Page 1 of 1

PARANOID SPAM DETECTOR on a remote host

Posted: 2008-04-13 13:26
by rosali
If someone use Paranoid Spam Detector (sssolutions.net/paranoid/) you can use this script to connect to paranoid service located on a REMOTE host.

Code: Select all

<?php

/*
(c) roland-liebl.de NO WARRANTY !!!! USE AT YOUR OWN RISK
*/


/*
argv[1] = message file (must)
argv[2] = username linked with paranoid dictionary (optional)
argv[3] = password (optional)
*/

/*

######################
# hMailServer script #
#######################################################################
# based on http://www.hmailserver.com/forum/viewtopic.php?f=14&t=2960 #
#######################################################################
   Const g_sPHPPath     = "D:\xampp_161\php\php.exe" 
   Const g_sScriptPath  = "D:\xampp_161\htdocs\webmail\work\program\include\authparanoidtest.inc.php" 
   Const g_sPipeAddress = ""

   Sub OnDeliverMessage(oMessage)

   If g_sPipeAddress = "" Then
      bPipeMessage = True
   Else
      bPipeMessage = False

      Set obRecipients = oMessage.Recipients
      
      For i = 0 to obRecipients.Count - 1
         Set obRecipient = obRecipients.Item(i)
         
         If LCase(obRecipient.Address) = LCase(g_sPipeAddress) Then
            bPipeMessage = True
         End If
      Next
   End If
      
   If bPipeMessage Then
      sCommandLine = "cmd /c type " & g_sDQ & oMessage.Filename & g_sDQ & " | " & g_sDQ & g_sPHPPath & g_sDQ & " " & g_sDQ & g_sScriptPath & " " & oMessage.Filename & g_sDQ 
      Set oShell = CreateObject("WScript.Shell") 
      Call oShell.Run(sCommandLine, 0, TRUE)
   End If

   End Sub

*/


$user = "myuser@mydomain.com";
$pass = "pass";

if(isset($argv[2])){
  $user = $argv[2];
}
if(isset($argv[3])){
  $pass = $argv[3];
}

function authParanoidTest($user,$pass,$message){

/*  your configuration here  */

$smtpServer = "localhost"; //ip accepted as well
$port = "33000"; // should be 25 by default
$timeout = "5"; //typical timeout. try 45 for slow servers
$username = $user; //the login for your smtp
$password = $pass; //the pass for your smtp
$newLine = "\r\n"; //var just for newlines in MS
$secure = 0; //change to 1 if you need a secure connect
  
/*  you shouldn't need to mod anything else */

//connect to the host and port
$smtpConnect = fsockopen($smtpServer, $port, $errno, $errstr, $timeout);
$smtpResponse = fgets($smtpConnect, 4096);
if(empty($smtpConnect))
{
   $output = "Failed to connect: $smtpResponse";
   return $output;
}
else
{
   $logArray['connection'] = "Connected to: $smtpResponse";
}

//say HELO to our little friend
fputs($smtpConnect, "HELO " . $_SERVER['REMOTE_ADDR'] . $newLine);
$smtpResponse = fgets($smtpConnect, 4096);
$logArray['heloresponse'] = "$smtpResponse";

//start a tls session if needed 
if($secure)
{
   fputs($smtpConnect, "STARTTLS". $newLine);
   $smtpResponse = fgets($smtpConnect, 4096);
   $logArray['tlsresponse'] = "$smtpResponse";

   //you have to say HELO again after TLS is started
   fputs($smtpConnect, "HELO $localhost". $newLine);
   $smtpResponse = fgets($smtpConnect, 4096);
   $logArray['heloresponse2'] = "$smtpResponse";
}

//request for auth login
fputs($smtpConnect,"AUTH LOGIN" . $newLine);
$smtpResponse = fgets($smtpConnect, 4096);
$logArray['authrequest'] = "$smtpResponse";

//send the username
fputs($smtpConnect, base64_encode($username) . $newLine);
$smtpResponse = fgets($smtpConnect, 4096);
$logArray['authusername'] = "$smtpResponse";

//send the password
fputs($smtpConnect, base64_encode($password) . $newLine);
$smtpResponse = fgets($smtpConnect, 4096);
$logArray['authpassword'] = "$smtpResponse";

$temparr=explode(" ",$smtpResponse);
if($temparr[0] == 235){

	//email from
	//fputs($smtpConnect, "MAIL FROM: $username" . $newLine);
	//$smtpResponse = fgets($smtpConnect, 4096);
	//$logArray['mailfromresponse'] = "$smtpResponse";

	//email to
	fputs($smtpConnect, "RCPT TO: $command" . $newLine);
	$smtpResponse = fgets($smtpConnect, 4096);
	$logArray['mailtoresponse'] = "$smtpResponse";

	//the email
	fputs($smtpConnect, "DATA" . $newLine);
	$smtpResponse = fgets($smtpConnect, 4096);
	$logArray['data1response'] = "$smtpResponse";

	//observe the . after the newline, it signals the end of message

	fputs($smtpConnect, "$message\r\n.\r\n");
	$smtpResponse = fgets($smtpConnect, 4096);
	$logArray['data2response'] = "$smtpResponse";
}

// say goodbye
fputs($smtpConnect,"QUIT" . $newLine);
$smtpResponse = fgets($smtpConnect, 4096);
$logArray['quitresponse'] = "$smtpResponse";
$logArray['quitcode'] = substr($smtpResponse,0,3);
fclose($smtpConnect);

if($temparr[0] == 235){
	return($logArray);
}
else{
	return false;
}

}

$message = file_get_contents('php://stdin');

$arr_return = authParanoidTest($user, $pass,$message);

if(isset($argv[1])){
  if($arr_return['quitcode'] == 250){
    $result = "No";
  }
  else{
    $result = "Yes";
  }
  $message = "X-Paranoid-Result: " . $result . "\r\n" . $message;
  file_put_contents(str_replace("\\","/",$argv[1]), $message);
}

?>


Re: PARANOID SPAM DETECTOR on a remote host

Posted: 2008-04-23 11:08
by westdam
great!!
did you post also on sssolutions KB ?
it's a great script.

thanks..

Re: PARANOID SPAM DETECTOR on a remote host

Posted: 2008-04-23 11:42
by rosali
No, not yet. But feel free to do so!

-Roland

Re: PARANOID SPAM DETECTOR on a remote host

Posted: 2008-04-23 12:57
by dzekas
RFC2487.

"The client SHOULD send an EHLO command as the first command after a successful TLS negotiation."

EHLO is not same thing as HELO.

And you don't turn on crypto on socket after starttls command is issued.

Re: PARANOID SPAM DETECTOR on a remote host

Posted: 2008-04-23 13:04
by rosali
Feel free to modify. Please condider that this is not a mail transfer. Paranoid use SMTP protocol to transfer files for spam rating. It is regardless if you send HELO of EHLO.

Re: PARANOID SPAM DETECTOR on a remote host

Posted: 2008-04-23 13:14
by dzekas
rosali wrote:Feel free to modify.
Your code does not have license suitable for me. I have only notified you that your StartTLS code is broken. $secure=true does not work.