Yomi sandbox: Skip PEC attachments

[andre8244]

PEC attachments containing signature are sometimes mistakenly recognized as malware.

Proposed solution

Do not send PEC signatures to Yomi sandbox. openssl command can be used to properly detect if an attachment is a PEC signature

[nethbot]

in 7.9.2009/nethesis-testing:

• nethserver-yomi-2.0.1-1.1.gd7ca352.ns7.noarch.rpm x86_64

[andre8244]

Test case

• Enable Yomi debug: config setprop yomi Debug enabled && signal-event nethserver-yomi-update
• Send an email to test server containing a PEC signature as attachment, e.g. a .p7s file
• Verify the following command returns a match: grep "skipped PEC signature" /var/log/maillog
• Verify that delivered email contains YOMI_SKIPPED symbol with a proper description, e.g. YOMI_SKIPPED(0.00)[smime.p7s contains PEC signature]

[nethbot]

in 7.9.2009/nethesis-testing:

• nethserver-yomi-2.0.1-1.2.g6f79ee3.ns7.noarch.rpm x86_64

[gsanchietti]

Verified. When a p7s attachment is sent, the Yomi plugin will skip it:

Sep  9 12:30:59 server rspamd[29431]: <34ffc6>; lua; yomi.lua:83: yomi: skipped PEC signature smime.p7s

[nethbot]

in 7.9.2009/nethesis-updates:

• nethserver-yomi-2.1.0-1.ns7.noarch.rpm x86_64