mirrors
/
rspamd
mirror of https://github.com/vstakhov/rspamd.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 159 Wiki Activity
Browse Source

[Minor] SPOOF_DISPLAY_NAME: Use all SMTP/MIME recipients

tags/1.6.0
Andrew Lewis 7 years ago
parent
a5ffce1675
commit
90c9ee87d5
1 changed files with 18 additions and 9 deletions
Split View Show Diff Stats
  1. 18
    9
      rules/misc.lua

+ 18
- 9
rules/misc.lua View File

@@ -506,20 +506,29 @@ local check_from_display_name = rspamd_config:register_symbol{
local parsed = util.parse_mail_address(from[1].name)
if not parsed then return false end
if not (parsed[1] and parsed[1]['addr']) then return false end
if parsed[1]['domain'] == nil or parsed[1]['domain'] == '' then return false end
-- Make sure we did not mistake e.g. <something>@<name> for an email address
if not parsed[1]['domain'] or not parsed[1]['domain']:find('%.') then return false end
-- See if the parsed domains differ
if not util.strequal_caseless(from[1]['domain'], parsed[1]['domain']) then
-- See if the destination domain is the same as the spoof
local to = task:get_recipients(2)
if (to and to[1] and to[1]['domain']) then
-- Be careful with undisclosed-recipients:; as domain will be an empty string
if to[1]['domain'] ~= '' and util.strequal_caseless(to[1]['domain'], parsed[1]['domain']) then
task:insert_result('SPOOF_DISPLAY_NAME', 1.0, from[1]['domain'], parsed[1]['domain'])
return false
local mto = task:get_recipients(2)
local sto = task:get_recipients(1)
if mto then
for _, to in ipairs(mto) do
if to['domain'] ~= '' and util.strequal_caseless(to['domain'], parsed[1]['domain']) then
task:insert_result('SPOOF_DISPLAY_NAME', 1.0, from[1]['domain'], parsed[1]['domain'])
return false
end
end
end
if sto then
for _, to in ipairs(sto) do
if to['domain'] ~= '' and util.strequal_caseless(to['domain'], parsed[1]['domain']) then
task:insert_result('SPOOF_DISPLAY_NAME', 1.0, from[1]['domain'], parsed[1]['domain'])
return false
end
end
end
-- Make sure we did not mistake e.g. <something>@<name> for an email address
if not parsed[1]['domain']:find('%.') then return false end
task:insert_result('FROM_NEQ_DISPLAY_NAME', 1.0, from[1]['domain'], parsed[1]['domain'])
end
return false

Write Preview
Loading…
Cancel
Save