From 77682b077bd677956db5686f3daa993a8241a89a Mon Sep 17 00:00:00 2001 From: Daniel Winzen Date: Sun, 6 Feb 2022 19:42:03 +0100 Subject: [PATCH] Removed razor due to excessive ressource usage --- etc/razorfy.conf | 14 --- etc/systemd/system/razorfy.service | 32 ------- install_binaries.sh | 5 +- usr/local/bin/razorfy.pl | 131 ----------------------------- 4 files changed, 1 insertion(+), 181 deletions(-) delete mode 100644 etc/razorfy.conf delete mode 100644 etc/systemd/system/razorfy.service delete mode 100755 usr/local/bin/razorfy.pl diff --git a/etc/razorfy.conf b/etc/razorfy.conf deleted file mode 100644 index 8b46a07..0000000 --- a/etc/razorfy.conf +++ /dev/null @@ -1,14 +0,0 @@ -# Razorfy Configuration file - -# set to 1 to enable debug logging (Default 0) -RAZORFY_DEBUG = 0 - -# max number of threads to use (Default 200) -RAZORFY_MAXTHREADS = 200 - -# bind razorfy default to local ip address (127.0.0.1) -# use :: for all (dual stack), 0.0.0.0 (all ipv4), ::1 localhost v6only, 127.0.0.1 localhost ipv4 -RAZORFY_BINDADDRESS = 127.0.0.1 - -# tcp port to use -RAZORFY_BINDPORT = 11342 diff --git a/etc/systemd/system/razorfy.service b/etc/systemd/system/razorfy.service deleted file mode 100644 index 3314498..0000000 --- a/etc/systemd/system/razorfy.service +++ /dev/null @@ -1,32 +0,0 @@ -[Unit] -Description=Razorfy Service -Requires=network.target local-fs.target time-sync.target - -[Service] -Type=simple -User=razorfy -Group=razorfy - -EnvironmentFile=/etc/razorfy.conf -ExecStart=/usr/local/bin/razorfy.pl -ExecReload=/bin/kill -HUP $MAINPID -ExecStop=/bin/kill $MAINPID - -Restart=always -RestartSec=3 - -PIDFile=/var/run/razor.pid -TimeoutStopSec=30 - -NoNewPrivileges=true -PrivateDevices=true -PrivateTmp=true -PrivateUsers=true -ProtectControlGroups=true -ProtectHome=true -ProtectKernelModules=true -ProtectKernelTunables=true -ProtectSystem=strict - -[Install] -WantedBy=multi-user.target diff --git a/install_binaries.sh b/install_binaries.sh index f23f889..e6e4a5f 100755 --- a/install_binaries.sh +++ b/install_binaries.sh @@ -4,7 +4,7 @@ set -e export LANG=C.UTF-8 # install all required packages DEBIAN_FRONTEND=noninteractive apt-get update -DEBIAN_FRONTEND=noninteractive apt-get --no-install-recommends install -y apt-transport-tor bash-completion bind9 brotli bzip2 ca-certificates clamav-daemon clamav-freshclam curl dovecot-imapd dovecot-lmtpd dovecot-pop3d git hardlink haveged iptables libio-socket-ip-perl libsasl2-modules locales locales-all logrotate lsb-release mariadb-server nano postfix postfix-mysql quota quotatool razor redis rsync ssh subversion tor unzip vim wget xz-utils zip zopfli +DEBIAN_FRONTEND=noninteractive apt-get --no-install-recommends install -y apt-transport-tor bash-completion bind9 brotli bzip2 ca-certificates clamav-daemon clamav-freshclam curl dovecot-imapd dovecot-lmtpd dovecot-pop3d git hardlink haveged iptables libio-socket-ip-perl libsasl2-modules locales locales-all logrotate lsb-release mariadb-server nano postfix postfix-mysql quota quotatool redis rsync ssh subversion tor unzip vim wget xz-utils zip zopfli # build dependencies DEBIAN_FRONTEND=noninteractive apt-get --no-install-recommends install -y autoconf automake bison cmake g++ gcc ghostscript gnupg `apt-cache search --names-only 'libargon2(-0)?-dev' | awk '{print $1;}' | head -n1` libbrotli-dev libbz2-dev libc-client2007e-dev libcurl4-openssl-dev libde265-dev libdjvulibre-dev libedit-dev `apt-cache search --names-only 'libenchant(-2)?-dev' | awk '{print $1;}' | head -n1` libffi-dev `apt-cache search --names-only libfreetype6?-dev | awk '{print $1;}' | head -n1` libfftw3-dev libfribidi-dev libgd-dev libgmp-dev libgpg-error-dev libgpgme-dev libharfbuzz-dev libkrb5-dev libldap2-dev liblmdb-dev liblqr-1-0-dev libmariadb-dev libonig-dev libopenexr-dev libopenjp2-7-dev libpango1.0-dev libpcre3-dev libpng-dev libpspell-dev libqdbm-dev libraqm-dev libraw-dev libreadline-dev librsvg2-dev libsasl2-dev libsodium-dev libsqlite3-dev libssl-dev libsystemd-dev libtidy-dev libtool libwebp-dev libwmf-dev libx265-dev libxml2-dev libxpm-dev libxslt1-dev libzip-dev libzstd-dev make poppler-utils ragel re2c yasm zlib1g-dev @@ -1768,6 +1768,3 @@ composer self-update id -u _rspamd >/dev/null 2>&1 ||useradd -M -r -s /bin/false -d /var/lib/rspamd _rspamd mkdir -p /var/lib/rspamd chown _rspamd: /var/lib/rspamd - -#razorfy -id -u razorfy >/dev/null 2>&1 || useradd -M -r -s /bin/false razorfy diff --git a/usr/local/bin/razorfy.pl b/usr/local/bin/razorfy.pl deleted file mode 100755 index 6e8b1e6..0000000 --- a/usr/local/bin/razorfy.pl +++ /dev/null @@ -1,131 +0,0 @@ -#!/usr/bin/perl - -# Copyright (c) 2020, Mirko Ludeke -# Copyright (c) 2020, Carsten Rosenberg -# Copyright (c) 2020, Andreas Boesen -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -use strict; -use warnings; -use IO::Socket::IP; -use IO::Select; -use threads; -use Data::Dumper; -use POSIX qw(setlocale strftime); -use Razor2::Client::Agent; - -# set to 1 to enable debug logging -my $debug = defined($ENV{'RAZORFY_DEBUG'}) ? $ENV{'RAZORFY_DEBUG'} : 0; -# max number of threa to use -my $maxthreads = defined($ENV{'RAZORFY_MAXTHREADS'}) ? $ENV{'RAZORFY_MAXTHREADS'} : 200; -# bind razorfy to default to local ip address -# use :: for all (dual stack), 0.0.0.0 (all ipv4), ::1 localhost v6only, 127.0.0.1 localhost ipv4 -my $bindaddress = defined($ENV{'RAZORFY_BINDADDRESS'}) ? $ENV{'RAZORFY_BINDADDRESS'} : '127.0.0.1'; -# tcp port to use -my $bindport = defined($ENV{'RAZORFY_BINDPORT'}) ? $ENV{'RAZORFY_BINDPORT'} : '11342'; - -my $agent = new Razor2::Client::Agent('razor-check') or die ; - $agent->read_options() or die $agent->errstr ."\n"; - $agent->do_conf() or die $agent->errstr ."\n"; - -my %logret = ( 0 => 'spam', 1 => 'ham'); - -sub Main -{ - # flush after every write - $| = 1; - - my ( $socket, $client_socket ); - - # Bind to listening address and port - $socket = new IO::Socket::IP ( - LocalHost => $bindaddress, - LocalPort => $bindport, - Proto => 'tcp', - Listen => 10, - ReuseAddr => 1 - ) or die "Could not open socket: ".$!."\n"; - - ErrorLog( "RAZORFY started, PID: $$ Waiting for client connections..."); - - my @clients = (); - - # start infinity loop - while(1) - { - - # Limit threads - my @threads = threads->list(threads::running); - - if( $#threads < $maxthreads ) { - - # Waiting for new client connection. - $client_socket = $socket->accept(); - - # Push new client connection to it's own thread - push ( @clients, threads->create( \&clientHandler, $client_socket ) ); - - ErrorLog( "active threads: $#threads") if $debug ; - ErrorLog( "client array length: " . scalar @clients) if $debug ; - - my $counter = 0; - foreach ( @clients ) - { - if( $_->is_joinable() ) { - $_->join(); - } - if( not $_->is_running() ) { - splice(@clients,$counter,1); - } - $counter++; - } - } - } - $socket->close(); - return 1; -} - -sub clientHandler -{ - # Socket is passed to thread as first (and only) argument. - my ($client_socket) = @_; - - # Create hash for user connection/session information and set initial connection information. - my %user = (); - $user{peer_address} = $client_socket->peerhost(); - $user{peer_port} = $client_socket->peerport(); - - ErrorLog( "Accepted New Client Connection From:".$user{peer_address}.":".$user{peer_port}) if $debug; - - my %hashr; - $hashr{'fh'} = $client_socket; - - my $ret = $agent->checkit(\%hashr); - print $client_socket ( $ret == 0) ? "spam" : "ham"; - - ErrorLog( "return value: ". $logret{$ret} ) if $debug; - - $client_socket->shutdown(2); - threads->exit(); -} - -sub ErrorLog { -setlocale(&POSIX::LC_ALL, "en_US"); - my $msg = shift; - my $datestring = strftime "%b %e %H:%M:%S", localtime; - print STDERR $msg."\n"; -} - -# Start the Main loop -Main();