Vsevolod Stakhov
6 years ago
2 changed files with 44 additions and 3 deletions
+ 1
- 1
conf/modules.d/phishing.conf
View File
| @@ -21,7 +21,7 @@ phishing { | |||
| openphish_map = "https://www.openphish.com/feed.txt"; | |||
| # Disabled by default | |||
| phishtank_enabled = false; | |||
| phishtank_map = "https://rspamd.com/phishtank/online-valid.json.zst"; | |||
| phishtank_map = "https://maps.rspamd.com/phishtank/online-valid.json.zst"; | |||
| # Make exclusions for known redirectors | |||
| redirector_domains = [ | |||
+ 43
- 2
src/plugins/lua/arc.lua
View File
| @@ -263,9 +263,50 @@ local function arc_callback(task) | |||
| end | |||
| end | |||
| -- Now we can verify all signatures | |||
| --[[ | |||
| 1. Collect all ARC Sets currently attached to the message. If there | |||
| are none, the Chain Validation Status is "none" and the algorithm | |||
| stops here. The maximum number of ARC Sets that can be attached | |||
| to a message is 50. If more than the maximum number exist the | |||
| Chain Validation Status is "fail" and the algorithm stops here. | |||
| In the following algorithm, the maximum ARC instance value is | |||
| referred to as "N". | |||
| 2. If the Chain Validation Status of the highest instance value ARC | |||
| Set is "fail", then the Chain Validation status is "fail" and the | |||
| algorithm stops here. | |||
| 3. Validate the structure of the Authenticated Received Chain. A | |||
| valid ARC has the following conditions: | |||
| 1. Each ARC Set MUST contain exactly one each of the three ARC | |||
| header fields (AAR, AMS, and AS). | |||
| 2. The instance values of the ARC Sets MUST form a continuous | |||
| sequence from 1..N with no gaps or repetition. | |||
| 3. The "cv" value for all ARC-Seal header fields must be non- | |||
| failing. For instance values > 1, the value must be "pass". | |||
| For instance value = 1, the value must be "none". | |||
| * If any of these conditions are not met, the Chain Validation | |||
| Status is "fail" and the algorithm stops here. | |||
| 4. Validate the AMS with the greatest instance value (most recent). | |||
| If validation fails, then the Chain Validation Status is "fail" | |||
| and the algorithm stops here. | |||
| 5 - 7. Optional, not implemented | |||
| 8. Validate each AS beginning with the greatest instance value and | |||
| proceeding in decreasing order to the AS with the instance value | |||
| of 1. If any AS fails to validate, the Chain Validation Status | |||
| is "fail" and the algorithm stops here. | |||
| 9. If the algorithm reaches this step, then the Chain Validation | |||
| Status is "pass", and the algorithm is complete. | |||
| ]]-- | |||
| local processed = 0 | |||
| local sig = cbdata.sigs[#cbdata.sigs] | |||
| local sig = cbdata.sigs[#cbdata.sigs] -- last AMS | |||
| local ret,err = dkim_verify(task, sig.header, arc_signature_cb, 'arc-sign') | |||
| if not ret then | |||
Loading…