, long *, bool)
Definition: zeStrings.c:544
MINCNT
#define MINCNT
Definition: ze-oracle-scores.c:611
SPAM_MSG_HAS_BADRCPT
#define SPAM_MSG_HAS_BADRCPT
Definition: ze-oracle-scores.h:72
oracle_set_score
bool oracle_set_score(int type, int ind, double value)
Definition: ze-oracle-scores.c:508
CF_LOG_LEVEL_ORACLE
#define CF_LOG_LEVEL_ORACLE
Definition: cfh-defs.h:126
spamchk_T::headers_syntax_errors
int headers_syntax_errors
Definition: ze-chkcontent.h:105
GET_BIT
#define GET_BIT(p, i)
Definition: macros.h:168
SPAM_MSG_SUBJECT_NO_ALPHA
#define SPAM_MSG_SUBJECT_NO_ALPHA
Definition: ze-oracle-scores.h:82
FD_PRINTF
#define FD_PRINTF(fdp,...)
Definition: macros.h:45
cf_get_int
int cf_get_int(int id)
Definition: ze-cf.c:803
SPAM_CONN_NB
#define SPAM_CONN_NB
Definition: ze-oracle-scores.h:41
read_conf_data_file
bool read_conf_data_file(char *cfdir, char *fname, char *dfile, read_conf_data_file_F func)
Definition: ze-read-conf-data.c:32
SPAM_MSG_UNWANTED_CHARSET
#define SPAM_MSG_UNWANTED_CHARSET
Definition: ze-oracle-scores.h:61
SPAM_MSG_FUTURE_DATE
#define SPAM_MSG_FUTURE_DATE
Definition: ze-oracle-scores.h:59
strchr
#define strchr
Definition: ze-sys.h:218
SPAM_PLAIN_NO_CHARSET
#define SPAM_PLAIN_NO_CHARSET
Definition: ze-oracle-scores.h:52
SPAM_GLOB_TAGGED
#define SPAM_GLOB_TAGGED
Definition: ze-oracle-scores.h:93
SPAM_MSG_EMPTY_ATTACHMENT
#define SPAM_MSG_EMPTY_ATTACHMENT
Definition: ze-oracle-scores.h:81
SPAM_MSG_BAD_DATE
#define SPAM_MSG_BAD_DATE
Definition: ze-oracle-scores.h:58
oracle_stats_get
void oracle_stats_get(double *gm, double *gs, long *gnb, double *tm, double *ts, long *tnb)
Definition: ze-oracle-scores.c:328
SPAM_HTML_NB
#define SPAM_HTML_NB
Definition: ze-oracle-scores.h:48
bestof_add
bool bestof_add(bestof_T *b, double v)
Definition: ze-bestof-n.c:75
ORACLE_TYPE_HTML
#define ORACLE_TYPE_HTML
Definition: ze-oracle-scores.h:97
oracle_get_score
double oracle_get_score(int type, int ind)
Definition: ze-oracle-scores.c:483
SPAM_CONN_RESOLVE_TEMPFAIL
#define SPAM_CONN_RESOLVE_TEMPFAIL
Definition: ze-oracle-scores.h:35
oracle_inc_count
long oracle_inc_count(int type, int ind)
Definition: ze-oracle-scores.c:587
spamchk_T::flags
msg_flags_T flags
Definition: ze-chkcontent.h:68
SPAM_HTML_BASE64
#define SPAM_HTML_BASE64
Definition: ze-oracle-scores.h:44
SPAM_MSG_HEADERS_SYNTAX
#define SPAM_MSG_HEADERS_SYNTAX
Definition: ze-oracle-scores.h:68
zeKStatsUpdate
void zeKStatsUpdate(kstats_T *, double)
Definition: zeKStats.c:101
SPAM_MSG_BAD_DOMAIN_ADDRESS
#define SPAM_MSG_BAD_DOMAIN_ADDRESS
Definition: ze-oracle-scores.h:65
load_oracle_defs
bool load_oracle_defs(char *cfdir, char *fname)
Definition: ze-oracle-scores.c:967
ZE_MessageInfo
#define ZE_MessageInfo(level,...)
Definition: zeSyslog.h:90
nb
int nb
Definition: ze-connopen.c:61
SPAM_MSG_BAD_NULL_SENDER
#define SPAM_MSG_BAD_NULL_SENDER
Definition: ze-oracle-scores.h:78
SKIP_ALPHAS
#define SKIP_ALPHAS(s)
Definition: macros.h:178
SPAM_MSG_UNWANTED_BOUNDARY
#define SPAM_MSG_UNWANTED_BOUNDARY
Definition: ze-oracle-scores.h:71
TRUE
#define TRUE
Definition: macros.h:157
ZE_MessageWarning
#define ZE_MessageWarning(level,...)
Definition: zeSyslog.h:92
SPAM_CONN_BL_SPAMTRAP
#define SPAM_CONN_BL_SPAMTRAP
Definition: ze-oracle-scores.h:37
SPAM_CONN_FORGED_EHLO
#define SPAM_CONN_FORGED_EHLO
Definition: ze-oracle-scores.h:39
SPAM_PLAIN_NB
#define SPAM_PLAIN_NB
Definition: ze-oracle-scores.h:54
oracle_set_count
long oracle_set_count(int type, int ind, long value)
Definition: ze-oracle-scores.c:561
oracle_message_T::score
double score
Definition: ze-oracle-scores.c:38
SPAM_MSG_BAD_EXPRESSIONS
#define SPAM_MSG_BAD_EXPRESSIONS
Definition: ze-oracle-scores.h:62
SPAM_CONN_BAD_EHLO
#define SPAM_CONN_BAD_EHLO
Definition: ze-oracle-scores.h:38
oracle_stats_update
void oracle_stats_update(int score)
Definition: ze-oracle-scores.c:310
ZE_LogSysError
#define ZE_LogSysError(...)
Definition: zeSyslog.h:129
KSTATS_INITIALIZER
#define KSTATS_INITIALIZER
Definition: zeKStats.h:36
dump_oracle_defs
void dump_oracle_defs()
Definition: ze-oracle-scores.c:986
oracle_get_nodds
double oracle_get_nodds(int type, int ind)
Definition: ze-oracle-scores.c:431
cf_get_str
char * cf_get_str(int id)
Definition: ze-cf.c:854
SPAM_MSG_SUBJECT_HI_CAPS
#define SPAM_MSG_SUBJECT_HI_CAPS
Definition: ze-oracle-scores.h:79
SPAM_MSG_FORGED_POSTMASTER
#define SPAM_MSG_FORGED_POSTMASTER
Definition: ze-oracle-scores.h:63
oracle_get_label
char * oracle_get_label(int type, int ind)
Definition: ze-oracle-scores.c:360
msg_flags_T::msg
uint32_t msg
Definition: ze-chkcontent.h:41
SPAM_CONN_RESOLVE_FORGED
#define SPAM_CONN_RESOLVE_FORGED
Definition: ze-oracle-scores.h:34
SPAM_CONN_RBL
#define SPAM_CONN_RBL
Definition: ze-oracle-scores.h:40
msg_scores_T::noracle
double noracle
Definition: ze-msg-score.h:85
SPAM_MSG_RFC2822_HEADERS
#define SPAM_MSG_RFC2822_HEADERS
Definition: ze-oracle-scores.h:67
spamchk_T::best
bestof_T best
Definition: ze-chkcontent.h:69
ORACLE_TYPE_PLAIN
#define ORACLE_TYPE_PLAIN
Definition: ze-oracle-scores.h:98
SPAM_MSG_NB
#define SPAM_MSG_NB
Definition: ze-oracle-scores.h:89
msg_flags_T::html
uint32_t html
Definition: ze-chkcontent.h:38
kstats_T
Definition: zeKStats.h:26
SPAM_MSG_CONTENT_ID
#define SPAM_MSG_CONTENT_ID
Definition: ze-oracle-scores.h:80
SPAM_MSG_UNWANTED_MAILER
#define SPAM_MSG_UNWANTED_MAILER
Definition: ze-oracle-scores.h:74
SPAM_PLAIN_EMPTY
#define SPAM_PLAIN_EMPTY
Definition: ze-oracle-scores.h:50
STRCASEEQUAL
#define STRCASEEQUAL(a, b)
Definition: macros.h:72
spamchk_T::mime_errors
int mime_errors
Definition: ze-chkcontent.h:104
spamchk_T::html_invalid_tags
int html_invalid_tags
Definition: ze-chkcontent.h:112
SPAM_MSG_MATCH_MIME_PARTS
#define SPAM_MSG_MATCH_MIME_PARTS
Definition: ze-oracle-scores.h:75
zeKMean
double zeKMean(kstats_T *s)
Definition: zeKStats.c:43
oracle_dump_counters
bool oracle_dump_counters(int fd, bool verbose)
Definition: ze-oracle-scores.c:614
SPAM_PLAIN_BASE64
#define SPAM_PLAIN_BASE64
Definition: ze-oracle-scores.h:51
oracle_get_podds
double oracle_get_podds(int type, int ind)
Definition: ze-oracle-scores.c:379
SPAM_HTML_TAGS_RATIO
#define SPAM_HTML_TAGS_RATIO
Definition: ze-oracle-scores.h:46
zeKStdDev
double zeKStdDev(kstats_T *s)
Definition: zeKStats.c:53
spamchk_T::scores
msg_scores_T scores
Definition: ze-chkcontent.h:72
spamchk_T::nb_badrcpt
int nb_badrcpt
Definition: ze-chkcontent.h:75
ORACLE_DATA_UNLOCK
#define ORACLE_DATA_UNLOCK()
Definition: ze-oracle-scores.c:298
oracle_message_T::enable
bool enable
Definition: ze-oracle-scores.c:42
oracle_message_T::msg
char * msg
Definition: ze-oracle-scores.c:43
ORACLE_TYPE_MSG
#define ORACLE_TYPE_MSG
Definition: ze-oracle-scores.h:96
SPAM_MSG_MIME_ERRORS
#define SPAM_MSG_MIME_ERRORS
Definition: ze-oracle-scores.h:73
oracle_message_T::pOdds
double pOdds
Definition: ze-oracle-scores.c:39
oracle_check_enabled
bool oracle_check_enabled(int type, int ind)
Definition: ze-oracle-scores.c:1022
oracle_message_T::count
long count
Definition: ze-oracle-scores.c:41
CF_WORKDIR
#define CF_WORKDIR
Definition: cfh-defs.h:67
oracle_read_scores
bool oracle_read_scores()
Definition: ze-oracle-scores.c:801
SPAM_HTML_INVALID_TAGS
#define SPAM_HTML_INVALID_TAGS
Definition: ze-oracle-scores.h:47
uint32_t
long uint32_t
Definition: ze-sys.h:489
spamchk_T::nb_rfc2822_hdrs_errors
int nb_rfc2822_hdrs_errors
Definition: ze-chkcontent.h:108
msg
int msg[MAX_SCORE+2]
Definition: ze-stats.c:41
ORACLE_TYPE_CONN
#define ORACLE_TYPE_CONN
Definition: ze-oracle-scores.h:95
SPAM_HTML_CLEAN_TOO_SHORT
#define SPAM_HTML_CLEAN_TOO_SHORT
Definition: ze-oracle-scores.h:43
oracle_message_T::type
int type
Definition: ze-oracle-scores.c:36
msg_flags_T::plain
uint32_t plain
Definition: ze-chkcontent.h:39
SPAM_MSG_BASE64_SUBJECT
#define SPAM_MSG_BASE64_SUBJECT
Definition: ze-oracle-scores.h:70
oracle_set_podds
bool oracle_set_podds(int type, int ind, double value)
Definition: ze-oracle-scores.c:404
SPAM_MSG_NO_TEXT_PART
#define SPAM_MSG_NO_TEXT_PART
Definition: ze-oracle-scores.h:56