line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
# <@LICENSE> |
2
|
|
|
|
|
|
|
# Licensed to the Apache Software Foundation (ASF) under one or more |
3
|
|
|
|
|
|
|
# contributor license agreements. See the NOTICE file distributed with |
4
|
|
|
|
|
|
|
# this work for additional information regarding copyright ownership. |
5
|
|
|
|
|
|
|
# The ASF licenses this file to you under the Apache License, Version 2.0 |
6
|
|
|
|
|
|
|
# (the "License"); you may not use this file except in compliance with |
7
|
|
|
|
|
|
|
# the License. You may obtain a copy of the License at: |
8
|
|
|
|
|
|
|
# |
9
|
|
|
|
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0 |
10
|
|
|
|
|
|
|
# |
11
|
|
|
|
|
|
|
# Unless required by applicable law or agreed to in writing, software |
12
|
|
|
|
|
|
|
# distributed under the License is distributed on an "AS IS" BASIS, |
13
|
|
|
|
|
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
14
|
|
|
|
|
|
|
# See the License for the specific language governing permissions and |
15
|
|
|
|
|
|
|
# limitations under the License. |
16
|
|
|
|
|
|
|
# </@LICENSE> |
17
|
|
|
|
|
|
|
|
18
|
|
|
|
|
|
|
|
19
|
|
|
|
|
|
|
use Mail::SpamAssassin::Plugin; |
20
|
22
|
|
|
22
|
|
166
|
use Mail::SpamAssassin::Logger; |
|
22
|
|
|
|
|
45
|
|
|
22
|
|
|
|
|
674
|
|
21
|
22
|
|
|
22
|
|
116
|
use Mail::SpamAssassin::Constants qw(:ip); |
|
22
|
|
|
|
|
44
|
|
|
22
|
|
|
|
|
1383
|
|
22
|
22
|
|
|
22
|
|
149
|
use strict; |
|
22
|
|
|
|
|
55
|
|
|
22
|
|
|
|
|
2550
|
|
23
|
22
|
|
|
22
|
|
158
|
use warnings; |
|
22
|
|
|
|
|
45
|
|
|
22
|
|
|
|
|
568
|
|
24
|
22
|
|
|
22
|
|
110
|
# use bytes; |
|
22
|
|
|
|
|
41
|
|
|
22
|
|
|
|
|
795
|
|
25
|
|
|
|
|
|
|
use re 'taint'; |
26
|
22
|
|
|
22
|
|
146
|
|
|
22
|
|
|
|
|
46
|
|
|
22
|
|
|
|
|
11264
|
|
27
|
|
|
|
|
|
|
our @ISA = qw(Mail::SpamAssassin::Plugin); |
28
|
|
|
|
|
|
|
|
29
|
|
|
|
|
|
|
# constructor: register the eval rule |
30
|
|
|
|
|
|
|
my $class = shift; |
31
|
|
|
|
|
|
|
my $mailsaobject = shift; |
32
|
63
|
|
|
63
|
1
|
235
|
|
33
|
63
|
|
|
|
|
141
|
# some boilerplate... |
34
|
|
|
|
|
|
|
$class = ref($class) || $class; |
35
|
|
|
|
|
|
|
my $self = $class->SUPER::new($mailsaobject); |
36
|
63
|
|
33
|
|
|
361
|
bless ($self, $class); |
37
|
63
|
|
|
|
|
311
|
|
38
|
63
|
|
|
|
|
173
|
# the important bit! |
39
|
|
|
|
|
|
|
$self->register_eval_rule ("check_https_http_mismatch"); |
40
|
|
|
|
|
|
|
|
41
|
63
|
|
|
|
|
425
|
return $self; |
42
|
|
|
|
|
|
|
} |
43
|
63
|
|
|
|
|
466
|
|
44
|
|
|
|
|
|
|
# [lt]a href="http://baboz-njeryz.de/"[gt]https://bankofamerica.com/[lt]/a[gt] |
45
|
|
|
|
|
|
|
# ("<" and ">" replaced with "[lt]" and "[gt]" to avoid Kaspersky Desktop AV |
46
|
|
|
|
|
|
|
# false positive ;) |
47
|
|
|
|
|
|
|
my ($self, $permsgstatus, undef, $minanchors, $maxanchors) = @_; |
48
|
|
|
|
|
|
|
|
49
|
|
|
|
|
|
|
my $IP_ADDRESS = IP_ADDRESS; |
50
|
0
|
|
|
0
|
0
|
|
|
51
|
|
|
|
|
|
|
$minanchors ||= 1; |
52
|
0
|
|
|
|
|
|
|
53
|
|
|
|
|
|
|
if (!exists $permsgstatus->{chhm_hit}) { |
54
|
0
|
|
0
|
|
|
|
$permsgstatus->{chhm_hit} = 0; |
55
|
|
|
|
|
|
|
$permsgstatus->{chhm_anchors} = 0; |
56
|
0
|
0
|
|
|
|
|
|
57
|
0
|
|
|
|
|
|
foreach my $k ( keys %{$permsgstatus->{html}->{uri_detail}} ) { |
58
|
0
|
|
|
|
|
|
my %uri_detail = %{$permsgstatus->{html}->{uri_detail}}; |
59
|
|
|
|
|
|
|
my $v = ${uri_detail}{$k}; |
60
|
0
|
|
|
|
|
|
# if the URI wasn't used for an anchor tag, or the anchor text didn't |
|
0
|
|
|
|
|
|
|
61
|
0
|
|
|
|
|
|
# exist, skip this. |
|
0
|
|
|
|
|
|
|
62
|
0
|
|
|
|
|
|
next unless (exists $v->{anchor_text} && @{$v->{anchor_text}}); |
63
|
|
|
|
|
|
|
|
64
|
|
|
|
|
|
|
my $uri; |
65
|
0
|
0
|
0
|
|
|
|
if ($k =~ m@^https?://([^/:]+)@i) { |
|
0
|
|
|
|
|
|
|
66
|
|
|
|
|
|
|
$uri = $1; |
67
|
0
|
|
|
|
|
|
# Skip IPs since there's another rule to catch that already |
68
|
0
|
0
|
|
|
|
|
if ($uri =~ /^$IP_ADDRESS+$/) { |
69
|
0
|
|
|
|
|
|
undef $uri; |
70
|
|
|
|
|
|
|
next; |
71
|
0
|
0
|
|
|
|
|
} |
72
|
0
|
|
|
|
|
|
# want to compare whole hostnames instead of domains? |
73
|
0
|
|
|
|
|
|
# comment this next section to the blank line. |
74
|
|
|
|
|
|
|
$uri = $self->{main}->{registryboundaries}->trim_domain($uri); |
75
|
|
|
|
|
|
|
undef $uri unless ($self->{main}->{registryboundaries}->is_domain_valid($uri)); |
76
|
|
|
|
|
|
|
} |
77
|
0
|
|
|
|
|
|
|
78
|
0
|
0
|
|
|
|
|
next unless $uri; |
79
|
|
|
|
|
|
|
$permsgstatus->{chhm_anchors}++ if exists $v->{anchor_text}; |
80
|
|
|
|
|
|
|
|
81
|
0
|
0
|
|
|
|
|
foreach (@{$v->{anchor_text}}) { |
82
|
0
|
0
|
|
|
|
|
if (m@https://([^/:]+)@i) { |
83
|
|
|
|
|
|
|
my $https = $1; |
84
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
85
|
0
|
0
|
|
|
|
|
# want to compare whole hostnames instead of domains? |
86
|
0
|
|
|
|
|
|
# comment this next section to the blank line. |
87
|
|
|
|
|
|
|
if ($https !~ /^$IP_ADDRESS+$/) { |
88
|
|
|
|
|
|
|
$https = $self->{main}->{registryboundaries}->trim_domain($https); |
89
|
|
|
|
|
|
|
undef $https unless ($self->{main}->{registryboundaries}->is_domain_valid($https)); |
90
|
0
|
0
|
|
|
|
|
} |
91
|
0
|
|
|
|
|
|
next unless $https; |
92
|
0
|
0
|
|
|
|
|
|
93
|
|
|
|
|
|
|
dbg("https_http_mismatch: domains $uri -> $https"); |
94
|
0
|
0
|
|
|
|
|
|
95
|
|
|
|
|
|
|
next if $uri eq $https; |
96
|
0
|
|
|
|
|
|
$permsgstatus->{chhm_hit} = 1; |
97
|
|
|
|
|
|
|
last; |
98
|
0
|
0
|
|
|
|
|
} |
99
|
0
|
|
|
|
|
|
} |
100
|
0
|
|
|
|
|
|
} |
101
|
|
|
|
|
|
|
dbg("https_http_mismatch: anchors ".$permsgstatus->{chhm_anchors}); |
102
|
|
|
|
|
|
|
} |
103
|
|
|
|
|
|
|
|
104
|
0
|
|
|
|
|
|
return ( $permsgstatus->{chhm_hit} && $permsgstatus->{chhm_anchors} >= $minanchors && (defined $maxanchors && $permsgstatus->{chhm_anchors} < $maxanchors) ); |
105
|
|
|
|
|
|
|
} |
106
|
|
|
|
|
|
|
|
107
|
0
|
|
0
|
|
|
|
1; |