]> source.dussan.org Git - rspamd.git/commitdiff
Fix RCVD_TLS_ALL and add RCVD_TLS_LAST 1555/head
authorSteve Freegard <steve@stevefreegard.com>
Fri, 24 Mar 2017 15:34:25 +0000 (15:34 +0000)
committerSteve Freegard <steve@stevefreegard.com>
Fri, 24 Mar 2017 15:34:25 +0000 (15:34 +0000)
rules/misc.lua
rules/regexp/headers.lua

index d4186a1b078680b95bcdc735adfb167672b145d0..ae914ce215b4c36ac1310eaf4389b6193114c190 100644 (file)
@@ -187,20 +187,61 @@ rspamd_config.ENVFROM_VERP = {
   group = "mailing_list"
 }
 
-rspamd_config.RCVD_TLS_ALL = {
+local check_rcvd = rspamd_config:register_symbol{
+  name = 'CHECK_RCVD',
   callback = function (task)
-    local rcvds = task:get_header_full('Received')
+    local rcvds = task:get_received_headers()
     if not rcvds then return false end
 
-    local ret = fun.all(function(rc)
-      return rc.flags and (rc.flags['ssl'] or rc.flags['authenticated'])
+    local tls = fun.all(function(rc)
+      return rc.flags and rc.flags['ssl']
     end, rcvds)
 
-    return ret
-  end,
+    -- See if only the last hop was encrypted
+    if tls then
+      task:insert_result('RCVD_TLS_ALL', 1.0)
+    else
+      local rcvd = rcvds[1]
+      if rcvd.flags and rcvd.flags['ssl'] then
+        task:insert_result('RCVD_TLS_LAST', 1.0)
+      end
+    end
+
+    local auth = fun.any(function(rc)
+      return rc.flags and rc.flags['authenticated']
+    end, rcvds)
+
+    if auth then
+      task:insert_result('RCVD_VIA_SMTP_AUTH', 1.0)
+    end
+  end
+}
+
+rspamd_config:register_symbol{
+  type = 'virtual',
+  parent = check_rcvd,
+  name = 'RCVD_TLS_ALL',
+  description = 'All hops used encrypted transports',
+  score = 0.0,
+  group = 'encryption'
+}
+
+rspamd_config:register_symbol{
+  type = 'virtual',
+  parent = check_rcvd,
+  name = 'RCVD_TLS_LAST',
+  description = 'Last hop used encrypted transports',
+  score = 0.0,
+  group = 'encryption'
+}
+
+rspamd_config:register_symbol{
+  type = 'virtual',
+  parent = check_rcvd,
+  name = 'RCVD_VIA_SMTP_AUTH',
+  description = 'Message injected via SMTP AUTH',
   score = 0.0,
-  description = "All hops used encrypted transports",
-  group = "encryption"
+  group = 'authentication'
 }
 
 rspamd_config.RCVD_HELO_USER = {
index c14dd3500af826973cda5a3fc21393e821c3c56b..af63d7131ad6231e0fed6cfddb596f4bf1f5b489 100644 (file)
@@ -905,11 +905,3 @@ reconf['HAS_XOIP'] = {
   score = 0.0,
   group = 'headers'
 }
-
-reconf['RCVD_VIA_SMTP_AUTH'] = {
-  re = "Received=/\\bE?SMTPS?A\\b/ || Received=/\\bauthenticated\\b/i",
-  description = "Recieved using SMTP AUTH",
-  score = 0,
-  group = 'headers'
-}
-