From f4e758e0a64a53ea53a8f9a74f67a015bec35744 Mon Sep 17 00:00:00 2001 From: arjen Date: Wed, 14 Nov 2007 16:20:05 +0000 Subject: [PATCH] New program: spamdetect. Expirimental utility to log manually reported spam and have Gnucomo detect the spammer's IP address. --- src/gcm_input/Makefile.am | 4 +- src/gcm_input/Makefile.in | 21 ++++++-- src/gcm_input/spamdetect.cpp | 112 +++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 132 insertions(+), 5 deletions(-) create mode 100644 src/gcm_input/spamdetect.cpp diff --git a/src/gcm_input/Makefile.am b/src/gcm_input/Makefile.am index 863614e..d6aac83 100644 --- a/src/gcm_input/Makefile.am +++ b/src/gcm_input/Makefile.am @@ -1,5 +1,5 @@ -bin_PROGRAMS = gcm_input logrunner +bin_PROGRAMS = gcm_input logrunner spamdetect INCLUDES = -I../include LDADD = ../lib/libgnucomo.a @@ -10,3 +10,5 @@ gcm_input_SOURCES = gcm_input.cpp message.cpp string_utils.cpp syslog_cooker.cpp message_filter.cpp log_filter.cpp rpm_filter.cpp df_filter.cpp logrunner_SOURCES = logrunner.cpp string_utils.cpp + +spamdetect_SOURCES = spamdetect.cpp diff --git a/src/gcm_input/Makefile.in b/src/gcm_input/Makefile.in index 3325491..92a7c24 100644 --- a/src/gcm_input/Makefile.in +++ b/src/gcm_input/Makefile.in @@ -14,7 +14,7 @@ @SET_MAKE@ -SOURCES = $(gcm_input_SOURCES) $(logrunner_SOURCES) +SOURCES = $(gcm_input_SOURCES) $(logrunner_SOURCES) $(spamdetect_SOURCES) srcdir = @srcdir@ top_srcdir = @top_srcdir@ @@ -36,7 +36,8 @@ POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -bin_PROGRAMS = gcm_input$(EXEEXT) logrunner$(EXEEXT) +bin_PROGRAMS = gcm_input$(EXEEXT) logrunner$(EXEEXT) \ + spamdetect$(EXEEXT) subdir = src/gcm_input DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 @@ -61,6 +62,10 @@ am_logrunner_OBJECTS = logrunner.$(OBJEXT) string_utils.$(OBJEXT) logrunner_OBJECTS = $(am_logrunner_OBJECTS) logrunner_LDADD = $(LDADD) logrunner_DEPENDENCIES = ../lib/libgnucomo.a +am_spamdetect_OBJECTS = spamdetect.$(OBJEXT) +spamdetect_OBJECTS = $(am_spamdetect_OBJECTS) +spamdetect_LDADD = $(LDADD) +spamdetect_DEPENDENCIES = ../lib/libgnucomo.a DEFAULT_INCLUDES = -I. -I$(srcdir) depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -73,6 +78,7 @@ am__depfiles_maybe = depfiles @AMDEP_TRUE@ ./$(DEPDIR)/message.Po \ @AMDEP_TRUE@ ./$(DEPDIR)/message_filter.Po \ @AMDEP_TRUE@ ./$(DEPDIR)/rpm_filter.Po \ +@AMDEP_TRUE@ ./$(DEPDIR)/spamdetect.Po \ @AMDEP_TRUE@ ./$(DEPDIR)/string_utils.Po \ @AMDEP_TRUE@ ./$(DEPDIR)/syslog_cooker.Po \ @AMDEP_TRUE@ ./$(DEPDIR)/xml_cooker.Po @@ -81,8 +87,10 @@ CXXCOMPILE = $(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ CXXLD = $(CXX) CXXLINK = $(CXXLD) $(AM_CXXFLAGS) $(CXXFLAGS) $(AM_LDFLAGS) $(LDFLAGS) \ -o $@ -SOURCES = $(gcm_input_SOURCES) $(logrunner_SOURCES) -DIST_SOURCES = $(gcm_input_SOURCES) $(logrunner_SOURCES) +SOURCES = $(gcm_input_SOURCES) $(logrunner_SOURCES) \ + $(spamdetect_SOURCES) +DIST_SOURCES = $(gcm_input_SOURCES) $(logrunner_SOURCES) \ + $(spamdetect_SOURCES) ETAGS = etags CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) @@ -186,6 +194,7 @@ gcm_input_SOURCES = gcm_input.cpp message.cpp string_utils.cpp syslog_cooker.cpp message_filter.cpp log_filter.cpp rpm_filter.cpp df_filter.cpp logrunner_SOURCES = logrunner.cpp string_utils.cpp +spamdetect_SOURCES = spamdetect.cpp all: all-am .SUFFIXES: @@ -248,6 +257,9 @@ gcm_input$(EXEEXT): $(gcm_input_OBJECTS) $(gcm_input_DEPENDENCIES) logrunner$(EXEEXT): $(logrunner_OBJECTS) $(logrunner_DEPENDENCIES) @rm -f logrunner$(EXEEXT) $(CXXLINK) $(logrunner_LDFLAGS) $(logrunner_OBJECTS) $(logrunner_LDADD) $(LIBS) +spamdetect$(EXEEXT): $(spamdetect_OBJECTS) $(spamdetect_DEPENDENCIES) + @rm -f spamdetect$(EXEEXT) + $(CXXLINK) $(spamdetect_LDFLAGS) $(spamdetect_OBJECTS) $(spamdetect_LDADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -265,6 +277,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/message.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/message_filter.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rpm_filter.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/spamdetect.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/string_utils.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/syslog_cooker.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xml_cooker.Po@am__quote@ diff --git a/src/gcm_input/spamdetect.cpp b/src/gcm_input/spamdetect.cpp new file mode 100644 index 0000000..5f55790 --- /dev/null +++ b/src/gcm_input/spamdetect.cpp @@ -0,0 +1,112 @@ +/************************************************************************** +** (c) Copyright 2007, Andromeda Technology & Automation +** This is free software; you can redistribute it and/or modify it under the +** terms of the GNU General Public License, see the file COPYING. +*************************************************************************** +** MODULE INFORMATION * +*********************** +** FILE NAME : spamdetect.cpp +** SYSTEM NAME : Gnucomo - Gnu Computer Monitoring +** VERSION NUMBER : $Revision: 1.1 $ +** +** DESCRIPTION : +** +** EXPORTED OBJECTS : +** LOCAL OBJECTS : +** MODULES USED : +*************************************************************************** +** ADMINISTRATIVE INFORMATION * +******************************** +** ORIGINAL AUTHOR : Arjen Baart - arjen@andromeda.nl +** CREATION DATE : Nov 14, 2007 +** LAST UPDATE : Nov Nov 14, 2007 +** MODIFICATIONS : +**************************************************************************/ + +/***************************** + $Log: spamdetect.cpp,v $ + Revision 1.1 2007-11-14 16:20:05 arjen + New program: spamdetect. + Expirimental utility to log manually reported spam and have + Gnucomo detect the spammer's IP address. + +*****************************/ + +static const char *RCSID = "$Id: spamdetect.cpp,v 1.1 2007-11-14 16:20:05 arjen Exp $"; + +#include +#include + +#include +#include + +int main(int argc, char *argv[]) +{ + const char *usage = "Usage: spamdetect\n"; + + String line; + String header; + int state = 0; + + regex fwd_header("---- Original Message -----"); + regex received("^Received:"); + regex from("^From:"); + regex returnpath("^Return-Path:"); + + openlog("gnucomo", 0, LOG_MAIL); + + + while (std::cin >> line) + { + std::cout << line << "\n"; + switch (state) + { + case 0: + if (line == fwd_header) + { + state = 1; + std::cout << "Forward header detected.\n"; + } + break; + + case 1: + // Inside the forwarded header + if (line == received || line == from || line == returnpath) + { + header = line; + state = 2; + std::cout << "(1)Header = " << header << "\n"; + } + break; + case 2: + if (line == regex("^[^ ]+: ")) + { + std::cout << "Logging " << header << "\n"; + syslog(LOG_WARNING, "%s", (char *)header); + header = ""; + state = 1; + std::cout << "Next header.\n"; + if (line == received || line == from || line == returnpath) + { + header = line; + state = 2; + std::cout << "(1)Header = " << header << "\n"; + } + } + else if (line == String("")) + { + std::cout << "End of headers detected.\n"; + state = 3; + } + else + { + header += " "; + header += line; + std::cout << "(2)Header = " << header << "\n"; + } + } + } + + closelog(); +} + -- 2.11.0