twesterhever
608a080d11
[Minor] Add rule for messages missing both X-Mailer and User-Agent header
7 个月前
Andrew Lewis
c17ffcd4e5
[Rules] Blank spam detection
8 个月前
Andrew Lewis
f66bd5ac03
[Fix] MISSING_MIMEOLE: avoid matching messages from Android GMail app (#4561)
9 个月前
Vsevolod Stakhov
662145d055
[Minor] Reformat all Lua code, no functional changes
10 个月前
twesterhever
d47473f553
[Minor] Tweak HAS_GOOGLE_REDIR to detect Google AMP URLs as well
Rationale: https://cofense.com/blog/google-amp-the-newest-of-evasive-phishing-tactic/
10 个月前
Dmitriy Alekseev
876a834378
Adjust apple_x_mailer regex
11 个月前
Dmitriy Alekseev
7bed05f8f6
[Minor] A bit better apple_x_mailer regex
11 个月前
Dmitriy Alekseev
7ff31bdb95
Optimize apple_ios_x_mailer regex
11 个月前
Dmitriy Alekseev
a0d7e03366
Support regex rules to detect Apple Mail
11 个月前
twesterhever
472537fc83
[Minor] Remove superfluous '|' in regular expression
1年前
twesterhever
be4c99d32e
[Minor] Simplify regular expression for HAS_GOOGLE_REDIR
https://github.com/rspamd/rspamd/pull/4497#issuecomment-1586265815
1年前
Vsevolod Stakhov
5ae23df139
Apply suggestions from code review
1年前
twesterhever
bc833035ff
[Minor] Fix description of MIME_HTML_ONLY
Thanks, @moisseev!
1年前
twesterhever
68d9f76dc1
[Minor] Improve various rule descriptions
1年前
twesterhever
2fb6b9a2aa
[Enhancement] Improve detection of Google redirection URLs
The list is derived from Firefox' static HPKP entires, retrieved from:
https://searchfox.org/mozilla-central/source/security/manager/ssl/StaticHPKPins.h
1年前
twesterhever
433dc0e2d7
[Minor] Move HAS_ONION_URI from "experimental" to "url" group
1年前
twesterhever
ba414d6c0b
[Enhancement] Make Google Firebase rule productive
1年前
Vsevolod Stakhov
cac6696192
[Feature] Add controller endpoint to get fuzzy hashes from messages
Sample usage:
```
curl -XPOST 'http://localhost:11334/plugins/fuzzy/hashes?flag=1 ' --data-binary '@-' < file
```
Sample output:
```json
{
"hashes": {
"local": [
"24b6e7de2f489778d828c827079c48bacb086f816d0a7acabbe42e8d0da703b89b913176ad67eefaf5b54fa59f5e0ecfc7015846c4043fcfb0c7a4ed7a235025",
"72789777cbec926f4143de4c08c87acc3fbf3b909b5c39f1edcf82ed12e2d8bc2f56be8d68ee681feccf44ca04e3eca5b8ec039cb84a0d40e22258c370a10cbb"
],
"rspamd.com": [
"24b6e7de2f489778d828c827079c48bacb086f816d0a7acabbe42e8d0da703b89b913176ad67eefaf5b54fa59f5e0ecfc7015846c4043fcfb0c7a4ed7a235025",
"72789777cbec926f4143de4c08c87acc3fbf3b909b5c39f1edcf82ed12e2d8bc2f56be8d68ee681feccf44ca04e3eca5b8ec039cb84a0d40e22258c370a10cbb"
],
},
"success": true
}
```
Issue: #4489
1年前
Anton Yuzhaninov
84b0676210
[Minor] Account for one more undisclosed-recipients address variant
1年前
georglauterbach
c18f0561bf
add Betterbird to `user_agent_thunderbird`
See https://github.com/Betterbird/thunderbird-patches/issues/125 for
reference.
This way, Rspamd will not add `FORGED_MUA_MOZILLA_MAIL_MSGID_UNKNOWN` to
mails sent perfectly find with Betterbird. Betterbird
(<https://www.betterbird.eu/ >) is an adjusted version of Thunderbird,
fixing many bugs and adding long-wanted features. It is a common and
well-known alternative to Thunderbird, so I think the addition is
justified.
1年前
twesterhever
08ce184740
[Enhancement] Add rule to detect Google Firebase URLs
1年前
twesterhever
fd6ebc9f80
[Enhancement] Make Google URL redirection rules productive
1年前
twesterhever
e39879962f
[Minor] Fix some whitespace issues
1年前
dpetrov67
4028247ac6
Fix pcall() argument in rspamd.lua
1年前
Kako, Chang
6d5db1e04e
[Fix] received: filtering of artificial header
1年前
Vsevolod Stakhov
038ed3f012
[Rules] Mid: Add MID_END_EQ_FROM_USER_PART rule
Issue: #4299
1年前
twesterhever
2a9abee4cb
[Minor] Regexp is case-insensitive, omit redundant characters
1年前
twesterhever
b1781565e2
[Minor] Fix rule comment
1年前
twesterhever
1f78100963
[Minor] Limit CIDv1 detection to 128 bytes
As requested by @vstakhov in https://github.com/rspamd/rspamd/pull/4310#pullrequestreview-1148226107 , try to limit the performance impact of this regular expression. However, given that there does not seem to be a hard limit for CIDv1s in IPFS itself, using an hashing algorithm with large output my permit miscreants to get around this rule.
1年前
twesterhever
ac6d1a6566
[Minor] Implement multibase prefixes for IPFS gateway URL rule
1年前
twesterhever
9ac1a75132
[Minor] Clarify that IPFS *gateway* URLs are likely considered malicious
1年前
Vsevolod Stakhov
4ae8a27cb1
[Minor] Use unicode property for currency detection
Issue: #4320
1年前
Vsevolod Stakhov
1803e71558
[Rules] Reduce score of HTTP_TO_HTTPS - subject to remove completely
1年前
twesterhever
39aeb394c8
[Enhancement] Add IPFS URL heuristic
1年前
Vsevolod Stakhov
05fd471df5
[Rework] Reiterate on priorities
1年前
Vsevolod Stakhov
79417a5f81
[Minor] Update more copyright years/email
2 年前
Vsevolod Stakhov
2fa0e126c7
[Minor] Update my email and the copyright year
2 年前
Vsevolod Stakhov
968d318a0c
[Rules] Slightly reduce MULTIPLE_FROM score
2 年前
Josh Soref
2b8e6958f4
Spelling (#4086)
[Rework] Massive spelling fix from @jsoref
2 年前
Vsevolod Stakhov
e834cdb26d
[Minor] Oops, fix foldl call
2 年前
Vsevolod Stakhov
c6f7b897d4
[Minor] Fix some issues in URI_COUNT_ODD rule
Issue: #4037
2 年前
Vsevolod Stakhov
c23d728d75
[Minor] Fix rule
2 年前
Vsevolod Stakhov
c1b3e4821a
[Rules] Remove ancient and inefficient rules
2 年前
Vsevolod Stakhov
13dd78c687
[Rules] Fix old rules to stop global functions usage
2 年前
Andrew Lewis
b7e3440024
[Feature] JSON endpoint for querying maps
2 年前
Anton Yuzhaninov
98b205709f
[Minor] Skip bitcoin address check for very long words
Exclude very long words (which can be extracted e. g. from some text
attachments) from bitcoin address check to avoid excessive resource
usage.
2 年前
Vsevolod Stakhov
d2ca787313
[Rules] Improve zero font rule
2 年前
Sebastian Lipponer
44d83209e2
[Minor] Regexp: Extend upstream spam filter regexp
2 年前
Anton Yuzhaninov
0248bd6615
[Rules] Micro-optimize X_PHP_EVAL
Remove /i flag from regexp string "eval()'d code" is always in
lower case. While here use long string format for readability.
2 年前
Vsevolod Stakhov
dde092ef09
[Minor] Fix checks safety
2 年前