Tag: docker

Block Google Groups mailing list autoresponder spam with rspamd and Mailcow

Since a few weeks i got a lot of spam mails that are autoreponders from different companies. All of them have in common that they are had the Google Groups mailing list headers:

List-ID: <some.example.com>
X-Spam-Checked-In-Group: sdsdsdsdsdsdsdsdsdsdsdsdsdsdsd@example.com
X-Google-Group-Id: 5432154321
List-Post: <https://groups.google.com/a/example.com/group/some/post>, <mailto:some@example.com>
List-Help: <https://support.google.com/a/example.com/bin/topic.py?topic=25838>,
    <mailto:bt+help@example.com>
List-Archive: <https://groups.google.com/a/example.com/group/some/>
List-Subscribe: <https://groups.google.com/a/example.com/group/some/subscribe>,
    <mailto:some+subscribe@example.com>
List-Unsubscribe: <mailto:googlegroups-manage+5432154321+unsubscribe@googlegroups.com>,
    <https://groups.google.com/a/example.com/group/some/subscribe>

Looks like some spamers add mail addresses to Google Groups mailing lists and then send spam mails around the world and the autoresponders answer to these mails, the Google Group mailing list catches these mails and spreads them to all members of the group. Time to stop this. I cant remember that i subscribed to any Google Group mailing list in the last years. And when a subscription without my confirmation is possible, then this looks like a security issue to me on Google side. But for now, i want to stop the spam mails.

I use Mailcow as mail server and rspamd as spam filter. So i created a new rule in rspamd to block all mails that have the X-Google-Group-Id header. Its still possible to add exceptions for some trusted mailing lists.

Blocking Google Groups with Multimap Whitelist

Add the following rules at the end of your mailcow/data/conf/rspamd/local.d/multimap.conf:

ALLOW_GOOGLEGROUPS {
  type = "header";
  header = "From";
  map = "${LOCAL_CONFDIR}/custom/googlegroups_allow.map";
  action = "accept";
}

BLOCK_GOOGLEGROUPS {
  type = "header";
  header = "X-Google-Group-Id";
  action = "reject";
  map = "${LOCAL_CONFDIR}/custom/googlegroups_block.map";

  message = "Google Groups mailing lists are not permitted";
}

Then create the file mailcow/data/conf/rspamd/custom/googlegroups_allow.map and add the email addresses of the trusted mailing lists that you want to receive mails from:

# Example group for internal alerts
# ^internal-alerts@googlegroups\.com$

# Example group for operations reports
# ^ops-reports@googlegroups\.com$

# Example group for neighbourhood parents
# ^neighbourhood-parents@googlegroups\.com$

Finally create the file mailcow/data/conf/rspamd/custom/googlegroups_block.map. It maches all mails all "other" that have the X-Google-Group-Id header and blocks them:

# Block any ID
^.*$

Test your configuration with docker compose exec rspamd-mailcow rspamadm configtest. You can test the rule with docker compose exec -T rspamd-mailcow rspamc -i 1.2.3.4 < ../test.eml. Restart the rspamd container and enjoy your Google Groups mailing list spam free inbox.

References

Logging from PHP to Docker logs (stdout)

If you run your PHP application inside a docker container, you could write (debug) output to the docker log. This is useful if you want to see the output of your application in the docker logs.

Commands

$out = fopen('php://stdout', 'w'); //output handler
fputs($out, "Output goes here...."); //writing output operation
fclose($out); //closing handler

Example

function _log($msg) {
    $msg = "myApp - " . date("c") . ": " . $msg."\n";
    $out = fopen('php://stdout', 'w');
    fputs($out, $msg);
    fclose($out);
}

Grafana/Telegraf show 0 bytes memory usage for docker containers

Today i searched for a problem with a docker container. Since there was a problem with the memory usage of the container, I wanted to check it in my Grafana. But unfortunately, the Telegraf plugin showed 0 bytes for each container since months. I founded the solution the the Telegraf GitHub issues. You need to enable memory control groups on Raspberry Pi. To do that, add the following to your /boot/cmdline.txt to enable this metic:

cgroup_enable=memory cgroup_memory=1

And after reboot, it works:

Add languages to PHP Docker Container

Recently I have noticed that the output of the following code shows the month in the wrong language (English instead of German):

date_default_timezone_set('Europe/Berlin');
setlocale(LC_ALL, 'de_DE.utf8');
$date_now = date('Y-m-d');
echo strftime('%B %Y', strtotime($date_now));

This can be solved by installing the required language in the docker container. Unfortunately there is a bug which prevents that the languages can be easy activated by locale-gen <lang-code>. So you have to enable them in /etc/locale.gen first and then generate them with locale-gen. This code solves the problem:

FROM php:7-apache

[...]

# install localisation
RUN apt-get update && \
    # locales
    apt-get install -y locales

# enable localisation and generates localisation files
RUN sed -i -e 's/# de_DE ISO-8859-1/de_DE ISO-8859-1/' /etc/locale.gen && \ # to uncomment the lange
    sed -i -e 's/# <your lang code from locale.gen>/<your lang code from locale.gen again>/' /etc/locale.gen && \
    locale-gen

[...]

Or you could install all available languages:

FROM php:7-apache

[...]

# install localisation
RUN apt-get update && \
    # locales
    apt-get install -y locales locales-all

[...]

If you perform a dry run in the container, you must restart Apache for see the changes.