Count - WL-Count of default_score in percent

3 years ago · 3ebb188267
--- a/lualib/lua_scanners/pyzor.lua
+++ b/lualib/lua_scanners/pyzor.lua
@@ -41,7 +41,7 @@ local function pyzor_config(opts)
    detection_category = "hash",
    cache_expire = 7200, -- expire redis in one hour
    message = '${SCANNER}: Pyzor bulk message found: "${VIRUS}"',
    default_score = 1,
    default_score = 1.5,
    action = false,
  }

@@ -139,33 +139,19 @@ local function pyzor_check(task, content, digest, rule)
        --rspamd_logger.infox(task, "%s - count=%s wl=%s", addr:to_string(), reported, whitelisted)

        --[[
        @todo: Implement math function to calc the score dynamically based on return values.
        Maybe check spamassassin implementation.
        ]] --
        local entries = reported - whitelisted

        local weight = 0

        if entries >= 100 then
          weight = 1.5
        elseif entries >= 25 then
          weight = 1.25
        elseif entries >= 5 then
          weight = 1.0
        elseif entries >= 1 and whitelisted == 0 then
          weight = 0.2
        end

        if whitelisted >= 100 then
          weight = weight - 1.5
        elseif whitelisted >= 25 then
          weight = weight - 1.25
        elseif whitelisted >= 5 then
          weight = weight - 1.0
        elseif whitelisted >= 1 then
          weight = weight - 0.2
        end

        Weight is Count - WL-Count of rule.default_score in percent, e.g.
        SPAM:
          Count: 100 (100%)
          WL-Count: 1 (1%)
          rule.default_score: 1
          Weight: 0.99
        HAM:
          Count: 10 (100%)
          WL-Count: 10 (100%)
          rule.default_score: 1
          Weight: 0
        ]]
        local weight = tonumber(string.format("%.2f", rule.default_score * (reported - whitelisted) / (reported + whitelisted)))
        local info = string.format("count=%d wl=%d", reported, whitelisted)
        local threat_string = string.format("bl_%d_wl_%d", reported, whitelisted)