// Host is remote - use XML-RPC //$client = new xmlrpc_client(constant('RPC_RELATIVE_PATH').'/rpcserver.php', $host, 80); $input = new xmlrpcval($message_id); $parameters = array($input); $msg = new xmlrpcmsg('return_quarantined_file', $parameters); //$rsp = $client->send($msg); $rsp = xmlrpc_wrapper($message_data->hostname, $msg); if ($rsp->faultcode() == 0) { $response = php_xmlrpc_decode($rsp->value()); } else { die("Error: " . $rsp->faultstring()); } $file = base64_decode($response); } else { //build filename path $quarantine_dir = get_conf_var('QuarantineDir'); $filename = ''; switch (true) { case file_exists($quarantine_dir . '/' . $message_data->date . '/nonspam/' . $message_id): $filename = $message_data->date . '/nonspam/' . $message_id; break; case file_exists($quarantine_dir . '/' . $message_data->date . '/spam/' . $message_id): $filename = $message_data->date . '/spam/' . $message_id; break; case file_exists($quarantine_dir . '/' . $message_data->date . '/mcp/' . $message_id): $filename = $message_data->date . '/mcp/' . $message_id; break; case file_exists($quarantine_dir . '/' . $message_data->date . '/' . $message_id . '/message'): $filename = $message_data->date . '/' . $message_id . '/message'; break; }
function quarantine_list_dir($dir) { $dir = get_conf_var('QuarantineDir') . "/{$dir}"; $spam = "{$dir}/spam"; $nonspam = "{$dir}/nonspam"; $mcp = "{$dir}/mcp"; $array = array(); if (is_dir($dir)) { // Main quarantine $d = dir($dir) or die($php_errormsg); while (false !== ($f = $d->read())) { if ($f != '.' && $f != '..' && $f != 'spam' && $f != 'nonspam' && $f != 'mcp') { //dbg("Found $dir/$f"); $array[] = $f; } } $d->close(); } if (is_dir($spam)) { // Spam folder $d = dir($spam) or die($php_errormsg); while (false !== ($f = $d->read())) { if ($f != '.' && $f != '..' && $f != 'spam' && $f != 'nonspam' && $f != 'mcp') { //dbg("Found $spam/$f"); $array[] = $f; } } $d->close(); } if (is_dir($nonspam)) { $d = dir($nonspam) or die($php_errormsg); while (false !== ($f = $d->read())) { if ($f != '.' && $f != '..' && $f != 'spam' && $f != 'nonspam' && $f != 'mcp') { //dbg("Found $nonspam/$f"); $array[] = $f; } } $d->close(); } if (is_dir($mcp)) { $d = dir($mcp) or die($php_errormsg); while (false !== ($f = $d->read())) { if ($f != '.' && $f != '..' && $f != 'spam' && $f != 'nonspam' && $f != 'mcp') { //dbg("Found $mcp/$f"); $array[] = $f; } } $d->close(); } return $array; }
function rpc_get_conf_var($msg) { global $xmlrpcerruser; $input = php_xmlrpc_decode(array_shift($msg->params)); if (is_string($input)) { return new xmlrpcresp(new xmlrpcval(get_conf_var($input), 'string')); } else { return new xmlrpcresp(0, $xmlrpcerruser + 1, "Parameter type " . gettype($input) . " mismatch expected type."); } }
*/ // Include of necessary functions require_once __DIR__ . '/functions.php'; // Authentication checking session_start(); require __DIR__ . '/login.function.php'; html_start('Tools', "0", false, false); echo '<table width="100%" class="boxtable">'; echo '<tr><th>' . __('toolslinks03') . '</th></tr>'; echo '<tr> <td> <p>' . __('tools10') . '</p> <ul>'; echo '<li><a href="user_manager.php">' . __('usermgnt10') . '</a>'; if ($_SESSION['user_type'] == 'A') { $virusScanner = get_conf_var('VirusScanners'); if (preg_match('/sophos/i', $virusScanner)) { echo '<li><a href="sophos_status.php">' . __('avsophosstatus10') . '</a>'; } if (preg_match('/f-secure/i', $virusScanner)) { echo '<li><a href="f-secure_status.php">' . __('avfsecurestatus10') . '</a>'; } if (preg_match('/clam/i', $virusScanner)) { echo '<li><a href="clamav_status.php">' . __('avclamavstatus10') . '</a>'; } if (preg_match('/mcafee/i', $virusScanner)) { echo '<li><a href="mcafee_status.php">' . __('avmcafeestatus10') . '</a>'; } if (preg_match('/f-prot/i', $virusScanner)) { echo '<li><a href="f-prot_status.php">' . __('avfprotstatus10') . '</a>'; }
echo '<table class="boxtable" width="100%">' . "\n"; echo ' <tr>' . "\n"; echo ' <td>' . "\n"; echo ' This utility is used to update the SQL database with up-to-date descriptions of the MCP rules which are displayed on the Message Detail screen.<br> <br> This utility should generally be run after an update to your MCP rules, however it is safe to run at any time as it only replaces the existing values and inserts only new values in the table (therefore preserving descriptions from potentially deprecated or removed rules).<br> </td> </tr> <tr>' . "\n"; echo ' <td align="center"><br><input type="submit" value="Run Now"><br><br></td>' . "\n"; echo ' </tr>' . "\n"; if (isset($_POST['run'])) { echo '<tr><td align="CENTER"><table class="mail" border="0" cellpadding="1" cellspacing="1"><tr><th>Rule</th><th>Description</th></tr>' . "\n"; $mcp_prefs_file = get_conf_var('MCPSpamAssassinPrefsFile'); $mcp_local_rules_dir = get_conf_var('MCPSpamAssassinLocalRulesDir'); $mcp_default_rules_dir = get_conf_var('MCPSpamAssassinDefaultRulesDir'); if ($mcp_local_rules_dir != $mcp_default_rules_dir) { $fh = popen("ls {$mcp_prefs_file} {$mcp_local_rules_dir}/*.cf {$mcp_default_rules_dir}/*.cf | xargs grep -h '^describe'", 'r'); } else { $fh = popen("ls {$mcp_prefs_file} {$mcp_default_rules_dir}/*.cf | xargs grep -h '^describe'", 'r'); } audit_log('Ran MCP Rules Description Update'); while (!feof($fh)) { $line = rtrim(fgets($fh, 4096)); debug("line: " . $line . "\n"); preg_match("/^describe\\s+(\\S+)\\s+(.+)\$/", $line, $regs); if (isset($regs[1]) && isset($regs[2])) { $regs[1] = mysql_real_escape_string(ltrim(rtrim($regs[1]))); $regs[2] = mysql_real_escape_string(ltrim(rtrim($regs[2]))); echo '<tr><td>' . htmlentities($regs[1]) . '</td><td>' . htmlentities($regs[2]) . '</td></tr>' . "\n"; dbquery("REPLACE INTO mcp_rules VALUES ('{$regs['1']}','{$regs['2']}')");
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ // Include of necessary functions require_once "./functions.php"; // Authentication checking session_start(); require 'login.function.php'; if ($_SESSION['user_type'] != 'A') { header("Location: index.php"); audit_log('Non-admin user attemped to view Software Version Page'); } else { html_start('MailWatch and MailScanner Version information', '0', false, false); $mailwatch_version = mailwatch_version(); $mailscanner_version = get_conf_var('MailScannerVersionNumber'); $php_version = phpversion(); $mysql_version = mysql_result(dbquery("SELECT VERSION()"), 0); $geoipv4_version = FALSE; $geoipv6_version = FALSE; if (file_exists('./temp/GeoIP.dat')) { $geoipv4_version = date('r', filemtime('./temp/GeoIP.dat')) . ' (download date)'; } if (file_exists('./temp/GeoIPv6.dat')) { $geoipv6_version = date('r', filemtime('./temp/GeoIPv6.dat')) . ' (download date)'; } echo '<table width="100%" class="boxtable">' . "\n"; echo '<tr>' . "\n"; echo '<td>' . "\n"; echo '<p class="center" style="font-size:20px"><b>' . __('softver11') . '</b></p>' . "\n"; echo 'MailWatch ' . __('version11') . ' = ' . $mailwatch_version . '<br>' . "\n";
echo ' <th>' . __('dang04') . '?</th>' . "\n"; echo ' </tr>' . "\n"; $is_dangerous = 0; foreach ($quarantined as $item) { echo " <tr>\n"; // Don't allow message to be released if it is marked as 'dangerous' // Currently this only applies to messages that contain viruses. if ($item['dangerous'] !== "Y" || $_SESSION['user_type'] == 'A') { echo ' <td align="center"><input type="checkbox" name="release[]" value="' . $item['id'] . '"></td>' . "\n"; } else { echo '<td> </td>' . "\n"; } echo ' <td align="center"><input type="checkbox" name="delete[]" value="' . $item['id'] . '"></td>' . "\n"; // If the file is an rfc822 message then allow the file to be learnt // by SpamAssassin Bayesian learner as either spam or ham (sa-learn). if (preg_match('/message\\/rfc822/', $item['type']) || $item['file'] == "message" && strtoupper(get_conf_var("UseSpamAssassin")) == "YES") { echo ' <td align="center"><input type="checkbox" name="learn[]" value="' . $item['id'] . '"><select name="learn_type"><option value="ham">As Ham</option><option value="spam">As Spam</option><option value="forget">Forget</option><option value="report">As Spam+Report</option><option value="revoke">As Ham+Revoke</option></select></td>' . "\n"; } else { echo ' <td> </td>' . "\n"; } echo ' <td>' . $item['file'] . '</td>' . "\n"; echo ' <td>' . $item['type'] . '</td>' . "\n"; // If the file is in message/rfc822 format and isn't dangerous - create a link to allow it to be viewed if (($item['dangerous'] == "N" || $_SESSION['user_type'] == 'A') && preg_match('!message/rfc822!', $item['type'])) { echo ' <td><a href="viewmail.php?id=' . $item['msgid'] . '">' . substr($item['path'], strlen($quarantinedir) + 1) . '</a></td>' . "\n"; } else { echo " <td>" . substr($item['path'], strlen($quarantinedir) + 1) . "</td>\n"; } if ($item['dangerous'] == "Y" && $_SESSION['user_type'] != 'A') { $dangerous = $yes; $is_dangerous++;
2005-10-07 F-Prot status by Hubert Nachbaur modified from Sophos status by Steve Freegard updated 2012-01-23 by Garrod Alwood */ // Include of necessary functions require_once "./functions.php"; // Authentication checking session_start(); require 'login.function.php'; if ($_SESSION['user_type'] != 'A') { header("Location: index.php"); } else { html_start("F-Prot Status", 0, false, false); echo ' <table class="boxtable" width="100%"> <tr> <td align="center">'; if (preg_match('/-6/i', get_conf_var('VirusScanners'))) { passthru(get_virus_conf('f-prot') . " -virno | awk -f ./f-prot.awk"); } else { passthru(get_virus_conf('f-prot') . " -verno | awk -f ./f-prot.awk"); } echo ' </td> </tr> </table>'; // Add footer html_end(); // Close any open db connections dbclose(); }
/** * @param $id * @return mixed */ function fixMessageId($id) { $mta = get_conf_var('mta'); if ($mta == 'postfix') { $id = str_replace('_', '.', $id); } return $id; }
* JpGraph. * * You should have received a copy of the GNU General Public License along with this program; if not, write to the Free * Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ // Include of necessary functions require_once __DIR__ . '/functions.php'; require_once __DIR__ . '/filter.inc'; // Authentication checking session_start(); require __DIR__ . '/login.function.php'; // add the header information such as the logo, search, menu, .... $filter = html_start("Virus Report", 0, false, true); // Get a list of virus scanners from MailScanner.conf $scanner = array(); $scanners = explode(" ", get_conf_var("virusscanners")); foreach ($scanners as $vscanner) { switch ($vscanner) { case "sophos": $scanner[$vscanner]['name'] = "Sophos"; $scanner[$vscanner]['regexp'] = "/(>>>) Virus \\'(\\S+)\\' found/"; break; case "sophossavi": $scanner[$vscanner]['name'] = "Sophos SAVI"; $scanner[$vscanner]['regexp'] = "/(\\S+) was infected by (\\S+)/"; break; case "clamav": $scanner[$vscanner]['name'] = "ClamAV"; $scanner[$vscanner]['regexp'] = "/(.+) contains (\\S+)/"; break; case "clamd":
distribute executables, as long as you follow the requirements of the GNU GPL in regard to all of the software in the executable aside from JpGraph. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ require_once "./functions.php"; session_start(); require 'login.function.php'; if ($_SESSION['user_type'] != 'A') { header("Location: index.php"); } else { html_start("Rules"); // limit accessible files to the ones in MailScanner etc directory $MailscannerEtcDir = realpath(get_conf_var('%etc-dir%')); if (!isset($_GET['file'])) { $FilePath = false; } else { $FilePath = realpath(sanitizeInput($_GET['file'])); } if ($FilePath === false || strpos($FilePath, $MailscannerEtcDir) !== 0) { //Directory Traversal echo "Directory traversal attempt blocked.\n"; } else { echo '<table cellspacing="1" class="maildetail" width="100%">' . "\n"; echo '<tr><td class="heading">File: ' . $FilePath . '</td></tr>' . "\n"; echo '<tr><td><pre>' . "\n"; if ($fh = @@fopen($FilePath, 'r')) { while (!feof($fh)) { $line = rtrim(fgets($fh, 4096));
*/ // Change the following to reflect the location of functions.php require '/var/www/html/mailscanner/functions.php'; ini_set('error_log', 'syslog'); ini_set('html_errors', 'off'); ini_set('display_errors', 'on'); ini_set('implicit_flush', 'false'); if (!defined('RECORD_DAYS_TO_KEEP') || RECORD_DAYS_TO_KEEP < 1) { die("The variable RECORD_DAYS_TO_KEEP is empty, please set a value in conf.php."); } elseif (!defined('AUDIT_DAYS_TO_KEEP') || AUDIT_DAYS_TO_KEEP < 1) { die("The variable AUDIT_DAYS_TO_KEEP is empty, please set a value in conf.php."); } else { // Cleaning the maillog table dbquery("DELETE LOW_PRIORITY FROM maillog WHERE timestamp < (NOW() - INTERVAL " . RECORD_DAYS_TO_KEEP . " DAY)"); // Cleaning the mta_log and optionally the mta_log_id table $sqlcheck = "SHOW TABLES LIKE 'mtalog_ids'"; $tablecheck = dbquery($sqlcheck); $mta = get_conf_var('mta'); $optimize_mtalog_id = ''; if ($mta == 'postfix' && mysql_num_rows($tablecheck) > 0) { //version for postfix with mtalog_ids enabled dbquery("DELETE i.*, m.* FROM mtalog AS m\n LEFT OUTER JOIN mtalog_ids AS i ON i.smtp_id = m.msg_id\n WHERE m.timestamp < (NOW() - INTERVAL " . RECORD_DAYS_TO_KEEP . " DAY)"); $optimize_mtalog_id = ', mtalog_ids'; } else { dbquery("DELETE FROM mtalog WHERE timestamp < (NOW() - INTERVAL " . RECORD_DAYS_TO_KEEP . " DAY)"); } // Clean the audit log dbquery("DELETE FROM audit_log WHERE timestamp < (NOW() - INTERVAL " . AUDIT_DAYS_TO_KEEP . " DAY)"); // Optimize all of tables dbquery("OPTIMIZE TABLE maillog, mtalog, audit_log" . $optimize_mtalog_id); }
executeQuery($sql); * ** Finished */ // Phew! - finished mysql_close($link); } else { echo " FAILED\n"; $errors[] = "Database connection failed: " . @mysql_error(); } echo "\n"; // Check MailScanner settings echo "Checking MailScanner.conf settings: \n"; $check_settings = array('QuarantineWholeMessage' => 'yes', 'QuarantineWholeMessagesAsQueueFiles' => 'no', 'DetailedSpamReport' => 'yes', 'IncludeScoresInSpamAssassinReport' => 'yes', 'SpamActions' => 'store', 'HighScoringSpamActions' => 'store', 'AlwaysLookedUpLast' => '&MailWatchLogging'); foreach ($check_settings as $setting => $value) { echo pad(" - {$setting} "); if (preg_match('/' . $value . '/', get_conf_var($setting))) { echo " OK\n"; } else { echo " WARNING\n"; $errors[] = "MailScanner.conf: {$setting} != {$value} (=" . get_conf_var($setting) . ")"; } } echo "\n"; if (is_array($errors)) { echo "*** ERROR/WARNING SUMMARY ***\n"; foreach ($errors as $error) { echo $error . "\n"; } }
// Change this path to the right one containing functions.php $MailWatchHome = '/var/www/html/mailscanner/'; ini_set('error_log', 'syslog'); ini_set('html_errors', 'off'); ini_set('display_errors', 'on'); ini_set('implicit_flush', 'false'); set_time_limit(0); // Prevent multiple copies running $fl = fopen("/var/run/mailq.lock", "w+"); // Attempt to create an exclusive lock - continue if successful if (flock($fl, LOCK_EX + LOCK_NB)) { require $MailWatchHome . 'functions.php'; date_default_timezone_set(TIME_ZONE); $queue['inq'] = get_conf_var('IncomingQueueDir') . '/'; $queue['outq'] = get_conf_var('OutgoingQueueDir') . '/'; $MTA = get_conf_var('MTA'); foreach ($queue as $table_name => $queuedir) { // Clear the output array $output = array(); if ($dh = @opendir($queuedir)) { while (false !== ($file = readdir($dh))) { if ($MTA == "exim") { if (preg_match("/-H\$/", $file)) { // Get rid of the '-H' from the end of the filename to get the msgid $msgid = substr($file, 0, strlen($file) - 2); if ($fh = @fopen($queuedir . $file, "r")) { // Work out the total size (df+qf) of the mail $output[$msgid]['size'] = @filesize($queuedir . $msgid . "-D") + filesize($queuedir . $msgid . "-H"); $output[$msgid]['version'] = 'N/A'; $output[$msgid]['ctladdr'] = 'N/A'; $output[$msgid]['orcpt'] = 'N/A';