Browse Source

Merge pull request #2850 from heraklit256/rule-descr-cleanup

[Minor] unify rule scores and weights and improve descriptions
tags/1.9.2
Vsevolod Stakhov 5 years ago
parent
commit
e6e72472ad
No account linked to committer's email address

+ 1
- 1
conf/modules.d/spamtrap.conf View File

@@ -37,7 +37,7 @@ spamtrap {
# Fuzzy flag
#fuzzy_flag = 1;
# Fuzzy weight
#fuzzy_weight = 10;
#fuzzy_weight = 10.0;
# Redis key prefix
#key_prefix = 'sptr_';
# Skip spamtrap checks for authorized users

+ 2
- 2
conf/scores.d/headers_group.conf View File

@@ -17,7 +17,7 @@

symbols = {
"FORGED_SENDER" {
weight = 0.30;
weight = 0.3;
description = "Sender is forged (different From: header and smtp MAIL FROM: addresses)";
}
"R_MIXED_CHARSET" {
@@ -62,4 +62,4 @@ symbols = {
weight = -0.2;
description = "Message seems to be from maillist";
}
}
}

+ 23
- 23
conf/scores.d/hfilter_group.conf View File

@@ -17,11 +17,11 @@

symbols = {
"HFILTER_HELO_BAREIP" {
weight = 3.00;
weight = 3.0;
description = "Helo host is bare ip";
}
"HFILTER_HELO_BADIP" {
weight = 4.50;
weight = 4.5;
description = "Helo host is very bad ip";
}
"HFILTER_HELO_1" {
@@ -29,19 +29,19 @@ symbols = {
description = "Helo host checks (very low)";
}
"HFILTER_HELO_2" {
weight = 1.00;
weight = 1.0;
description = "Helo host checks (low)";
}
"HFILTER_HELO_3" {
weight = 2.00;
weight = 2.0;
description = "Helo host checks (medium)";
}
"HFILTER_HELO_4" {
weight = 2.50;
weight = 2.5;
description = "Helo host checks (hard)";
}
"HFILTER_HELO_5" {
weight = 3.00;
weight = 3.0;
description = "Helo host checks (very hard)";
}
"HFILTER_HOSTNAME_1" {
@@ -49,23 +49,23 @@ symbols = {
description = "Hostname checks (very low)";
}
"HFILTER_HOSTNAME_2" {
weight = 1.00;
weight = 1.0;
description = "Hostname checks (low)";
}
"HFILTER_HOSTNAME_3" {
weight = 2.00;
weight = 2.0;
description = "Hostname checks (medium)";
}
"HFILTER_HOSTNAME_4" {
weight = 2.50;
weight = 2.5;
description = "Hostname checks (hard)";
}
"HFILTER_HOSTNAME_5" {
weight = 3.00;
weight = 3.0;
description = "Hostname checks (very hard)";
}
"HFILTER_HELO_NORESOLVE_MX" {
weight = 0.20;
weight = 0.2;
description = "MX found in Helo and no resolve";
}
"HFILTER_HELO_NORES_A_OR_MX" {
@@ -73,11 +73,11 @@ symbols = {
description = "Helo no resolve to A or MX";
}
"HFILTER_HELO_IP_A" {
weight = 1.00;
weight = 1.0;
description = "Helo A IP != hostname IP";
}
"HFILTER_HELO_NOT_FQDN" {
weight = 2.00;
weight = 2.0;
description = "Helo not FQDN";
}
"HFILTER_FROMHOST_NORESOLVE_MX" {
@@ -85,47 +85,47 @@ symbols = {
description = "MX found in FROM host and no resolve";
}
"HFILTER_FROMHOST_NORES_A_OR_MX" {
weight = 1.50;
weight = 1.5;
description = "FROM host no resolve to A or MX";
}
"HFILTER_FROMHOST_NOT_FQDN" {
weight = 3.00;
weight = 3.0;
description = "FROM host not FQDN";
}
"HFILTER_FROM_BOUNCE" {
weight = 0.00;
weight = 0.0;
description = "Bounce message";
}
/*
# Disabled by default
"HFILTER_MID_NORESOLVE_MX" {
weight = 0.50;
weight = 0.5;
description = "MX found in Message-id host and no resolve";
}
"HFILTER_MID_NORES_A_OR_MX" {
weight = 0.50;
weight = 0.5;
name = ;
description = "Message-id host no resolve to A or MX";
}
"HFILTER_MID_NOT_FQDN" {
weight = 0.50;
weight = 0.5;
description = "Message-id host not FQDN";
}
*/
"HFILTER_HOSTNAME_UNKNOWN" {
weight = 2.50;
weight = 2.5;
description = "Unknown client hostname (PTR or FCrDNS verification failed)";
}
"HFILTER_RCPT_BOUNCEMOREONE" {
weight = 1.50;
weight = 1.5;
description = "Message from bounce and over 1 recipient";
}
"HFILTER_URL_ONLY" {
weight = 2.20;
weight = 2.2;
description = "URL only in body";
}
"HFILTER_URL_ONELINE" {
weight = 2.50;
weight = 2.5;
description = "One line URL and text in body";
}
}

+ 2
- 2
conf/scores.d/rbl_group.conf View File

@@ -64,12 +64,12 @@ symbols = {
groups = ["dnswl"];
}
"DWL_DNSWL_LOW" {
weight = -1;
weight = -1.0;
description = "Message has a valid dkim signature originated from domain listed at https://www.dnswl.org, low trust";
groups = ["dnswl"];
}
"DWL_DNSWL_MED" {
weight = -2;
weight = -2.0;
description = "Message has a valid dkim signature originated from domain listed at https://www.dnswl.org, medium trust";
groups = ["dnswl"];
}

+ 1
- 1
conf/scores.d/surbl_group.conf View File

@@ -145,7 +145,7 @@ symbols = {
groups = ["spamhaus"];
}
"DBL_PROHIBIT" {
weight = 0.00000;
weight = 0.0;
description = "DBL uribl IP queries prohibited!";
groups = ["spamhaus"];
}

+ 1
- 1
rules/forwarding.lua View File

@@ -103,7 +103,7 @@ rspamd_config.FWD_SRS = {
return false
end,
score = 0.0,
description = "Message was forwarded using SRS",
description = "Message was forwarded using Sender Rewriting Scheme (SRS)",
group = "forwarding"
}


+ 13
- 13
rules/headers_checks.lua View File

@@ -60,7 +60,7 @@ rspamd_config:register_symbol{
score = 0.0,
parent = rcvd_cb_id,
type = 'virtual',
description = 'No received',
description = 'Message has no Received headers',
group = 'headers',
}
rspamd_config:register_symbol{
@@ -68,7 +68,7 @@ rspamd_config:register_symbol{
score = 0.0,
parent = rcvd_cb_id,
type = 'virtual',
description = 'One received',
description = 'Message has one Received header',
group = 'headers',
}
rspamd_config:register_symbol{
@@ -76,7 +76,7 @@ rspamd_config:register_symbol{
score = 0.0,
parent = rcvd_cb_id,
type = 'virtual',
description = 'Two received',
description = 'Message has two Received headers',
group = 'headers',
}
rspamd_config:register_symbol{
@@ -84,7 +84,7 @@ rspamd_config:register_symbol{
score = 0.0,
parent = rcvd_cb_id,
type = 'virtual',
description = '3-5 received',
description = 'Message has 3-5 Received headers',
group = 'headers',
}
rspamd_config:register_symbol{
@@ -92,7 +92,7 @@ rspamd_config:register_symbol{
score = 0.0,
parent = rcvd_cb_id,
type = 'virtual',
description = '5-7 received',
description = 'Message has 5-7 Received headers',
group = 'headers',
}
rspamd_config:register_symbol{
@@ -100,7 +100,7 @@ rspamd_config:register_symbol{
score = 0.0,
parent = rcvd_cb_id,
type = 'virtual',
description = '7-11 received',
description = 'Message has 7-11 Received headers',
group = 'headers',
}
rspamd_config:register_symbol{
@@ -108,7 +108,7 @@ rspamd_config:register_symbol{
score = 0.0,
parent = rcvd_cb_id,
type = 'virtual',
description = '12+ received',
description = 'Message has 12 or more Received headers',
group = 'headers',
}

@@ -144,7 +144,7 @@ rspamd_config:register_symbol{
score = 0.0,
parent = prio_cb_id,
type = 'virtual',
description = 'Priority 0',
description = 'Message has X-Priority header set to 0',
group = 'headers',
}
rspamd_config:register_symbol{
@@ -152,7 +152,7 @@ rspamd_config:register_symbol{
score = 0.0,
parent = prio_cb_id,
type = 'virtual',
description = 'Priority 1',
description = 'Message has X-Priority header set to 1',
group = 'headers',
}
rspamd_config:register_symbol{
@@ -160,7 +160,7 @@ rspamd_config:register_symbol{
score = 0.0,
parent = prio_cb_id,
type = 'virtual',
description = 'Priority 2',
description = 'Message has X-Priority header set to 2',
group = 'headers',
}
rspamd_config:register_symbol{
@@ -168,7 +168,7 @@ rspamd_config:register_symbol{
score = 0.0,
parent = prio_cb_id,
type = 'virtual',
description = 'Priority 3-4',
description = 'Message has X-Priority header set to 3 or 4',
group = 'headers',
}
rspamd_config:register_symbol{
@@ -176,7 +176,7 @@ rspamd_config:register_symbol{
score = 0.0,
parent = prio_cb_id,
type = 'virtual',
description = 'Priority 5+',
description = 'Message has X-Priority header set to 5 or higher',
group = 'headers',
}

@@ -682,7 +682,7 @@ local check_from_id = rspamd_config:register_symbol{

rspamd_config:register_symbol{
name = 'FROM_NO_DN',
score = 0,
score = 0.0,
group = 'headers',
parent = check_from_id,
type = 'virtual',

+ 4
- 4
rules/misc.lua View File

@@ -503,7 +503,7 @@ rspamd_config:register_symbol{
name = 'TAGGED_RCPT',
description = 'SMTP recipients have plus tags',
group = 'headers',
score = 0,
score = 0.0,
}
rspamd_config:register_symbol{
type = 'virtual',
@@ -511,7 +511,7 @@ rspamd_config:register_symbol{
name = 'TAGGED_FROM',
description = 'SMTP from has plus tags',
group = 'headers',
score = 0,
score = 0.0,
}

local check_from_display_name = rspamd_config:register_symbol{
@@ -560,7 +560,7 @@ rspamd_config:register_symbol{
name = 'SPOOF_DISPLAY_NAME',
description = 'Display name is being used to spoof and trick the recipient',
group = 'headers',
score = 8,
score = 8.0,
}

rspamd_config:register_symbol{
@@ -569,7 +569,7 @@ rspamd_config:register_symbol{
name = 'FROM_NEQ_DISPLAY_NAME',
group = 'headers',
description = 'Display name contains an email address different to the From address',
score = 4,
score = 4.0,
}

rspamd_config.SPOOF_REPLYTO = {

+ 5
- 5
rules/regexp/upstream_spam_filters.lua View File

@@ -28,21 +28,21 @@ reconf['PRECEDENCE_BULK'] = {
reconf['MICROSOFT_SPAM'] = {
-- https://technet.microsoft.com/en-us/library/dn205071(v=exchg.150).aspx
re = 'X-Forefront-Antispam-Report=/SFV:SPM/H',
score = 4,
score = 4.0,
description = "Microsoft says the message is spam",
group = 'upstream_spam_filters'
}

reconf['AOL_SPAM'] = {
re = 'X-AOL-Global-Disposition=/^S/H',
score = 5,
score = 5.0,
description = "AOL says this message is spam",
group = 'upstream_spam_filters'
}

reconf['KLMS_SPAM'] = {
re = 'X-KLMS-AntiSpam-Status=/^spam/H',
score = 5,
score = 5.0,
description = "Kaspersky Security for Mail Server says this message is spam",
group = 'upstream_spam_filters'
}
@@ -52,14 +52,14 @@ reconf['SPAM_FLAG'] = {
'X-Spam-Flag=/^(?:yes|true)/Hi',
'X-Spam=/^(?:yes|true)/Hi',
'X-Spam-Status=/^(?:yes|true)/Hi'),
score = 5,
score = 5.0,
description = "Message was already marked as spam",
group = 'upstream_spam_filters'
}

reconf['UNITEDINTERNET_SPAM'] = {
re = 'X-UI-Out-Filterresults=/^junk:/H',
score = 5,
score = 5.0,
description = "United Internet says this message is spam",
group = 'upstream_spam_filters'
}

Loading…
Cancel
Save