phpop3clean.php

一个基于页面实现的pop客户端程序

					$phPOP3->OutputToScreen('<font color="blue">Header[Date]:</font>        [<font color="navy">'.htmlentities(@$ParsedHeader['date'][0]).'</font>]'."\n");
					$phPOP3->OutputToScreen('<font color="blue">Header[Message-ID]:</font>  [<font color="navy">'.htmlentities(@$ParsedHeader['message-id'][0]).'</font>]'."\n");
					$phPOP3->OutputToScreen('<font color="blue">Header[Return-Path]:</font> [<font color="navy">'.htmlentities(@$ParsedHeader['return-path'][0]).'</font>]'."\n");

					// sender email whitelist
					$timingstart = getmicrotime();
					$WhitelistEmailKeys = array('from', 'return-path');
					foreach ($WhitelistEmailKeys as $key) {
						if (isset($ParsedHeader[$key][0]) && ($matchedEmail = IsWhiteListedEmail($ParsedHeader[$key][0]))) {
							$WhiteEmailsSkipped++;
							$DebugMessages[] = '['.basename(__FILE__).'.'.__LINE__.'] Skipping message #'.$i.' (id "'.$MessageID.'") because $ParsedHeader['.$key.'] is in `'.PHPOP3CLEAN_TABLE_PREFIX.'whitelist_email` (['.$matchedEmail.'] matches ['.$ParsedHeader[$key][0].'])';
							$phPOP3->OutputToScreen('<font color="blue">skipping message #'.$i.' (id "'.$MessageID.'") - $ParsedHeader['.$key.'] is in `'.PHPOP3CLEAN_TABLE_PREFIX.'whitelist_email` (['.htmlentities($matchedEmail.'] matches ['.$ParsedHeader[$key][0]).'])</font><br><br>');

							InsertSpamScanned($LoginInfoArray['email'], $MessageID, @$ParsedHeader['from'][0], @$ParsedHeader['subject'][0], $nowtime);
							IncrementHistory($LoginInfoArray['email'], 'good');
							InsertRecent($LoginInfoArray['email'], $MessageID, $header, '', $DebugMessages);

							$SQLquery  = 'UPDATE `'.PHPOP3CLEAN_TABLE_PREFIX.'whitelist_email`';
							$SQLquery .= ' SET `lasthit` = "'.$nowtime.'"';
							$SQLquery .= ', `hitcount` = `hitcount` + 1';
							$SQLquery .= ' WHERE `email` = "'.mysql_escape_string(ExtractActualEmailAddress($ParsedHeader[$key][0])).'"';
							mysql_query($SQLquery);
							unset($SQLquery, $MessageID, $messageSize, $header, $ParsedHeader, $key, $matchedEmail);
							@$Timing['IsWhiteListedEmail'] += (getmicrotime() - $timingstart);
							continue 2;
						}
						unset($matchedEmail);
					}
					unset($key);
					@$Timing['IsWhiteListedEmail'] += (getmicrotime() - $timingstart);


					// subject word whitelist
					$timingstart = getmicrotime();
					if (isset($ParsedHeader['subject'][0]) && ($word = IsWhiteListedSubject($ParsedHeader['subject'][0]))) {
						$DebugMessages[] = '['.basename(__FILE__).'.'.__LINE__.'] Skipping message #'.$i.' (id "'.$MessageID.'") because $ParsedHeader[subject] ('.$word.') is in `'.PHPOP3CLEAN_TABLE_PREFIX.'whitelist_subject`';
						$phPOP3->OutputToScreen('<font color="blue">skipping message #'.$i.' (id "'.$MessageID.'") - $ParsedHeader[subject] ('.htmlentities($word).') is in `'.PHPOP3CLEAN_TABLE_PREFIX.'whitelist_subject`</font><br><br>');

						InsertSpamScanned($LoginInfoArray['email'], $MessageID, @$ParsedHeader['from'][0], @$ParsedHeader['subject'][0], $nowtime);
						IncrementHistory($LoginInfoArray['email'], 'good');
						InsertRecent($LoginInfoArray['email'], $MessageID, $header, '', $DebugMessages);

						$SQLquery  = 'UPDATE `'.PHPOP3CLEAN_TABLE_PREFIX.'whitelist_subject`';
						$SQLquery .= ' SET `lasthit` = "'.$nowtime.'"';
						$SQLquery .= ', `hitcount` = `hitcount` + 1';
						$SQLquery .= ' WHERE `word` = "'.mysql_escape_string($word).'"';
						mysql_query($SQLquery);
						unset($SQLquery);
						unset($MessageID, $messageSize, $header, $ParsedHeader, $word);
						@$Timing['IsWhiteListedSubject'] += (getmicrotime() - $timingstart);
						continue;
					}
					unset($word);
					@$Timing['IsWhiteListedSubject'] += (getmicrotime() - $timingstart);


					if ($ThisIsBad !== true) {
						$timingstart = getmicrotime();
						$MessageContents = $phPOP3->POP3getMessageContents($i, $LoginInfoArray['use_retr']);
						$DebugMessages[] = '['.basename(__FILE__).'.'.__LINE__.'] $phPOP3->POP3getMessageContents() returned '.strlen($MessageContents).' byte $MessageContents';
						$MessageContents = str_replace(trim($header), '', $MessageContents);
						$DebugMessages[] = '['.basename(__FILE__).'.'.__LINE__.'] $MessageContents reduced to '.strlen($MessageContents).' bytes after stripping out header';
						@$Timing['POP3getMessageContents'] += (getmicrotime() - $timingstart);

						$timingstart = getmicrotime();
						if (!$phPOP3->POP3noop()) {
							$DebugMessages[] = '['.basename(__FILE__).'.'.__LINE__.'] SERVER CONNECTION LOST!';

							$phPOP3->OutputToScreen('<hr><font color="red">SERVER CONNECTION LOST!</font><hr>');

							// the previous operation probably disconnected the server connection
							WarningEmail('$phPOP3->POP3getMessageContents() aborted connection ['.((!isset($ParsedHeader['date']) || ($ParsedHeader['date'] === '')) ? 'missing' : 'valid').' date] ('.$LoginInfoArray['email'].' #'.$i.')', $LoginInfoArray['email']."\n".'Message #'.$i."\n\n".$header.str_repeat('~', 60)."\n\n".$MessageContents);

							// don't scan this one next time
							InsertSpamScanned($LoginInfoArray['email'], $MessageID, @$ParsedHeader['from'][0], @$ParsedHeader['subject'][0], $nowtime);

							// Abort script and let next run through skip this message.
							exit;
						}
						@$Timing['POP3noop'] += (getmicrotime() - $timingstart);
						$DebugMessages[] = '['.basename(__FILE__).'.'.__LINE__.'] Server connection NOT lost on message retrieval';

						$phPOP3->OutputToScreen('<font color="blue">Size:</font> [<font color="navy">'.number_format($messageSize).' bytes</font>]'."\n");
					}


					if (PHPOP3CLEAN_USE_SPAMASSASSIN === true) {
						$timingstart = getmicrotime();
						if (isset($ParsedHeader['x-spam-status'][0])) {
							$DebugMessages[] = '['.basename(__FILE__).'.'.__LINE__.'] $ParsedHeader[x-spam-status][0] = "'.$ParsedHeader['x-spam-status'][0].'"';
							if (preg_match(preg_expression('^Yes, (hits|score)=([0-9\\.]+) required=([0-9\\.]+)', 'i'), $ParsedHeader['x-spam-status'][0], $matches)) {
								if (($matches[2] - PHPOP3CLEAN_SPAMASSASSIN_VALUE) >= $matches[3]) {
									$phPOP3->OutputToScreen('<font color="red">SpamAssassin says IS spam</font><br>');
									$ThisIsBad = true;
									$WhyItsBad = 'SpamAssassin score '.$matches[2].' out of '.$matches[3];
								} else {
									$phPOP3->OutputToScreen('<font color="purple">SpamAssassin says IS spam ('.$matches[2].'/'.$matches[3].'), but does not exceed threshold by more than "'.PHPOP3CLEAN_SPAMASSASSIN_VALUE.'"</font><br>');
								}
							} else {
								$phPOP3->OutputToScreen('<font color="green">SpamAssassin says is not spam</font><br>');
							}
							unset($matches);
						}
						@$Timing['SpamAssassin'] += (getmicrotime() - $timingstart);
					}


					if ($ThisIsBad !== true) {
						$ThisIsBad = ExamineMessageContents($header, $MessageContents, $WhyItsBad, $DebugMessages);
					}
					if ($ThisIsBad === true) {
						$phPOP3->OutputToScreen('<font color="red">'.htmlentities($WhyItsBad).'</font>'."\n");
					}


					if (($ThisIsBad !== true) && (!isset($ParsedHeader['date']) || $ParsedHeader['date'] === '')) {
						$timingstart = getmicrotime();
						if (strlen(trim($MessageContents)) == 0) {
							$phPOP3->OutputToScreen('<font color="red">Date is NOT OK</font>'."\n");
							$ThisIsBad = true;
							$WhyItsBad = 'Invalid or missing Datestamp';
							//WarningEmail('empty date with empty message', $LoginInfoArray['email']."\n".'Message #'.$i."\n".$MessageID."\n\n".$phPOP3->POP3getMessageContents($i));
							$DebugMessages[] = '['.basename(__FILE__).'.'.__LINE__.'] BAD: empty date with empty message';
						} else {
							$DebugMessages[] = '['.basename(__FILE__).'.'.__LINE__.'] empty date with non-empty message';
							//WarningEmail('empty date with non-empty message', $LoginInfoArray['email']."\n".'Message #'.$i."\n\n".$phPOP3->POP3getMessageContents($i));
						}
						@$Timing['header_date'] += (getmicrotime() - $timingstart);
					}

					if ($ThisIsBad !== true) {

						InsertSpamScanned($LoginInfoArray['email'], $MessageID, @$ParsedHeader['from'][0], @$ParsedHeader['subject'][0], $nowtime);

						$phPOP3->OutputToScreen('<font color="green">Message is OK</font>'."\n\n");
						@$NewMessagesScanned[$LoginInfoArray['email']][] = array('id'=>$MessageID, 'subject'=>@$ParsedHeader['subject'][0], 'from'=>@$ParsedHeader['from'][0]);

						IncrementHistory($LoginInfoArray['email'], 'good');
						InsertRecent($LoginInfoArray['email'], $MessageID, $header, $MessageContents, $DebugMessages);

					} else {

						$delete = true; // failsafe check in case quarantining fails

						if (eregi('^Banned (phrase|domain|IP)|Illegal attached image', $WhyItsBad)) {
							IncrementHistory($LoginInfoArray['email'], 'spam');
						} elseif (eregi('^(Invalid or missing Datestamp|truncated header|HTML in headers|Corrupt Message-Id header)', $WhyItsBad)) {
							IncrementHistory($LoginInfoArray['email'], 'corrupt');
						} else {
							IncrementHistory($LoginInfoArray['email'], 'virus');
						}

						$SQLquery  = 'INSERT INTO `'.PHPOP3CLEAN_TABLE_PREFIX.'messages` (`id`, `date`, `account`, `reason`, `subject`) VALUES (';
						$SQLquery .= '"'.mysql_escape_string($MessageID).'", ';
						$SQLquery .= '"'.mysql_escape_string($nowtime).'", ';
						$SQLquery .= '"'.mysql_escape_string($LoginInfoArray['email']).'", ';
						$SQLquery .= '"'.mysql_escape_string($WhyItsBad).'", ';
						$SQLquery .= '"'.mysql_escape_string(@$ParsedHeader['subject'][0]).'")';

						$MessageContentsFilename = PHPOP3CLEAN_QUARANTINE.date('Ym', $nowtime).'/'.eregi_replace('[^a-z0-9'.preg_quote('!@#$%^&()_+=[]{};\',.').']', '_', $MessageID).'.gz';
						if (mysql_query($SQLquery)) {
							if (!is_dir(dirname($MessageContentsFilename))) {
								if (@mkdir(dirname($MessageContentsFilename))) {
									if (chmod(dirname($MessageContentsFilename), 0777)) {
										// excellent
									} else {
										WarningEmail('phPOP3clean quarantine failure', 'FAILED: chmod('.dirname($MessageContentsFilename).', 0777)');
									}
								} else {
									WarningEmail('phPOP3clean quarantine failure', 'FAILED: mkdir('.dirname($MessageContentsFilename).')');
								}
							}
							if ($zp = @gzopen($MessageContentsFilename, 'wb')) {
								gzwrite($zp, $header.$MessageContents);
								gzclose($zp);
								touch($MessageContentsFilename);
								if (!chmod($MessageContentsFilename, 0777)) {
									WarningEmail('chmod($MessageContentsFilename, 0777) failed', 'failed:'."\n".'chmod('.$MessageContentsFilename.', 0777)');
								}
							} else {
								WarningEmail('gzopen() failed', 'failed:'."\n".'gzopen('.$MessageContentsFilename.', wb)');
								$delete = false;
							}
						} else {
							$errormessage = mysql_error();
							if (!preg_match(preg_expression('^Duplicate entry', 'i'), $errormessage)) {
								WarningEmail('SQL failed', $SQLquery."\n\n".$errormessage);
							}
						}
						unset($SQLquery, $MessageContentsFilename);

						$BadEmailsFound++;
						$phPOP3->OutputToScreen('<font color="red"><b>Message queued for deletion</b> ('.htmlentities($WhyItsBad).')</font>'."\n\n");
						if ($delete === true ) {
							MessageQueueForDelete($LoginInfoArray['email'], $MessageID);
						}
						unset($delete);
					}
					unset( $DebugMessages, $MessageID, $messageSize, $header, $ParsedHeader, $ThisIsBad, $WhyItsBad, $MessageContents );
				}
				unset($i);

			} else {

				$phPOP3->OutputToScreen('<font color="red">STAT failed</font>'."\n");

			}
			unset($STAT);
		}

		$timingstart = getmicrotime();
		$phPOP3->OutputToScreen('<font color="blue">Processing message delete queue ('.MessageDeleteQueueCount($LoginInfoArray['email']).' emails to be deleted)</font>'."\n");
		MessageDeleteQueueProcess($LoginInfoArray['email']);
		@$Timing['MessageDeleteQueueProcess'] += (getmicrotime() - $timingstart);
		unset($POP3login);

	} else {

		EchoToScreen('<font color="red">failed to open "'.$LoginInfoArray['hostname'].':'.$LoginInfoArray['port'].'"  --  '.$errno.' - '.$errstr.')</font>');

	}
	unset($phPOP3, $errno, $errstr);
	EchoToScreen('<hr>');
}
unset($LoginInfo, $LoginInfoArray);

if (is_array($NewMessagesScanned) && (count($NewMessagesScanned) > 0)) {
	foreach ($NewMessagesScanned as $NewMessageAccount => $NewMessageAccountArray) {
		$GoodEmailsFound += count($NewMessageAccountArray);
	}
	unset($NewMessageAccount, $NewMessageAccountArray);
}


$endtime = getmicrotime();
$totalProcessingTime = $endtime - $starttime;
EchoToScreen('phPOP3clean v'.PHPOP3CLEAN_VERSION.'<br>');
EchoToScreen('Finished processing in '.number_format($totalProcessingTime, 3).' seconds<br>');
EchoToScreen('Scan ended at '.date('F j Y g:i:sa').'<br>');
EchoToScreen('<table border="0">');
EchoToScreen('<tr><td>New bad:</td><td align="right">'.number_format($BadEmailsFound).'</td><td>(deleted)</td></tr>');
EchoToScreen('<tr><td>New good:</td><td align="right">'.number_format($GoodEmailsFound).'</td><td>&nbsp;</td></tr>');
EchoToScreen('<tr><td>Old good:</td><td align="right">'.number_format($GoodEmailsSkipped).'</td><td>(skipped)</td></tr>');
EchoToScreen('<tr><td>Skipped (too large):</td><td align="right">'.number_format($LargeEmailsSkipped).'</td><td>(skipped)</td></tr>');
EchoToScreen('<tr><td>Skipped (whitelist):</td><td align="right">'.number_format($WhiteEmailsSkipped).'</td><td>(skipped)</td></tr>');
EchoToScreen('</table>');
if (is_array($Timing) && (count($Timing) > 0)) {
	arsort($Timing);
	EchoToScreen('Timing:<ul>');
	foreach ($Timing as $key => $value) {
		EchoToScreen('<li>'.$key.' = '.number_format($value, 3).'</li>');
	}
	unset($key, $value);
	EchoToScreen('</ul>');
	EchoToScreen(number_format($totalProcessingTime - array_sum($Timing), 3).' seconds unaccounted for.<br>');
}
EchoToScreen('</body></html>');

?>