Andrew Lewis
15e3f277fa
[Minor] Reiterate on the previous changes
- Demote message to info level
- Name it returncodes_matcher for better specificity
7 months ago
Andrew Lewis
fea6bf4c35
[Minor] rbl: support use of different matchers for return codes
7 months ago
Andrew Lewis
9ac6d71006
[Minor] RSPAMD_SHAREDIR is called SHAREDIR in configuration
7 months ago
Andrew Lewis
c17ffcd4e5
[Rules] Blank spam detection
8 months ago
Marc Dierksen
5f5a126a4e
[Fix] Prevent DNSWL sabotage
When exceeding the query limit for DNSWL it can happen that instead
of the returncode 127.0.0.255, that according to documentation
(https://www.dnswl.org/?page_id=15 ) indicates a block, the
returncode 127.0.10.3 is returned for all queries.
According to documentation (https://www.dnswl.org/?page_id=15 ) the
127.0.10.3 returncode indicates the highest level of trustworthiness
that should never be blocked and a category of 'some special cases'.
As it turns out that documentation is a lie and that 127.0.10.3
returncode is used by DNSWL to intentionally sabotage email security
by marking all sending servers as highly trustworthy
(https://www.dnswl.org/?p=120 ).
8 months ago
Andrew Lewis
19d2adf388
[Minor] Move configuration to proper location
8 months ago
Andrew Lewis
e5318e1729
[Minor] Fix copypasta (#4469)
8 months ago
Vsevolod Stakhov
c6bec0f8df
[Conf] Add new plugin default configuration
8 months ago
laodc
75fdc829ba
Added support for Redis 6 ACL (username/password)
9 months ago
Dmitriy Alekseev
7d0d4e7bee
Update phishing_group.conf
9 months ago
Dmitriy Alekseev
12f3489633
Update phishing.conf
9 months ago
twesterhever
c3b48ef388
[Minor] Align scores of Spamhaus DBL, SURBL, URIBL DNSBL symbols
Given that they have about the same false positive rate, it makes sense
to treat them equal in terms of scoring:
- Particular threats (phishing, malware) are scored a bit higher than
mere spam domain listings
- "Abused legitimate" listings are scored lower for some DNSBLs already,
this has now been aligned.
- For SURBL, cracked and abused sites are treated with the same score.
10 months ago
twesterhever
c83818fd38
[Minor] Increase score of URIBL_XBL
This aids with detecting FQDNs hosted on hacked machines, such as used
in Fast Flux-style botnet spam.
10 months ago
twesterhever
e0d9991191
[Minor] Reduce score of URIBL_SBL_CSS
Given that CSS is an automated component of SBL, this should not receive
the same scoring as manually conducted SBL listings. Particularly for
shared hosting environments, CSS hits on IP addresses derived from FQDNs
sometimes were found to be scored a bit too high.
10 months ago
twesterhever
9bd38a3f44
[Minor] Improve catch rates of FREEMAIL_AFF
10 months ago
Dmitriy Alekseev
0729c58cb0
Add composites exclusions for known Apple Mail bad symbols
11 months ago
twesterhever
31424ff57e
[Minor] Fix RCVD_UNAUTH_PBL
1 year ago
twesterhever
36e5821213
[Rules] Add thread hijacking composite rule
1 year ago
twesterhever
6a9bb3606b
[Minor] Improve HACKED_WP_PHISHING coverage
1 year ago
twesterhever
18a8b22cc3
[Minor] Fix quirk in CRACKED_SURBL rule description
1 year ago
twesterhever
68d9f76dc1
[Minor] Improve various rule descriptions
1 year ago
twesterhever
1e9c019581
[Enhancement] Add composite rule for messages only containing a redirector URL
1 year ago
Vsevolod Stakhov
9c6373baf6
[Conf] Remove outdated composite rules
1 year ago
Vsevolod Stakhov
e92b112a8a
[Feature] Allow to use other methods when fasttext detection is enabled
1 year ago
Vsevolod Stakhov
915885232b
[Conf] Add missing attributes for the language detection configuration
1 year ago
Vsevolod Stakhov
fea5bdc797
[Conf] Add language detection configuration
1 year ago
Vsevolod Stakhov
0a0e3f35c8
[Conf] Add `one_shot` to some specific multimap rules
1 year ago
Vsevolod Stakhov
a8a58053e0
[Feature] Add extra symbol when URL redirector reaches nested limit
Issue: #4406
1 year ago
Mehmet Tolga Avcioglu
c133f24197
fix incorrect asn references in bimi.conf
1 year ago
twesterhever
00896ca733
[Minor] Replace "Spamhaus XBL any" hack with a more clear solution
1 year ago
twesterhever
ded1b937d0
[Minor] Sort maps.d contents for better readability
1 year ago
twesterhever
b605f37d65
[Minor] Improve readability of composites rule configuration
1 year ago
twesterhever
fbe0e146a5
[Minor] Add newline at EOF where missing
1 year ago
twesterhever
7d63c8b3cb
[Minor] Improve readability of RBL module configuration file
1 year ago
twesterhever
aba2b987b7
[Minor] Remove orphaned SARBL directives
1 year ago
twesterhever
a651be3ffb
[Minor] Unify configuration file structure
1 year ago
twesterhever
6c96b48c23
[Minor] Improve content rule descriptions
1 year ago
twesterhever
0ea54f8305
[Minor] Improve readability of policies group configuration file
1 year ago
twesterhever
e7b3a62fa1
[Minor] Add project URL for MSBL
1 year ago
twesterhever
8d67630f2a
[Minor] Add "blocked" tag to DBL_BLOCKED_OPENRESOLVER and DBL_BLOCKED
1 year ago
twesterhever
595ddb96d0
[Minor] Improve SURBL rule descriptions
1 year ago
twesterhever
425d65d7e0
[Minor] Improve readability of RBL/SURBL configuration files
1 year ago
twesterhever
f864054128
[Minor] Add "blocked" tag to *_SPAMHAUS_BLOCKED_OPENRESOLVER and *_SPAMHAUS_BLOCKED
1 year ago
twesterhever
bd2c9d0038
[Minor] Improve RBL rule descriptions
1 year ago
twesterhever
d5a756930d
[Minor] Update NiX spam project URL
1 year ago
Jan Smutny
2d3b612174
conf/modules.d/arc.conf: fix parameter name
rename symbol_sign -> sign_symbol
1 year ago
Vsevolod Stakhov
326d5b37a3
[Conf] Fix hashbl
1 year ago
Vsevolod Stakhov
86c71a6574
[Conf] RBL: Fix selector
1 year ago
Vsevolod Stakhov
69bfba73da
[Conf] Preliminary try to add SURBL hashbl support (WIP)
1 year ago
Vsevolod Stakhov
a2392d50ef
[Conf] Reduce the default timeout
1 year ago