mirrors
/
rspamd
mirror of https://github.com/vstakhov/rspamd.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 159 Wiki Activity
Browse Source

RBL: change behaviour of whitelists

pull/244/head
Andrew Lewis 9 years ago
parent
ba5f92b440
commit
77abfd7fa8
4 changed files with 64 additions and 25 deletions
Split View Show Diff Stats
  1. 9
    11
      conf/metrics.conf
  2. 20
    14
      conf/modules.conf
  3. 8
    0
      doc/markdown/modules/rbl.md
  4. 27
    0
      src/plugins/lua/rbl.lua

+ 9
- 11
conf/metrics.conf View File

@@ -342,10 +342,10 @@ metric {
symbol { name = "RECEIVED_SPAMHAUS_XBL"; weight = 3.0; description = "Received address is listed in zen pbl"; one_shot = true; }
symbol { name = "RWL_SPAMHAUS_WL"; weight = 0.0; description = "Sender listed at Spamhaus whitelist"; }
symbol { name = "RWL_SPAMHAUS_WL_IND"; weight = -0.7; description = "Sender listed at Spamhaus whitelist"; }
symbol { name = "RWL_SPAMHAUS_WL_TRANS"; weight = -0.6; description = "Sender listed at Spamhaus whitelist"; }
symbol { name = "RWL_SPAMHAUS_WL_IND_EXP"; weight = -0.3; description = "Sender listed at Spamhaus whitelist"; }
symbol { name = "RWL_SPAMHAUS_WL_TRANS_EXP"; weight = -0.2; description = "Sender listed at Spamhaus whitelist"; }
symbol { name = "RWL_SPAMHAUS_WL_IND"; weight = 0.0; description = "Sender listed at Spamhaus whitelist"; }
symbol { name = "RWL_SPAMHAUS_WL_TRANS"; weight = 0.0; description = "Sender listed at Spamhaus whitelist"; }
symbol { name = "RWL_SPAMHAUS_WL_IND_EXP"; weight = 0.0; description = "Sender listed at Spamhaus whitelist"; }
symbol { name = "RWL_SPAMHAUS_WL_TRANS_EXP"; weight = 0.0; description = "Sender listed at Spamhaus whitelist"; }
symbol {
weight = 2.0;
@@ -363,16 +363,14 @@ metric {
name = "RBL_UCEPROTECT_LEVEL1";
}
symbol { name = "RBL_MAILSPIKE"; weight = 0.0; description = "From address is listed in RBL"; }
symbol { name = "RBL_MAILSPIKE_ZOMBIE"; weight = 2.0; description = "From address is listed in RBL"; }
symbol { name = "RBL_MAILSPIKE_WORST"; weight = 2.0; description = "From address is listed in RBL"; }
symbol { name = "RBL_MAILSPIKE_VERYBAD"; weight = 1.5; description = "From address is listed in RBL"; }
symbol { name = "RBL_MAILSPIKE_BAD"; weight = 1.0; description = "From address is listed in RBL"; }
symbol { name = "RBL_MAILSPIKE_SUSP"; weight = 0.5; description = "From address is listed in RBL"; }
symbol { name = "RBL_MAILSPIKE_PROB"; weight = 0.3; description = "From address is listed in RBL"; }
symbol { name = "RWL_MAILSPIKE_POSSIBLE"; weight = -0.2; description = "From address is listed in RWL"; }
symbol { name = "RWL_MAILSPIKE_GOOD"; weight = -0.5; description = "From address is listed in RWL"; }
symbol { name = "RWL_MAILSPIKE_VERYGOOD"; weight = -0.6; description = "From address is listed in RWL"; }
symbol { name = "RWL_MAILSPIKE_EXCELLENT"; weight = -0.7; description = "From address is listed in RWL"; }
symbol { name = "RWL_MAILSPIKE_POSSIBLE"; weight = 0.0; description = "From address is listed in RWL"; }
symbol { name = "RWL_MAILSPIKE_GOOD"; weight = 0.0; description = "From address is listed in RWL"; }
symbol { name = "RWL_MAILSPIKE_VERYGOOD"; weight = 0.0; description = "From address is listed in RWL"; }
symbol { name = "RWL_MAILSPIKE_EXCELLENT"; weight = 0.0; description = "From address is listed in RWL"; }
symbol {
weight = 1.0;

+ 20
- 14
conf/modules.conf View File

@@ -120,6 +120,7 @@ rbl {
symbol = "RWL_SPAMHAUS_WL";
rbl = "swl.spamhaus.org";
ipv6 = true;
is_whitelist = true;
returncodes {
RWL_SPAMHAUS_WL_IND = "127.0.2.2";
RWL_SPAMHAUS_WL_TRANS = "127.0.2.3";
@@ -128,20 +129,23 @@ rbl {
}
}

mailspike {
symbol = "RBL_MAILSPIKE";
rbl = "rep.mailspike.net";
returncodes {
#http://mailspike.net/usage.html
RBL_MAILSPIKE_WORST = "127.0.0.10"
RBL_MAILSPIKE_VERYBAD = "127.0.0.11"
RBL_MAILSPIKE_BAD = "127.0.0.12"
RBL_MAILSPIKE_SUSP = "127.0.0.13"
RBL_MAILSPIKE_PROB = "127.0.0.14"
RWL_MAILSPIKE_POSSIBLE = "127.0.0.17"
RWL_MAILSPIKE_GOOD = "127.0.0.18"
RWL_MAILSPIKE_VERYGOOD = "127.0.0.19"
RWL_MAILSPIKE_EXCELLENT = "127.0.0.20"
mailspike_bl {
rbl = "bl.mailspike.net";
returncodes {
RBL_MAILSPIKE_ZOMBIE = "127.0.0.2";
RBL_MAILSPIKE_WORST = "127.0.0.10";
RBL_MAILSPIKE_VERYBAD = "127.0.0.11";
RBL_MAILSPIKE_BAD = "127.0.0.12";
}
}

mailspike_wl {
rbl = "wl.mailspike.net";
returncodes {
RWL_MAILSPIKE_POSSIBLE = "127.0.0.17";
RWL_MAILSPIKE_GOOD = "127.0.0.18";
RWL_MAILSPIKE_VERYGOOD = "127.0.0.19";
RWL_MAILSPIKE_EXCELLENT = "127.0.0.20";
}
}
@@ -193,6 +197,7 @@ rbl {
symbol = "RCVD_IN_DNSWL";
rbl = "list.dnswl.org";
ipv6 = true;
is_whitelist = true;
returncodes {
RCVD_IN_DNSWL_NONE = "127.0.%d+.0";
RCVD_IN_DNSWL_LOW = "127.0.%d+.1";
@@ -210,6 +215,7 @@ rbl {
exclude_users = false;
exclude_private_ips = false;
exclude_local = false;
ignore_whitelists = true;
}

}

+ 8
- 0
doc/markdown/modules/rbl.md View File

@@ -65,6 +65,14 @@ If true & private_ips is set appropriately, do not use the RBL if the sending ho

If true & local_exclude_ip_map has been set - do not use the RBL if the sending host address is in the local IP list & do not check received headers baring these addresses.

- default_is_whitelist (false)

If true matches on this list should neutralise any listings where this setting is false, or ignore_whitelists has been set.

- default_ignore_whitelists (false)

If true this list should not be neutralised by whitelists.

Other parameters which can be set here are:

- local_exclude_ip_map

+ 27
- 0
src/plugins/lua/rbl.lua View File

@@ -297,6 +297,8 @@ if type(rspamd_config.get_api_version) ~= 'nil' then
rspamd_config:register_module_option('rbl', 'default_exclude_local', 'string')
rspamd_config:register_module_option('rbl', 'private_ips', 'string')
rspamd_config:register_module_option('rbl', 'default_emails', 'string')
rspamd_config:register_module_option('rbl', 'default_is_whitelist', 'string')
rspamd_config:register_module_option('rbl', 'default_ignore_whitelists', 'string')
end
end

@@ -321,6 +323,8 @@ default_defaults = {
['default_exclude_private_ips'] = {[1] = true, [2] = 'exclude_private_ips'},
['default_exclude_users'] = {[1] = false, [2] = 'exclude_users'},
['default_exclude_local'] = {[1] = true, [2] = 'exclude_local'},
['default_is_whitelist'] = {[1] = false, [2] = 'is_whitelist'},
['default_ignore_whitelist'] = {[1] = false, [2] = 'ignore_whitelists'},
}
for default, default_v in pairs(default_defaults) do
if opts[default] == nil then
@@ -335,6 +339,9 @@ if(opts['private_ips'] ~= nil) then
private_ips = rspamd_config:radix_from_config('rbl', 'private_ips')
end

local white_symbols = {}
local black_symbols = {}

for key,rbl in pairs(opts['rbls']) do
for default, default_v in pairs(default_defaults) do
if(rbl[default_v[2]] == nil) then
@@ -345,6 +352,11 @@ for key,rbl in pairs(opts['rbls']) do
for s,_ in pairs(rbl['returncodes']) do
if type(rspamd_config.get_api_version) ~= 'nil' then
rspamd_config:register_virtual_symbol(s, 1)
if(rbl['is_whitelist']) then
table.insert(white_symbols, s)
else
table.insert(black_symbols, s)
end
end
end
end
@@ -353,7 +365,22 @@ for key,rbl in pairs(opts['rbls']) do
end
if type(rspamd_config.get_api_version) ~= 'nil' and rbl['symbol'] then
rspamd_config:register_virtual_symbol(rbl['symbol'], 1)
if(rbl['is_whitelist']) then
table.insert(white_symbols, rbl['symbol'])
else
if rbl['ignore_whitelists'] == false then
table.insert(black_symbols, rbl['symbol'])
end
end
end
rbls[key] = rbl
end
for _, w in pairs(white_symbols) do
for _, b in pairs(black_symbols) do
csymbol = 'RBL_COMPOSITE_' .. w .. '_' .. b
rspamd_config:register_virtual_symbol(csymbol, 1)
rspamd_config:add_composite(csymbol, w .. ' & ' .. b)
rspamd_config:set_metric_symbol(csymbol, 0, 'Autogenerated composite')
end
end
rspamd_config:register_callback_symbol_priority('RBL', 1.0, 0, rbl_cb)

Write Preview
Loading…
Cancel
Save