From cd9a587c39a197438453faff8a0a706f2b420191 Mon Sep 17 00:00:00 2001 From: Andrew Lewis Date: Wed, 1 Apr 2015 17:31:39 +0200 Subject: [PATCH] RBL: change behaviour of whitelists --- conf/metrics.conf | 20 +++++++++----------- conf/modules.conf | 34 ++++++++++++++++++++-------------- doc/markdown/modules/rbl.md | 8 ++++++++ src/plugins/lua/rbl.lua | 27 +++++++++++++++++++++++++++ 4 files changed, 64 insertions(+), 25 deletions(-) diff --git a/conf/metrics.conf b/conf/metrics.conf index 49266e7ae..2ebd20479 100644 --- a/conf/metrics.conf +++ b/conf/metrics.conf @@ -342,10 +342,10 @@ metric { symbol { name = "RECEIVED_SPAMHAUS_XBL"; weight = 3.0; description = "Received address is listed in zen pbl"; one_shot = true; } symbol { name = "RWL_SPAMHAUS_WL"; weight = 0.0; description = "Sender listed at Spamhaus whitelist"; } - symbol { name = "RWL_SPAMHAUS_WL_IND"; weight = -0.7; description = "Sender listed at Spamhaus whitelist"; } - symbol { name = "RWL_SPAMHAUS_WL_TRANS"; weight = -0.6; description = "Sender listed at Spamhaus whitelist"; } - symbol { name = "RWL_SPAMHAUS_WL_IND_EXP"; weight = -0.3; description = "Sender listed at Spamhaus whitelist"; } - symbol { name = "RWL_SPAMHAUS_WL_TRANS_EXP"; weight = -0.2; description = "Sender listed at Spamhaus whitelist"; } + symbol { name = "RWL_SPAMHAUS_WL_IND"; weight = 0.0; description = "Sender listed at Spamhaus whitelist"; } + symbol { name = "RWL_SPAMHAUS_WL_TRANS"; weight = 0.0; description = "Sender listed at Spamhaus whitelist"; } + symbol { name = "RWL_SPAMHAUS_WL_IND_EXP"; weight = 0.0; description = "Sender listed at Spamhaus whitelist"; } + symbol { name = "RWL_SPAMHAUS_WL_TRANS_EXP"; weight = 0.0; description = "Sender listed at Spamhaus whitelist"; } symbol { weight = 2.0; @@ -363,16 +363,14 @@ metric { name = "RBL_UCEPROTECT_LEVEL1"; } - symbol { name = "RBL_MAILSPIKE"; weight = 0.0; description = "From address is listed in RBL"; } + symbol { name = "RBL_MAILSPIKE_ZOMBIE"; weight = 2.0; description = "From address is listed in RBL"; } symbol { name = "RBL_MAILSPIKE_WORST"; weight = 2.0; description = "From address is listed in RBL"; } symbol { name = "RBL_MAILSPIKE_VERYBAD"; weight = 1.5; description = "From address is listed in RBL"; } symbol { name = "RBL_MAILSPIKE_BAD"; weight = 1.0; description = "From address is listed in RBL"; } - symbol { name = "RBL_MAILSPIKE_SUSP"; weight = 0.5; description = "From address is listed in RBL"; } - symbol { name = "RBL_MAILSPIKE_PROB"; weight = 0.3; description = "From address is listed in RBL"; } - symbol { name = "RWL_MAILSPIKE_POSSIBLE"; weight = -0.2; description = "From address is listed in RWL"; } - symbol { name = "RWL_MAILSPIKE_GOOD"; weight = -0.5; description = "From address is listed in RWL"; } - symbol { name = "RWL_MAILSPIKE_VERYGOOD"; weight = -0.6; description = "From address is listed in RWL"; } - symbol { name = "RWL_MAILSPIKE_EXCELLENT"; weight = -0.7; description = "From address is listed in RWL"; } + symbol { name = "RWL_MAILSPIKE_POSSIBLE"; weight = 0.0; description = "From address is listed in RWL"; } + symbol { name = "RWL_MAILSPIKE_GOOD"; weight = 0.0; description = "From address is listed in RWL"; } + symbol { name = "RWL_MAILSPIKE_VERYGOOD"; weight = 0.0; description = "From address is listed in RWL"; } + symbol { name = "RWL_MAILSPIKE_EXCELLENT"; weight = 0.0; description = "From address is listed in RWL"; } symbol { weight = 1.0; diff --git a/conf/modules.conf b/conf/modules.conf index 413e7e00b..6d2822cca 100644 --- a/conf/modules.conf +++ b/conf/modules.conf @@ -120,6 +120,7 @@ rbl { symbol = "RWL_SPAMHAUS_WL"; rbl = "swl.spamhaus.org"; ipv6 = true; + is_whitelist = true; returncodes { RWL_SPAMHAUS_WL_IND = "127.0.2.2"; RWL_SPAMHAUS_WL_TRANS = "127.0.2.3"; @@ -128,20 +129,23 @@ rbl { } } - mailspike { - symbol = "RBL_MAILSPIKE"; - rbl = "rep.mailspike.net"; - returncodes { - #http://mailspike.net/usage.html - RBL_MAILSPIKE_WORST = "127.0.0.10" - RBL_MAILSPIKE_VERYBAD = "127.0.0.11" - RBL_MAILSPIKE_BAD = "127.0.0.12" - RBL_MAILSPIKE_SUSP = "127.0.0.13" - RBL_MAILSPIKE_PROB = "127.0.0.14" - RWL_MAILSPIKE_POSSIBLE = "127.0.0.17" - RWL_MAILSPIKE_GOOD = "127.0.0.18" - RWL_MAILSPIKE_VERYGOOD = "127.0.0.19" - RWL_MAILSPIKE_EXCELLENT = "127.0.0.20" + mailspike_bl { + rbl = "bl.mailspike.net"; + returncodes { + RBL_MAILSPIKE_ZOMBIE = "127.0.0.2"; + RBL_MAILSPIKE_WORST = "127.0.0.10"; + RBL_MAILSPIKE_VERYBAD = "127.0.0.11"; + RBL_MAILSPIKE_BAD = "127.0.0.12"; + } + } + + mailspike_wl { + rbl = "wl.mailspike.net"; + returncodes { + RWL_MAILSPIKE_POSSIBLE = "127.0.0.17"; + RWL_MAILSPIKE_GOOD = "127.0.0.18"; + RWL_MAILSPIKE_VERYGOOD = "127.0.0.19"; + RWL_MAILSPIKE_EXCELLENT = "127.0.0.20"; } } @@ -193,6 +197,7 @@ rbl { symbol = "RCVD_IN_DNSWL"; rbl = "list.dnswl.org"; ipv6 = true; + is_whitelist = true; returncodes { RCVD_IN_DNSWL_NONE = "127.0.%d+.0"; RCVD_IN_DNSWL_LOW = "127.0.%d+.1"; @@ -210,6 +215,7 @@ rbl { exclude_users = false; exclude_private_ips = false; exclude_local = false; + ignore_whitelists = true; } } diff --git a/doc/markdown/modules/rbl.md b/doc/markdown/modules/rbl.md index 6ffb46cda..cffeca044 100644 --- a/doc/markdown/modules/rbl.md +++ b/doc/markdown/modules/rbl.md @@ -65,6 +65,14 @@ If true & private_ips is set appropriately, do not use the RBL if the sending ho If true & local_exclude_ip_map has been set - do not use the RBL if the sending host address is in the local IP list & do not check received headers baring these addresses. +- default_is_whitelist (false) + +If true matches on this list should neutralise any listings where this setting is false, or ignore_whitelists has been set. + +- default_ignore_whitelists (false) + +If true this list should not be neutralised by whitelists. + Other parameters which can be set here are: - local_exclude_ip_map diff --git a/src/plugins/lua/rbl.lua b/src/plugins/lua/rbl.lua index ce43e54a2..1651d626b 100644 --- a/src/plugins/lua/rbl.lua +++ b/src/plugins/lua/rbl.lua @@ -297,6 +297,8 @@ if type(rspamd_config.get_api_version) ~= 'nil' then rspamd_config:register_module_option('rbl', 'default_exclude_local', 'string') rspamd_config:register_module_option('rbl', 'private_ips', 'string') rspamd_config:register_module_option('rbl', 'default_emails', 'string') + rspamd_config:register_module_option('rbl', 'default_is_whitelist', 'string') + rspamd_config:register_module_option('rbl', 'default_ignore_whitelists', 'string') end end @@ -321,6 +323,8 @@ default_defaults = { ['default_exclude_private_ips'] = {[1] = true, [2] = 'exclude_private_ips'}, ['default_exclude_users'] = {[1] = false, [2] = 'exclude_users'}, ['default_exclude_local'] = {[1] = true, [2] = 'exclude_local'}, + ['default_is_whitelist'] = {[1] = false, [2] = 'is_whitelist'}, + ['default_ignore_whitelist'] = {[1] = false, [2] = 'ignore_whitelists'}, } for default, default_v in pairs(default_defaults) do if opts[default] == nil then @@ -335,6 +339,9 @@ if(opts['private_ips'] ~= nil) then private_ips = rspamd_config:radix_from_config('rbl', 'private_ips') end +local white_symbols = {} +local black_symbols = {} + for key,rbl in pairs(opts['rbls']) do for default, default_v in pairs(default_defaults) do if(rbl[default_v[2]] == nil) then @@ -345,6 +352,11 @@ for key,rbl in pairs(opts['rbls']) do for s,_ in pairs(rbl['returncodes']) do if type(rspamd_config.get_api_version) ~= 'nil' then rspamd_config:register_virtual_symbol(s, 1) + if(rbl['is_whitelist']) then + table.insert(white_symbols, s) + else + table.insert(black_symbols, s) + end end end end @@ -353,7 +365,22 @@ for key,rbl in pairs(opts['rbls']) do end if type(rspamd_config.get_api_version) ~= 'nil' and rbl['symbol'] then rspamd_config:register_virtual_symbol(rbl['symbol'], 1) + if(rbl['is_whitelist']) then + table.insert(white_symbols, rbl['symbol']) + else + if rbl['ignore_whitelists'] == false then + table.insert(black_symbols, rbl['symbol']) + end + end end rbls[key] = rbl end +for _, w in pairs(white_symbols) do + for _, b in pairs(black_symbols) do + csymbol = 'RBL_COMPOSITE_' .. w .. '_' .. b + rspamd_config:register_virtual_symbol(csymbol, 1) + rspamd_config:add_composite(csymbol, w .. ' & ' .. b) + rspamd_config:set_metric_symbol(csymbol, 0, 'Autogenerated composite') + end +end rspamd_config:register_callback_symbol_priority('RBL', 1.0, 0, rbl_cb) -- 2.39.5