[pmg-devel] [RFC pmg-api 0/3] add support for custom checks

Thu Mar 14 18:28:24 CET 2019

Hi Davide,

On Wed, 13 Mar 2019 22:17:35 +0100
Davide Bozzelli <davide.bozzelli at gci.it> wrote:

> Hi stoiko
> 
> Excellent work
Thanks!

> 
> I would prefer having a real life script in order to adapt it.
Hm - what would you have in mind?
(the sample script is more a informal description of the 'API')
TBH - I am quite content with the current featureset (clamav/avast +
spamassassin) - and most use-cases that I came up with are either
already doable by those components or don't make sense.

In other words - glad to provide some pointers as to how the
mail-parsing can be done, if I know _what_ people want to do.

Best Regards,
stoiko

> 
> Thx
> 
> In data 13 marzo 2019 21:40:11 Stoiko Ivanov <s.ivanov at proxmox.com>
> ha scritto:
> 
> > Closes #1988.
> >
> > As seen every now and then in the forum and the pmg-devel
> > mailinglists, quite a few users want to be able to customize the
> > way PMG does its spam/virus detection.
> > Given that some of the requests cannot be fulfilled in general due
> > to licensing reasons (e.g. uploads to virus total might be ok for
> > smaller scale setups, and for private use, but not for all our
> > userbase), or performance reasons (non-daemonized AV scanners),
> > this patchset tries to provide a stable 'API' for users to attach
> > their custom scanning tools to PMG.
> >
> > I tried to keep the interface simple and thus the input to the
> > custom_check (via
> > cli-args) is:
> > * the queue-file (the mail in rfc822 format)
> >
> > and its result can be:
> > * OK
> > * VIRUS (with optional virus-description for logging)
> > * SCORE (a postive or negative number to be added to SpamAssassins
> > result)
> >
> > Additionally I added an api-version (inspired by PVE's custom
> > storage plugins), so that we have the option of changing the
> > interface w/o breaking already deployed custom_checks.
> >
> > I would be grateful for a sensibility check of the concept and any
> > hints to caveats/pitfalls I did not think about!
> >
> > For testing (and hopefully documentation) purposes I wrote a
> > tiny /bin/sh script
> > which follows the API and returns random results (OK, VIRUS, SCORE,
> > or runs into
> > a timeout):
> > ```
> > #!/bin/sh
> >
> > echo "called with $*" 1>&2
> >
> > if [ "$#" -ne 2 ]; then
> >  echo "usage: $0 APIVERSION QUEUEFILENAME" 1>&2
> >  exit 1
> > fi
> >
> > apiver="$1"
> > shift
> >
> > if [ "$apiver" != "v1" ]; then
> >  echo "wrong APIVERSION: $apiver" 1>&2
> >  exit 2
> > fi
> >
> > queue_file="$1"
> >
> > echo "v1"
> >
> > choice=$(shuf -i 0-3 -n1)
> >
> > case "$choice" in
> >  0)
> >    echo OK
> >    ;;
> >  1)
> >    echo SCORE: 4
> >    ;;
> >  2)
> >    echo VIRUS: Random Virus
> >    ;;
> >  3) #timeout-test
> >    for i in $(seq 1 7); do
> >      echo "custom checking mail: $queue_file - minute $i" 1>&2
> >      sleep 60
> >    done
> >    ;;
> > esac
> >
> > exit 0
> > ```
> >
> >
> > Stoiko Ivanov (3):
> >  add custom_check handling
> >  integrate custom_check
> >  add debug dumper
> >
> > PMG/Config.pm       | 12 ++++++++
> > PMG/RuleDB/Spam.pm  | 11 +++++++
> > PMG/Utils.pm        | 84
> > +++++++++++++++++++++++++++++++++++++++++++++++++++++
> > bin/pmg-smtp-filter | 26 ++++++++++------- 4 files changed, 123
> > insertions(+), 10 deletions(-)
> >
> > --
> > 2.11.0
> >
> >
> > _______________________________________________
> > pmg-devel mailing list
> > pmg-devel at pve.proxmox.com
> > https://pve.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel  
> 
> 
> 
> --------------------------------
> CONFIDENTIALITY NOTICE
> 
> Questo messaggio e' destinato alle sole persone indicate e puo'
> contenere informazioni riservate.
> Se ricevuto per errore, si prega di avvisare immediatamente il
> mittente e cancellare l'originale.
> Ogni altro uso del messaggio e' vietato!
> ****
> This message is for the designated recipient(s) only and may contain
> privileged, proprietary, or otherwise private information. If you have
> received it in error, please notify the sender immediately and delete
> the original message.
> Any other use of the email by you is prohibited!
> -------------------------------- 
> 