mirrors
/
rspamd
mirror of https://github.com/vstakhov/rspamd.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 159 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
20688 Commits
28 Branches
Tree: f5d5be9942
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'f5d5be9942'
${ noResults }
rspamd/test/functional/configs/merged-override.conf

merged-override.conf 9.8KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435 
  1. antivirus {

  2.  clam {

  3.     attachments_only = false;

  4.     symbol = "CLAM_VIRUS";

  5.     type = "clamav";

  6.     servers = "127.0.0.1:{= env.PORT_CLAM =}";

  7.   }

  8.   fprot {

  9.     attachments_only = false;

  10.     symbol = "FPROT_VIRUS";

  11.     type = "fprot";

  12.     servers = "127.0.0.1:{= env.PORT_FPROT =}";

  13.     patterns {

  14.       FPROT_EICAR = "^EICAR_Test_File$";

  15.     }

  16.   }

  17.   fprot_duplicate {

  18.     prefix = "fp_dupe";

  19.     attachments_only = false;

  20.     symbol = "FPROT2_VIRUS_DUPLICATE_DEFAULT";

  21.     type = "fprot";

  22.     servers = "127.0.0.1:{= env.PORT_FPROT2_DUPLICATE =}";

  23.     patterns = [

  24.       {FPROT2_VIRUS_DUPLICATE_PATTERN = "^E"},

  25.       {FPROT2_VIRUS_DUPLICATE_NOPE1 = "^EI",

  26.       FPROT2_VIRUS_DUPLICATE_NOPE2 = "^EIC",

  27.       FPROT2_VIRUS_DUPLICATE_NOPE3 = "^EICA",

  28.       FPROT2_VIRUS_DUPLICATE_NOPE4 = "^EICAR",

  29.       FPROT2_VIRUS_DUPLICATE_NOPE5 = "^EICAR_"}

  30.     ];

  31.   }

  32.   avast {

  33.       attachments_only = false;

  34.       symbol = "AVAST_VIRUS";

  35.       type = "avast";

  36.       servers = "127.0.0.1:{= env.PORT_AVAST =}";

  37.   }

  38. }

  39. 

  40. multimap {

  41.   DNSBL_MAP {

  42.     type = "dnsbl";

  43.     map = "rspamd.com";

  44.   }

  45.   IP_MAP {

  46.     type = "ip";

  47.     map = "{= env.TESTDIR =}/configs/maps/ip.list";

  48.   }

  49.   FROM_MAP {

  50.     type = "from";

  51.     filter = "email:domain";

  52.     map = "{= env.TESTDIR =}/configs/maps/domains.list";

  53.   }

  54.   FREEMAIL_CC {

  55.     type = "header";

  56.     header = "Cc";

  57.     filter = "email:domain";

  58.     map = "{= env.TESTDIR =}/configs/maps/domains.list.2";

  59.     score = 1.0;

  60.   }

  61.   REGEXP_MAP {

  62.     type = "from";

  63.     filter = "email:addr";

  64.     regexp = true;

  65.     map = "{= env.TESTDIR =}/configs/maps/regexp.list";

  66.   }

  67.   DEPS_MAP {

  68.     type = "from";

  69.     filter = "email:addr";

  70.     regexp = true;

  71.     map = "{= env.TESTDIR =}/configs/maps/regexp.list";

  72.     require_symbols = "(R_SPF_ALLOW|R_SPF_DNSFAIL) & REGEXP_MAP & !FROM_MAP";

  73.   }

  74.   RCPT_DOMAIN {

  75.     type = "rcpt";

  76.     filter = "email:domain";

  77.     map = "{= env.TESTDIR =}/configs/maps/domains.list";

  78.   }

  79.   RCPT_USER {

  80.     type = "rcpt";

  81.     filter = "email:user";

  82.     map = "{= env.TESTDIR =}/configs/maps/users.list";

  83.   }

  84.   RCPT_MAP {

  85.     type = "rcpt";

  86.     filter = "email:addr";

  87.     symbols = ["SYM1"];

  88.     map = "{= env.TESTDIR =}/configs/maps/multiple.list";

  89.     score = 1.0;

  90.   }

  91.   RCPT_MAP_NOMULTISYM {

  92.     type = "rcpt";

  93.     filter = "email:addr";

  94.     disable_multisymbol = true;

  95.     map = "{= env.TESTDIR =}/configs/maps/multiple.list";

  96.     score = 1.0;

  97.   }

  98.   HEADER_MAP {

  99.     type = "header";

  100.     header = "To";

  101.     filter = "email:name";

  102.     map = "{= env.TESTDIR =}/configs/maps/utf.list";

  103.     regexp = true;

  104.   }

  105.   HOSTNAME_MAP {

  106.     type = "hostname";

  107.     map = "{= env.TESTDIR =}/configs/maps/domains.list";

  108.   }

  109.   HOSTNAME_TOP_MAP {

  110.     type = "hostname";

  111.     filter = "top";

  112.     map = "{= env.TESTDIR =}/configs/maps/top.list";

  113.   }

  114.   CDB_HOSTNAME {

  115.     type = "hostname";

  116.     map = "cdb://{= env.TESTDIR =}/configs/maps/domains.cdb";

  117.   }

  118.   REDIS_HOSTNAME {

  119.     type = "hostname";

  120.     map = "redis://hostname";

  121.   }

  122.   REDIS_HOSTNAME_EXPANSION {

  123.     type = "hostname";

  124.     map = "redis://${ip}.${principal_recipient_domain}";

  125.   }

  126.   REDIS_IPADDR {

  127.     type = "ip";

  128.     map = "redis://ipaddr";

  129.   }

  130.   REDIS_FROMADDR {

  131.     type = "from";

  132.     filter = "email:addr";

  133.     map = "redis://emailaddr";

  134.   }

  135.   REDIS_URL_TLD {

  136.     type = "url";

  137.     map = "redis://hostname";

  138.     filter = "tld";

  139.   }

  140.   REDIS_URL_RE_FULL {

  141.     type = "url";

  142.     map = "redis://fullurlre";

  143.     filter = "full:regexp:/(html)$/";

  144.   }

  145.   REDIS_URL_FULL {

  146.     type = "url";

  147.     map = "redis://fullurl";

  148.     filter = "full";

  149.   }

  150.   REDIS_URL_PHISHED {

  151.     type = "url";

  152.     map = "redis://phishedurl";

  153.     filter = "is_phished";

  154.   }

  155.   REDIS_URL_RE_TLD {

  156.     type = "url";

  157.     map = "redis://tldre";

  158.     filter = "tld:regexp:/(net)$/";

  159.   }

  160.   REDIS_URL_RE_PLAIN {

  161.     type = "url";

  162.     map = "redis://urlre";

  163.     filter = "regexp:/^(www)/";

  164.   }

  165.   REDIS_URL_NOFILTER {

  166.     type = "url";

  167.     map = "redis://urlnofilter";

  168.   }

  169.   REDIS_COUNTRY {

  170.     type = "country";

  171.     map = "redis://cc";

  172.   }

  173.   REDIS_ASN {

  174.     type = "asn";

  175.     map = "redis://asn";

  176.   }

  177.   REDIS_ASN_FILTERED {

  178.     type = "mempool";

  179.     variable = "asn";

  180.     map = "redis://asn";

  181.     filter = "regexp:/^([0-9]).*/";

  182.   }

  183.   RCVD_TEST_01 {

  184.     type = "received";

  185.     max_pos = 1;

  186.     map = "{= env.TESTDIR =}/configs/maps/rcvd.list";

  187.   }

  188.   RCVD_TEST_02 {

  189.     type = "received";

  190.     min_pos = -1;

  191.     map = "{= env.TESTDIR =}/configs/maps/rcvd.list";

  192.   }

  193.   RCVD_TEST_REDIS_01 {

  194.     type = "received";

  195.     map = "redis://RCVD_TEST";

  196.   }

  197.   RCVD_AUTHED_ONE {

  198.     type = "received";

  199.     map = "{= env.TESTDIR =}/configs/maps/rcvd2.list";

  200.     flags = ["authenticated"];

  201.     nflags = ["ssl"];

  202.   }

  203.   RCVD_AUTHED_TWO {

  204.     type = "received";

  205.     map = "{= env.TESTDIR =}/configs/maps/rcvd2.list";

  206.     flags = ["authenticated", "ssl"];

  207.   }

  208.   COMBINED_MAP_AND {

  209.     type = "combined";

  210.     rules {

  211.       ip = {

  212.         type = "radix";

  213.         map = "{= env.TESTDIR =}/configs/maps/ip.list";

  214.         selector = "ip";

  215.       }

  216.       from {

  217.         map = "{= env.TESTDIR =}/configs/maps/domains.list";

  218.         selector = "from:domain";

  219.       }

  220.     }

  221.     expression = "from & ip";

  222.     score = 10;

  223.     action = "no action"

  224.   }

  225.   COMBINED_MAP_OR {

  226.     type = "combined";

  227.     rules {

  228.       ip = {

  229.         type = "radix";

  230.         map = "{= env.TESTDIR =}/configs/maps/ip.list";

  231.         selector = "ip";

  232.       }

  233.       from {

  234.         map = "{= env.TESTDIR =}/configs/maps/domains.list";

  235.         selector = "from:domain";

  236.       }

  237.     }

  238.     expression = "from || ip"

  239.   }

  240. 

  241.   EXTERNAL_MULTIMAP {

  242.       type = "hostname";

  243.       filter = "top";

  244.       map = {

  245.         external = true;

  246.         backend = "http://127.0.0.1:18080/map-query",

  247.         method = "query",

  248.       }

  249.   }

  250. 

  251.   DYN_MULTIMAP {

  252.     type = "hostname";

  253.     map = "{= env.TESTDIR =}/configs/maps/dynamic_symbols.map";

  254.     dynamic_symbols = true;

  255.   }

  256. }

  257. 

  258. rbl {

  259.   rbls {

  260.     fake {

  261.       from = true;

  262.       ipv4 = true;

  263.       ipv6 = true;

  264.       rbl = "fake.rbl";

  265.       symbol = "FAKE_RBL_UNKNOWN";

  266.       received = true;

  267.       symbols_prefixes = {

  268.         received = 'FAKE_RECEIVED_RBL',

  269.         from = 'FAKE_RBL',

  270.       }

  271.       unknown = true;

  272.       returncodes_matcher = "regexp";

  273.       returncodes = {

  274.         "CODE_2" = '^127\.0\.0\.2$';

  275.         "CODE_3" = '^127\.0\.0\.3$';

  276.       }

  277.     }

  278.     fake_whitelist {

  279.       from = true;

  280.       ipv4 = true;

  281.       ipv6 = true;

  282.       received = true;

  283.       is_whitelist = true;

  284.       rbl = "fake.wl";

  285.       symbol = "FAKE_WL_RBL_UNKNOWN";

  286.       unknown = true;

  287.       #returncodes_matcher = "luapattern";

  288.       returncodes = {

  289.         "FAKE_WL_RBL_CODE_2" = "127%.0%.0%.2";

  290.         "FAKE_WL_RBL_CODE_3" = "127%.0%.0%.3";

  291.       }

  292.     }

  293.     RSPAMD_EMAILBL {

  294.       rbl = "test8.uribl";

  295.       url_compose_map = "{= env.TESTDIR =}/configs/maps/url_compose_map_for_mails.list";

  296.       ignore_defaults = true;

  297.       emails = true;

  298.       emails_domainonly = true

  299.       returncodes_matcher = "radix";

  300.       returncodes = {

  301.         RSPAMD_EMAILBL = "127.0.0.2/32";

  302.       }

  303.     }

  304.     URIBL_NUMERIC {

  305.       checks = ["numeric_urls"];

  306.       rbl = "test9.uribl";

  307.     }

  308.     URIBL_NUMERIC_IMAGES {

  309.       checks = ["numeric_urls"];

  310.       images = true;

  311.       rbl = "test9.uribl";

  312.     }

  313.     UNKNOWN_URIBL_NUMERIC_CONTENT {

  314.       checks = ["numeric_urls"];

  315.       content_urls = true;

  316.       rbl = "test9.uribl";

  317.       returncodes_matcher = "glob";

  318.       returncodes = {

  319.         URIBL_NUMERIC_CONTENT = "*.*.*.*";

  320.       }

  321.     }

  322.     URIBL_NUMERIC_EVERYTHING {

  323.       checks = ["numeric_urls"];

  324.       images = true;

  325.       content_urls = true;

  326.       rbl = "test9.uribl";

  327.       exclude_local = false;

  328.     }

  329.     URIBL_NOCONTENT {

  330.       rbl = "test9.uribl";

  331.       ignore_defaults = true;

  332.       urls = true;

  333.     }

  334.     URIBL_WITHCONTENT {

  335.       rbl = "test9.uribl";

  336.       ignore_defaults = true;

  337.       urls = true;

  338.       content_urls = true;

  339.     }

  340.     URIBL_CONTENTONLY {

  341.       rbl = "test9.uribl";

  342.       ignore_defaults = true;

  343.       content_urls = true;

  344.       no_ip = true;

  345.     }

  346.     RBL_SELECTOR_SINGLE {

  347.       rbl = "test9.uribl";

  348.       ignore_defaults = true;

  349.       selector = "helo()";

  350.     }

  351.     RBL_SELECTOR_MULTIPLE {

  352.       rbl = "test9.uribl";

  353.       ignore_defaults = true;

  354.       selector = {

  355.         sel_from = "from('smtp'):domain";

  356.         sel_helo = "helo()";

  357.       }

  358.     }

  359.   }

  360. }

  361. 

  362. surbl {

  363.     "whitelist" = [

  364.     "rspamd-test.com"

  365.   ];

  366.   rules {

  367.     "RSPAMD_URIBL" {

  368.       suffix = "test.uribl";

  369.       check_dkim = true;

  370.       check_emails = true;

  371.       images = false;

  372.       process_script =<<EOD

  373. function(url, suffix)

  374.   local cr = require "rspamd_cryptobox_hash"

  375.   local h = cr.create(url):base32():sub(1, 32)

  376.   return string.format("%s.%s", h, suffix)

  377. end

  378. EOD;

  379.     }

  380.     "DBL" {

  381.       suffix = "test2.uribl";

  382.       no_ip = true;

  383.       check_emails = true;

  384.       check_dkim = true;

  385.       ips = {

  386.         # spam domain

  387.         DBL_SPAM = "127.0.1.2";

  388.         # phish domain

  389.         DBL_PHISH = "127.0.1.4";

  390.       }

  391.     }

  392.     "URIBL_MULTI" {

  393.       suffix = "test3.uribl";

  394.       check_dkim = true;

  395.       check_emails = true;

  396.       bits {

  397.         URIBL_BLOCKED = 1;

  398.         URIBL_BLACK = 2;

  399.         URIBL_GREY = 4;

  400.         URIBL_RED = 8;

  401.       }

  402.     }

  403.     "SPAMHAUS_ZEN_URIBL" {

  404.       suffix = "test4.uribl";

  405.       resolve_ip = true;

  406.       check_emails = true;

  407.       ips {

  408.         URIBL_SBL = "127.0.0.2";

  409.         URIBL_SBL_CSS = "127.0.0.3";

  410.         URIBL_XBL = ["127.0.0.4", "127.0.0.5", "127.0.0.6", "127.0.0.7"];

  411.         URIBL_PBL = ["127.0.0.10", "127.0.0.11"];

  412.         URIBL_DROP = "127.0.0.9";

  413.       }

  414.     }

  415.     "RSPAMD_URIBL_IMAGES" {

  416.       suffix = "test.uribl";

  417.       check_dkim = true;

  418.       check_emails = false;

  419.       images = true;

  420.       process_script =<<EOD

  421.   function(url, suffix)

  422.     local cr = require "rspamd_cryptobox_hash"

  423.     local h = cr.create(url):base32():sub(1, 32)

  424.     return string.format("%s.%s", h, suffix)

  425. end

  426. EOD;

  427.     }

  428.     "BAD_SUBDOMAIN" {

  429.       suffix = "test7.uribl";

  430.       url_compose_map = "{= env.TESTDIR =}/configs/maps/url_compose_map.list";

  431.       check_dkim = true;

  432.       check_emails = false;

  433.     }

  434.   }

  435. }