From: Alexander Moisseev <moiseev@mezonplus.ru>
Date: Mon, 17 Apr 2017 08:51:21 +0000 (+0300)
Subject: [Minor] Suppress CTYPE_MIXED_BOGUS for yandex.ru web-mail
X-Git-Tag: 1.5.6~12^2
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=refs%2Fpull%2F1599%2Fhead;p=rspamd.git

[Minor] Suppress CTYPE_MIXED_BOGUS for yandex.ru web-mail
---

diff --git a/conf/composites.conf b/conf/composites.conf
index 8a00b2fd1..75f038eaa 100644
--- a/conf/composites.conf
+++ b/conf/composites.conf
@@ -57,6 +57,9 @@ composites {
     MAIL_RU_MAILER_BASE64 {
         expression = "MAIL_RU_MAILER & (FROM_EXCESS_BASE64 | REPLYTO_EXCESS_BASE64 | SUBJ_EXCESS_BASE64 | TO_EXCESS_BASE64)";
     }
+    YANDEX_RU_MAILER_CTYPE_MIXED_BOGUS {
+        expression = "YANDEX_RU_MAILER & -HAS_ATTACHMENT & CTYPE_MIXED_BOGUS";
+    }
     HACKED_WP_PHISHING {
         expression = "HAS_X_POS & HAS_WP_URI & PHISHING";
         policy = "leave";
diff --git a/rules/regexp/headers.lua b/rules/regexp/headers.lua
index 68e540aee..0258ab42e 100644
--- a/rules/regexp/headers.lua
+++ b/rules/regexp/headers.lua
@@ -576,6 +576,16 @@ reconf['MAIL_RU_MAILER'] = {
   group = 'header'
 }
 
+-- Detect yandex.ru web-mail
+local xm_yandex_ru_mailer_5_0 = 'X-Mailer=/^Yamail \\[ http:\\/\\/yandex\\.ru \\] 5\\.0$/H'
+local rcvd_web_yandex_ru = 'Received=/^by web\\d{1,2}[a-z]\\.yandex\\.ru with HTTP;/mH'
+reconf['YANDEX_RU_MAILER'] = {
+  re = string.format('(%s) & (%s)', xm_yandex_ru_mailer_5_0, rcvd_web_yandex_ru),
+  score = 0.0,
+  description = 'Sent with yandex.ru web-mail',
+  group = 'header'
+}
+
 -- Two received headers with ip addresses
 local double_ip_spam_1 = 'Received=/from \\[\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\] by \\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3} with/H'
 local double_ip_spam_2 = 'Received=/from\\s+\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\s+by\\s+\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3};/H'