expression = "FORGED_SENDER & -MAILLIST";
}
composite {
- name = "FORGED_MUA_OUTLOOK_MAILLIST";
- expression = "FORGED_MUA_OUTLOOK and -MAILLIST";
-}
-composite {
- name = "FORGED_MUA_THUNDERBIRD_MSGID_MAILLIST";
- expression = "(FORGED_MUA_THUNDERBIRD_MSGID or FORGED_MUA_THUNDERBIRD_MSGID_UNKNOWN) and -MAILLIST";
+ name = "FORGED_MUA_MAILLIST";
+ expression = "g:mua and -MAILLIST";
}
composite {
name = "RBL_SPAMHAUS_XBL";
};
group {
- name = "Header checks";
+ name = "header";
symbol {
weight = 2.0;
description = "Subject is missing inside message";
}
group {
- name = "Forged MUA";
+ name = "mua";
symbol {
weight = 4.0;
description = "Message pretends to be send from The Bat! but has forged Message-ID";
description = "Forged mail pretending to be from Mozilla Thunderbird but has forged Message-ID";
name = "FORGED_MUA_THUNDERBIRD_MSGID";
}
- symbol {
- weight = 0.0;
- description = "Avoid false positives for FORGED_MUA_THUNDERBIRD_MSGID in maillist";
- name = "FORGED_MUA_THUNDERBIRD_MSGID_MAILLIST";
- }
symbol {
weight = 2.500000;
description = "Forged mail pretending to be from Mozilla Thunderbird but has forged Message-ID";
description = "Forged outlook MUA";
name = "FORGED_MUA_OUTLOOK";
}
- symbol {
- weight = 0.0;
- description = "Forged outlook MUA, but from maillist";
- name = "FORGED_MUA_OUTLOOK_MAILLIST";
- }
}
+ symbol {
+ weight = 0.0;
+ description = "Avoid false positives for FORGED_MUA_* in maillist";
+ name = "FORGED_MUA_MAILLIST";
+ }
group {
- name = "Body checks";
+ name = "body";
symbol {
weight = 9.0;
description = "White color on white background in HTML messages";
}
group {
- name = "RBL";
+ name = "rbl";
symbol { name = "DNSWL_BLOCKED"; weight = 0.0; description = "Resolver blocked due to excessive queries"; }
symbol { name = "RCVD_IN_DNSWL"; weight = 0.0; description = "Sender listed at http://www.dnswl.org"; }
symbol { name = "RCVD_IN_DNSWL_NONE"; weight = -0.05; description = "Sender listed at http://www.dnswl.org, low none"; }
}
group {
- name = "Bayes";
+ name = "bayes";
symbol {
weight = 3.0;
}
group {
- name = "Fuzzy";
+ name = "fuzzy";
symbol {
weight = 5.0;
description = "Generic fuzzy hash match";
}
group {
- name = "SPF";
+ name = "spf";
symbol {
weight = 1.0;
description = "SPF verification failed";
}
group {
- name = "DKIM";
+ name = "dkim";
symbol {
weight = 1.0;
description = "DKIM verification failed";
}
group {
- name = "URL blacklists";
+ name = "surbl";
symbol {
weight = 5.500000;
description = "SURBL: Phishing sites";
}
group {
- name = "Phishing";
+ name = "phishing";
symbol {
weight = 5.0;
}
group {
- name = "Date checks";
+ name = "date";
symbol {
weight = 4.0;
}
group {
- name = "Hfilter rules";
+ name = "hfilter";
symbol { weight = 4.00; name = "HFILTER_HELO_BAREIP"; description = "Helo host is bare ip"; }
symbol { weight = 4.50; name = "HFILTER_HELO_BADIP"; description = "Helo host is very bad ip"; }
projects / rspamd.git / commitdiff