mirrors
/
rspamd
镜像来自 https://github.com/vstakhov/rspamd.git
關注 1
收藏 0
複製 0
程式碼 問題 0 版本發佈 159 Wiki 活動
瀏覽代碼

Merge pull request #4915 from twesterhever/temp-freemail-mdn 

Add detection for freemail and disposable e-mail usage for message delivery notification
pull/4953/head
Vsevolod Stakhov 2 週之前
父節點
12f965bf98 e4fcdfd276
當前提交
a7d2543250
沒有連結到貢獻者的電子郵件帳戶。
共有 2 個檔案被更改,包括 28 行新增1 行删除
分割檢視 顯示文件統計
  1. 8
    1
      conf/composites.conf
  2. 20
    0
      conf/modules.d/multimap.conf

+ 8
- 1
conf/composites.conf 查看文件

@@ -165,12 +165,19 @@ composites {
group = "scams";
}
FREEMAIL_AFF {
expression = "(FREEMAIL_FROM | FREEMAIL_ENVFROM | FREEMAIL_REPLYTO) & (TO_DN_RECIPIENTS | R_UNDISC_RCPT) & (INTRODUCTION | FROM_NAME_HAS_TITLE | FREEMAIL_REPLYTO_NEQ_FROM_DOM | SUBJECT_HAS_CURRENCY)";
expression = "(FREEMAIL_FROM | FREEMAIL_ENVFROM | FREEMAIL_REPLYTO | FREEMAIL_MDN) & (TO_DN_RECIPIENTS | R_UNDISC_RCPT) & (INTRODUCTION | FROM_NAME_HAS_TITLE | FREEMAIL_REPLYTO_NEQ_FROM_DOM | SUBJECT_HAS_CURRENCY)";
score = 4.0;
policy = "leave";
description = "Message exhibits strong characteristics of advance fee fraud (AFF a/k/a '419' spam) involving freemail addresses";
group = "scams";
}
SUSPICIOUS_MDN {
expression = "(FREEMAIL_MDN | DISPOSABLE_MDN) & !(FREEMAIL_FROM | FREEMAIL_ENVFROM)";
score = 2.0;
policy = "leave";
description = "Message delivery notification should go to freemail or disposable e-mail, but message was not sent from a freemail address";
group = "scams";
}
REDIRECTOR_URL_ONLY {
expression = "HFILTER_URL_ONLY & REDIRECTOR_URL";
score = 1.0;

+ 20
- 0
conf/modules.d/multimap.conf 查看文件

@@ -85,6 +85,16 @@ multimap {
score = 0.0;
}

freemail_mdn {
type = "header";
header = "Disposition-Notification-To";
filter = "email:domain";
map = "https://maps.rspamd.com/freemail/free.txt.zst";
symbol = "FREEMAIL_MDN";
description = "Disposition-Notification-To is a Freemail address";
score = 0.0;
}

# Disposable Addresses
disposable_envfrom {
type = "from";
@@ -147,6 +157,16 @@ multimap {
score = 0.0;
}

disposable_mdn {
type = "header";
header = "Disposition-Notification-To";
filter = "email:domain";
map = "https://maps.rspamd.com/freemail/disposable.txt.zst";
symbol = "DISPOSABLE_MDN";
description = "Disposition-Notification-To is a disposable e-mail address";
score = 0.5;
}

.include(try=true,priority=5) "${DBDIR}/dynamic/multimap.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/multimap.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/multimap.conf"

Write Preview
Loading…
取消
儲存