public DomainElementSigner(DomainElement domain, MimeKit.Cryptography.DkimSigner signerInstance)
{
DomainElement = domain;
Signer = signerInstance;
}
/// <summary>
/// Method used to provide recursive processing
/// </summary>
/// <param name="session"></param>
/// <param name="message"></param>
/// <param name="multipart"></param>
/// <param name="outputDir"></param>
/// <param name="dir"></param>
private void ProcessMultipart(Session session,
MimeKit.MimeMessage message,
MimeKit.Multipart multipart,
string dir)
{
foreach (var subpart in multipart)
{
if (subpart is MimeKit.Multipart)
{
var temp = (Multipart)subpart;
ProcessMultipart(session, message, temp, dir);
continue;
}
if (subpart is MimeKit.MessagePart)
{
var temp = (MimeKit.MessagePart)subpart;
ProcessMessage(session, temp.Message, dir);
continue;
}
ProcessAttachment(session, message, subpart, dir);
}
}
/// <summary>
///
/// </summary>
/// <param name="session"></param>
/// <param name="message"></param>
/// <param name="mimeEntity"></param>
/// <param name="outputDir"></param>
/// <param name="dir"></param>
private void ProcessAttachment(Session session,
MimeKit.MimeMessage message,
MimeKit.MimeEntity mimeEntity,
string dir)
{
var part = (MimePart)mimeEntity;
if (part.IsAttachment == false)
{
return;
}
string path = string.Empty;
string fileName = string.Empty;
try
{
// It appears that it is possible for filenames to have new line characters in them!
path = woanware.Path.ReplaceIllegalPathChars(part.FileName + ".safe");
path = path.Replace("\n", string.Empty);
path = path.Replace("\r", string.Empty);
path = System.IO.Path.Combine(this.outputDirectory, dir, path);
fileName = part.FileName.Replace("\n", string.Empty);
fileName = part.FileName.Replace("\r", string.Empty);
fileName += ".safe";
if (System.IO.Directory.Exists(System.IO.Path.Combine(this.outputDirectory, dir)) == false)
{
IO.CreateDirectory(System.IO.Path.Combine(this.outputDirectory, dir));
}
if (File.Exists(path) == true)
{
fileName = Guid.NewGuid().ToString() + fileName;
path = System.IO.Path.Combine(this.outputDirectory, dir, fileName);
}
using (var stream = File.Create(path))
{
part.ContentObject.DecodeTo(stream);
}
}
catch (Exception ex)
{
this.Log().Error(ex.ToString());
}
// Check that the file didn't get quaratined by AV
if (File.Exists(path) == false)
{
return;
}
PerformArchiveDecompression(path,
fileName,
System.IO.Path.Combine(this.outputDirectory, dir));
}
/// <summary>
/// Method used to provide recursive processing
/// </summary>
/// <param name="session"></param>
/// <param name="message"></param>
/// <param name="outputDir"></param>
/// <param name="dir"></param>
private void ProcessMessage(Session session,
MimeKit.MimeMessage message,
string dir)
{
if (message.Body is MimeKit.MessagePart)
{
var temp = (MimeKit.MessagePart)message.Body;
ProcessMessage(session, temp.Message, dir);
}
else if (message.Body is MimeKit.Multipart)
{
var multipart = (Multipart)message.Body;
ProcessMultipart(session, message, multipart, dir);
}
else
{
var part = (MimePart)message.Body;
ProcessAttachment(session, message, part, dir);
}
}
/// <summary>
///
/// </summary>
/// <param name="session"></param>
/// <param name="message"></param>
/// <param name="outputDir"></param>
private void HashFiles(Session session,
MimeKit.MimeMessage message,
string parentDir,
string outputDir)
{
if (System.IO.Directory.Exists(outputDir) == false)
{
return;
}
string mailFrom = GetSmtpMailFrom(System.IO.Path.Combine(this.dataDirectory,
session.Guid.Substring(0, 2),
session.Guid + ".bin"));
string from = string.Empty;
if (message.From != null)
{
List<string> temp = new List<string>();
Regex regex = new Regex("<(.*?)>", RegexOptions.IgnoreCase);
for(int index = 0; index < message.From.Count; index++)
{
Match match = regex.Match(message.From[index].ToString());
if (match.Success == true)
{
temp.Add(match.Groups[1].Value);
}
else
{
temp.Add(message.From[index].ToString());
}
}
from = string.Join(",", temp);
}
string to = string.Empty;
if (message.To != null)
{
List<string> temp = new List<string>();
Regex regex = new Regex("<(.*?)>", RegexOptions.IgnoreCase);
for (int index = 0; index < message.From.Count; index++)
{
Match match = regex.Match(message.To[index].ToString());
if (match.Success == true)
{
temp.Add(match.Groups[1].Value);
}
else
{
temp.Add(message.To[index].ToString());
}
}
to = string.Join(",", temp);
}
string sender = string.Empty;
if (message.Sender != null)
{
sender = message.Sender.Address;
}
MessageDetails messageDetails = new MessageDetails();
messageDetails.SrcIp = session.SrcIpText;
messageDetails.SrcPort = session.SourcePort;
messageDetails.DstIp = session.DstIpText;
messageDetails.DstPort = session.DestinationPort;
messageDetails.From = from;
messageDetails.To = to;
messageDetails.MailFrom = mailFrom;
messageDetails.Sender = sender;
messageDetails.Subject = message.Subject;
messageDetails.Date = message.Date.ToString("o");
// Now MD5 the files
foreach (string file in System.IO.Directory.EnumerateFiles(outputDir,
"*.*",
SearchOption.AllDirectories))
{
if (System.IO.Path.GetFileName(file) == "Message.Info.txt")
{
continue;
}
try
{
// Not sure if BufferedStream should be wrapped in using block
using (var stream = new BufferedStream(File.OpenRead(file), 1200000))
{
MD5 md5 = new MD5CryptoServiceProvider();
byte[] hashMd5 = md5.ComputeHash(stream);
AttachmentDetails attachmentDetails = new AttachmentDetails();
attachmentDetails.File = file;
attachmentDetails.Md5 = woanware.Text.ConvertByteArrayToHexString(hashMd5);
messageDetails.Attachments.Add(attachmentDetails);
}
}
catch (Exception) { }
}
messageDetails.Save(System.IO.Path.Combine(outputDir, "Message.Details." + message.MessageId + ".xml"));
}
