* [Enhancement] Add composite rule for suspicious URLs in suspicious messages
* [Fix] Another try to fix setproctitle
* [Fix] Do not cleanup hyperscan files unless new ones are loaded
* [Fix] Fix various issues with canonicalisation of the paths
* [Fix] Properly set config field when creating tasks from Lua
* [Fix] Set loaded variable explicitly
* [Fix] known_senders: fix config handling
* [Fix] rbl: fix `exclude_local`
* [Minor] Add missing <algorithm> include for gcc 14
* [Minor] Add rule for messages missing both X-Mailer and User-Agent header
* [Minor] Bundle fasttext as linux distributives are just useless
* [Minor] Enable fasttext on RPM based linux
* [Minor] Forgot it in one more place
* [Minor] Improve FREEMAIL_AFF capture rates
* [Minor] Limit fasttext to amd64 only
* [Minor] Properly search for fasttext include
* [Minor] Treat *.zpaq attachments as archives and harmful
* [Minor] Update to 3.7.4
* [Minor] force_actions: set a group for symbols
* [WebUI] Update map editor
[Minor] Add missing <algorithm> include for gcc 14
This commit addresses a compilation issue when using GCC 14. According
to GCC 14's porting guide [1], some C++ Standard Library headers no
longer include other headers they used to use internally. Specifically,
<algorithm> must now be explicitly included.
[1] https://gcc.gnu.org/gcc-14/porting_to.html
See-also: https://bugs.gentoo.org/916438
Signed-off-by: Petr Vaněk <arkamar@atlas.cz>
- app: Executable Application, blocked in Outlook by default
- aspx: Active Server Page Extended, blocked in Outlook by default
- dll: Dynamic-link Library
- dqy: Microsoft Query File, blocking recommended in MS365
- iqy: ditto
- mht: MHTML File, often abused for phishing and exploit attempts
- mhtml: ditto
- oqy: Microsoft Query File, blocking recommended in MS365
- rqy: ditto
- slk: Microsoft Symbolic Link
- wim: Windows Imaging Format
[Minor] Incorporate additional bad attachments from Microsoft
These are as follows:
- htc: HTML Component File
- pyc: Compiled Python Script
- pyo: Optimized Compiled Python Module
- pyw: Python Script To Be Executed With Suppressed Terminal Window
- pyz: Python Zip Application
- pyzw: Python Zip Application
- vhd: Virtual Hard Disk
- vhdx: Virtual Hard Disk Extended
- wsf: Windows Script File
Note that the Python file types remain unscored in archives, so
distribution of these in source tarballs and the like is not affected by
this commit.
Source: https://support.microsoft.com/en-us/office/blocked-attachments-in-outlook-434752e1-02d3-4e90-9124-8b81e49a8519?ui=en-us&rs=en-us&ad=us
[Minor] Refer to third parties for attachment handling whenever possible
This avoids confusion and enqueries to the rspamd project, if it is made
clear that the decision to score certain attachments high has been
incorporated from a well-known third party, such as Google's or
Microsoft's attachment handling policy.