Vsevolod Stakhov
923a70bbce
Revert "[Fix] Fix history key, as we use `{=` and not `{{` in templates"
4 kuukautta sitten
Vsevolod Stakhov
50e9652789
[Fix] Fix history key, as we use `{=` and not `{{` in templates
4 kuukautta sitten
Andrew Lewis
a5c8054115
[Minor] Add more returnbits to surbl configuration
5 kuukautta sitten
Vsevolod Stakhov
5faefe0c6c
[Feature] Allow to add templates to redis history prefix
Issue: #4793
Closes: #4793
5 kuukautta sitten
Andrew Lewis
d06fc3bea3
[Feature] rbl: support disabling or replacing url_whitelist per RBL
6 kuukautta sitten
twesterhever
fc13524169
[Minor] Improve FREEMAIL_AFF capture rates
7 kuukautta sitten
twesterhever
8f6fced6f0
[Enhancement] Add composite rule for suspicious URLs in suspicious messages
7 kuukautta sitten
Vsevolod Stakhov
a230d606e7
[Conf] Add note
Issue: #4677
8 kuukautta sitten
Andrew Lewis
15e3f277fa
[Minor] Reiterate on the previous changes
- Demote message to info level
- Name it returncodes_matcher for better specificity
8 kuukautta sitten
Andrew Lewis
fea6bf4c35
[Minor] rbl: support use of different matchers for return codes
8 kuukautta sitten
Andrew Lewis
9ac6d71006
[Minor] RSPAMD_SHAREDIR is called SHAREDIR in configuration
8 kuukautta sitten
Andrew Lewis
c17ffcd4e5
[Rules] Blank spam detection
8 kuukautta sitten
Marc Dierksen
5f5a126a4e
[Fix] Prevent DNSWL sabotage
When exceeding the query limit for DNSWL it can happen that instead
of the returncode 127.0.0.255, that according to documentation
(https://www.dnswl.org/?page_id=15 ) indicates a block, the
returncode 127.0.10.3 is returned for all queries.
According to documentation (https://www.dnswl.org/?page_id=15 ) the
127.0.10.3 returncode indicates the highest level of trustworthiness
that should never be blocked and a category of 'some special cases'.
As it turns out that documentation is a lie and that 127.0.10.3
returncode is used by DNSWL to intentionally sabotage email security
by marking all sending servers as highly trustworthy
(https://www.dnswl.org/?p=120 ).
8 kuukautta sitten
Andrew Lewis
19d2adf388
[Minor] Move configuration to proper location
9 kuukautta sitten
Andrew Lewis
e5318e1729
[Minor] Fix copypasta (#4469)
9 kuukautta sitten
Vsevolod Stakhov
c6bec0f8df
[Conf] Add new plugin default configuration
9 kuukautta sitten
laodc
75fdc829ba
Added support for Redis 6 ACL (username/password)
10 kuukautta sitten
Dmitriy Alekseev
7d0d4e7bee
Update phishing_group.conf
10 kuukautta sitten
Dmitriy Alekseev
12f3489633
Update phishing.conf
10 kuukautta sitten
twesterhever
c3b48ef388
[Minor] Align scores of Spamhaus DBL, SURBL, URIBL DNSBL symbols
Given that they have about the same false positive rate, it makes sense
to treat them equal in terms of scoring:
- Particular threats (phishing, malware) are scored a bit higher than
mere spam domain listings
- "Abused legitimate" listings are scored lower for some DNSBLs already,
this has now been aligned.
- For SURBL, cracked and abused sites are treated with the same score.
11 kuukautta sitten
twesterhever
c83818fd38
[Minor] Increase score of URIBL_XBL
This aids with detecting FQDNs hosted on hacked machines, such as used
in Fast Flux-style botnet spam.
11 kuukautta sitten
twesterhever
e0d9991191
[Minor] Reduce score of URIBL_SBL_CSS
Given that CSS is an automated component of SBL, this should not receive
the same scoring as manually conducted SBL listings. Particularly for
shared hosting environments, CSS hits on IP addresses derived from FQDNs
sometimes were found to be scored a bit too high.
11 kuukautta sitten
twesterhever
9bd38a3f44
[Minor] Improve catch rates of FREEMAIL_AFF
11 kuukautta sitten
Dmitriy Alekseev
0729c58cb0
Add composites exclusions for known Apple Mail bad symbols
11 kuukautta sitten
twesterhever
31424ff57e
[Minor] Fix RCVD_UNAUTH_PBL
1 vuosi sitten
twesterhever
36e5821213
[Rules] Add thread hijacking composite rule
1 vuosi sitten
twesterhever
6a9bb3606b
[Minor] Improve HACKED_WP_PHISHING coverage
1 vuosi sitten
twesterhever
18a8b22cc3
[Minor] Fix quirk in CRACKED_SURBL rule description
1 vuosi sitten
twesterhever
68d9f76dc1
[Minor] Improve various rule descriptions
1 vuosi sitten
twesterhever
1e9c019581
[Enhancement] Add composite rule for messages only containing a redirector URL
1 vuosi sitten
Vsevolod Stakhov
9c6373baf6
[Conf] Remove outdated composite rules
1 vuosi sitten
Vsevolod Stakhov
e92b112a8a
[Feature] Allow to use other methods when fasttext detection is enabled
1 vuosi sitten
Vsevolod Stakhov
915885232b
[Conf] Add missing attributes for the language detection configuration
1 vuosi sitten
Vsevolod Stakhov
fea5bdc797
[Conf] Add language detection configuration
1 vuosi sitten
Vsevolod Stakhov
0a0e3f35c8
[Conf] Add `one_shot` to some specific multimap rules
1 vuosi sitten
Vsevolod Stakhov
a8a58053e0
[Feature] Add extra symbol when URL redirector reaches nested limit
Issue: #4406
1 vuosi sitten
Mehmet Tolga Avcioglu
c133f24197
fix incorrect asn references in bimi.conf
1 vuosi sitten
twesterhever
00896ca733
[Minor] Replace "Spamhaus XBL any" hack with a more clear solution
1 vuosi sitten
twesterhever
ded1b937d0
[Minor] Sort maps.d contents for better readability
1 vuosi sitten
twesterhever
b605f37d65
[Minor] Improve readability of composites rule configuration
1 vuosi sitten
twesterhever
fbe0e146a5
[Minor] Add newline at EOF where missing
1 vuosi sitten
twesterhever
7d63c8b3cb
[Minor] Improve readability of RBL module configuration file
1 vuosi sitten
twesterhever
aba2b987b7
[Minor] Remove orphaned SARBL directives
1 vuosi sitten
twesterhever
a651be3ffb
[Minor] Unify configuration file structure
1 vuosi sitten
twesterhever
6c96b48c23
[Minor] Improve content rule descriptions
1 vuosi sitten
twesterhever
0ea54f8305
[Minor] Improve readability of policies group configuration file
1 vuosi sitten
twesterhever
e7b3a62fa1
[Minor] Add project URL for MSBL
1 vuosi sitten
twesterhever
8d67630f2a
[Minor] Add "blocked" tag to DBL_BLOCKED_OPENRESOLVER and DBL_BLOCKED
1 vuosi sitten
twesterhever
595ddb96d0
[Minor] Improve SURBL rule descriptions
1 vuosi sitten
twesterhever
425d65d7e0
[Minor] Improve readability of RBL/SURBL configuration files
1 vuosi sitten