Andrew Lewis
d06fc3bea3
[Feature] rbl: support disabling or replacing url_whitelist per RBL
6 månader sedan
twesterhever
fc13524169
[Minor] Improve FREEMAIL_AFF capture rates
7 månader sedan
twesterhever
8f6fced6f0
[Enhancement] Add composite rule for suspicious URLs in suspicious messages
7 månader sedan
Vsevolod Stakhov
a230d606e7
[Conf] Add note
Issue: #4677
7 månader sedan
Andrew Lewis
15e3f277fa
[Minor] Reiterate on the previous changes
- Demote message to info level
- Name it returncodes_matcher for better specificity
8 månader sedan
Andrew Lewis
fea6bf4c35
[Minor] rbl: support use of different matchers for return codes
8 månader sedan
Andrew Lewis
9ac6d71006
[Minor] RSPAMD_SHAREDIR is called SHAREDIR in configuration
8 månader sedan
Andrew Lewis
c17ffcd4e5
[Rules] Blank spam detection
8 månader sedan
Marc Dierksen
5f5a126a4e
[Fix] Prevent DNSWL sabotage
When exceeding the query limit for DNSWL it can happen that instead
of the returncode 127.0.0.255, that according to documentation
(https://www.dnswl.org/?page_id=15 ) indicates a block, the
returncode 127.0.10.3 is returned for all queries.
According to documentation (https://www.dnswl.org/?page_id=15 ) the
127.0.10.3 returncode indicates the highest level of trustworthiness
that should never be blocked and a category of 'some special cases'.
As it turns out that documentation is a lie and that 127.0.10.3
returncode is used by DNSWL to intentionally sabotage email security
by marking all sending servers as highly trustworthy
(https://www.dnswl.org/?p=120 ).
8 månader sedan
Andrew Lewis
19d2adf388
[Minor] Move configuration to proper location
8 månader sedan
Andrew Lewis
e5318e1729
[Minor] Fix copypasta (#4469)
8 månader sedan
Vsevolod Stakhov
c6bec0f8df
[Conf] Add new plugin default configuration
9 månader sedan
laodc
75fdc829ba
Added support for Redis 6 ACL (username/password)
10 månader sedan
Dmitriy Alekseev
7d0d4e7bee
Update phishing_group.conf
10 månader sedan
Dmitriy Alekseev
12f3489633
Update phishing.conf
10 månader sedan
twesterhever
c3b48ef388
[Minor] Align scores of Spamhaus DBL, SURBL, URIBL DNSBL symbols
Given that they have about the same false positive rate, it makes sense
to treat them equal in terms of scoring:
- Particular threats (phishing, malware) are scored a bit higher than
mere spam domain listings
- "Abused legitimate" listings are scored lower for some DNSBLs already,
this has now been aligned.
- For SURBL, cracked and abused sites are treated with the same score.
10 månader sedan
twesterhever
c83818fd38
[Minor] Increase score of URIBL_XBL
This aids with detecting FQDNs hosted on hacked machines, such as used
in Fast Flux-style botnet spam.
10 månader sedan
twesterhever
e0d9991191
[Minor] Reduce score of URIBL_SBL_CSS
Given that CSS is an automated component of SBL, this should not receive
the same scoring as manually conducted SBL listings. Particularly for
shared hosting environments, CSS hits on IP addresses derived from FQDNs
sometimes were found to be scored a bit too high.
10 månader sedan
twesterhever
9bd38a3f44
[Minor] Improve catch rates of FREEMAIL_AFF
10 månader sedan
Dmitriy Alekseev
0729c58cb0
Add composites exclusions for known Apple Mail bad symbols
11 månader sedan
twesterhever
31424ff57e
[Minor] Fix RCVD_UNAUTH_PBL
1 år sedan
twesterhever
36e5821213
[Rules] Add thread hijacking composite rule
1 år sedan
twesterhever
6a9bb3606b
[Minor] Improve HACKED_WP_PHISHING coverage
1 år sedan
twesterhever
18a8b22cc3
[Minor] Fix quirk in CRACKED_SURBL rule description
1 år sedan
twesterhever
68d9f76dc1
[Minor] Improve various rule descriptions
1 år sedan
twesterhever
1e9c019581
[Enhancement] Add composite rule for messages only containing a redirector URL
1 år sedan
Vsevolod Stakhov
9c6373baf6
[Conf] Remove outdated composite rules
1 år sedan
Vsevolod Stakhov
e92b112a8a
[Feature] Allow to use other methods when fasttext detection is enabled
1 år sedan
Vsevolod Stakhov
915885232b
[Conf] Add missing attributes for the language detection configuration
1 år sedan
Vsevolod Stakhov
fea5bdc797
[Conf] Add language detection configuration
1 år sedan
Vsevolod Stakhov
0a0e3f35c8
[Conf] Add `one_shot` to some specific multimap rules
1 år sedan
Vsevolod Stakhov
a8a58053e0
[Feature] Add extra symbol when URL redirector reaches nested limit
Issue: #4406
1 år sedan
Mehmet Tolga Avcioglu
c133f24197
fix incorrect asn references in bimi.conf
1 år sedan
twesterhever
00896ca733
[Minor] Replace "Spamhaus XBL any" hack with a more clear solution
1 år sedan
twesterhever
ded1b937d0
[Minor] Sort maps.d contents for better readability
1 år sedan
twesterhever
b605f37d65
[Minor] Improve readability of composites rule configuration
1 år sedan
twesterhever
fbe0e146a5
[Minor] Add newline at EOF where missing
1 år sedan
twesterhever
7d63c8b3cb
[Minor] Improve readability of RBL module configuration file
1 år sedan
twesterhever
aba2b987b7
[Minor] Remove orphaned SARBL directives
1 år sedan
twesterhever
a651be3ffb
[Minor] Unify configuration file structure
1 år sedan
twesterhever
6c96b48c23
[Minor] Improve content rule descriptions
1 år sedan
twesterhever
0ea54f8305
[Minor] Improve readability of policies group configuration file
1 år sedan
twesterhever
e7b3a62fa1
[Minor] Add project URL for MSBL
1 år sedan
twesterhever
8d67630f2a
[Minor] Add "blocked" tag to DBL_BLOCKED_OPENRESOLVER and DBL_BLOCKED
1 år sedan
twesterhever
595ddb96d0
[Minor] Improve SURBL rule descriptions
1 år sedan
twesterhever
425d65d7e0
[Minor] Improve readability of RBL/SURBL configuration files
1 år sedan
twesterhever
f864054128
[Minor] Add "blocked" tag to *_SPAMHAUS_BLOCKED_OPENRESOLVER and *_SPAMHAUS_BLOCKED
1 år sedan
twesterhever
bd2c9d0038
[Minor] Improve RBL rule descriptions
1 år sedan
twesterhever
d5a756930d
[Minor] Update NiX spam project URL
1 år sedan
Jan Smutny
2d3b612174
conf/modules.d/arc.conf: fix parameter name
rename symbol_sign -> sign_symbol
1 år sedan