[Feature Request] Support injecting custom headers into the HTTP request

haraka / haraka-plugin-rspamd

Rspamd plugin for Haraka

https://www.npmjs.com/package/haraka-plugin-rspamd

MIT License

15 stars 14 forks source link

[Feature Request] Support injecting custom headers into the HTTP request #4

Closed fatalbanana closed 6 years ago

fatalbanana commented 6 years ago

This plugin should provide the ability to use headers set by other plugins in the request to Rspamd. I suppose the way to do this is probably by nesting something in connection.transaction.notes.

Use-cases:

Providing custom settings for Rspamd scan
Using precomputed results for redundant checks with the http_headers module.
Overriding the IP sent to Rspamd if need be
Other?

msimerson commented 6 years ago

Using precomputed results...

This is already being done by this plugin, right? You want to extend it so other Haraka plug-ins can do that too? (I’m struggling to think why we’d want rspamd logic spread across other plugins).

msimerson commented 6 years ago

There are other things the plugin could pass, like TLS received data, but that’s tied to waiting on upstream vstakhov/rspamd#427 to support it, AFAIK.

fatalbanana commented 6 years ago

There are other things the plugin could pass, like TLS received data, but that’s tied to waiting on upstream rspamd/rspamd#427 to support it, AFAIK.

Rspamd readily understands TLS-Cipher and TLS-Version headers which can be used for this purpose.

Using precomputed results for redundant checks with the http_headers module.

Idea here is that some plugin could add information about, for example, some RBL check result, to transaction notes. The rspamd plugin would add this information in a custom header & deliver it in the scan request. Rspamd would then skip the related check and use the predetermined result (like described at vstakhov/rspamd#285).

... perhaps it might be undesirable to have rspamd-specific stuff in other plugins indeed, the proposal here however is just to add the plumbing to rspamd plugin to allow it to use headers set by something else.

msimerson commented 6 years ago

Rspamd readily understands TLS-Cipher and TLS-Version headers which can be used for this purpose.

Well then, this plugin should be updated accordingly. :-)

Haraka already has haraka-results and most stuff in the Haraka ecosystem uses it to store processed results. In your example, the dnsbl plugin calls results.add() to store the results. This plugin can grab that data with results.get('dnsbl'), format it however rspamd wants, and stuff it into the header.

msimerson commented 6 years ago

I've added passing of TLS-Cipher and TLS-Version to this plugin. We're already doing "Using precomputed results for redundant checks with the http_headers module" and it'd be quite easy to "override the IP sent to Rspamd" if you knew where to get that data from. I'm not sure how to proceed any further. I have other suggestions:

make specific requests. IE, pass property X from plugin Y to rspamd in header Z.
If you have ideas for aggregate data useful to rspamd, perhaps some type of config settings that:
- specify "when plugin Y has result X, do Z"
- provide the rspamd of the preferred location(s) to find bits of data