[Minor] Add HAS_FILE_URL rule for messages containing a file:// URL

These are frequently abused for distributing malware via non-HTTP
protocols, such as public Samba servers. file:// URLs may also be abused
for including files from the victims' machine in a message. Either way,
a legitimate usecase is unlikely.

Signed-off-by: twesterhever <40121680+twesterhever@users.noreply.github.com>

rules/regexp/headers.lua

@@ -938,6 +938,13 @@ reconf['HAS_GOOGLE_FIREBASE_URL'] = {
   group = 'url'
 }
 
+reconf['HAS_FILE_URL'] = {
+  re = '/^file:\\/\\//{url}i',
+  description = 'Contains file:// URL',
+  score = 2.0,
+  group = 'url'
+}
+
 reconf['XM_UA_NO_VERSION'] = {
   re = string.format('(!%s && !%s) && (%s || %s)',
       'X-Mailer=/https?:/H',