mirrors
/
rspamd
spogulis no https://github.com/vstakhov/rspamd.git
Vērot 1
Pievienot zvaigznīti 0
Atdalīts 0
Kods Problēmas 0 Laidieni 159 Vikivietne Aktivitāte
Nevar pievienot vairāk kā 25 tēmas Tēmai ir jāsākas ar burtu vai ciparu, tā var saturēt domu zīmes ('-') un var būt līdz 35 simboliem gara.
19574 Revīzijas
28 Atzari
Koks: f11071b6a2
Atzari Tagi
${ item.name }
Izveidot atzaru ${ searchTerm }
no 'f11071b6a2'
${ noResults }
rspamd/rules/mid.lua

mid.lua 4.7KB
Neapstrādāts Vainot Vēsture

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107 
  1. --[[

  2. Copyright (c) 2022, Vsevolod Stakhov <vsevolod@rspamd.com>

  3. Copyright (c) 2016, Steve Freegard <steve@freegard.name>

  4. 

  5. Licensed under the Apache License, Version 2.0 (the "License");

  6. you may not use this file except in compliance with the License.

  7. You may obtain a copy of the License at

  8. 

  9.     http://www.apache.org/licenses/LICENSE-2.0

  10. 

  11. Unless required by applicable law or agreed to in writing, software

  12. distributed under the License is distributed on an "AS IS" BASIS,

  13. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  14. See the License for the specific language governing permissions and

  15. limitations under the License.

  16. ]]--

  17. local rspamd_util = require "rspamd_util"

  18. local function mid_check_func(task)

  19.   local mid = task:get_header('Message-ID')

  20.   if not mid then return false end

  21.   -- Check for 'bare' IP addresses in RHS

  22.   if mid:find("@%d+%.%d+%.%d+%.%d+>$") then

  23.     task:insert_result('MID_BARE_IP', 1.0)

  24.   end

  25.   -- Check for non-FQDN RHS

  26.   if mid:find("@[^%.]+>?$") then

  27.     task:insert_result('MID_RHS_NOT_FQDN', 1.0)

  28.   end

  29.   -- Check for missing <>'s

  30.   if not mid:find('^<[^>]+>$') then

  31.     task:insert_result('MID_MISSING_BRACKETS', 1.0)

  32.   end

  33.   -- Check for IP literal in RHS

  34.   if mid:find("@%[%d+%.%d+%.%d+%.%d+%]") then

  35.     task:insert_result('MID_RHS_IP_LITERAL', 1.0)

  36.   end

  37.   -- Check From address attributes against MID

  38.   local from = task:get_from(2)

  39.   local fd

  40.   if (from and from[1] and from[1].domain and from[1].domain ~= '') then

  41.     fd = from[1].domain:lower()

  42.     local _,_,md = mid:find("@([^>]+)>?$")

  43.     -- See if all or part of the From address

  44.     -- can be found in the Message-ID

  45.     -- extract tld

  46.     local fdtld = nil

  47.     local mdtld = nil

  48.     if md then

  49.       fdtld = rspamd_util.get_tld(fd)

  50.       mdtld = rspamd_util.get_tld(md)

  51.     end

  52.     if (mid:lower():find(from[1].addr:lower(),1,true)) then

  53.       task:insert_result('MID_CONTAINS_FROM', 1.0)

  54.     elseif (md and fd == md:lower()) then

  55.       task:insert_result('MID_RHS_MATCH_FROM', 1.0)

  56.     elseif (mdtld ~= nil and fdtld ~= nil and mdtld:lower() == fdtld) then

  57.       task:insert_result('MID_RHS_MATCH_FROMTLD', 1.0)

  58.     end

  59.   end

  60.   -- Check To address attributes against MID

  61.   local to = task:get_recipients(2)

  62.   if (to and to[1] and to[1].domain and to[1].domain ~= '') then

  63.     local td = to[1].domain:lower()

  64.     local _,_,md = mid:find("@([^>]+)>?$")

  65.     -- Skip if from domain == to domain

  66.     if ((fd and fd ~= td) or not fd) then

  67.       -- See if all or part of the To address

  68.       -- can be found in the Message-ID

  69.       if (mid:lower():find(to[1].addr:lower(),1,true)) then

  70.         task:insert_result('MID_CONTAINS_TO', 1.0)

  71.       elseif (md and td == md:lower()) then

  72.         task:insert_result('MID_RHS_MATCH_TO', 1.0)

  73.       end

  74.     end

  75.   end

  76. end

  77. 

  78. -- MID checks from Steve Freegard

  79. local check_mid_id = rspamd_config:register_symbol({

  80.   name = 'CHECK_MID',

  81.   score = 0.0,

  82.   group = 'mid',

  83.   type = 'callback,mime',

  84.   callback = mid_check_func

  85. })

  86. rspamd_config:register_virtual_symbol('MID_BARE_IP', 1.0, check_mid_id)

  87. rspamd_config:set_metric_symbol('MID_BARE_IP', 2.0, 'Message-ID RHS is a bare IP address', 'default', 'Message ID')

  88. rspamd_config:register_virtual_symbol('MID_RHS_NOT_FQDN', 1.0, check_mid_id)

  89. rspamd_config:set_metric_symbol('MID_RHS_NOT_FQDN', 0.5,

  90.     'Message-ID RHS is not a fully-qualified domain name', 'default', 'Message ID')

  91. rspamd_config:register_virtual_symbol('MID_MISSING_BRACKETS', 1.0, check_mid_id)

  92. rspamd_config:set_metric_symbol('MID_MISSING_BRACKETS', 0.5, 'Message-ID is missing <>\'s', 'default', 'Message ID')

  93. rspamd_config:register_virtual_symbol('MID_RHS_IP_LITERAL', 1.0, check_mid_id)

  94. rspamd_config:set_metric_symbol('MID_RHS_IP_LITERAL', 0.5, 'Message-ID RHS is an IP-literal', 'default', 'Message ID')

  95. rspamd_config:register_virtual_symbol('MID_CONTAINS_FROM', 1.0, check_mid_id)

  96. rspamd_config:set_metric_symbol('MID_CONTAINS_FROM', 1.0, 'Message-ID contains From address', 'default', 'Message ID')

  97. rspamd_config:register_virtual_symbol('MID_RHS_MATCH_FROM', 1.0, check_mid_id)

  98. rspamd_config:set_metric_symbol('MID_RHS_MATCH_FROM', 0.0,

  99.     'Message-ID RHS matches From domain', 'default', 'Message ID')

  100. rspamd_config:register_virtual_symbol('MID_RHS_MATCH_FROMTLD', 1.0, check_mid_id)

  101. rspamd_config:set_metric_symbol('MID_RHS_MATCH_FROMTLD', 0.0,

  102.     'Message-ID RHS matches From domain tld', 'default', 'Message ID')

  103. rspamd_config:register_virtual_symbol('MID_CONTAINS_TO', 1.0, check_mid_id)

  104. rspamd_config:set_metric_symbol('MID_CONTAINS_TO', 1.0, 'Message-ID contains To address', 'default', 'Message ID')

  105. rspamd_config:register_virtual_symbol('MID_RHS_MATCH_TO', 1.0, check_mid_id)

  106. rspamd_config:set_metric_symbol('MID_RHS_MATCH_TO', 1.0, 'Message-ID RHS matches To domain', 'default', 'Message ID')