rspamd

Commit Graph

Author	SHA1	Message	Date
twesterhever	a41c12a4e3	[Minor] Constrain Content-Description regexp	1 week ago
twesterhever	eed763a7cf	[Minor] Remove superflous "string.format()"	1 week ago
twesterhever	ce23345c5d	[Enhancement] Catch "Mail message body" Content-Description This header frequently surfaces in spam, mostly advance fee fraud.	1 week ago
twesterhever	3e1c8da3e9	[Minor] Add rule for presence of Content-Description header	1 week ago
Dmitriy Alekseev	db03a55444	Fix error in headers_checks.lua	2 weeks ago
twesterhever	65c8a66198	[Minor] Add rule for localhost HELOs in Received headers	1 month ago
twesterhever	434f9f79e2	[Enhancement] Add more symbols for Reply-To header characteristics	1 month ago
twesterhever	c599cb599e	[Minor] Add HAS_FILE_URL rule for messages containing a file:// URL These are frequently abused for distributing malware via non-HTTP protocols, such as public Samba servers. file:// URLs may also be abused for including files from the victims' machine in a message. Either way, a legitimate usecase is unlikely. Signed-off-by: twesterhever <40121680+twesterhever@users.noreply.github.com>	2 months ago
twesterhever	608a080d11	[Minor] Add rule for messages missing both X-Mailer and User-Agent header	6 months ago
Andrew Lewis	c17ffcd4e5	[Rules] Blank spam detection	6 months ago
Andrew Lewis	f66bd5ac03	[Fix] MISSING_MIMEOLE: avoid matching messages from Android GMail app (#4561)	7 months ago
Vsevolod Stakhov	662145d055	[Minor] Reformat all Lua code, no functional changes	9 months ago
twesterhever	d47473f553	[Minor] Tweak HAS_GOOGLE_REDIR to detect Google AMP URLs as well Rationale: https://cofense.com/blog/google-amp-the-newest-of-evasive-phishing-tactic/	9 months ago
Dmitriy Alekseev	876a834378	Adjust apple_x_mailer regex	10 months ago
Dmitriy Alekseev	7bed05f8f6	[Minor] A bit better apple_x_mailer regex	10 months ago
Dmitriy Alekseev	7ff31bdb95	Optimize apple_ios_x_mailer regex	10 months ago
Dmitriy Alekseev	a0d7e03366	Support regex rules to detect Apple Mail	10 months ago
twesterhever	472537fc83	[Minor] Remove superfluous '\|' in regular expression	10 months ago
twesterhever	be4c99d32e	[Minor] Simplify regular expression for HAS_GOOGLE_REDIR https://github.com/rspamd/rspamd/pull/4497#issuecomment-1586265815	10 months ago
Vsevolod Stakhov	5ae23df139	Apply suggestions from code review	11 months ago
twesterhever	bc833035ff	[Minor] Fix description of MIME_HTML_ONLY Thanks, @moisseev!	11 months ago
twesterhever	68d9f76dc1	[Minor] Improve various rule descriptions	11 months ago
twesterhever	2fb6b9a2aa	[Enhancement] Improve detection of Google redirection URLs The list is derived from Firefox' static HPKP entires, retrieved from: https://searchfox.org/mozilla-central/source/security/manager/ssl/StaticHPKPins.h	11 months ago
twesterhever	433dc0e2d7	[Minor] Move HAS_ONION_URI from "experimental" to "url" group	11 months ago
twesterhever	ba414d6c0b	[Enhancement] Make Google Firebase rule productive	11 months ago
Vsevolod Stakhov	cac6696192	[Feature] Add controller endpoint to get fuzzy hashes from messages Sample usage: ``` curl -XPOST 'http://localhost:11334/plugins/fuzzy/hashes?flag=1' --data-binary '@-' < file ``` Sample output: ```json { "hashes": { "local": [ "24b6e7de2f489778d828c827079c48bacb086f816d0a7acabbe42e8d0da703b89b913176ad67eefaf5b54fa59f5e0ecfc7015846c4043fcfb0c7a4ed7a235025", "72789777cbec926f4143de4c08c87acc3fbf3b909b5c39f1edcf82ed12e2d8bc2f56be8d68ee681feccf44ca04e3eca5b8ec039cb84a0d40e22258c370a10cbb" ], "rspamd.com": [ "24b6e7de2f489778d828c827079c48bacb086f816d0a7acabbe42e8d0da703b89b913176ad67eefaf5b54fa59f5e0ecfc7015846c4043fcfb0c7a4ed7a235025", "72789777cbec926f4143de4c08c87acc3fbf3b909b5c39f1edcf82ed12e2d8bc2f56be8d68ee681feccf44ca04e3eca5b8ec039cb84a0d40e22258c370a10cbb" ], }, "success": true } ``` Issue: #4489	11 months ago
Anton Yuzhaninov	84b0676210	[Minor] Account for one more undisclosed-recipients address variant	1 year ago
georglauterbach	c18f0561bf	add Betterbird to `user_agent_thunderbird` See https://github.com/Betterbird/thunderbird-patches/issues/125 for reference. This way, Rspamd will not add `FORGED_MUA_MOZILLA_MAIL_MSGID_UNKNOWN` to mails sent perfectly find with Betterbird. Betterbird (<https://www.betterbird.eu/>) is an adjusted version of Thunderbird, fixing many bugs and adding long-wanted features. It is a common and well-known alternative to Thunderbird, so I think the addition is justified.	1 year ago
twesterhever	08ce184740	[Enhancement] Add rule to detect Google Firebase URLs	1 year ago
twesterhever	fd6ebc9f80	[Enhancement] Make Google URL redirection rules productive	1 year ago
twesterhever	e39879962f	[Minor] Fix some whitespace issues	1 year ago
dpetrov67	4028247ac6	Fix pcall() argument in rspamd.lua	1 year ago
Kako, Chang	6d5db1e04e	[Fix] received: filtering of artificial header	1 year ago
Vsevolod Stakhov	038ed3f012	[Rules] Mid: Add MID_END_EQ_FROM_USER_PART rule Issue: #4299	1 year ago
twesterhever	2a9abee4cb	[Minor] Regexp is case-insensitive, omit redundant characters	1 year ago
twesterhever	b1781565e2	[Minor] Fix rule comment	1 year ago
twesterhever	1f78100963	[Minor] Limit CIDv1 detection to 128 bytes As requested by @vstakhov in https://github.com/rspamd/rspamd/pull/4310#pullrequestreview-1148226107, try to limit the performance impact of this regular expression. However, given that there does not seem to be a hard limit for CIDv1s in IPFS itself, using an hashing algorithm with large output my permit miscreants to get around this rule.	1 year ago
twesterhever	ac6d1a6566	[Minor] Implement multibase prefixes for IPFS gateway URL rule	1 year ago
twesterhever	9ac1a75132	[Minor] Clarify that IPFS gateway URLs are likely considered malicious	1 year ago
Vsevolod Stakhov	4ae8a27cb1	[Minor] Use unicode property for currency detection Issue: #4320	1 year ago
Vsevolod Stakhov	1803e71558	[Rules] Reduce score of HTTP_TO_HTTPS - subject to remove completely	1 year ago
twesterhever	39aeb394c8	[Enhancement] Add IPFS URL heuristic	1 year ago
Vsevolod Stakhov	05fd471df5	[Rework] Reiterate on priorities	1 year ago
Vsevolod Stakhov	79417a5f81	[Minor] Update more copyright years/email	2 years ago
Vsevolod Stakhov	2fa0e126c7	[Minor] Update my email and the copyright year	2 years ago
Vsevolod Stakhov	968d318a0c	[Rules] Slightly reduce MULTIPLE_FROM score	2 years ago
Josh Soref	2b8e6958f4	Spelling (#4086) [Rework] Massive spelling fix from @jsoref	2 years ago
Vsevolod Stakhov	e834cdb26d	[Minor] Oops, fix foldl call	2 years ago
Vsevolod Stakhov	c6f7b897d4	[Minor] Fix some issues in URI_COUNT_ODD rule Issue: #4037	2 years ago
Vsevolod Stakhov	c23d728d75	[Minor] Fix rule	2 years ago

1 2 3 4 5 ...

477 Commits (master)