From 6b91a41ee81a17713a49b0723ef8b7f36dcc9147 Mon Sep 17 00:00:00 2001 From: Benoit TELLIER Date: Tue, 13 Feb 2024 10:51:58 +0100 Subject: [PATCH] JAMES-3775 Pass SSL information to RspamD scanner mailet --- mailet/api/src/main/java/org/apache/mailet/Mail.java | 2 ++ .../smtpserver/AddDefaultAttributesMessageHook.java | 5 +++++ .../apache/james/rspamd/client/RspamdHttpClient.java | 12 ++++++++++++ 3 files changed, 19 insertions(+) diff --git a/mailet/api/src/main/java/org/apache/mailet/Mail.java b/mailet/api/src/main/java/org/apache/mailet/Mail.java index 2b1ce094726..93527b8110b 100644 --- a/mailet/api/src/main/java/org/apache/mailet/Mail.java +++ b/mailet/api/src/main/java/org/apache/mailet/Mail.java @@ -103,6 +103,8 @@ public interface Mail extends Serializable, Cloneable { AttributeName SMTP_AUTH_USER = AttributeName.of("org.apache.james.SMTPAuthUser"); AttributeName SMTP_HELO = AttributeName.of("org.apache.james.HELO"); + AttributeName SSL_PROTOCOL = AttributeName.of("org.apache.james.ssl.protocol"); + AttributeName SSL_CIPHER = AttributeName.of("org.apache.james.ssl.cipher"); AttributeName SMTP_SESSION_ID = AttributeName.of("org.apache.james.SMTPSessionID"); AttributeName MAILET_ERROR = AttributeName.of("org.apache.james.MailetError"); Attribute SENT_BY_MAILET_ATTRIBUTE = Attribute.convertToAttribute("org.apache.james.SentByMailet", true); diff --git a/server/protocols/protocols-smtp/src/main/java/org/apache/james/smtpserver/AddDefaultAttributesMessageHook.java b/server/protocols/protocols-smtp/src/main/java/org/apache/james/smtpserver/AddDefaultAttributesMessageHook.java index 5b31c518d25..760aea4cdc4 100644 --- a/server/protocols/protocols-smtp/src/main/java/org/apache/james/smtpserver/AddDefaultAttributesMessageHook.java +++ b/server/protocols/protocols-smtp/src/main/java/org/apache/james/smtpserver/AddDefaultAttributesMessageHook.java @@ -49,6 +49,11 @@ public HookResult onMessage(SMTPSession session, Mail mail) { session.getAttachment(SMTPSession.CURRENT_HELO_NAME, ProtocolSession.State.Connection) .ifPresent(helo -> mail.setAttribute(new Attribute(Mail.SMTP_HELO, AttributeValue.of(helo)))); + session.getSSLSession().ifPresent(sslSession -> { + mail.setAttribute(new Attribute(Mail.SSL_PROTOCOL, AttributeValue.of(sslSession.getProtocol()))); + mail.setAttribute(new Attribute(Mail.SSL_CIPHER, AttributeValue.of(sslSession.getCipherSuite()))); + }); + if (session.getUsername() != null) { mail.setAttribute(new Attribute(Mail.SMTP_AUTH_USER, AttributeValue.of(session.getUsername().asString()))); } diff --git a/third-party/rspamd/src/main/java/org/apache/james/rspamd/client/RspamdHttpClient.java b/third-party/rspamd/src/main/java/org/apache/james/rspamd/client/RspamdHttpClient.java index 5a256e9e68c..1b78aa82259 100644 --- a/third-party/rspamd/src/main/java/org/apache/james/rspamd/client/RspamdHttpClient.java +++ b/third-party/rspamd/src/main/java/org/apache/james/rspamd/client/RspamdHttpClient.java @@ -184,6 +184,18 @@ private void transportInformationToHeaders(Mail mail, io.netty.handler.codec.htt .filter(String.class::isInstance) .map(String.class::cast) .ifPresent(user -> headers.add("User", user)); + + // SSL details + mail.getAttribute(Mail.SSL_PROTOCOL) + .map(attr -> attr.getValue().value()) + .filter(String.class::isInstance) + .map(String.class::cast) + .ifPresent(tlsVersion -> headers.add("TLS-Version", tlsVersion)); + mail.getAttribute(Mail.SSL_CIPHER) + .map(attr -> attr.getValue().value()) + .filter(String.class::isInstance) + .map(String.class::cast) + .ifPresent(cipher -> headers.add("TLS-Cipher", cipher)); } private HttpClient buildReactorNettyHttpClient(RspamdClientConfiguration configuration) {