]> source.dussan.org Git - rspamd.git/log
rspamd.git
14 months ago[Fix] Fix various issues in the `url_redirector` plugin
Vsevolod Stakhov [Thu, 7 Sep 2023 15:29:08 +0000 (16:29 +0100)]
[Fix] Fix various issues in the `url_redirector` plugin

14 months ago[Minor] Sort lua modules and use GPtrArray instead of GList
Vsevolod Stakhov [Thu, 7 Sep 2023 15:12:44 +0000 (16:12 +0100)]
[Minor] Sort lua modules and use GPtrArray instead of GList

14 months ago[Minor] Avoid 0 size mallocs
Vsevolod Stakhov [Thu, 7 Sep 2023 15:00:56 +0000 (16:00 +0100)]
[Minor] Avoid 0 size mallocs

14 months ago[Minor] Minor reorg of the async session
Vsevolod Stakhov [Thu, 7 Sep 2023 12:39:25 +0000 (13:39 +0100)]
[Minor] Minor reorg of the async session

14 months agoMerge pull request #4588 from ln5/fix-tests
Vsevolod Stakhov [Thu, 7 Sep 2023 09:00:11 +0000 (10:00 +0100)]
Merge pull request #4588 from ln5/fix-tests

Fix regression in invokation of rspamd-test

14 months agoFix regression in invokation of rspamd-test 4588/head
Linus Nordberg [Thu, 7 Sep 2023 06:22:05 +0000 (08:22 +0200)]
Fix regression in invokation of rspamd-test

A space seems to have sneaked into the setting of LUA_PATH environment.

14 months agoMerge pull request #4585 from fatalbanana/patch1
Vsevolod Stakhov [Wed, 6 Sep 2023 13:00:09 +0000 (14:00 +0100)]
Merge pull request #4585 from fatalbanana/patch1

[Minor] Remove unwanted debug logging

14 months ago[Minor] Remove unwanted debug logging 4585/head
Andrew Lewis [Wed, 6 Sep 2023 12:12:45 +0000 (14:12 +0200)]
[Minor] Remove unwanted debug logging

14 months ago[Minor] Learn to cycle back on unsigned
Vsevolod Stakhov [Tue, 5 Sep 2023 14:01:18 +0000 (15:01 +0100)]
[Minor] Learn to cycle back on unsigned

14 months ago[Minor] Support `backtrace` where libunwind is not supported
Vsevolod Stakhov [Tue, 5 Sep 2023 13:43:24 +0000 (14:43 +0100)]
[Minor] Support `backtrace` where libunwind is not supported

14 months ago[Feature] Add `logging`->`task_max_elts` option
Vsevolod Stakhov [Tue, 5 Sep 2023 12:28:49 +0000 (13:28 +0100)]
[Feature] Add `logging`->`task_max_elts` option

Issue: #4583

14 months ago[Fix] Fix lua stack corruption when logging large tables
Vsevolod Stakhov [Mon, 4 Sep 2023 16:16:24 +0000 (17:16 +0100)]
[Fix] Fix lua stack corruption when logging large tables

14 months ago[Minor] Make table and positional arguments equal in get_from/rcpt
Vsevolod Stakhov [Mon, 4 Sep 2023 15:04:03 +0000 (16:04 +0100)]
[Minor] Make table and positional arguments equal in get_from/rcpt

14 months ago[Minor] Update CONTRIBUTING.md
Vsevolod Stakhov [Fri, 1 Sep 2023 07:58:43 +0000 (08:58 +0100)]
[Minor] Update CONTRIBUTING.md

14 months ago[Minor] Limit sse/avx implementations to x86_64 only
Vsevolod Stakhov [Tue, 29 Aug 2023 18:20:25 +0000 (19:20 +0100)]
[Minor] Limit sse/avx implementations to x86_64 only

14 months ago[Minor] Increase log level as this is essential
Vsevolod Stakhov [Sun, 27 Aug 2023 21:22:54 +0000 (22:22 +0100)]
[Minor] Increase log level as this is essential

15 months ago[Minor] Make old logger API equal to new one
Vsevolod Stakhov [Fri, 25 Aug 2023 13:23:31 +0000 (14:23 +0100)]
[Minor] Make old logger API equal to new one

I really don't know why the old API ever exists

15 months ago[Minor] Fix `www.` prefix matcher
Vsevolod Stakhov [Thu, 24 Aug 2023 15:24:50 +0000 (16:24 +0100)]
[Minor] Fix `www.` prefix matcher

15 months ago[Minor] Fix misprint
Vsevolod Stakhov [Wed, 23 Aug 2023 12:48:47 +0000 (13:48 +0100)]
[Minor] Fix misprint

15 months ago[Minor] Do not use crypto PRG for mempool uids
Vsevolod Stakhov [Wed, 23 Aug 2023 12:37:47 +0000 (13:37 +0100)]
[Minor] Do not use crypto PRG for mempool uids

15 months agoMerge pull request #4575 from dragoangel/feat/add-phishing-feed-exclusions
Vsevolod Stakhov [Tue, 22 Aug 2023 12:38:32 +0000 (13:38 +0100)]
Merge pull request #4575 from dragoangel/feat/add-phishing-feed-exclusions

[Feature] Support feed exclusions in phishing module

15 months agoUpdate phishing.lua 4575/head
Dmitriy Alekseev [Mon, 21 Aug 2023 17:17:27 +0000 (20:17 +0300)]
Update phishing.lua

15 months agoMerge pull request #4578 from laodc/redis-username-support
Vsevolod Stakhov [Mon, 21 Aug 2023 15:19:46 +0000 (16:19 +0100)]
Merge pull request #4578 from laodc/redis-username-support

[Feature] Added support for Redis 6 ACL (username/password)

15 months agoApply suggestions from code review 4578/head
LaoDC [Mon, 21 Aug 2023 15:02:20 +0000 (22:02 +0700)]
Apply suggestions from code review

Co-authored-by: Vsevolod Stakhov <vsevolod@rspamd.com>
15 months agofeel silly about this one, forgot the username param.
laodc [Mon, 21 Aug 2023 09:41:07 +0000 (16:41 +0700)]
feel silly about this one, forgot the username param.

15 months agoelse if was meant to be elseif
laodc [Mon, 21 Aug 2023 09:35:43 +0000 (16:35 +0700)]
else if was meant to be elseif

15 months agochanged errors to warnings.
laodc [Mon, 21 Aug 2023 09:29:28 +0000 (16:29 +0700)]
changed errors to warnings.
nullptr on contructor was never meant to be there

15 months agoAdded support for Redis 6 ACL (username/password)
laodc [Mon, 21 Aug 2023 08:45:58 +0000 (15:45 +0700)]
Added support for Redis 6 ACL (username/password)

15 months ago[Minor] Another leak
Vsevolod Stakhov [Sun, 20 Aug 2023 18:44:57 +0000 (19:44 +0100)]
[Minor] Another leak

15 months ago[Minor] Fix leak
Vsevolod Stakhov [Sun, 20 Aug 2023 18:24:53 +0000 (19:24 +0100)]
[Minor] Fix leak

15 months ago[Minor] Simplify
Vsevolod Stakhov [Sun, 20 Aug 2023 18:21:38 +0000 (19:21 +0100)]
[Minor] Simplify

15 months agoMerge pull request #4557 from twesterhever/temp-align-dnsbl-scores
Vsevolod Stakhov [Sat, 19 Aug 2023 18:06:55 +0000 (19:06 +0100)]
Merge pull request #4557 from twesterhever/temp-align-dnsbl-scores

[Minor] Slightly adjust DNSBL scores

15 months ago[Minor] Simplify transform
Vsevolod Stakhov [Fri, 18 Aug 2023 12:57:47 +0000 (13:57 +0100)]
[Minor] Simplify transform

15 months ago[Minor] Allow rspamd_lua_require_function to work without function
Vsevolod Stakhov [Fri, 18 Aug 2023 12:15:20 +0000 (13:15 +0100)]
[Minor] Allow rspamd_lua_require_function to work without function

15 months agoMerge pull request #4573 from rspamd/cfg_utils_rework
Vsevolod Stakhov [Thu, 17 Aug 2023 11:44:51 +0000 (12:44 +0100)]
Merge pull request #4573 from rspamd/cfg_utils_rework

[Project] Rewrite configuration utils in C++

15 months ago[Minor] Fix some docs 4573/head
Vsevolod Stakhov [Thu, 17 Aug 2023 11:35:34 +0000 (12:35 +0100)]
[Minor] Fix some docs

15 months ago[Minor] Fix some more issues
Vsevolod Stakhov [Thu, 17 Aug 2023 11:22:48 +0000 (12:22 +0100)]
[Minor] Fix some more issues

15 months ago[Minor] Set top section explicitly
Vsevolod Stakhov [Thu, 17 Aug 2023 11:03:25 +0000 (12:03 +0100)]
[Minor] Set top section explicitly

15 months ago[Minor] Allow workers to have any attributes (needed by fuzzy)
Vsevolod Stakhov [Thu, 17 Aug 2023 11:00:48 +0000 (12:00 +0100)]
[Minor] Allow workers to have any attributes (needed by fuzzy)

15 months ago[Minor] Restore mempool_strdup bahaviour when arg is NULL
Vsevolod Stakhov [Thu, 17 Aug 2023 10:47:02 +0000 (11:47 +0100)]
[Minor] Restore mempool_strdup bahaviour when arg is NULL

15 months ago[Minor] Do not treat hyperscan load failure as a fatal error
Vsevolod Stakhov [Thu, 17 Aug 2023 10:34:58 +0000 (11:34 +0100)]
[Minor] Do not treat hyperscan load failure as a fatal error

15 months ago[Minor] Add missing include
Vsevolod Stakhov [Thu, 17 Aug 2023 10:22:40 +0000 (11:22 +0100)]
[Minor] Add missing include

15 months ago[Rewor] Refactor some legacy stuff
Vsevolod Stakhov [Thu, 17 Aug 2023 10:13:14 +0000 (11:13 +0100)]
[Rewor] Refactor some legacy stuff

15 months ago[Feature] Add utility to split string like stuff for C++ code
Vsevolod Stakhov [Thu, 17 Aug 2023 10:06:44 +0000 (11:06 +0100)]
[Feature] Add utility to split string like stuff for C++ code

No ranges, as they are a bit ugly to use yet

15 months ago[Rework] Some final fixes
Vsevolod Stakhov [Wed, 16 Aug 2023 15:39:20 +0000 (16:39 +0100)]
[Rework] Some final fixes

15 months ago[Rework] Final efforts to make it compileable
Vsevolod Stakhov [Wed, 16 Aug 2023 13:57:26 +0000 (14:57 +0100)]
[Rework] Final efforts to make it compileable

15 months agoMerge pull request #4577 from moisseev/webui
Vsevolod Stakhov [Wed, 16 Aug 2023 13:20:53 +0000 (14:20 +0100)]
Merge pull request #4577 from moisseev/webui

[WebUI] Tweak bootstrap colors for accessibility

15 months ago[Rework] More steps to do refactoring
Vsevolod Stakhov [Wed, 16 Aug 2023 13:20:15 +0000 (14:20 +0100)]
[Rework] More steps to do refactoring

15 months ago[WebUI] Tweak bootstrap colors for accessibility 4577/head
moisseev [Wed, 16 Aug 2023 13:12:55 +0000 (16:12 +0300)]
[WebUI] Tweak bootstrap colors for accessibility

Resolves: #4566

15 months agoUpdate phishing_group.conf
Dmitriy Alekseev [Wed, 16 Aug 2023 09:41:00 +0000 (12:41 +0300)]
Update phishing_group.conf

15 months agoUpdate phishing.conf
Dmitriy Alekseev [Wed, 16 Aug 2023 09:38:36 +0000 (12:38 +0300)]
Update phishing.conf

15 months agoUpdate phishing.lua
Dmitriy Alekseev [Wed, 16 Aug 2023 09:22:59 +0000 (12:22 +0300)]
Update phishing.lua

15 months agoMerge pull request #4572 from lingfish/json-raw
Vsevolod Stakhov [Tue, 15 Aug 2023 14:50:00 +0000 (15:50 +0100)]
Merge pull request #4572 from lingfish/json-raw

[Feature] Add new exporter to push JSON to a raw TCP socket

15 months ago[Rework] Further refactoring
Vsevolod Stakhov [Tue, 15 Aug 2023 14:49:11 +0000 (15:49 +0100)]
[Rework] Further refactoring

15 months ago[Rework] Further conversion routines
Vsevolod Stakhov [Tue, 15 Aug 2023 11:32:23 +0000 (12:32 +0100)]
[Rework] Further conversion routines

15 months agoRename exported to be more explicit 4572/head
Jason Lingohr [Tue, 15 Aug 2023 07:00:39 +0000 (17:00 +1000)]
Rename exported to be more explicit

15 months ago[Rework] More rework in cfg_rcl
Vsevolod Stakhov [Mon, 14 Aug 2023 14:31:50 +0000 (15:31 +0100)]
[Rework] More rework in cfg_rcl

So many places need to be rewritten

15 months ago[Rework] More abstractions to hide C++ internals
Vsevolod Stakhov [Mon, 14 Aug 2023 14:00:01 +0000 (15:00 +0100)]
[Rework] More abstractions to hide C++ internals

15 months ago[Rework] Move rcl logic to C++
Vsevolod Stakhov [Mon, 14 Aug 2023 13:05:14 +0000 (14:05 +0100)]
[Rework] Move rcl logic to C++

15 months ago[Rework] Finish utils rework
Vsevolod Stakhov [Mon, 14 Aug 2023 13:01:09 +0000 (14:01 +0100)]
[Rework] Finish utils rework

15 months ago[Rework] Use more c++ in cfg_utils
Vsevolod Stakhov [Mon, 14 Aug 2023 11:15:55 +0000 (12:15 +0100)]
[Rework] Use more c++ in cfg_utils

15 months ago[Fix] Do not accept invalid ucl object types
Vsevolod Stakhov [Mon, 14 Aug 2023 09:53:45 +0000 (10:53 +0100)]
[Fix] Do not accept invalid ucl object types

Issue: #4571

15 months agoAdd new exporter to push JSON to a raw TCP socket; for example to Graylog.
Jason Lingohr [Mon, 14 Aug 2023 06:43:14 +0000 (16:43 +1000)]
Add new exporter to push JSON to a raw TCP socket; for example to Graylog.

15 months ago[Fix] Fix output of non-RSA DKIM keys
Vsevolod Stakhov [Fri, 11 Aug 2023 13:33:33 +0000 (14:33 +0100)]
[Fix] Fix output of non-RSA DKIM keys

Issue: #4570

15 months ago[Fix] Do not set output type if list application failed
Vsevolod Stakhov [Thu, 10 Aug 2023 13:51:42 +0000 (14:51 +0100)]
[Fix] Do not set output type if list application failed

15 months ago[Minor] Add some extra debug
Vsevolod Stakhov [Thu, 10 Aug 2023 13:47:23 +0000 (14:47 +0100)]
[Minor] Add some extra debug

15 months ago[Minor] Treat last dot specially
Vsevolod Stakhov [Thu, 10 Aug 2023 12:32:02 +0000 (13:32 +0100)]
[Minor] Treat last dot specially

15 months ago[Fix] Fix some corner cases of single-host urls parsing
Vsevolod Stakhov [Thu, 10 Aug 2023 12:07:38 +0000 (13:07 +0100)]
[Fix] Fix some corner cases of single-host urls parsing

15 months ago[Test] Add one more test for urls parsing
Vsevolod Stakhov [Thu, 10 Aug 2023 11:21:49 +0000 (12:21 +0100)]
[Test] Add one more test for urls parsing

15 months ago[Fix] Fix `url:set_redirected` method
Vsevolod Stakhov [Wed, 9 Aug 2023 16:31:04 +0000 (17:31 +0100)]
[Fix] Fix `url:set_redirected` method

15 months agoMerge pull request #4569 from moisseev/webui
Vsevolod Stakhov [Tue, 8 Aug 2023 15:04:03 +0000 (16:04 +0100)]
Merge pull request #4569 from moisseev/webui

[WebUI] Restore contrasting foreground color

15 months ago[WebUI] Restore contrasting foreground color 4569/head
moisseev [Tue, 8 Aug 2023 15:00:48 +0000 (18:00 +0300)]
[WebUI] Restore contrasting foreground color

for badges

15 months agoMerge pull request #4567 from moisseev/webui
Vsevolod Stakhov [Tue, 8 Aug 2023 12:33:21 +0000 (13:33 +0100)]
Merge pull request #4567 from moisseev/webui

[Minor] Update JS libraries

15 months ago[Minor] Update JS libraries 4567/head
moisseev [Tue, 8 Aug 2023 07:41:18 +0000 (10:41 +0300)]
[Minor] Update JS libraries

15 months ago[Minor] Fix usage
Vsevolod Stakhov [Mon, 7 Aug 2023 14:10:32 +0000 (15:10 +0100)]
[Minor] Fix usage

15 months ago[Fix] Fix lua schema enrichment logic for Redis params
Vsevolod Stakhov [Mon, 7 Aug 2023 13:52:12 +0000 (14:52 +0100)]
[Fix] Fix lua schema enrichment logic for Redis params

15 months ago[Fix] Fix merge table utility
Vsevolod Stakhov [Mon, 7 Aug 2023 13:42:30 +0000 (14:42 +0100)]
[Fix] Fix merge table utility

15 months ago[Feature] Check for plugin configuration errors on `configtest`
Vsevolod Stakhov [Mon, 7 Aug 2023 12:32:48 +0000 (13:32 +0100)]
[Feature] Check for plugin configuration errors on `configtest`

15 months ago[Minor] Update function docs
Vsevolod Stakhov [Mon, 7 Aug 2023 12:32:20 +0000 (13:32 +0100)]
[Minor] Update function docs

15 months ago[Minor] Allow to call function from stack in rspamd_lua_universal_pcall
Vsevolod Stakhov [Mon, 7 Aug 2023 12:30:50 +0000 (13:30 +0100)]
[Minor] Allow to call function from stack in rspamd_lua_universal_pcall

15 months ago[Minor] Move config stuff out
Vsevolod Stakhov [Mon, 7 Aug 2023 11:42:09 +0000 (12:42 +0100)]
[Minor] Move config stuff out

15 months ago[Minor] Remove unused utility, as it has been broken for ages
Vsevolod Stakhov [Mon, 7 Aug 2023 11:19:35 +0000 (12:19 +0100)]
[Minor] Remove unused utility, as it has been broken for ages

15 months ago[Minor] Allow to log configuration errors from plugins
Vsevolod Stakhov [Mon, 7 Aug 2023 11:19:03 +0000 (12:19 +0100)]
[Minor] Allow to log configuration errors from plugins

15 months ago[Minor] Reformat all Lua code, no functional changes
Vsevolod Stakhov [Mon, 7 Aug 2023 10:41:28 +0000 (11:41 +0100)]
[Minor] Reformat all Lua code, no functional changes

15 months ago[Minor] Distinguish failures from unknown errors
Vsevolod Stakhov [Mon, 7 Aug 2023 10:25:52 +0000 (11:25 +0100)]
[Minor] Distinguish failures from unknown errors

15 months ago[CritFix] Fix leak in `gzip` function
Vsevolod Stakhov [Sun, 6 Aug 2023 17:33:37 +0000 (18:33 +0100)]
[CritFix] Fix leak in `gzip` function

Issue: #4564

15 months agoMerge pull request #4562 from helsinki-systems/fix/redis_schema_parsing
Vsevolod Stakhov [Sat, 5 Aug 2023 18:45:04 +0000 (19:45 +0100)]
Merge pull request #4562 from helsinki-systems/fix/redis_schema_parsing

[Fix] Redis schema parsing

15 months agofix: redis schema parsing 4562/head
Simon Hauser [Fri, 4 Aug 2023 14:12:01 +0000 (16:12 +0200)]
fix: redis schema parsing

15 months agoMerge pull request #4560 from a16bitsysop/tests
Vsevolod Stakhov [Fri, 4 Aug 2023 12:05:15 +0000 (13:05 +0100)]
Merge pull request #4560 from a16bitsysop/tests

[Fix] CMakeLists.txt remove whitespace added by linter as it makes te…

15 months ago[Fix] CMakeLists.txt remove whitespace added by linter as it makes tests fail 4560/head
Duncan Bellamy [Thu, 3 Aug 2023 22:08:06 +0000 (22:08 +0000)]
[Fix] CMakeLists.txt remove whitespace added by linter as it makes tests fail

15 months ago[Minor] Update version to 3.7
Vsevolod Stakhov [Thu, 3 Aug 2023 13:56:53 +0000 (14:56 +0100)]
[Minor] Update version to 3.7

15 months agoRelease 3.6 3.6
Vsevolod Stakhov [Thu, 3 Aug 2023 13:55:15 +0000 (14:55 +0100)]
Release 3.6

* [Conf] Add `one_shot` to some specific multimap rules
* [Conf] Add language detection configuration
* [Conf] Add missing attributes for the language detection configuration
* [Conf] Remove outdated composite rules
* [Feature] Add `sentinel_password` option
* [Feature] Add ability to deny specific fuzzy flags by default
* [Feature] Add controller endpoint to get fuzzy hashes from messages
* [Feature] Add extra symbol when URL redirector reaches nested limit
* [Feature] Add function to transliterate utf8 to ascii with some normalisation
* [Feature] Add html parsing limit
* [Feature] Add order to urls structure
* [Feature] Add some missing functions to `lua_rsa` library
* [Feature] Allow fuzzy workers to exchange blocked information
* [Feature] Allow to have weak flags in fuzzy storage
* [Feature] Allow to read options from maps in the multimap plugin
* [Feature] Allow to use other methods when fasttext detection is enabled
* [Feature] Count stats per key per flag
* [Feature] Finish all features of dkim_keygen in Lua
* [Feature] Khash: Allow static initialisation
* [Feature] Maps: Add on_load support
* [Feature] Preliminary implementation of dynamic composites
* [Feature] Process HTML parts before text ones
* [Feature] Reorganise struct rspamd_url to be 64 bytes size
* [Feature] Save fuzzy ratelimit buckets
* [Feature] Use in-place deflation for strings
* [Feature] external_relay: add ip_map strategy
* [Fix] Avoid race between config new/free by using a counter
* [Fix] Do not use `rspamadm.dkim_keygen`
* [Fix] Feed fasttext language model with the pre-tokenized words
* [Fix] Fix `rspamd_has_only_html_part`
* [Fix] Fix an old issue with order of destruction race between redis pool and lua
* [Fix] Fix format string usage
* [Fix] Fix parsing due to old bug revealed
* [Fix] Fix parsing of the mask values that are invalid
* [Fix] Ignore non-unique stop words
* [Fix] Include the last character when parsing the last header with no value
* [Fix] More fixes to fuzzystat
* [Fix] Set proper counter
* [Fix] Try harder to clean pending bucket
* [Fix] Try harder to remove bad hyperscan files
* [Fix] Update stats before encryption...
* [Fix] dmarc gramar - allow spaces before ";"
* [Fix] rbl: fix dependency registration when symbols_prefixes is used
* [Fix] remove obsolete rspamd-redirector files
* [Fix] test external_relay: count should always be the last rule, as it have no matching condition
* [Project] Allow to register multimap symbols dynamically
* [Project] Implement fasttext language detection
* [Rework] Default max shots must not influence options
* [Rework] Write dkim keygen tool in lua
* [Rules] Add thread hijacking composite rule

15 months agoMerge pull request #4558 from twesterhever/temp-detect-google-amp-urls
Vsevolod Stakhov [Thu, 3 Aug 2023 06:54:44 +0000 (07:54 +0100)]
Merge pull request #4558 from twesterhever/temp-detect-google-amp-urls

[Minor] Tweak HAS_GOOGLE_REDIR to detect Google AMP URLs as well

15 months agoMerge pull request #4559 from fatalbanana/html_only
Vsevolod Stakhov [Wed, 2 Aug 2023 14:37:43 +0000 (15:37 +0100)]
Merge pull request #4559 from fatalbanana/html_only

[Minor] Test & fix has_only_html_part regression

15 months ago[Minor] Test & fix has_only_html_part regression 4559/head
Andrew Lewis [Wed, 2 Aug 2023 14:35:16 +0000 (16:35 +0200)]
[Minor] Test & fix has_only_html_part regression

15 months ago[Fix] Fix `rspamd_has_only_html_part`
Vsevolod Stakhov [Wed, 2 Aug 2023 14:34:36 +0000 (15:34 +0100)]
[Fix] Fix `rspamd_has_only_html_part`

15 months ago[Minor] Tweak HAS_GOOGLE_REDIR to detect Google AMP URLs as well 4558/head
twesterhever [Wed, 2 Aug 2023 13:32:13 +0000 (13:32 +0000)]
[Minor] Tweak HAS_GOOGLE_REDIR to detect Google AMP URLs as well

Rationale: https://cofense.com/blog/google-amp-the-newest-of-evasive-phishing-tactic/

15 months ago[Minor] Align scores of Spamhaus DBL, SURBL, URIBL DNSBL symbols 4557/head
twesterhever [Wed, 2 Aug 2023 13:11:03 +0000 (13:11 +0000)]
[Minor] Align scores of Spamhaus DBL, SURBL, URIBL DNSBL symbols

Given that they have about the same false positive rate, it makes sense
to treat them equal in terms of scoring:
- Particular threats (phishing, malware) are scored a bit higher than
  mere spam domain listings
- "Abused legitimate" listings are scored lower for some DNSBLs already,
  this has now been aligned.
- For SURBL, cracked and abused sites are treated with the same score.

15 months ago[Minor] Increase score of URIBL_XBL
twesterhever [Wed, 2 Aug 2023 13:09:29 +0000 (13:09 +0000)]
[Minor] Increase score of URIBL_XBL

This aids with detecting FQDNs hosted on hacked machines, such as used
in Fast Flux-style botnet spam.

15 months ago[Minor] Reduce score of URIBL_SBL_CSS
twesterhever [Wed, 2 Aug 2023 13:07:59 +0000 (13:07 +0000)]
[Minor] Reduce score of URIBL_SBL_CSS

Given that CSS is an automated component of SBL, this should not receive
the same scoring as manually conducted SBL listings. Particularly for
shared hosting environments, CSS hits on IP addresses derived from FQDNs
sometimes were found to be scored a bit too high.