From d859235b16debe302d18e1f111629e8ca83c5f1a Mon Sep 17 00:00:00 2001 From: Vsevolod Stakhov Date: Mon, 25 Oct 2021 19:10:20 +0100 Subject: [PATCH] [Fix] Correctly check numeric URLs in URL DNS lists Issue: #3948 --- src/plugins/lua/rbl.lua | 26 +++++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/src/plugins/lua/rbl.lua b/src/plugins/lua/rbl.lua index f476932b0..bb333a6f7 100644 --- a/src/plugins/lua/rbl.lua +++ b/src/plugins/lua/rbl.lua @@ -22,6 +22,7 @@ end local hash = require 'rspamd_cryptobox_hash' local rspamd_logger = require 'rspamd_logger' local rspamd_util = require 'rspamd_util' +local rspamd_ip = require "rspamd_ip" local fun = require 'fun' local lua_util = require 'lua_util' local selectors = require "lua_selectors" @@ -538,12 +539,27 @@ local function gen_rbl_callback(rule) local urls = lua_util.extract_specific_urls(ex_params) for _,u in ipairs(urls) do - local url_tld = u:get_tld() - if rule.url_compose_map then - url_tld = rule.url_compose_map:process_url(task, url_tld, u:get_host()) + local flags = u:get_flags() + + if flags.numeric then + -- For numeric urls we convert data to the ip address and + -- reverse octets. See #3948 for details + local to_resolve = u:get_host() + local addr = rspamd_ip.from_string(to_resolve) + + if addr then + to_resolve = table.concat(addr:inversed_str_octets(), ".") + end + add_dns_request(task, to_resolve, false, + false, requests_table, 'url', whitelist) + else + local url_tld = u:get_tld() + if rule.url_compose_map then + url_tld = rule.url_compose_map:process_url(task, url_tld, u:get_host()) + end + add_dns_request(task, url_tld, false, + false, requests_table, 'url', whitelist) end - add_dns_request(task, url_tld, false, - false, requests_table, 'url', whitelist) end return true -- 2.39.5