Vsevolod Stakhov
f0004af022
[Conf] Clarify documentation in the config files
2019-10-11 09:34:40 +01:00
Vsevolod Stakhov
84384ae4e6
[Conf] Make LEAKED_PASSWORD_SCAM a composite rule again
2019-09-19 12:13:48 +01:00
Vsevolod Stakhov
48d68b15e0
[Rework] Migrate from ip_score to reputation
2019-07-17 17:13:06 +01:00
Vsevolod Stakhov
7fe418890c
[Conf] Add BROKEN_HEADERS_MAILLIST composite
2019-07-17 16:21:07 +01:00
Vsevolod Stakhov
4cd0665750
[Rules] Rework LEAKED_PASSWORD_SCAM rule one more time
2019-06-18 12:54:44 +01:00
Vsevolod Stakhov
6c2080f59b
[Conf] Add IP_SCORE_FREEMAIL composite rule
2019-04-29 16:37:45 +01:00
Edmond
0d2f2dca84
Add a reference to the doc of composite rules
2019-04-08 15:11:17 +08:00
Vsevolod Stakhov
c427048cec
[Feature] Validate BTC addresses in LEAKED_PASSWORD_SCAM
2019-03-19 16:15:20 +00:00
heraklit256
4e878f443d
fix typo in RCVD_UNAUTH_PBL
2019-02-13 21:37:16 +01:00
Vsevolod Stakhov
ae8f199719
[Rules] Add VIOLATED_DIRECT_SPF composite
2019-01-15 18:05:58 +00:00
Vsevolod Stakhov
04fe3d3f7c
Merge pull request #2566 from heraklit256/composites-leave
...
Minor Composite rule cleanup
2018-10-18 19:57:38 +01:00
heraklit256
574536f825
lower score for PHISH_EMOTION to 1.0
2018-10-17 21:49:38 +02:00
heraklit256
e5fbf6435a
lower score for HAS_ANON_DOMAIN to 0.1
2018-10-17 21:49:16 +02:00
Vsevolod Stakhov
20337000c7
[Conf] Extend BAD_POLICIES composite
2018-10-15 18:08:03 +01:00
heraklit256
8f76d99b15
add HAS_ONION_URI to HAS_ANON_DOMAIN
2018-10-13 20:47:23 +02:00
Vsevolod Stakhov
abaa90892c
[Minor] Fixes for the previous project
2018-10-09 14:58:44 +01:00
Vsevolod Stakhov
62b3a7c5e9
[Conf] Add composite to negate policies when fuzzy/bayes found
2018-10-09 12:37:30 +01:00
Vsevolod Stakhov
7b1dd5c1a0
Merge pull request #2543 from heraklit256/extended-dnswl-scores
...
leaving original symbols if DNSWL composite rules are triggered
2018-10-08 16:22:43 +01:00
heraklit256
b6092b1f92
lower weight of RCVD_DKIM_ARC_DNSWL_HI to -1.0
2018-10-08 17:03:03 +02:00
heraklit256
0455923baf
Include ARC into AUTH_NA rule
2018-10-04 18:04:44 +02:00
heraklit256
a15bd65a86
Composite rules: Minor cleanups
...
Added descriptions to some rules and unified AND operator.
2018-10-04 18:03:24 +02:00
heraklit256
baec25184f
leave original symbols for composite rules
...
Removing original symbols if a composite rule triggers is kind
of confusing and makes debugging harder.
2018-10-04 17:58:07 +02:00
heraklit256
1a55afb110
lower weight for RCVD_DKIM_ARC_DNSWL_MED and RCVD_DKIM_ARC_DNSWL_HIGH
...
These were too high as other symbols - such as ARC_ALLOW - already
introduce some negative scores.
Thanks to @moisseev for reporting this.
2018-10-04 17:49:26 +02:00
heraklit256
fc0cec888f
Fix description for composite rule RBL_SPAMHAUS_XBL_ANY
2018-09-27 16:42:12 +02:00
heraklit256
6e44ac9fb4
leaving original symbols if DNSWL composite rules are triggered
...
Without policy = "leave", rspamd replaces the original symbols
in log and message header (if enabled), which makes debugging more
hard and is not used in this case.
2018-09-27 16:35:46 +02:00
Alexander Moisseev
957e3c6d1a
[Minor] Remove UNPRECISE_RCPT_DETAIL_FROM_SPAMMY
2018-09-25 19:16:53 +03:00
heraklit256
648c87a935
add rule for domains trying to stay anonymous
2018-09-09 18:28:17 +02:00
heraklit256
04b52561b0
improve composite rules for phish messages
2018-09-09 18:21:12 +02:00
heraklit256
5312495106
add some missing composite rule description
2018-09-09 18:19:02 +02:00
heraklit256
5afbc581fa
add rule for spammy mails with detailled sender but generic recipients
2018-09-08 12:30:05 +02:00
heraklit256
faadf253ad
add rule for phish messages containing emotional subjects
2018-09-08 12:11:36 +02:00
heraklit256
46bb18fa93
add rule for spammy PHP generated mails
2018-09-08 12:02:02 +02:00
heraklit256
f1ebed1f9c
also trigger DNSWL score rule in case mails are properly ARC signed
2018-08-27 18:27:03 +02:00
heraklit256
1ecd691570
add negative weight to DNSWL entries
...
However, a message must be correctly DKIM signed to get some more
negative weight in case an received IP is listed with medium or
high trust at DNSWL.
This supersedes a first patch without the DKIM condition.
2018-08-07 16:34:30 +02:00
heraklit256
d39673f6b2
add rule for RCVD_UNAUTH_PBL
2018-05-21 18:51:09 +02:00
Alexander Moisseev
d15ecc5fe1
[Minor] In *_FORWARDING composites remove only weights
2018-05-20 18:53:49 +03:00
Alexander Moisseev
22f9f56f87
[Minor] Suppress base64 symbols for mails sent with 1C v8
2017-08-23 12:18:03 +03:00
Alexander Moisseev
6f0cbd21a5
[Minor] Suppress MIME_BASE64_TEXT for Mail.Ru Mailer
2017-07-31 11:48:59 +03:00
Alexander Moisseev
57b22b82eb
[Minor] Suppress CTYPE_MIXED_BOGUS for yandex.ru web-mail
2017-04-17 11:51:21 +03:00
Steve Freegard
1205d530dd
Updates to previous commit
2017-03-23 22:01:19 +00:00
Steve Freegard
c53dd6be72
New rules
2017-03-23 21:27:02 +00:00
Vsevolod Stakhov
d10012653e
[Conf] Add composite for hacked wordpress phishing
2017-03-09 15:38:20 +00:00
Andrew Lewis
cb7c54ccf0
[Rework] Composite configuration ( #1270 )
2016-12-21 15:26:51 +02:00
Alexander Moisseev
63234cfa24
[Minor] Suppress SUBJ_EXCESS_BASE64 for Mail.Ru web-mail as well
2016-12-12 19:24:31 +03:00
Alexander Moisseev
e181656d48
[Minor] Suppress *_BASE64 for mails sent with Mail.Ru web-mail ( #902 )
2016-12-12 18:58:08 +03:00
Vsevolod Stakhov
cd0f7a9d7c
[Minor] Name composite in a proper way
2016-11-04 14:13:07 +00:00
Andrew Lewis
38d3686269
[Minor] Avoid removing SPF failure symbols in composite
2016-10-04 13:26:54 +02:00
Andrew Lewis
b0e378af1d
[Feature] Add R_DKIM_PERMFAIL symbol
2016-09-19 20:59:25 +02:00
Andrew Lewis
032de97d72
[Minor] Fine-tune composites
2016-09-08 16:41:27 +02:00
Andrew Lewis
07f4c49ea5
[Feature] Add R_DKIM_NA / R_SPF_NA / AUTH_NA symbols
2016-08-29 14:41:12 +02:00