[Minor] Suppress CTYPE_MIXED_BOGUS for yandex.ru web-mail

diff --git a/conf/composites.conf b/conf/composites.conf
index 8a00b2fd1bb3edbbce7896f228a3dbe94d645502..75f038eaa3ba44367eb231961bc4e9fb5aec739a 100644 (file)
--- a/conf/composites.conf
+++ b/conf/composites.conf
@@ -57,6 +57,9 @@ composites {
     MAIL_RU_MAILER_BASE64 {
         expression = "MAIL_RU_MAILER & (FROM_EXCESS_BASE64 | REPLYTO_EXCESS_BASE64 | SUBJ_EXCESS_BASE64 | TO_EXCESS_BASE64)";
     }
+    YANDEX_RU_MAILER_CTYPE_MIXED_BOGUS {
+        expression = "YANDEX_RU_MAILER & -HAS_ATTACHMENT & CTYPE_MIXED_BOGUS";
+    }
     HACKED_WP_PHISHING {
         expression = "HAS_X_POS & HAS_WP_URI & PHISHING";
         policy = "leave";

diff --git a/rules/regexp/headers.lua b/rules/regexp/headers.lua
index 68e540aee8914499850cfa01195989aa2aa1545e..0258ab42e9a6f690aec57aff0e2d8324ea6f5ca7 100644 (file)
--- a/rules/regexp/headers.lua
+++ b/rules/regexp/headers.lua
@@ -576,6 +576,16 @@ reconf['MAIL_RU_MAILER'] = {
   group = 'header'
 }
 
+-- Detect yandex.ru web-mail
+local xm_yandex_ru_mailer_5_0 = 'X-Mailer=/^Yamail \\[ http:\\/\\/yandex\\.ru \\] 5\\.0$/H'
+local rcvd_web_yandex_ru = 'Received=/^by web\\d{1,2}[a-z]\\.yandex\\.ru with HTTP;/mH'
+reconf['YANDEX_RU_MAILER'] = {
+  re = string.format('(%s) & (%s)', xm_yandex_ru_mailer_5_0, rcvd_web_yandex_ru),
+  score = 0.0,
+  description = 'Sent with yandex.ru web-mail',
+  group = 'header'
+}
+
 -- Two received headers with ip addresses
 local double_ip_spam_1 = 'Received=/from \\[\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\] by \\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3} with/H'
 local double_ip_spam_2 = 'Received=/from\\s+\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\s+by\\s+\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3};/H'