// Host is remote - use XML-RPC
//$client = new xmlrpc_client(constant('RPC_RELATIVE_PATH').'/rpcserver.php', $host, 80);
$input = new xmlrpcval($message_id);
$parameters = array($input);
$msg = new xmlrpcmsg('return_quarantined_file', $parameters);
//$rsp = $client->send($msg);
$rsp = xmlrpc_wrapper($message_data->hostname, $msg);
if ($rsp->faultcode() == 0) {
$response = php_xmlrpc_decode($rsp->value());
} else {
die("Error: " . $rsp->faultstring());
}
$file = base64_decode($response);
} else {
//build filename path
$quarantine_dir = get_conf_var('QuarantineDir');
$filename = '';
switch (true) {
case file_exists($quarantine_dir . '/' . $message_data->date . '/nonspam/' . $message_id):
$filename = $message_data->date . '/nonspam/' . $message_id;
break;
case file_exists($quarantine_dir . '/' . $message_data->date . '/spam/' . $message_id):
$filename = $message_data->date . '/spam/' . $message_id;
break;
case file_exists($quarantine_dir . '/' . $message_data->date . '/mcp/' . $message_id):
$filename = $message_data->date . '/mcp/' . $message_id;
break;
case file_exists($quarantine_dir . '/' . $message_data->date . '/' . $message_id . '/message'):
$filename = $message_data->date . '/' . $message_id . '/message';
break;
}
function quarantine_list_dir($dir)
{
$dir = get_conf_var('QuarantineDir') . "/{$dir}";
$spam = "{$dir}/spam";
$nonspam = "{$dir}/nonspam";
$mcp = "{$dir}/mcp";
$array = array();
if (is_dir($dir)) {
// Main quarantine
$d = dir($dir) or die($php_errormsg);
while (false !== ($f = $d->read())) {
if ($f != '.' && $f != '..' && $f != 'spam' && $f != 'nonspam' && $f != 'mcp') {
//dbg("Found $dir/$f");
$array[] = $f;
}
}
$d->close();
}
if (is_dir($spam)) {
// Spam folder
$d = dir($spam) or die($php_errormsg);
while (false !== ($f = $d->read())) {
if ($f != '.' && $f != '..' && $f != 'spam' && $f != 'nonspam' && $f != 'mcp') {
//dbg("Found $spam/$f");
$array[] = $f;
}
}
$d->close();
}
if (is_dir($nonspam)) {
$d = dir($nonspam) or die($php_errormsg);
while (false !== ($f = $d->read())) {
if ($f != '.' && $f != '..' && $f != 'spam' && $f != 'nonspam' && $f != 'mcp') {
//dbg("Found $nonspam/$f");
$array[] = $f;
}
}
$d->close();
}
if (is_dir($mcp)) {
$d = dir($mcp) or die($php_errormsg);
while (false !== ($f = $d->read())) {
if ($f != '.' && $f != '..' && $f != 'spam' && $f != 'nonspam' && $f != 'mcp') {
//dbg("Found $mcp/$f");
$array[] = $f;
}
}
$d->close();
}
return $array;
}
function rpc_get_conf_var($msg)
{
global $xmlrpcerruser;
$input = php_xmlrpc_decode(array_shift($msg->params));
if (is_string($input)) {
return new xmlrpcresp(new xmlrpcval(get_conf_var($input), 'string'));
} else {
return new xmlrpcresp(0, $xmlrpcerruser + 1, "Parameter type " . gettype($input) . " mismatch expected type.");
}
}
*/
// Include of necessary functions
require_once __DIR__ . '/functions.php';
// Authentication checking
session_start();
require __DIR__ . '/login.function.php';
html_start('Tools', "0", false, false);
echo '<table width="100%" class="boxtable">';
echo '<tr><th>' . __('toolslinks03') . '</th></tr>';
echo '<tr>
<td>
<p>' . __('tools10') . '</p>
<ul>';
echo '<li><a href="user_manager.php">' . __('usermgnt10') . '</a>';
if ($_SESSION['user_type'] == 'A') {
$virusScanner = get_conf_var('VirusScanners');
if (preg_match('/sophos/i', $virusScanner)) {
echo '<li><a href="sophos_status.php">' . __('avsophosstatus10') . '</a>';
}
if (preg_match('/f-secure/i', $virusScanner)) {
echo '<li><a href="f-secure_status.php">' . __('avfsecurestatus10') . '</a>';
}
if (preg_match('/clam/i', $virusScanner)) {
echo '<li><a href="clamav_status.php">' . __('avclamavstatus10') . '</a>';
}
if (preg_match('/mcafee/i', $virusScanner)) {
echo '<li><a href="mcafee_status.php">' . __('avmcafeestatus10') . '</a>';
}
if (preg_match('/f-prot/i', $virusScanner)) {
echo '<li><a href="f-prot_status.php">' . __('avfprotstatus10') . '</a>';
}
echo '<table class="boxtable" width="100%">' . "\n";
echo ' <tr>' . "\n";
echo ' <td>' . "\n";
echo ' This utility is used to update the SQL database with up-to-date descriptions of the MCP rules which are displayed on the Message Detail screen.<br>
<br>
This utility should generally be run after an update to your MCP rules, however it is safe to run at any time as it only replaces the existing values and inserts only new values in the table (therefore preserving descriptions from potentially deprecated or removed rules).<br>
</td>
</tr>
<tr>' . "\n";
echo ' <td align="center"><br><input type="submit" value="Run Now"><br><br></td>' . "\n";
echo ' </tr>' . "\n";
if (isset($_POST['run'])) {
echo '<tr><td align="CENTER"><table class="mail" border="0" cellpadding="1" cellspacing="1"><tr><th>Rule</th><th>Description</th></tr>' . "\n";
$mcp_prefs_file = get_conf_var('MCPSpamAssassinPrefsFile');
$mcp_local_rules_dir = get_conf_var('MCPSpamAssassinLocalRulesDir');
$mcp_default_rules_dir = get_conf_var('MCPSpamAssassinDefaultRulesDir');
if ($mcp_local_rules_dir != $mcp_default_rules_dir) {
$fh = popen("ls {$mcp_prefs_file} {$mcp_local_rules_dir}/*.cf {$mcp_default_rules_dir}/*.cf | xargs grep -h '^describe'", 'r');
} else {
$fh = popen("ls {$mcp_prefs_file} {$mcp_default_rules_dir}/*.cf | xargs grep -h '^describe'", 'r');
}
audit_log('Ran MCP Rules Description Update');
while (!feof($fh)) {
$line = rtrim(fgets($fh, 4096));
debug("line: " . $line . "\n");
preg_match("/^describe\\s+(\\S+)\\s+(.+)\$/", $line, $regs);
if (isset($regs[1]) && isset($regs[2])) {
$regs[1] = mysql_real_escape_string(ltrim(rtrim($regs[1])));
$regs[2] = mysql_real_escape_string(ltrim(rtrim($regs[2])));
echo '<tr><td>' . htmlentities($regs[1]) . '</td><td>' . htmlentities($regs[2]) . '</td></tr>' . "\n";
dbquery("REPLACE INTO mcp_rules VALUES ('{$regs['1']}','{$regs['2']}')");
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
// Include of necessary functions
require_once "./functions.php";
// Authentication checking
session_start();
require 'login.function.php';
if ($_SESSION['user_type'] != 'A') {
header("Location: index.php");
audit_log('Non-admin user attemped to view Software Version Page');
} else {
html_start('MailWatch and MailScanner Version information', '0', false, false);
$mailwatch_version = mailwatch_version();
$mailscanner_version = get_conf_var('MailScannerVersionNumber');
$php_version = phpversion();
$mysql_version = mysql_result(dbquery("SELECT VERSION()"), 0);
$geoipv4_version = FALSE;
$geoipv6_version = FALSE;
if (file_exists('./temp/GeoIP.dat')) {
$geoipv4_version = date('r', filemtime('./temp/GeoIP.dat')) . ' (download date)';
}
if (file_exists('./temp/GeoIPv6.dat')) {
$geoipv6_version = date('r', filemtime('./temp/GeoIPv6.dat')) . ' (download date)';
}
echo '<table width="100%" class="boxtable">' . "\n";
echo '<tr>' . "\n";
echo '<td>' . "\n";
echo '<p class="center" style="font-size:20px"><b>' . __('softver11') . '</b></p>' . "\n";
echo 'MailWatch ' . __('version11') . ' = ' . $mailwatch_version . '<br>' . "\n";
echo ' <th>' . __('dang04') . '?</th>' . "\n";
echo ' </tr>' . "\n";
$is_dangerous = 0;
foreach ($quarantined as $item) {
echo " <tr>\n";
// Don't allow message to be released if it is marked as 'dangerous'
// Currently this only applies to messages that contain viruses.
if ($item['dangerous'] !== "Y" || $_SESSION['user_type'] == 'A') {
echo ' <td align="center"><input type="checkbox" name="release[]" value="' . $item['id'] . '"></td>' . "\n";
} else {
echo '<td> </td>' . "\n";
}
echo ' <td align="center"><input type="checkbox" name="delete[]" value="' . $item['id'] . '"></td>' . "\n";
// If the file is an rfc822 message then allow the file to be learnt
// by SpamAssassin Bayesian learner as either spam or ham (sa-learn).
if (preg_match('/message\\/rfc822/', $item['type']) || $item['file'] == "message" && strtoupper(get_conf_var("UseSpamAssassin")) == "YES") {
echo ' <td align="center"><input type="checkbox" name="learn[]" value="' . $item['id'] . '"><select name="learn_type"><option value="ham">As Ham</option><option value="spam">As Spam</option><option value="forget">Forget</option><option value="report">As Spam+Report</option><option value="revoke">As Ham+Revoke</option></select></td>' . "\n";
} else {
echo ' <td> </td>' . "\n";
}
echo ' <td>' . $item['file'] . '</td>' . "\n";
echo ' <td>' . $item['type'] . '</td>' . "\n";
// If the file is in message/rfc822 format and isn't dangerous - create a link to allow it to be viewed
if (($item['dangerous'] == "N" || $_SESSION['user_type'] == 'A') && preg_match('!message/rfc822!', $item['type'])) {
echo ' <td><a href="viewmail.php?id=' . $item['msgid'] . '">' . substr($item['path'], strlen($quarantinedir) + 1) . '</a></td>' . "\n";
} else {
echo " <td>" . substr($item['path'], strlen($quarantinedir) + 1) . "</td>\n";
}
if ($item['dangerous'] == "Y" && $_SESSION['user_type'] != 'A') {
$dangerous = $yes;
$is_dangerous++;
2005-10-07
F-Prot status by Hubert Nachbaur modified from Sophos status by Steve Freegard
updated 2012-01-23 by Garrod Alwood
*/
// Include of necessary functions
require_once "./functions.php";
// Authentication checking
session_start();
require 'login.function.php';
if ($_SESSION['user_type'] != 'A') {
header("Location: index.php");
} else {
html_start("F-Prot Status", 0, false, false);
echo '
<table class="boxtable" width="100%">
<tr>
<td align="center">';
if (preg_match('/-6/i', get_conf_var('VirusScanners'))) {
passthru(get_virus_conf('f-prot') . " -virno | awk -f ./f-prot.awk");
} else {
passthru(get_virus_conf('f-prot') . " -verno | awk -f ./f-prot.awk");
}
echo '
</td>
</tr>
</table>';
// Add footer
html_end();
// Close any open db connections
dbclose();
}
/**
* @param $id
* @return mixed
*/
function fixMessageId($id)
{
$mta = get_conf_var('mta');
if ($mta == 'postfix') {
$id = str_replace('_', '.', $id);
}
return $id;
}
* JpGraph.
*
* You should have received a copy of the GNU General Public License along with this program; if not, write to the Free
* Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
// Include of necessary functions
require_once __DIR__ . '/functions.php';
require_once __DIR__ . '/filter.inc';
// Authentication checking
session_start();
require __DIR__ . '/login.function.php';
// add the header information such as the logo, search, menu, ....
$filter = html_start("Virus Report", 0, false, true);
// Get a list of virus scanners from MailScanner.conf
$scanner = array();
$scanners = explode(" ", get_conf_var("virusscanners"));
foreach ($scanners as $vscanner) {
switch ($vscanner) {
case "sophos":
$scanner[$vscanner]['name'] = "Sophos";
$scanner[$vscanner]['regexp'] = "/(>>>) Virus \\'(\\S+)\\' found/";
break;
case "sophossavi":
$scanner[$vscanner]['name'] = "Sophos SAVI";
$scanner[$vscanner]['regexp'] = "/(\\S+) was infected by (\\S+)/";
break;
case "clamav":
$scanner[$vscanner]['name'] = "ClamAV";
$scanner[$vscanner]['regexp'] = "/(.+) contains (\\S+)/";
break;
case "clamd":
distribute executables, as long as you follow the requirements of the GNU GPL in regard to all of the software
in the executable aside from JpGraph.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
require_once "./functions.php";
session_start();
require 'login.function.php';
if ($_SESSION['user_type'] != 'A') {
header("Location: index.php");
} else {
html_start("Rules");
// limit accessible files to the ones in MailScanner etc directory
$MailscannerEtcDir = realpath(get_conf_var('%etc-dir%'));
if (!isset($_GET['file'])) {
$FilePath = false;
} else {
$FilePath = realpath(sanitizeInput($_GET['file']));
}
if ($FilePath === false || strpos($FilePath, $MailscannerEtcDir) !== 0) {
//Directory Traversal
echo "Directory traversal attempt blocked.\n";
} else {
echo '<table cellspacing="1" class="maildetail" width="100%">' . "\n";
echo '<tr><td class="heading">File: ' . $FilePath . '</td></tr>' . "\n";
echo '<tr><td><pre>' . "\n";
if ($fh = @@fopen($FilePath, 'r')) {
while (!feof($fh)) {
$line = rtrim(fgets($fh, 4096));
*/
// Change the following to reflect the location of functions.php
require '/var/www/html/mailscanner/functions.php';
ini_set('error_log', 'syslog');
ini_set('html_errors', 'off');
ini_set('display_errors', 'on');
ini_set('implicit_flush', 'false');
if (!defined('RECORD_DAYS_TO_KEEP') || RECORD_DAYS_TO_KEEP < 1) {
die("The variable RECORD_DAYS_TO_KEEP is empty, please set a value in conf.php.");
} elseif (!defined('AUDIT_DAYS_TO_KEEP') || AUDIT_DAYS_TO_KEEP < 1) {
die("The variable AUDIT_DAYS_TO_KEEP is empty, please set a value in conf.php.");
} else {
// Cleaning the maillog table
dbquery("DELETE LOW_PRIORITY FROM maillog WHERE timestamp < (NOW() - INTERVAL " . RECORD_DAYS_TO_KEEP . " DAY)");
// Cleaning the mta_log and optionally the mta_log_id table
$sqlcheck = "SHOW TABLES LIKE 'mtalog_ids'";
$tablecheck = dbquery($sqlcheck);
$mta = get_conf_var('mta');
$optimize_mtalog_id = '';
if ($mta == 'postfix' && mysql_num_rows($tablecheck) > 0) {
//version for postfix with mtalog_ids enabled
dbquery("DELETE i.*, m.* FROM mtalog AS m\n LEFT OUTER JOIN mtalog_ids AS i ON i.smtp_id = m.msg_id\n WHERE m.timestamp < (NOW() - INTERVAL " . RECORD_DAYS_TO_KEEP . " DAY)");
$optimize_mtalog_id = ', mtalog_ids';
} else {
dbquery("DELETE FROM mtalog WHERE timestamp < (NOW() - INTERVAL " . RECORD_DAYS_TO_KEEP . " DAY)");
}
// Clean the audit log
dbquery("DELETE FROM audit_log WHERE timestamp < (NOW() - INTERVAL " . AUDIT_DAYS_TO_KEEP . " DAY)");
// Optimize all of tables
dbquery("OPTIMIZE TABLE maillog, mtalog, audit_log" . $optimize_mtalog_id);
}
executeQuery($sql);
*
** Finished
*/
// Phew! - finished
mysql_close($link);
} else {
echo " FAILED\n";
$errors[] = "Database connection failed: " . @mysql_error();
}
echo "\n";
// Check MailScanner settings
echo "Checking MailScanner.conf settings: \n";
$check_settings = array('QuarantineWholeMessage' => 'yes', 'QuarantineWholeMessagesAsQueueFiles' => 'no', 'DetailedSpamReport' => 'yes', 'IncludeScoresInSpamAssassinReport' => 'yes', 'SpamActions' => 'store', 'HighScoringSpamActions' => 'store', 'AlwaysLookedUpLast' => '&MailWatchLogging');
foreach ($check_settings as $setting => $value) {
echo pad(" - {$setting} ");
if (preg_match('/' . $value . '/', get_conf_var($setting))) {
echo " OK\n";
} else {
echo " WARNING\n";
$errors[] = "MailScanner.conf: {$setting} != {$value} (=" . get_conf_var($setting) . ")";
}
}
echo "\n";
if (is_array($errors)) {
echo "*** ERROR/WARNING SUMMARY ***\n";
foreach ($errors as $error) {
echo $error . "\n";
}
}
// Change this path to the right one containing functions.php
$MailWatchHome = '/var/www/html/mailscanner/';
ini_set('error_log', 'syslog');
ini_set('html_errors', 'off');
ini_set('display_errors', 'on');
ini_set('implicit_flush', 'false');
set_time_limit(0);
// Prevent multiple copies running
$fl = fopen("/var/run/mailq.lock", "w+");
// Attempt to create an exclusive lock - continue if successful
if (flock($fl, LOCK_EX + LOCK_NB)) {
require $MailWatchHome . 'functions.php';
date_default_timezone_set(TIME_ZONE);
$queue['inq'] = get_conf_var('IncomingQueueDir') . '/';
$queue['outq'] = get_conf_var('OutgoingQueueDir') . '/';
$MTA = get_conf_var('MTA');
foreach ($queue as $table_name => $queuedir) {
// Clear the output array
$output = array();
if ($dh = @opendir($queuedir)) {
while (false !== ($file = readdir($dh))) {
if ($MTA == "exim") {
if (preg_match("/-H\$/", $file)) {
// Get rid of the '-H' from the end of the filename to get the msgid
$msgid = substr($file, 0, strlen($file) - 2);
if ($fh = @fopen($queuedir . $file, "r")) {
// Work out the total size (df+qf) of the mail
$output[$msgid]['size'] = @filesize($queuedir . $msgid . "-D") + filesize($queuedir . $msgid . "-H");
$output[$msgid]['version'] = 'N/A';
$output[$msgid]['ctladdr'] = 'N/A';
$output[$msgid]['orcpt'] = 'N/A';
