mirrors
/
rspamd
mirror of https://github.com/vstakhov/rspamd.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 159 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
14569 Commits
28 Branches
Tree: e6e72472ad
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'e6e72472ad'
${ noResults }
rspamd/conf/modules.d/surbl.conf

surbl.conf 3.9KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128 
  1. # Please don't modify this file as your changes might be overwritten with

  2. # the next update.

  3. #

  4. # You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine

  5. # parameters defined on the top level

  6. #

  7. # You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add

  8. # parameters defined on the top level

  9. #

  10. # For specific modules or configuration you can also modify

  11. # '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults

  12. # '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults

  13. #

  14. # See https://rspamd.com/doc/tutorials/writing_rules.html for details

  15. 

  16. surbl {

  17.     whitelist = [

  18.         "https://maps.rspamd.com/rspamd/surbl-whitelist.inc.zst",

  19.         "${DBDIR}/surbl-whitelist.inc.local",

  20.         "fallback+file://${CONFDIR}/surbl-whitelist.inc"

  21.     ];

  22.     exceptions = [

  23.         "https://maps.rspamd.com/rspamd/2tld.inc.zst",

  24.         "${DBDIR}/2tld.inc.local",

  25.         "fallback+file://${CONFDIR}/2tld.inc"

  26.     ];

  27. 

  28.     rules {

  29.         "SURBL_MULTI" {

  30.             suffix = "multi.surbl.org";

  31.             check_dkim = true;

  32.             bits {

  33.                 CRACKED_SURBL = 128; # From February 2016

  34.                 ABUSE_SURBL = 64;

  35.                 MW_SURBL_MULTI = 16;

  36.                 PH_SURBL_MULTI = 8;

  37.                 SURBL_BLOCKED = 1;

  38.             }

  39.         }

  40.         "URIBL_MULTI" {

  41.             suffix = "multi.uribl.com";

  42.             check_dkim = true;

  43.             bits {

  44.                 URIBL_BLOCKED = 1;

  45.                 URIBL_BLACK = 2;

  46.                 URIBL_GREY = 4;

  47.                 URIBL_RED = 8;

  48.             }

  49.         }

  50.         "RSPAMD_URIBL" {

  51.             suffix = "uribl.rspamd.com";

  52.             check_dkim = true;

  53.             process_script =<<EOD

  54. function(url, suffix)

  55.   local cr = require "rspamd_cryptobox_hash"

  56.   local h = cr.create(url):base32():sub(1, 32)

  57.   return string.format("%s.%s", h, suffix)

  58. end

  59. EOD;

  60.         }

  61.         "DBL" {

  62.             suffix = "dbl.spamhaus.org";

  63.             no_ip = true;

  64.             check_dkim = true;

  65. 

  66.             ips = {

  67.                 # spam domain

  68.                 DBL_SPAM = "127.0.1.2";

  69.                 # phish domain

  70.                 DBL_PHISH = "127.0.1.4";

  71.                 # malware domain

  72.                 DBL_MALWARE = "127.0.1.5";

  73.                 # botnet C&C domain

  74.                 DBL_BOTNET = "127.0.1.6";

  75.                 # abused legit spam

  76.                 DBL_ABUSE = "127.0.1.102";

  77.                 # abused spammed redirector domain

  78.                 DBL_ABUSE_REDIR = "127.0.1.103";

  79.                 # abused legit phish

  80.                 DBL_ABUSE_PHISH = "127.0.1.104";

  81.                 # abused legit malware

  82.                 DBL_ABUSE_MALWARE = "127.0.1.105";

  83.                 # abused legit botnet C&C

  84.                 DBL_ABUSE_BOTNET = "127.0.1.106";

  85.                 # error - IP queries prohibited!

  86.                 DBL_PROHIBIT = "127.0.1.255";

  87.             }

  88.         }

  89. 

  90.         "SPAMHAUS_ZEN_URIBL" {

  91.             suffix = "zen.spamhaus.org";

  92.             resolve_ip = true;

  93.             ips {

  94.                 URIBL_SBL = "127.0.0.2";

  95.                 URIBL_SBL_CSS = "127.0.0.3";

  96.                 URIBL_XBL = ["127.0.0.4", "127.0.0.5", "127.0.0.6", "127.0.0.7"];

  97.                 URIBL_PBL = ["127.0.0.10", "127.0.0.11"];

  98.                 URIBL_DROP = "127.0.0.9";

  99.             }

  100.         }

  101. 

  102.         "SEM_URIBL_UNKNOWN" {

  103.             suffix = "uribl.spameatingmonkey.net";

  104.             bits {

  105.                 SEM_URIBL = 2;

  106.             }

  107.             no_ip = true;

  108.         }

  109. 

  110.         "SEM_URIBL_FRESH15_UNKNOWN" {

  111.             suffix = "fresh15.spameatingmonkey.net";

  112.             bits {

  113.                 SEM_URIBL_FRESH15 = 2;

  114.             }

  115.             no_ip = true;

  116.         }

  117. 

  118.         "RBL_SARBL_BAD" {

  119.             suffix = "public.sarbl.org";

  120.             noip   = true;

  121.             images = true;

  122.         }

  123.     }

  124. 

  125.     .include(try=true,priority=5) "${DBDIR}/dynamic/surbl.conf"

  126.     .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/surbl.conf"

  127.     .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/surbl.conf"

  128. }