- app: Executable Application, blocked in Outlook by default
- aspx: Active Server Page Extended, blocked in Outlook by default
- dll: Dynamic-link Library
- dqy: Microsoft Query File, blocking recommended in MS365
- iqy: ditto
- mht: MHTML File, often abused for phishing and exploit attempts
- mhtml: ditto
- oqy: Microsoft Query File, blocking recommended in MS365
- rqy: ditto
- slk: Microsoft Symbolic Link
- wim: Windows Imaging Format
[Minor] Incorporate additional bad attachments from Microsoft
These are as follows:
- htc: HTML Component File
- pyc: Compiled Python Script
- pyo: Optimized Compiled Python Module
- pyw: Python Script To Be Executed With Suppressed Terminal Window
- pyz: Python Zip Application
- pyzw: Python Zip Application
- vhd: Virtual Hard Disk
- vhdx: Virtual Hard Disk Extended
- wsf: Windows Script File
Note that the Python file types remain unscored in archives, so
distribution of these in source tarballs and the like is not affected by
this commit.
Source: https://support.microsoft.com/en-us/office/blocked-attachments-in-outlook-434752e1-02d3-4e90-9124-8b81e49a8519?ui=en-us&rs=en-us&ad=us
[Minor] Refer to third parties for attachment handling whenever possible
This avoids confusion and enqueries to the rspamd project, if it is made
clear that the decision to score certain attachments high has been
incorporated from a well-known third party, such as Google's or
Microsoft's attachment handling policy.
When from.name is Nil its still show up, with != "" not
Then you get
From: via user <user@domain.tld>
Instead of
From: otheruser via user <user@domain.tld>
Debug:
2023-10-12 12:08:15 #725504(normal) <0b948d>; dmarc; dmarc.lua:191: munging debug: {[user] = user, [domain] = domain.tld, [flags] = {[valid] = true}, [name] = , [raw] = user@domain.tld, [addr] = user@domain.tld}
* [CritFix] Fix leak in `gzip` function
* [Feature] Add ICAP Content-Type and Filename
* [Feature] Add `logging`->`task_max_elts` option
* [Feature] Add utility to split string like stuff for C++ code
* [Feature] Allow to set HTTP auth parameters for the maps
* [Feature] Check for plugin configuration errors on `configtest`
* [Feature] `known_senders` plugin
* [Feature] Use backward-cpp instead of manual libunwind stuff
* [Feature] rbl: support checking numeric URLs in isolation
* [Fix] CMakeLists.txt remove whitespace added by linter as it makes tests fail
* [Fix] Change Date: header location to conform with RFC
* [Fix] Correct format pattern for RE tree tempfile name
* [Fix] Correct format string for unw_word_t
* [Fix] Do not accept invalid ucl object types
* [Fix] Do not pollute public headers with libev internals
* [Fix] Do not set output type if list application failed
* [Fix] Fix `url:set_redirected` method
* [Fix] Fix format string and some length issues
* [Fix] Fix grammar definition for content-disposition attributes
* [Fix] Fix lua schema enrichment logic for Redis params
* [Fix] Fix lua stack corruption when logging large tables
* [Fix] Fix merge table utility
* [Fix] Fix output of non-RSA DKIM keys
* [Fix] Fix some corner cases of single-host urls parsing
* [Fix] Fix various issues in the `url_redirector` plugin
* [Fix] MISSING_MIMEOLE: avoid matching messages from Android GMail app (#4561)
* [Fix] Prevent DNSWL sabotage
* [Fix] Try to fix unzip function
* [Fix] rbl: really fix dependency registration when symbols_prefixes is used
* [Fix] rspamadm mime: arguments beginning with letter `t`
* [Rework] Breaking: return back to semver
* [Rework] Move rcl logic to C++
Vsevolod Stakhov
Andrew Lewis
twesterhever
moisseev
dzjaivnt
Duncan Bellamy