From 23e9ab327c65220c32de855eeaff409b7389dfe4 Mon Sep 17 00:00:00 2001
From: moisseev <moiseev@mezonplus.ru>
Date: Fri, 12 Nov 2021 15:01:58 +0300
Subject: [PATCH] [Conf] Set one_shot for URIBL rules by default

---
 conf/scores.d/surbl_group.conf | 40 +++++++++++++++++++++++++++++-----
 1 file changed, 34 insertions(+), 6 deletions(-)

diff --git a/conf/scores.d/surbl_group.conf b/conf/scores.d/surbl_group.conf
index b4e5b6bbf..e19e48249 100644
--- a/conf/scores.d/surbl_group.conf
+++ b/conf/scores.d/surbl_group.conf
@@ -23,26 +23,31 @@ symbols = {
     "SURBL_BLOCKED" {
         weight = 0.0;
         description = "SURBL: blocked by policy/overusage";
+        one_shot = true;
         groups = ["surblorg", "blocked"];
     }
     "PH_SURBL_MULTI" {
         weight = 5.5;
         description = "SURBL: Phishing sites";
+        one_shot = true;
         groups = ["surblorg", "phishing"];
     }
     "MW_SURBL_MULTI" {
         weight = 5.5;
         description = "SURBL: Malware sites";
+        one_shot = true;
         groups = ["surblorg"];
     }
     "ABUSE_SURBL" {
         weight = 5.5;
         description = "SURBL: ABUSE";
+        one_shot = true;
         groups = ["surblorg"];
     }
     "CRACKED_SURBL" {
         weight = 4.0;
         description = "SURBL: cracked site";
+        one_shot = true;
         groups = ["surblorg"];
     }
     "RSPAMD_URIBL" {
@@ -76,108 +81,129 @@ symbols = {
     "SEM_URIBL_UNKNOWN" {
         weight = 0.0;
         description = "Spameatingmonkey uribl: unknown result";
+        one_shot = true;
         groups = ["sem"];
     }
     "SEM_URIBL" {
         weight = 3.5;
         description = "Spameatingmonkey uribl";
+        one_shot = true;
         groups = ["sem"];
     }
 
     "SEM_URIBL_FRESH15_UNKNOWN" {
         weight = 0.0;
         description = "Spameatingmonkey Fresh15 uribl: unknown result";
+        one_shot = true;
         groups = ["sem"];
     }
     "SEM_URIBL_FRESH15" {
         weight = 3.0;
         description = "Spameatingmonkey uribl. Domains registered in the last 15 days (.AERO,.BIZ,.COM,.INFO,.NAME,.NET,.PRO,.SK,.TEL,.US)";
+        one_shot = true;
         groups = ["sem"];
     }
 
     "DBL" {
         weight = 0.0;
         description = "DBL unknown result";
+        one_shot = true;
         groups = ["spamhaus"];
     }
     "DBL_SPAM" {
         weight = 6.5;
         description = "DBL uribl spam";
+        one_shot = true;
         groups = ["spamhaus"];
     }
     "DBL_PHISH" {
         weight = 6.5;
         description = "DBL uribl phishing";
+        one_shot = true;
         groups = ["spamhaus"];
     }
     "DBL_MALWARE" {
         weight = 6.5;
         description = "DBL uribl malware";
+        one_shot = true;
         groups = ["spamhaus"];
     }
     "DBL_BOTNET" {
         weight = 5.5;
         description = "DBL uribl botnet C&C domain";
+        one_shot = true;
         groups = ["spamhaus"];
     }
     "DBL_ABUSE" {
         weight = 6.5;
         description = "DBL uribl abused legit spam";
+        one_shot = true;
         groups = ["spamhaus"];
     }
     "DBL_ABUSE_REDIR" {
         weight = 1.5;
         description = "DBL uribl abused spammed redirector domain";
+        one_shot = true;
         groups = ["spamhaus"];
     }
     "DBL_ABUSE_PHISH" {
         weight = 7.5;
         description = "DBL uribl abused legit phish";
+        one_shot = true;
         groups = ["spamhaus"];
     }
     "DBL_ABUSE_MALWARE" {
         weight = 7.5;
         description = "DBL uribl abused legit malware";
+        one_shot = true;
         groups = ["spamhaus"];
     }
     "DBL_ABUSE_BOTNET" {
         weight = 5.5;
         description = "DBL uribl abused legit botnet C&C";
+        one_shot = true;
         groups = ["spamhaus"];
     }
     "DBL_PROHIBIT" {
         weight = 0.0;
         description = "DBL uribl IP queries prohibited!";
+        one_shot = true;
         groups = ["spamhaus"];
     }
     "DBL_BLOCKED_OPENRESOLVER" {
-      weight = 0.0;
-      description = "You are querying Spamhaus from an open resolver, please see https://www.spamhaus.org/returnc/pub/";
-      groups = ["spamhaus"];
+        weight = 0.0;
+        description = "You are querying Spamhaus from an open resolver, please see https://www.spamhaus.org/returnc/pub/";
+        one_shot = true;
+        groups = ["spamhaus"];
     }
     "DBL_BLOCKED" {
-      weight = 0.0;
-      description = "You are exceeding the query limit, please see https://www.spamhaus.org/returnc/vol/";
-      groups = ["spamhaus"];
+        weight = 0.0;
+        description = "You are exceeding the query limit, please see https://www.spamhaus.org/returnc/vol/";
+        one_shot = true;
+        groups = ["spamhaus"];
     }
     "URIBL_MULTI" {
         weight = 0.0;
         description = "uribl.com: unrecognised result";
+        one_shot = true;
         groups = ["uribl"];
     }
     "URIBL_BLOCKED" {
         weight = 0.0;
         description = "uribl.com: query refused";
+        one_shot = true;
         groups = ["uribl", "blocked"];
     }
     "URIBL_BLACK" {
         weight = 7.5;
         description = "uribl.com black url";
+        one_shot = true;
         groups = ["uribl"];
     }
     "URIBL_RED" {
         weight = 3.5;
         description = "uribl.com red url";
+        one_shot = true;
         groups = ["uribl"];
     }
     "URIBL_GREY" {
@@ -189,6 +215,7 @@ symbols = {
     #"SPAMHAUS_ZEN_URIBL" {
     #    weight = 0.0;
     #    description = "Spamhaus ZEN URIBL: Filtered result";
+    #    one_shot = true;
     #    groups = ["spamhaus"];
     #}
     #"URIBL_SBL" {
@@ -212,6 +239,7 @@ symbols = {
     #"URIBL_PBL" {
     #    weight = 0.01;
     #    description = "A domain in the message body resolves to an IP listed in Spamhaus PBL";
+    #    one_shot = true;
     #    groups = ["spamhaus"];
     #}
     #"URIBL_DROP" {
-- 
2.39.5