]>
source.dussan.org Git - rspamd.git/log
Vsevolod Stakhov [Mon, 13 Nov 2023 16:03:36 +0000 (16:03 +0000)]
[Fix] Another try to fix setproctitle
Vsevolod Stakhov [Mon, 13 Nov 2023 13:03:49 +0000 (13:03 +0000)]
[Fix] Set loaded variable explicitly
moisseev [Fri, 27 Oct 2023 13:57:15 +0000 (16:57 +0300)]
[WebUI] Update map editor
CodeJar 3.7.0 -> 4.2.0
twesterhever [Fri, 3 Nov 2023 13:38:05 +0000 (13:38 +0000)]
[Minor] Treat *.zpaq attachments as archives and harmful
Rationale: https://dshield.org/diary/Malware+Dropped+Through+a+ZPAQ+Archive/30366/
twesterhever [Fri, 3 Nov 2023 13:48:58 +0000 (13:48 +0000)]
[Enhancement] Add composite rule for suspicious URLs in suspicious messages
twesterhever [Fri, 3 Nov 2023 14:01:07 +0000 (14:01 +0000)]
[Minor] Add rule for messages missing both X-Mailer and User-Agent header
twesterhever [Fri, 3 Nov 2023 14:06:56 +0000 (14:06 +0000)]
[Minor] Improve FREEMAIL_AFF capture rates
Andrew Lewis [Sat, 4 Nov 2023 10:51:18 +0000 (12:51 +0200)]
[Minor] force_actions: set a group for symbols
Vsevolod Stakhov [Mon, 13 Nov 2023 11:05:00 +0000 (11:05 +0000)]
[Minor] Update to 3.7.4
Vsevolod Stakhov [Mon, 13 Nov 2023 10:55:43 +0000 (10:55 +0000)]
[Minor] Properly search for fasttext include
Vsevolod Stakhov [Sat, 11 Nov 2023 14:39:36 +0000 (14:39 +0000)]
[Minor] Bundle fasttext as linux distributives are just useless
Vsevolod Stakhov [Sat, 11 Nov 2023 13:35:10 +0000 (13:35 +0000)]
[Minor] Forgot it in one more place
Vsevolod Stakhov [Sat, 11 Nov 2023 12:29:53 +0000 (12:29 +0000)]
[Minor] Limit fasttext to amd64 only
Vsevolod Stakhov [Fri, 10 Nov 2023 13:50:20 +0000 (13:50 +0000)]
[Minor] Enable fasttext on RPM based linux
Vsevolod Stakhov [Fri, 10 Nov 2023 15:32:58 +0000 (15:32 +0000)]
[Fix] Fix various issues with canonicalisation of the paths
Vsevolod Stakhov [Mon, 30 Oct 2023 17:11:13 +0000 (17:11 +0000)]
[Fix] Do not cleanup hyperscan files unless new ones are loaded
Petr Vaněk [Wed, 1 Nov 2023 10:28:53 +0000 (11:28 +0100)]
[Minor] Add missing <algorithm> include for gcc 14
This commit addresses a compilation issue when using GCC 14. According
to GCC 14's porting guide [1], some C++ Standard Library headers no
longer include other headers they used to use internally. Specifically,
<algorithm> must now be explicitly included.
[1] https://gcc.gnu.org/gcc-14/porting_to.html
See-also: https://bugs.gentoo.org/916438
Signed-off-by: Petr Vaněk <arkamar@atlas.cz>
Andrew Lewis [Fri, 3 Nov 2023 15:26:53 +0000 (17:26 +0200)]
[Fix] rbl: fix `exclude_local`
Andrew Lewis [Thu, 9 Nov 2023 11:30:29 +0000 (13:30 +0200)]
[Fix] known_senders: fix config handling
Vsevolod Stakhov [Thu, 9 Nov 2023 17:53:02 +0000 (17:53 +0000)]
[Fix] Properly set config field when creating tasks from Lua
Vsevolod Stakhov [Fri, 27 Oct 2023 07:38:19 +0000 (08:38 +0100)]
Release 3.7.3
* [Fix] Emergency fix for the hyperscan path error
Vsevolod Stakhov [Fri, 27 Oct 2023 07:20:48 +0000 (08:20 +0100)]
[Minor] Really fix the issue
Vsevolod Stakhov [Fri, 27 Oct 2023 07:12:16 +0000 (08:12 +0100)]
[Fix] A workaround for brain-damaged std::filesystem behaviour
Issue: #4665
Vsevolod Stakhov [Thu, 26 Oct 2023 13:31:03 +0000 (14:31 +0100)]
[Minor] Update version
Vsevolod Stakhov [Thu, 26 Oct 2023 13:30:21 +0000 (14:30 +0100)]
Release 3.7.2
* [Feature] rbl: support checking returncodes by CIDR
* [Feature] rbl: support checking returncodes by regex
* [Feature] rbl: support globbed return codes
* [Fix] DMARC reporting: fix reporting for subdomains
* [Fix] Deal with fmtlib exceptions properly
* [Fix] backport fix for dlfcn.h from backward-cpp
* [Rules] Blank spam detection
Vsevolod Stakhov [Thu, 26 Oct 2023 10:06:25 +0000 (11:06 +0100)]
Merge pull request #4657 from fatalbanana/rbl_matchers
[Feature] rbl: support use of different matchers for return codes
Andrew Lewis [Thu, 26 Oct 2023 06:40:00 +0000 (08:40 +0200)]
[Minor] Reiterate on the previous changes
- Demote message to info level
- Name it returncodes_matcher for better specificity
Vsevolod Stakhov [Wed, 25 Oct 2023 17:55:43 +0000 (18:55 +0100)]
Merge pull request #4656 from twesterhever/temp-tighten-attachment-policy
Tighten rspamd's attachment policy
Vsevolod Stakhov [Wed, 25 Oct 2023 17:51:25 +0000 (18:51 +0100)]
Merge pull request #4661 from moisseev/webui
[WebUI] Fix history table vanishing
Andrew Lewis [Wed, 25 Oct 2023 13:00:08 +0000 (15:00 +0200)]
[Feature] rbl: support globbed return codes
twesterhever [Wed, 25 Oct 2023 12:42:44 +0000 (12:42 +0000)]
[Minor] Remove duplicate *.app attachment type
Reported by @fatalbanana.
Andrew Lewis [Wed, 25 Oct 2023 12:34:47 +0000 (14:34 +0200)]
[Feature] rbl: support checking returncodes by CIDR
moisseev [Wed, 25 Oct 2023 10:14:38 +0000 (13:14 +0300)]
[WebUI] Fix history table vanishing
on repeated rows per page input
Vsevolod Stakhov [Tue, 24 Oct 2023 15:02:59 +0000 (16:02 +0100)]
[Minor] Improve diagnostics
twesterhever [Tue, 24 Oct 2023 12:58:13 +0000 (12:58 +0000)]
Revert "[Minor] Increase scoring of *.exe attachments"
Reverted based on feedback by @moisseev.
This reverts commit
8171424d846a3e33b5d0f9f7f4ee09ec8d553a03 .
Andrew Lewis [Tue, 24 Oct 2023 11:53:03 +0000 (13:53 +0200)]
[Feature] rbl: support checking returncodes by regex
Andrew Lewis [Tue, 24 Oct 2023 11:23:13 +0000 (13:23 +0200)]
[Minor] rbl: support use of different matchers for return codes
Vsevolod Stakhov [Mon, 23 Oct 2023 20:58:57 +0000 (21:58 +0100)]
[Fix] Deal with fmtlib exceptions properly
twesterhever [Sun, 22 Oct 2023 20:25:31 +0000 (20:25 +0000)]
[Minor] Add additional bad attachment types
- app: Executable Application, blocked in Outlook by default
- aspx: Active Server Page Extended, blocked in Outlook by default
- dll: Dynamic-link Library
- dqy: Microsoft Query File, blocking recommended in MS365
- iqy: ditto
- mht: MHTML File, often abused for phishing and exploit attempts
- mhtml: ditto
- oqy: Microsoft Query File, blocking recommended in MS365
- rqy: ditto
- slk: Microsoft Symbolic Link
- wim: Windows Imaging Format
twesterhever [Sun, 22 Oct 2023 20:24:23 +0000 (20:24 +0000)]
[Minor] Increase scoring of *.exe attachments
These are already banned in most environments, including GMail and
Outlook. We may as well bump this score up to 4 eventually.
twesterhever [Sun, 22 Oct 2023 20:19:25 +0000 (20:19 +0000)]
[Minor] Incorporate additional bad attachments from Microsoft
These are as follows:
- htc: HTML Component File
- pyc: Compiled Python Script
- pyo: Optimized Compiled Python Module
- pyw: Python Script To Be Executed With Suppressed Terminal Window
- pyz: Python Zip Application
- pyzw: Python Zip Application
- vhd: Virtual Hard Disk
- vhdx: Virtual Hard Disk Extended
- wsf: Windows Script File
Note that the Python file types remain unscored in archives, so
distribution of these in source tarballs and the like is not affected by
this commit.
Source: https://support.microsoft.com/en-us/office/blocked-attachments-in-outlook-
434752e1 -02d3-4e90-9124-
8b81e49a8519 ?ui=en-us&rs=en-us&ad=us
twesterhever [Sun, 22 Oct 2023 20:18:40 +0000 (20:18 +0000)]
[Minor] Refer to third parties for attachment handling whenever possible
This avoids confusion and enqueries to the rspamd project, if it is made
clear that the decision to score certain attachments high has been
incorporated from a well-known third party, such as Google's or
Microsoft's attachment handling policy.
Vsevolod Stakhov [Sun, 22 Oct 2023 17:51:05 +0000 (18:51 +0100)]
[Minor] Try to fix ICAP scanners by adding use_specific_content_type parameter
Issue: #4643
Vsevolod Stakhov [Sat, 21 Oct 2023 13:07:30 +0000 (14:07 +0100)]
[Minor] Simplify by using <filesystem>
Vsevolod Stakhov [Tue, 17 Oct 2023 13:59:56 +0000 (14:59 +0100)]
Merge pull request #4649 from fatalbanana/rspamd_sharedir
[Minor] RSPAMD_SHAREDIR is called SHAREDIR in configuration
Andrew Lewis [Tue, 17 Oct 2023 13:57:48 +0000 (15:57 +0200)]
[Minor] RSPAMD_SHAREDIR is called SHAREDIR in configuration
Vsevolod Stakhov [Tue, 17 Oct 2023 13:47:28 +0000 (14:47 +0100)]
Merge pull request #4648 from fatalbanana/luacheck
[Test] Banish luacheck from functional tests
Andrew Lewis [Mon, 16 Oct 2023 17:50:56 +0000 (19:50 +0200)]
[Test] Banish luacheck from functional tests
- Use luacheck from GitLab
Vsevolod Stakhov [Mon, 16 Oct 2023 18:10:33 +0000 (19:10 +0100)]
Merge pull request #4587 from fatalbanana/dmarc_subdomains
[Fix] DMARC reporting: fix reporting for subdomains
Andrew Lewis [Mon, 16 Oct 2023 09:04:25 +0000 (11:04 +0200)]
[Fix] DMARC reporting: fix reporting for subdomains
- Reported by: @bilym
Vsevolod Stakhov [Mon, 16 Oct 2023 07:27:33 +0000 (08:27 +0100)]
Merge pull request #4645 from moisseev/webui
[WebUI] Add control to invert action filter
moisseev [Sun, 15 Oct 2023 16:58:20 +0000 (19:58 +0300)]
[WebUI] Add control to invert action filter
to scan results and history tables
Issue: #4098
Vsevolod Stakhov [Sat, 14 Oct 2023 13:15:22 +0000 (14:15 +0100)]
[Minor] Do not use `setproctitle` on Linux
Issue: #4634
Vsevolod Stakhov [Sat, 14 Oct 2023 08:31:19 +0000 (09:31 +0100)]
Merge pull request #4640 from dzjaivnt/dzjaivnt-patch-1
Dzjaivnt patch 1
Vsevolod Stakhov [Fri, 13 Oct 2023 18:57:13 +0000 (19:57 +0100)]
Merge pull request #4642 from twesterhever/temp-cue-attachments
[Minor] Treat *.cue attachments as harmful
Vsevolod Stakhov [Fri, 13 Oct 2023 18:56:58 +0000 (19:56 +0100)]
Merge pull request #4644 from fatalbanana/blankspam
[Rules] Blank spam detection
Andrew Lewis [Fri, 13 Oct 2023 15:01:50 +0000 (17:01 +0200)]
[Rules] Blank spam detection
twesterhever [Fri, 13 Oct 2023 10:30:02 +0000 (10:30 +0000)]
[Minor] Treat *.cue attachments as harmful
Rationale: https://arstechnica.com/information-technology/2023/10/one-click-remote-code-exploit-in-cd-cue-files-affects-most-gnome-based-linux-distros/
Vsevolod Stakhov [Thu, 12 Oct 2023 14:31:09 +0000 (15:31 +0100)]
[Minor] Fix build on some systems
Vsevolod Stakhov [Thu, 12 Oct 2023 14:07:34 +0000 (15:07 +0100)]
Merge pull request #4639 from a16bitsysop/backward
[Minor] Make compiling with backward-cpp optional
dzjaivnt [Thu, 12 Oct 2023 10:40:41 +0000 (12:40 +0200)]
Update dmarc.lua
With name:
dmarc; dmarc.lua:191: munging debug: {[domain] = domain.tld [flags] = {[valid] = true, [braced] = true}, [name] = Name [domain.tld], [raw] = <user@domain.tld>, [addr] = user@domain.tld, [user] = user}
dmarc; dmarc.lua:234: munged DMARC header for domain.tld: Name [domain.tld] via mark <otheruser@otherdomain.tld> -> user@domain.tld
Without name:
dmarc; dmarc.lua:191: munging debug: {[domain] = domain.tld [flags] = {[valid] = true, [braced] = true}, [name] = , [raw] = <user@domain.tld>, [addr] = user@domain.tld, [user] = user}
dmarc.lua:234: munged DMARC header for domain.tld: user via otheruser <otheruser@otherdomain.tld> -> user@domain.tld
dzjaivnt [Thu, 12 Oct 2023 10:28:48 +0000 (12:28 +0200)]
Update dmarc.lua
When from.name is Nil its still show up, with != "" not
Then you get
From: via user <user@domain.tld>
Instead of
From: otheruser via user <user@domain.tld>
Debug:
2023-10-12 12:08:15 #725504(normal) <0b948d>; dmarc; dmarc.lua:191: munging debug: {[user] = user, [domain] = domain.tld, [flags] = {[valid] = true}, [name] = , [raw] = user@domain.tld, [addr] = user@domain.tld}
Duncan Bellamy [Thu, 12 Oct 2023 10:06:52 +0000 (10:06 +0000)]
[Fix] backport fix for dlfcn.h from backward-cpp
https://github.com/bombela/backward-cpp/commit/
65fc89e210655aaa707337bc21d19f45805ac8a2
backport fix for powerpc as well
https://github.com/bombela/backward-cpp/commit/
4bec538c996e155d487db9aef0fc2f1996202f8e
Duncan Bellamy [Thu, 12 Oct 2023 08:47:32 +0000 (08:47 +0000)]
[Minor] Make compiling with backward-cpp optional
dzjaivnt [Thu, 12 Oct 2023 09:39:42 +0000 (11:39 +0200)]
Update dmarc.lua
Debug logs where broken, so muning functionality not working at all.
Vsevolod Stakhov [Wed, 11 Oct 2023 12:49:27 +0000 (13:49 +0100)]
[Minor] Update version
moisseev [Wed, 11 Oct 2023 07:53:35 +0000 (10:53 +0300)]
[Minor] Remove unused FooTable hook
as the ability to set dropdown value through the FooTable options
is not used in the project.
Vsevolod Stakhov [Sat, 7 Oct 2023 13:52:02 +0000 (14:52 +0100)]
Release 3.7.1
* [CritFix] Fix leak in `gzip` function
* [Feature] Add ICAP Content-Type and Filename
* [Feature] Add `logging`->`task_max_elts` option
* [Feature] Add utility to split string like stuff for C++ code
* [Feature] Allow to set HTTP auth parameters for the maps
* [Feature] Check for plugin configuration errors on `configtest`
* [Feature] `known_senders` plugin
* [Feature] Use backward-cpp instead of manual libunwind stuff
* [Feature] rbl: support checking numeric URLs in isolation
* [Fix] CMakeLists.txt remove whitespace added by linter as it makes tests fail
* [Fix] Change Date: header location to conform with RFC
* [Fix] Correct format pattern for RE tree tempfile name
* [Fix] Correct format string for unw_word_t
* [Fix] Do not accept invalid ucl object types
* [Fix] Do not pollute public headers with libev internals
* [Fix] Do not set output type if list application failed
* [Fix] Fix `url:set_redirected` method
* [Fix] Fix format string and some length issues
* [Fix] Fix grammar definition for content-disposition attributes
* [Fix] Fix lua schema enrichment logic for Redis params
* [Fix] Fix lua stack corruption when logging large tables
* [Fix] Fix merge table utility
* [Fix] Fix output of non-RSA DKIM keys
* [Fix] Fix some corner cases of single-host urls parsing
* [Fix] Fix various issues in the `url_redirector` plugin
* [Fix] MISSING_MIMEOLE: avoid matching messages from Android GMail app (#4561)
* [Fix] Prevent DNSWL sabotage
* [Fix] Try to fix unzip function
* [Fix] rbl: really fix dependency registration when symbols_prefixes is used
* [Fix] rspamadm mime: arguments beginning with letter `t`
* [Rework] Breaking: return back to semver
* [Rework] Move rcl logic to C++
Vsevolod Stakhov [Fri, 6 Oct 2023 19:26:21 +0000 (20:26 +0100)]
[Minor] Remove outdated file
Vsevolod Stakhov [Thu, 5 Oct 2023 19:22:21 +0000 (20:22 +0100)]
[Minor] Apply schema for all fuzzy rules
Vsevolod Stakhov [Thu, 5 Oct 2023 19:02:34 +0000 (20:02 +0100)]
Merge pull request #4627 from netcon-consulting/dnswl
[Fix] Prevent DNSWL sabotage
Marc Dierksen [Thu, 5 Oct 2023 17:05:36 +0000 (19:05 +0200)]
[Fix] Prevent DNSWL sabotage
When exceeding the query limit for DNSWL it can happen that instead
of the returncode 127.0.0.255, that according to documentation
(https://www.dnswl.org/?page_id=15) indicates a block, the
returncode 127.0.10.3 is returned for all queries.
According to documentation (https://www.dnswl.org/?page_id=15) the
127.0.10.3 returncode indicates the highest level of trustworthiness
that should never be blocked and a category of 'some special cases'.
As it turns out that documentation is a lie and that 127.0.10.3
returncode is used by DNSWL to intentionally sabotage email security
by marking all sending servers as highly trustworthy
(https://www.dnswl.org/?p=120).
Vsevolod Stakhov [Tue, 3 Oct 2023 15:25:51 +0000 (16:25 +0100)]
Merge pull request #4625 from fatalbanana/native_if
[Test] Use Robot Framework native IF
Vsevolod Stakhov [Mon, 2 Oct 2023 15:03:48 +0000 (16:03 +0100)]
[Feature] Allow to set HTTP auth parameters for the maps
Andrew Lewis [Mon, 2 Oct 2023 13:23:25 +0000 (15:23 +0200)]
[Test] Use Robot Framework native IF
- Since 4.0 (March 2021)
Vsevolod Stakhov [Mon, 2 Oct 2023 13:32:23 +0000 (14:32 +0100)]
Merge pull request #4624 from fatalbanana/fix_copypasta
Fix wrong copypasta & mis-named file
Andrew Lewis [Mon, 2 Oct 2023 12:09:30 +0000 (14:09 +0200)]
[Minor] Move configuration to proper location
Andrew Lewis [Mon, 2 Oct 2023 12:08:45 +0000 (14:08 +0200)]
[Minor] Fix copypasta (#4469)
Vsevolod Stakhov [Sat, 30 Sep 2023 12:06:29 +0000 (13:06 +0100)]
Merge pull request #4621 from fatalbanana/ci_improvements
Minor improvements for CI
Andrew Lewis [Fri, 29 Sep 2023 20:13:17 +0000 (22:13 +0200)]
[Test] Skip notification on pull requests
Andrew Lewis [Fri, 29 Sep 2023 20:02:09 +0000 (22:02 +0200)]
[Test] Try to close coveralls parallel builds when failed
Vsevolod Stakhov [Fri, 29 Sep 2023 15:24:51 +0000 (16:24 +0100)]
Merge pull request #4620 from fatalbanana/testlog
[Minor] Try fix test logs
Andrew Lewis [Fri, 29 Sep 2023 14:42:11 +0000 (16:42 +0200)]
[Minor] Try fix test logs
Vsevolod Stakhov [Fri, 29 Sep 2023 14:03:54 +0000 (15:03 +0100)]
Merge pull request #4617 from fatalbanana/multiarch_ci
Run CI on ARM
Andrew Lewis [Fri, 29 Sep 2023 09:37:18 +0000 (11:37 +0200)]
[Test] Multiarchify tests
Vsevolod Stakhov [Thu, 28 Sep 2023 13:41:22 +0000 (14:41 +0100)]
[Minor] Fix one corner case
Vsevolod Stakhov [Wed, 27 Sep 2023 13:10:28 +0000 (14:10 +0100)]
Merge pull request #4615 from rspamd/vstakhov-known-senders
Merge tests into master branch
Andrew Lewis [Fri, 22 Sep 2023 10:17:37 +0000 (12:17 +0200)]
[Minor] Recreate drone pipeline with jsonnet
Vsevolod Stakhov [Tue, 26 Sep 2023 13:43:22 +0000 (14:43 +0100)]
[Minor] RBL: Show DNS verification failure reason
Vsevolod Stakhov [Tue, 26 Sep 2023 13:37:00 +0000 (14:37 +0100)]
Merge pull request #4616 from fatalbanana/tests_encoding_errors
[Test] Ignore encoding errors
Vsevolod Stakhov [Tue, 26 Sep 2023 13:29:30 +0000 (14:29 +0100)]
[Fix] Fix format string and some length issues
Andrew Lewis [Tue, 26 Sep 2023 10:24:00 +0000 (12:24 +0200)]
[Test] Ignore encoding errors
Vsevolod Stakhov [Mon, 25 Sep 2023 14:45:54 +0000 (15:45 +0100)]
Merge pull request #4612 from fatalbanana/vstakhov-known-senders
[Test] Rudimentary tests for known_senders plugin
Vsevolod Stakhov [Mon, 25 Sep 2023 14:45:40 +0000 (15:45 +0100)]
Merge pull request #4610 from rspamd/vstakhov-known-senders
[Feature] Known senders plugin
Andrew Lewis [Mon, 25 Sep 2023 13:35:40 +0000 (15:35 +0200)]
[Test] Rudimentary tests for known_senders plugin
Vsevolod Stakhov [Mon, 25 Sep 2023 14:10:55 +0000 (15:10 +0100)]
[Minor] Fix symbol name
Vsevolod Stakhov [Mon, 25 Sep 2023 12:46:58 +0000 (13:46 +0100)]
[Minor] Insert `UNKNOWN_SENDER` for the new senders
Vsevolod Stakhov [Sun, 24 Sep 2023 12:41:19 +0000 (13:41 +0100)]
[Project] Fix various issues
Vsevolod Stakhov [Sun, 24 Sep 2023 12:39:17 +0000 (13:39 +0100)]
[Minor] Allow redis requests with no callbacks
Vsevolod Stakhov [Sun, 24 Sep 2023 12:19:42 +0000 (13:19 +0100)]
[Conf] Add new plugin default configuration