nixpkgs/pkgs/servers/mail/spamassassin/default.nix

{ lib, fetchurl, perlPackages, makeBinaryWrapper, gnupg, re2c, gcc, gnumake, libxcrypt, openssl, coreutils, poppler_utils, tesseract, iana-etc }:

perlPackages.buildPerlPackage rec {
  pname = "SpamAssassin";
  version = "4.0.0";
  rulesRev = "r1905950";

  src = fetchurl {
    url = "mirror://apache/spamassassin/source/Mail-${pname}-${version}.tar.bz2";
    hash = "sha256-5aoXBQowvHK6qGr9xgSMrepNHsLsxh14dxegWbgxnog=";
  };
  defaultRulesSrc = fetchurl {
    url = "mirror://apache/spamassassin/source/Mail-${pname}-rules-${version}.${rulesRev}.tgz";
    hash = "sha256-rk/7uRfrx/76ckD8W7UVHdpmP45AWRYa18m0Lu0brG0=";
  };

  patches = [
    ./satest-no-clean-path.patch
    ./sa_compile-use-perl5lib.patch
  ];

  nativeBuildInputs = [ makeBinaryWrapper ];
  buildInputs = (with perlPackages; [
    HTMLParser NetCIDRLite NetDNS NetAddrIP DBFile HTTPDate MailDKIM LWP
    LWPProtocolHttps IOSocketSSL DBI EncodeDetect IPCountry NetIdent
    Razor2ClientAgent MailSPF NetDNSResolverProgrammable Socket6
    ArchiveZip EmailAddressXS NetLibIDN2 MaxMindDBReader GeoIP MailDMARC
    MaxMindDBReaderXS
  ]) ++ [
    openssl
  ];

  makeFlags = [ "PERL_BIN=${perlPackages.perl}/bin/perl" "ENABLE_SSL=yes" ];

  makeMakerFlags = [ "SYSCONFDIR=/etc LOCALSTATEDIR=/var/lib/spamassassin" ];

  checkInputs = (with perlPackages; [
    TextDiff  # t/strip2.t
  ]) ++ [
    coreutils  # date, t/basic_meta.t
    poppler_utils  # pdftotext, t/extracttext.t
    tesseract  # tesseract, t/extracttext.t
    iana-etc  # t/dnsbl_subtests.t (/etc/protocols used by Net::DNS::Nameserver)
    re2c gcc gnumake
  ];
  preCheck = ''
    substituteInPlace t/spamc_x_e.t \
      --replace "/bin/echo" "${coreutils}/bin/echo"
    export C_INCLUDE_PATH='${lib.makeSearchPathOutput "include" "include" [ libxcrypt ]}'
    export HARNESS_OPTIONS="j''${NIX_BUILD_CORES}"

    export HOME=$NIX_BUILD_TOP/home
    mkdir -p $HOME
    mkdir t/log  # pre-create to avoid race conditions

    # https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8068
    checkFlagsArray+=(TEST_FILES='$(shell find t -name *.t -not -name spamd_ssl_accept_fail.t)')
  '';

  postInstall = ''
    mkdir -p $out/share/spamassassin
    mv "rules/"* $out/share/spamassassin/

    tar -xzf ${defaultRulesSrc} -C $out/share/spamassassin/
    local moduleversion="$(${perlPackages.perl}/bin/perl -I lib -e 'use Mail::SpamAssassin; print $Mail::SpamAssassin::VERSION')"
    sed -i -e "s/@@VERSION@@/$moduleversion/" $out/share/spamassassin/*.cf

    for n in "$out/bin/"*; do
      # Skip if this isn't a perl script
      if ! head -n1 "$n" | grep -q bin/perl; then
        continue
      fi
      echo "Wrapping $n for taint mode"
      orig="$out/bin/.$(basename "$n")-wrapped"
      mv "$n" "$orig"
      # We don't inherit argv0 so that $^X works properly in e.g. sa-compile
      makeWrapper "${perlPackages.perl}/bin/perl" "$n" \
        --add-flags "-T $perlFlags $orig" \
        --prefix PATH : ${lib.makeBinPath [ gnupg re2c gcc gnumake ]} \
        --prefix C_INCLUDE_PATH : ${lib.makeSearchPathOutput "include" "include" [ libxcrypt ]}
    done
  '';

  meta = {
    homepage = "https://spamassassin.apache.org/";
    description = "Open-Source Spam Filter";
    license = lib.licenses.asl20;
    platforms = lib.platforms.unix;
    maintainers = with lib.maintainers; [ qknight qyliss ];
  };
}
spamassassin: enable taint mode 2023-06-25 16:32:01 +02:00			`{ lib, fetchurl, perlPackages, makeBinaryWrapper, gnupg, re2c, gcc, gnumake, libxcrypt, openssl, coreutils, poppler_utils, tesseract, iana-etc }:`
SpamAssassin: add version 3.3.2 2012-07-08 00:32:30 +02:00
buildPerlPackage -> perlPackages.buildPerlPackage 2018-10-13 01:10:38 +02:00			`perlPackages.buildPerlPackage rec {`
buildPerlPackage: name -> (pname, version) 2019-06-20 15:07:56 +02:00			`pname = "SpamAssassin";`
spamassassin: 3.4.6 → 4.0.0 The HashCash module has been removed, so this change also drops it from the default config for spamassassin. 2023-02-19 13:15:04 +01:00			`version = "4.0.0";`
spamassassin: install default rules This lets spamassassin work as normal out of the box, without having to invoke sa-update first. 2023-09-21 12:49:14 +02:00			`rulesRev = "r1905950";`
SpamAssassin: add version 3.3.2 2012-07-08 00:32:30 +02:00
			`src = fetchurl {`
buildPerlPackage: name -> (pname, version) 2019-06-20 15:07:56 +02:00			`url = "mirror://apache/spamassassin/source/Mail-${pname}-${version}.tar.bz2";`
spamassassin: 3.4.6 → 4.0.0 The HashCash module has been removed, so this change also drops it from the default config for spamassassin. 2023-02-19 13:15:04 +01:00			`hash = "sha256-5aoXBQowvHK6qGr9xgSMrepNHsLsxh14dxegWbgxnog=";`
SpamAssassin: add version 3.3.2 2012-07-08 00:32:30 +02:00			`};`
spamassassin: install default rules This lets spamassassin work as normal out of the box, without having to invoke sa-update first. 2023-09-21 12:49:14 +02:00			`defaultRulesSrc = fetchurl {`
			`url = "mirror://apache/spamassassin/source/Mail-${pname}-rules-${version}.${rulesRev}.tgz";`
			`hash = "sha256-rk/7uRfrx/76ckD8W7UVHdpmP45AWRYa18m0Lu0brG0=";`
			`};`
SpamAssassin: add version 3.3.2 2012-07-08 00:32:30 +02:00
spamassassin: enable tests 2023-06-25 15:37:18 +02:00			`patches = [`
			`./satest-no-clean-path.patch`
			`./sa_compile-use-perl5lib.patch`
			`];`

spamassassin: enable taint mode 2023-06-25 16:32:01 +02:00			`nativeBuildInputs = [ makeBinaryWrapper ];`
treewide: makeWrapper buildInputs to nativeBuildInputs 2021-02-07 10:17:39 +01:00			`buildInputs = (with perlPackages; [`
spamassassin: fix IPv6 The Net::CIDR::Lite package was missing. 2019-12-24 23:17:31 +01:00			`HTMLParser NetCIDRLite NetDNS NetAddrIP DBFile HTTPDate MailDKIM LWP`
spamassassin: support for fetching rules over HTTPS sa-update.service starts by making an HTTP GET request to http://spamassassin.apache.org/updates/MIRRORED.BY, which now redirects to HTTPS. Since we didn't have the appropriate library available to handle HTTPS, rule updates would fail: Jan 03 12:35:03 atuin systemd[1]: Starting sa-update.service... Jan 03 12:35:10 atuin sa-update-start[1250]: Update available for channel updates.spamassassin.org: 1895535 -> 1896618 Jan 03 12:35:10 atuin sa-update-start[1250]: http: (lwp) hotpatching IO::Socket::INET by module IO::Socket::IP Jan 03 12:35:11 atuin sa-update-start[1250]: http: (lwp) GET http://spamassassin.apache.org/updates/MIRRORED.BY, 501 Protocol scheme 'https' is not supported (LWP::Protocol::https not installed) Jan 03 12:35:11 atuin sa-update-start[1250]: error: unable to refresh mirrors file for channel updates.spamassassin.org, using old file Jan 03 12:35:11 atuin sa-update-start[1250]: error: no mirror data available for channel updates.spamassassin.org Jan 03 12:35:11 atuin sa-update-start[1250]: channel 'updates.spamassassin.org': MIRRORED.BY file contents were missing, channel failed Jan 03 12:35:11 atuin sa-update-start[1250]: Update failed, exiting with code 4 Jan 03 12:35:11 atuin systemd[1]: sa-update.service: Main process exited, code=exited, status=4/NOPERMISSION Jan 03 12:35:11 atuin systemd[1]: sa-update.service: Failed with result 'exit-code'. Jan 03 12:35:11 atuin systemd[1]: Failed to start sa-update.service. 2022-01-03 14:14:37 +01:00			`LWPProtocolHttps IOSocketSSL DBI EncodeDetect IPCountry NetIdent`
			`Razor2ClientAgent MailSPF NetDNSResolverProgrammable Socket6`
spamassassin: add dependencies from SpamAssassin core These modules are all used by SpamAssassin in some way or another, in some cases optional depending on what plugins you have loaded. 2023-06-25 15:36:37 +02:00			`ArchiveZip EmailAddressXS NetLibIDN2 MaxMindDBReader GeoIP MailDMARC`
			`MaxMindDBReaderXS`
spamassassin: compile spamc with TLS support 2023-06-25 15:58:29 +02:00			`]) ++ [`
			`openssl`
			`];`
SpamAssassin: add version 3.3.2 2012-07-08 00:32:30 +02:00
spamassassin: enable taint mode 2023-06-25 16:32:01 +02:00			`makeFlags = [ "PERL_BIN=${perlPackages.perl}/bin/perl" "ENABLE_SSL=yes" ];`
SpamAssassin: add version 3.3.2 2012-07-08 00:32:30 +02:00
spamassassin: use /etc/mail/spamassassin for config Using a custom path in the Nix store meant that users of the module couldn't add their own config files, which is a desirable feature. I don't think avoiding /etc buys us anything. 2019-12-24 23:15:05 +01:00			`makeMakerFlags = [ "SYSCONFDIR=/etc LOCALSTATEDIR=/var/lib/spamassassin" ];`
spamassassin: site-wide rules are in $out/share/spamassassin; user-rules in /etc/spamassassin 2012-09-27 15:28:14 +02:00
spamassassin: enable tests 2023-06-25 15:37:18 +02:00			`checkInputs = (with perlPackages; [`
			`TextDiff # t/strip2.t`
			`]) ++ [`
			`coreutils # date, t/basic_meta.t`
			`poppler_utils # pdftotext, t/extracttext.t`
			`tesseract # tesseract, t/extracttext.t`
			`iana-etc # t/dnsbl_subtests.t (/etc/protocols used by Net::DNS::Nameserver)`
			`re2c gcc gnumake`
			`];`
			`preCheck = ''`
			`substituteInPlace t/spamc_x_e.t \`
			`--replace "/bin/echo" "${coreutils}/bin/echo"`
			`export C_INCLUDE_PATH='${lib.makeSearchPathOutput "include" "include" [ libxcrypt ]}'`
			`export HARNESS_OPTIONS="j''${NIX_BUILD_CORES}"`

			`export HOME=$NIX_BUILD_TOP/home`
			`mkdir -p $HOME`
			`mkdir t/log # pre-create to avoid race conditions`
spamassassin: disable intermittently failing test Link: https://github.com/NixOS/nixpkgs/pull/257792#issuecomment-1772297269 2023-10-20 11:06:36 +02:00
			`# https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8068`
			`checkFlagsArray+=(TEST_FILES='$(shell find t -name *.t -not -name spamd_ssl_accept_fail.t)')`
spamassassin: enable tests 2023-06-25 15:37:18 +02:00			`'';`
SpamAssassin: add version 3.3.2 2012-07-08 00:32:30 +02:00
spamassassin: disable taint mode, without it we cannot configure the PERL5LIB search path 2012-08-03 13:21:29 +02:00			`postInstall = ''`
spamassassin: fix rules installation (ZHF) 2015-07-21 17:34:52 +02:00			`mkdir -p $out/share/spamassassin`
spamassassin: site-wide rules are in $out/share/spamassassin; user-rules in /etc/spamassassin 2012-09-27 15:28:14 +02:00			`mv "rules/"* $out/share/spamassassin/`

spamassassin: install default rules This lets spamassassin work as normal out of the box, without having to invoke sa-update first. 2023-09-21 12:49:14 +02:00			`tar -xzf ${defaultRulesSrc} -C $out/share/spamassassin/`
			`local moduleversion="$(${perlPackages.perl}/bin/perl -I lib -e 'use Mail::SpamAssassin; print $Mail::SpamAssassin::VERSION')"`
			`sed -i -e "s/@@VERSION@@/$moduleversion/" $out/share/spamassassin/*.cf`

spamassassin: disable taint mode, without it we cannot configure the PERL5LIB search path 2012-08-03 13:21:29 +02:00			`for n in "$out/bin/"*; do`
spamassassin: enable taint mode 2023-06-25 16:32:01 +02:00			`# Skip if this isn't a perl script`
			`if ! head -n1 "$n" \| grep -q bin/perl; then`
			`continue`
			`fi`
			`echo "Wrapping $n for taint mode"`
			`orig="$out/bin/.$(basename "$n")-wrapped"`
			`mv "$n" "$orig"`
			`# We don't inherit argv0 so that $^X works properly in e.g. sa-compile`
			`makeWrapper "${perlPackages.perl}/bin/perl" "$n" \`
			`--add-flags "-T $perlFlags $orig" \`
			`--prefix PATH : ${lib.makeBinPath [ gnupg re2c gcc gnumake ]} \`
			`--prefix C_INCLUDE_PATH : ${lib.makeSearchPathOutput "include" "include" [ libxcrypt ]}`
spamassassin: disable taint mode, without it we cannot configure the PERL5LIB search path 2012-08-03 13:21:29 +02:00			`done`
			`'';`

SpamAssassin: add version 3.3.2 2012-07-08 00:32:30 +02:00			`meta = {`
Treewide: fix some permanent redirects on homepages (#153213) Issue #60004 2022-01-03 16:53:12 +01:00			`homepage = "https://spamassassin.apache.org/";`
SpamAssassin: add version 3.3.2 2012-07-08 00:32:30 +02:00			`description = "Open-Source Spam Filter";`
pkgs/servers: stdenv.lib -> lib 2021-01-15 08:07:56 +01:00			`license = lib.licenses.asl20;`
			`platforms = lib.platforms.unix;`
Drop myself from meta.maintainers for most packages. I'd like to reduce the number of Github notifications and review requests I receive. 2021-10-14 10:59:33 +02:00			`maintainers = with lib.maintainers; [ qknight qyliss ];`
SpamAssassin: add version 3.3.2 2012-07-08 00:32:30 +02:00			`};`
			`}`