Final update for 0.5.4.

13 files changed, 980 insertions, 70 deletions

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 0432fc3c1..3ea4e2ea1 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -10,13 +10,16 @@ PROJECT(rspamd C)
 
 SET(RSPAMD_VERSION_MAJOR 0)
 SET(RSPAMD_VERSION_MINOR 5)
-SET(RSPAMD_VERSION_PATCH 3)
+SET(RSPAMD_VERSION_PATCH 4)
 
 
 SET(RSPAMD_VERSION         "${RSPAMD_VERSION_MAJOR}.${RSPAMD_VERSION_MINOR}.${RSPAMD_VERSION_PATCH}")
 SET(RSPAMD_MASTER_SITE_URL "http://bitbucket.org/vstakhov/rspamd")
-SET(RSPAMD_USER "nobody")
-SET(RSPAMD_GROUP "nobody")
+
+IF(NOT RSPAMD_USER)
+	SET(RSPAMD_USER "nobody")
+	SET(RSPAMD_GROUP "nobody")
+ENDIF(NOT RSPAMD_USER)
 
 CMAKE_MINIMUM_REQUIRED(VERSION 2.6.0 FATAL_ERROR)
 
@@ -1060,7 +1063,9 @@ IF(NOT EXISTS ${ETC_PREFIX}/rspamd/surbl-whitelist.inc OR BUILD_PORT)
 	INSTALL(FILES conf/surbl-whitelist.inc DESTINATION ${ETC_PREFIX}/rspamd)
 ENDIF(NOT EXISTS ${ETC_PREFIX}/rspamd/surbl-whitelist.inc OR BUILD_PORT)
 
-INSTALL(FILES ${CMAKE_BINARY_DIR}/conf/rspamd.xml.sample DESTINATION ${ETC_PREFIX})
+IF(NOT DEBIAN_BUILD)
+	INSTALL(FILES ${CMAKE_BINARY_DIR}/conf/rspamd.xml.sample DESTINATION ${ETC_PREFIX})
+ENDIF(NOT DEBIAN_BUILD)
 
 # Lua plugins
 INSTALL(CODE "FILE(MAKE_DIRECTORY \$ENV{DESTDIR}${ETC_PREFIX}/rspamd/plugins/lua)")
@@ -1094,51 +1099,8 @@ IF(CMAKE_SYSTEM_NAME STREQUAL "FreeBSD" AND NOT BUILD_PORT)
 	INSTALL(CODE "FILE(MAKE_DIRECTORY \$ENV{DESTDIR}/${LOCALSTATES_PREFIX})")
 	INSTALL(CODE "EXECUTE_PROCESS(COMMAND chown ${RSPAMD_USER}:${RSPAMD_GROUP} \$ENV{DESTDIR}/${LOCALSTATES_PREFIX})")
 ENDIF(CMAKE_SYSTEM_NAME STREQUAL "FreeBSD" AND NOT BUILD_PORT)
-IF(CMAKE_SYSTEM_NAME STREQUAL "Linux")
+IF(CMAKE_SYSTEM_NAME STREQUAL "Linux" AND NOT DEBIAN_BUILD)
 	INSTALL(PROGRAMS "linux/${LINUX_START_SCRIPT}" DESTINATION ${ETC_PREFIX}/init.d RENAME rspamd)
 	INSTALL(CODE "FILE(MAKE_DIRECTORY \$ENV{DESTDIR}/${LOCALSTATES_PREFIX})")
 	INSTALL(CODE "EXECUTE_PROCESS(COMMAND chown ${RSPAMD_USER}:${RSPAMD_GROUP} \$ENV{DESTDIR}/${LOCALSTATES_PREFIX})")
-ENDIF(CMAKE_SYSTEM_NAME STREQUAL "Linux")
-
-# CPack section
-SET(CPACK_DEBIAN_PACKAGE_DEPENDS "libevent-1.4-2, libgmime-2.0-2a")
-SET(CPACK_PACKAGE_CONTACT "vsevolod@highsecure.ru")
-SET(CPACK_PACKAGE_NAME rspamd)
-SET(CPACK_SOURCE_IGNORE_FILES "\\\\.swp$" "/\\\\.hg/")
-SET(CPACK_PACKAGE_VERSION_MAJOR ${RSPAMD_VERSION_MAJOR})
-SET(CPACK_PACKAGE_VERSION_MINOR ${RSPAMD_VERSION_MINOR})
-SET(CPACK_PACKAGE_VERSION_PATCH ${RSPAMD_VERSION_PATCH})
-INCLUDE(CPack)
-
-IF(CMAKE_SYSTEM_NAME STREQUAL "Linux")
-    INCLUDE("linux/cmake/DpkgDeb.cmake")
-ENDIF(CMAKE_SYSTEM_NAME STREQUAL "Linux")
-
-IF(CMAKE_SYSTEM_NAME STREQUAL "FreeBSD")
-    INCLUDE("freebsd/cmake/PkgCreate.cmake")
-ENDIF(CMAKE_SYSTEM_NAME STREQUAL "FreeBSD")
-
-SET(RPMNAME "rspamd")
-SET(PACKAGE_NAME "rspamd")
-SET(PACKAGE_RELEASE "1")
-SET(PACKAGE_SECTION "mail")
-SET(PACKAGE_PRIORITY "optional")
-SET(PACKAGE_HOMEPAGE "http://bitbucket.org/vstakhov/rspamd")
-SET(PACKAGE_MAINTAINER_NAME "vstakhov")
-SET(PACKAGE_MAINTAINER_EMAIL "vsevolod@highsecure.ru")
-SET(PACKAGE_DESCRIPTION_SUMMARY "rspamd - fast and modular antispam system written in C")
-SET(PACKAGE_DESCRIPTION "Fast and modular antispam system written in C")
-IF(GMIME24)
-    SET(PACKAGE_DEPENDS "libc6, libevent-1.4-2, libgmime-2.4-2, liblua5.1-0, libxml-parser-perl, libterm-readkey-perl, libglib2.0-0")
-ELSE(GMIME24)
-    SET(PACKAGE_DEPENDS "libc6, libevent-1.4-2, libgmime-2.0-2, libxml-parser-perl, libterm-readkey-perl, libglib2.0-0")
-ENDIF(GMIME24)
-
-SET(PACKAGE_VERSION "${RSPAMD_VERSION_MAJOR}.${RSPAMD_VERSION_MINOR}.${RSPAMD_VERSION_PATCH}")
-
-IF(DPKG_FOUND STREQUAL "YES")
-    ADD_DEBIAN_PACKAGE("rspamd")    
-ENDIF(DPKG_FOUND STREQUAL "YES")
-IF(PKGCREATE_FOUND STREQUAL "YES")
-    ADD_FREEBSD_PACKAGE("rspamd" "freebsd/rspamd.plist")    
-ENDIF(PKGCREATE_FOUND STREQUAL "YES")
+ENDIF(CMAKE_SYSTEM_NAME STREQUAL "Linux" AND NOT DEBIAN_BUILD)
diff --git a/conf/rspamd-basic.xml.in b/conf/rspamd-basic.xml.in
index fbeee898a..6e347f762 100644
--- a/conf/rspamd-basic.xml.in
+++ b/conf/rspamd-basic.xml.in
@@ -27,6 +27,10 @@
   <cache_file>@LOCALSTATES_PREFIX@/symbols.cache</cache_file>
   <!-- Maps watch timeout (floating point number in seconds, for file maps this timeout is reduced by two) -->
   <map_watch_interval>10.0s</map_watch_interval>
+  <!-- A path to dynamic configuration file, required for webui -->
+  <dynamic_conf>@LOCALSTATES_PREFIX@/rspamd_dynamic</dynamic_conf>
+  <!-- Use mlock to prevent statistic from getting to swap file, requires either root privileges or specific system configuration -->
+  <use_mlock>no</use_mlock>
 </options>
 <!-- End of options section -->
 
@@ -326,10 +330,18 @@
 <worker>
   <type>normal</type>
   <bind_socket>*:11333</bind_socket>
-  <count>2</count>
   <maxfiles>2048</maxfiles>
 <!-- Other params -->
 </worker>
+<!-- Webui worker -->
+<worker>
+  <type>webui</type>
+  <count>1</count>
+  <bind_socket>localhost:11336</bind_socket>
+  <!-- UI password, should be changed to something more secure -->
+  <password>q1</password>
+</worker>
+
 <!-- End of workers section -->
 
 <!-- Modules section -->
@@ -413,10 +425,10 @@
 <!-- multimap -->
 <module name="multimap">
 <!--
-	<rule>type = header, header = To, pattern = @(.+)>?$, map = file://@ETC_PREFIX@/rspamd/rcpt_test, symbol = R_RCPT_WHITELIST</rule>
-	<rule>type = ip, map = file://@ETC_PREFIX@/rspamd/ip_test, symbol = R_IP_WHITELIST</rule>
+	<rule>type = header, header = To, pattern = @(.+)>?$, map = file://@ETC_PREFIX@/rspamd/rcpt_test, symbol = R_RCPT_WHITELIST, description = RCPT whitelist</rule>
+	<rule>type = ip, map = file://@ETC_PREFIX@/rspamd/ip_test, symbol = R_IP_WHITELIST, description = IP whitelist</rule>
 -->
-	<rule>type = dnsbl, map = pbl.spamhaus.org, symbol = R_IP_PBL</rule>
+	<rule>type = dnsbl, map = pbl.spamhaus.org, symbol = R_IP_PBL, description = PBL dns block list</rule>
 </module>
 
 <!-- phishing -->
@@ -593,12 +605,12 @@
  <max_tokens>1000</max_tokens>
  <statfile>
   <symbol>BAYES_HAM</symbol>
-  <size>10M</size>
+  <size>20M</size>
   <path>@LOCALSTATES_PREFIX@/bayes.ham</path>
  </statfile>
  <statfile>
   <symbol>BAYES_SPAM</symbol>
-  <size>10M</size>
+  <size>20M</size>
   <path>@LOCALSTATES_PREFIX@/bayes.spam</path>
  </statfile>
 </classifier>
diff --git a/debian/changelog b/debian/changelog
index 1d76c6c89..4814f47c1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+rspamd (0.5.4-1) unstable; urgency=low
+
+  * Upgrade to 0.5.4
+  * Use specific user instead of nobody
+ 
+ -- Vsevolod Stakhov <vsevolod@highsecure.ru>  Sat, 02 Fed 2013 15:50:00 +0000
+
 rspamd (0.5.3-1) unstable; urgency=low
 
   * Upgrade to 0.5.3
diff --git a/debian/control b/debian/control
index d1fac97c3..4f0b8f5d1 100644
--- a/debian/control
+++ b/debian/control
@@ -12,6 +12,6 @@ Package: rspamd
 Architecture: any
 Depends: ${shlibs:Depends}, ${misc:Depends}
 Description: Fast spam filtering system
- Rspamd is fast, modular and lightweight spam filter. It is designed to work
- with big ammount of mail and can be easily extended with own filters written in
+ Rspamd is rapid, modular and lightweight spam filter. It is designed to work
+ with big amount of mail and can be easily extended with own filters written in
  lua.
diff --git a/debian/postrm b/debian/postrm
new file mode 100644
index 000000000..4af96e131
--- /dev/null
+++ b/debian/postrm
@@ -0,0 +1,91 @@
+#!/bin/sh
+# postrm script for rspamd
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+#        * <postrm> `remove'
+#        * <postrm> `purge'
+#        * <old-postrm> `upgrade' <new-version>
+#        * <new-postrm> `failed-upgrade' <old-version>
+#        * <new-postrm> `abort-install'
+#        * <new-postrm> `abort-install' <old-version>
+#        * <new-postrm> `abort-upgrade' <old-version>
+#        * <disappearer's-postrm> `disappear' <overwriter>
+#          <overwriter-version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+
+case "$1" in
+  purge|remove|abort-install|disappear)
+    # find first and last SYSTEM_UID numbers
+    for LINE in `grep SYSTEM_UID /etc/adduser.conf | grep -v "^#"`
+    do
+      case $LINE in
+        FIRST_SYSTEM_UID*)
+          FIRST_SYSTEM_UID=`echo $LINE | cut -f2 -d '='`
+        ;;
+        LAST_SYSTEM_UID*)
+          LAST_SYSTEM_UID=`echo $LINE | cut -f2 -d '='`
+        ;;
+        *)
+        ;;
+      esac
+    done
+    # Remove system account if necessary
+    CREATEDUSER="rspamd"
+    if [ -n "$FIRST_SYSTEM_UID" ] && [ -n "$LAST_SYSTEM_UID" ]
+    then
+      if USERID=`getent passwd $CREATEDUSER | cut -f 3 -d ':'`
+      then
+        if [ -n "$USERID" ]
+        then
+          if [ "$FIRST_SYSTEM_UID" -le "$USERID" ] && [ "$USERID" -le "$LAST_SYSTEM_UID" ]
+	  then
+            echo -n "Removing $CREATEDUSER system user.."
+            deluser --quiet $CREATEDUSER || true
+            echo "..done"
+          fi
+        fi
+      fi
+    fi
+    # Remove system group if necessary
+    CREATEDGROUP="rspamd"
+    FIRST_USER_GID=`grep ^USERS_GID /etc/adduser.conf | cut -f2 -d '='`
+    if [ -n "$FIRST_USER_GID" ]
+    then
+      if GROUPGID=`getent group $CREATEDGROUP | cut -f 3 -d ':'`
+      then
+        if [ -n "$GROUPGID" ]
+        then
+          if [ "$FIRST_USER_GID" -gt "$GROUPGID" ]
+	  then
+            echo -n "Removing $CREATEDGROUP group.."
+            delgroup --only-if-empty $CREATEDGROUP || true
+            echo "..done"
+          fi
+        fi
+      fi
+    fi
+  ;;
+
+  upgrade|failed-upgrade|abort-upgrade)
+  ;;
+
+  *)
+    echo "postrm called with unknown argument \`$1'" >&2
+    exit 1
+  ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
+
+
diff --git a/debian/preinst b/debian/preinst
new file mode 100644
index 000000000..df0404b10
--- /dev/null
+++ b/debian/preinst
@@ -0,0 +1,82 @@
+#!/bin/sh
+# preinst script for rmilter
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+#        * <new-preinst> `install'
+#        * <new-preinst> `install' <old-version>
+#        * <new-preinst> `upgrade' <old-version>
+#        * <old-preinst> `abort-upgrade' <new-version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+
+case "$1" in
+    install)
+       SERVER_HOME=/var/lib/rspamd
+       SERVER_LOG=/var/log/rspamd
+       SERVER_USER=rspamd
+       SERVER_NAME="Rspamd spam filtering system"
+       SERVER_GROUP=rspamd
+
+       # create user to avoid running server as root
+       # 1. create group if not existing
+       if ! getent group | grep -q "^$SERVER_GROUP:" ; then
+          echo -n "Adding group $SERVER_GROUP.."
+          addgroup --quiet --system $SERVER_GROUP 2>/dev/null ||true
+          echo "..done"
+       fi
+       # 2. create homedir if not existing
+       test -d $SERVER_HOME || mkdir $SERVER_HOME
+       test -d $SERVER_LOG || mkdir $SERVER_LOG
+       # 3. create user if not existing
+       if ! getent passwd | grep -q "^$SERVER_USER:"; then
+         echo -n "Adding system user $SERVER_USER.."
+         adduser --quiet \
+                 --system \
+                 --ingroup $SERVER_GROUP \
+                 --no-create-home \
+                 --disabled-password \
+                 $SERVER_USER 2>/dev/null || true
+         echo "..done"
+       fi
+       # 4. adjust passwd entry
+       usermod -c "$SERVER_NAME" \
+               -d $SERVER_HOME   \
+               -g $SERVER_GROUP  \
+                  $SERVER_USER
+       # 5. adjust file and directory permissions
+       if ! dpkg-statoverride --list $SERVER_HOME >/dev/null
+       then
+           chown -R $SERVER_USER:$SERVER_GROUP $SERVER_HOME $SERVER_LOG
+           chmod u=rwx,g=rx,o= $SERVER_HOME
+           chmod u=rwx,g=rx,o=rx $SERVER_LOG
+       fi
+       # 6. Add the user to the ADDGROUP group
+       if test -n $ADDGROUP
+       then
+           if ! groups $SERVER_USER | cut -d: -f2 | \
+              grep -qw $SERVER_GROUP; then
+                adduser $SERVER_USER $SERVER_GROUP
+           fi
+       fi
+    ;;
+
+    abort-upgrade|upgrade)
+    ;;
+
+    *)
+        echo "preinst called with unknown argument \`$1'" >&2
+        exit 1
+    ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
diff --git a/debian/rspamd.init b/debian/rspamd.init
index 8af5866e4..1ac3ea6d2 100755
--- a/debian/rspamd.init
+++ b/debian/rspamd.init
@@ -17,11 +17,11 @@ DESC="Rspamd"
 NAME=rspamd
 DAEMON=/usr/bin/$NAME
 DAEMON_ARGS="-c /etc/rspamd.xml"
-DESC="spam filtering system"
-PIDFILE=/var/run/rspamd/$NAME.pid
+DESC="rapid spam filtering system"
+PIDFILE=/var/lib/rspamd/$NAME.pid
 SCRIPTNAME=/etc/init.d/$NAME
-RSPAMD_USERNAME=nobody
-RSPAMD_GROUPNAME=nogroup
+RSPAMD_USERNAME=rspamd
+RSPAMD_GROUPNAME=rspamd
 
 # Exit if the package is not installed
 [ -x "$DAEMON" ] || exit 0
diff --git a/debian/rspamd.install b/debian/rspamd.install
new file mode 100644
index 000000000..ca75f0579
--- /dev/null
+++ b/debian/rspamd.install
@@ -0,0 +1 @@
+debian/rspamd.xml etc
diff --git a/debian/rspamd.xml b/debian/rspamd.xml
new file mode 100644
index 000000000..17e04e4c4
--- /dev/null
+++ b/debian/rspamd.xml
@@ -0,0 +1,752 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<rspamd>
+<!-- Global section -->
+<lua src="/etc/rspamd/lua/rspamd.lua" />
+
+<!-- Options -->
+<options>
+  <!-- Temporary directory -->
+  <tempdir>/tmp</tempdir>
+  <!-- Path to pid file -->
+  <pidfile>/var/lib/rspamd/rspamd.pid</pidfile>
+  <!-- Turned on C filters -->
+  <filters>regexp,surbl,chartable,fuzzy_check,spf,dkim</filters>
+  <!-- Maximum size of statistics mapped in memory -->
+  <statfile_pool_size>250M</statfile_pool_size>
+  <!-- Raw mode is non-utf mode. In utf mode all messages are converted to utf8 (if possible) -->
+  <raw_mode>no</raw_mode>
+  <!-- Check text attachements as ordinary text parts -->
+  <check_attachements>no</check_attachements>
+  <!-- If a rule has been met several times do not add additional score -->
+  <one_shot>yes</one_shot>
+  <!-- DNS requests global timeout -->
+  <dns_timeout>1s</dns_timeout>
+  <!-- DNS retransmits count -->
+  <dns_retransmits>5</dns_retransmits>
+  <!-- File for saving settings of symbols cache -->
+  <cache_file>/var/lib/rspamd/symbols.cache</cache_file>
+  <!-- Maps watch timeout (floating point number in seconds, for file maps this timeout is reduced by two) -->
+  <map_watch_interval>10.0s</map_watch_interval>
+  <!-- A path to dynamic configuration file, required for webui -->
+  <dynamic_conf>/var/lib/rspamd/rspamd_dynamic</dynamic_conf>
+  <!-- Use mlock to prevent statistic from getting to swap file, requires either root privileges or specific system configuration -->
+  <use_mlock>no</use_mlock>
+</options>
+<!-- End of options section -->
+
+<!-- Logging section -->
+<logging>
+ <level>info</level>
+ <log_urls>no</log_urls>
+ <type filename="/var/log/rspamd/rspamd.log">file</type>
+<!-- Other types
+ <type>console</type>
+ <type facility="local7">syslog</type>
+-->
+<!-- Selective debug
+ <debug_ip>127.0.0.1</debug_ip>
+ <debug_symbols>SYMBOL1,SYMBOL2</debug_symbols>
+-->
+</logging>
+<!-- End of logging section -->
+
+
+<!-- Metrics section -->
+<metric>
+ <name>default</name>
+
+ <required_score>15.0</required_score>
+ <!-- Sample actions -->
+ <action>reject</action>
+ <action>greylist:4</action>
+ <action>add_header:8</action>
+
+ <!-- Weights for symbols -->
+
+ <!-- Subject is missing inside message -->
+ <symbol weight="2.00" description="Subject is missing inside message">MISSING_SUBJECT</symbol>
+ <!-- Message pretends to be send from Outlook but has 'strange' tags -->
+ <symbol weight="2.10" description="Message pretends to be send from Outlook but has 'strange' tags ">FORGED_OUTLOOK_TAGS</symbol>
+ <!-- Sender is forged (different From: header and smtp MAIL FROM: addresses) -->
+ <symbol weight="5.00" description="Sender is forged (different From: header and smtp MAIL FROM: addresses)">FORGED_SENDER</symbol>
+ <!-- Recipients seems to be autogenerated (works if recipients count is more than 5) -->
+ <symbol weight="3.50" description="Recipients seems to be autogenerated (works if recipients count is more than 5)">SUSPICIOUS_RECIPS</symbol>
+ <!-- Fake reply (has RE in subject, but has not References header) --> 
+ <symbol weight="6.00" description="Fake reply (has RE in subject, but has not References header)">FAKE_REPLY_C</symbol>
+ <!-- Messages that have only HTML part -->
+ <symbol weight="1.00" description="Messages that have only HTML part">MIME_HTML_ONLY</symbol>
+ <!-- Forged yahoo msgid -->
+ <symbol weight="2.00" description="Forged yahoo msgid">FORGED_MSGID_YAHOO</symbol>
+ <!-- Forged The Bat! MUA headers -->
+ <symbol weight="2.00" description="Forged The Bat! MUA headers">FORGED_MUA_THEBAT_BOUN</symbol>
+ <!-- Charset is missing in a message -->
+ <symbol weight="5.00" description="Charset is missing in a message">R_MISSING_CHARSET</symbol>
+ <!-- Two received headers with ip addresses -->
+ <symbol weight="2.00" description="Two received headers with ip addresses">RCVD_DOUBLE_IP_SPAM</symbol>
+ <!-- Forged outlook HTML signature -->
+ <symbol weight="5.00" description="Forged outlook HTML signature">FORGED_OUTLOOK_HTML</symbol>
+ <!-- Recipients are absent or undisclosed -->
+ <symbol weight="5.00" description="Recipients are absent or undisclosed">R_UNDISC_RCPT</symbol>
+ <!-- White color on white background in HTML messages -->
+ <symbol weight="9.00" description="White color on white background in HTML messages">R_WHITE_ON_WHITE</symbol>
+ <!-- Short html part with a link to an image -->
+ <symbol weight="3.00" description="Short html part with a link to an image">HTML_SHORT_LINK_IMG_2</symbol>
+ <!-- Forged outlook MUA -->
+ <symbol weight="3.00" description="Forged outlook MUA">FORGED_MUA_OUTLOOK</symbol>
+ <!-- Forged outlook MUA, but from maillist -->
+ <symbol weight="0.00" description="Forged outlook MUA, but from maillist">FORGED_MUA_OUTLOOK_MAILLIST</symbol>
+
+ <!-- Suspicious boundary in header Content-Type -->
+ <symbol weight="5.00" description="Suspicious boundary in header Content-Type">SUSPICIOUS_BOUNDARY</symbol>
+ <!-- Suspicious boundary in header Content-Type -->
+ <symbol weight="4.00" description="Suspicious boundary in header Content-Type">SUSPICIOUS_BOUNDARY2</symbol>
+ <!-- Suspicious boundary in header Content-Type -->
+ <symbol weight="3.00" description="Suspicious boundary in header Content-Type">SUSPICIOUS_BOUNDARY3</symbol>
+ <!-- Suspicious boundary in header Content-Type -->
+ <symbol weight="4.00" description="Suspicious boundary in header Content-Type">SUSPICIOUS_BOUNDARY4</symbol>
+
+ <!-- Message pretends to be send from The Bat! but has forged Message-ID -->
+ <symbol weight="4.00" description="Message pretends to be send from The Bat! but has forged Message-ID">FORGED_MUA_THEBAT_MSGID</symbol>
+ <!-- Message pretends to be send from The Bat! but has forged Message-ID -->
+ <symbol weight="3.00" description="Message pretends to be send from The Bat! but has forged Message-ID">FORGED_MUA_THEBAT_MSGID_UNKNOWN</symbol>
+
+ <!-- Message pretends to be send from KMail but has forged Message-ID -->
+ <symbol weight="3.00" description="Message pretends to be send from KMail but has forged Message-ID">FORGED_MUA_KMAIL_MSGID</symbol>
+ <!-- Message pretends to be send from KMail but has forged Message-ID -->
+ <symbol weight="2.50" description="Message pretends to be send from KMail but has forged Message-ID">FORGED_MUA_KMAIL_MSGID_UNKNOWN</symbol>
+
+ <!-- Message pretends to be send from Opera Mail but has forged Message-ID -->
+ <symbol weight="4.00" description="Message pretends to be send from Opera Mail but has forged Message-ID">FORGED_MUA_OPERA_MSGID</symbol>
+ <!-- Message pretends to be send from suspicious Opera Mail/10.x (Windows) but has forged Message-ID, apparently from KMail -->
+ <symbol weight="4.00" description="Message pretends to be send from suspicious Opera Mail/10.x (Windows) but has forged Message-ID, apparently from KMail">SUSPICIOUS_OPERA_10W_MSGID</symbol>
+
+ <!-- Message pretends to be send from Mozilla Mail but has forged Message-ID -->
+ <symbol weight="4.00" description="Message pretends to be send from Mozilla Mail but has forged Message-ID">FORGED_MUA_MOZILLA_MAIL_MSGID</symbol>
+ <!-- Message pretends to be send from Mozilla Mail but has forged Message-ID -->
+ <symbol weight="2.50" description="Message pretends to be send from Mozilla Mail but has forged Message-ID">FORGED_MUA_MOZILLA_MAIL_MSGID_UNKNOWN</symbol>
+ <!-- Forged mail pretending to be from Mozilla Thunderbird but has forged Message-ID -->
+ <symbol weight="4.00" description="Forged mail pretending to be from Mozilla Thunderbird but has forged Message-ID">FORGED_MUA_THUNDERBIRD_MSGID</symbol>
+ <!-- Forged mail pretending to be from Mozilla Thunderbird but has forged Message-ID -->
+ <symbol weight="2.50" description="Forged mail pretending to be from Mozilla Thunderbird but has forged Message-ID">FORGED_MUA_THUNDERBIRD_MSGID_UNKNOWN</symbol>
+ <!-- Forged mail pretending to be from Mozilla Seamonkey but has forged Message-ID -->
+ <symbol weight="4.00" description="Forged mail pretending to be from Mozilla Seamonkey but has forged Message-ID">FORGED_MUA_SEAMONKEY_MSGID</symbol>
+ <!-- Forged mail pretending to be from Mozilla Seamonkey but has forged Message-ID -->
+ <symbol weight="2.50" description="Forged mail pretending to be from Mozilla Seamonkey but has forged Message-ID">FORGED_MUA_SEAMONKEY_MSGID_UNKNOWN</symbol>
+
+ <!-- Fake helo for verizon provider -->
+ <symbol weight="2.00" description="Fake helo for verizon provider">FM_FAKE_HELO_VERIZON</symbol>
+ <!--Quoted reply-to from yahoo (seems to be forged) --> 
+ <symbol weight="2.00" description="Quoted reply-to from yahoo (seems to be forged)">REPTO_QUOTE_YAHOO</symbol>
+ <!-- Mime-OLE is needed but absent (e.g. fake Outlook or fake Exchange) -->
+ <symbol weight="5.00" description="Mime-OLE is needed but absent (e.g. fake Outlook or fake Exchange)">MISSING_MIMEOLE</symbol>
+ <!-- To header is missing -->
+ <symbol weight="2.00" description="To header is missing">MISSING_TO</symbol>
+
+ <!-- From that contains encoded characters while base 64 is not needed as all symbols are 7bit -->
+ <symbol weight="1.5" description="From that contains encoded characters while base 64 is not needed as all symbols are 7bit">FROM_EXCESS_BASE64</symbol>
+ <!-- From that contains encoded characters while quoted-printable is not needed as all symbols are 7bit -->
+ <symbol weight="1.2" description="From that contains encoded characters while quoted-printable is not needed as all symbols are 7bit">FROM_EXCESS_QP</symbol>
+ <!-- To that contains encoded characters while base 64 is not needed as all symbols are 7bit -->
+ <symbol weight="1.5" description="To that contains encoded characters while base 64 is not needed as all symbols are 7bit">TO_EXCESS_BASE64</symbol>
+ <!-- To that contains encoded characters while quoted-printable is not needed as all symbols are 7bit -->
+ <symbol weight="1.2" description="To that contains encoded characters while quoted-printable is not needed as all symbols are 7bit">TO_EXCESS_QP</symbol>
+ <!-- Reply-To that contains encoded characters while base 64 is not needed as all symbols are 7bit -->
+ <symbol weight="1.5" description="Reply-To that contains encoded characters while base 64 is not needed as all symbols are 7bit">REPLYTO_EXCESS_BASE64</symbol>
+ <!-- Reply-To that contains encoded characters while quoted-printable is not needed as all symbols are 7bit -->
+ <symbol weight="1.2" description="Reply-To that contains encoded characters while quoted-printable is not needed as all symbols are 7bit">REPLYTO_EXCESS_QP</symbol>
+ <!-- Cc that contains encoded characters while base 64 is not needed as all symbols are 7bit -->
+ <symbol weight="1.5" description="Cc that contains encoded characters while base 64 is not needed as all symbols are 7bit">CC_EXCESS_BASE64</symbol>
+ <!-- Cc that contains encoded characters while quoted-printable is not needed as all symbols are 7bit -->
+ <symbol weight="1.2" description="Cc that contains encoded characters while quoted-printable is not needed as all symbols are 7bit">CC_EXCESS_QP</symbol>
+
+ <!-- Mixed characters in a message -->
+ <symbol weight="5.00" description="Mixed characters in a message">R_MIXED_CHARSET</symbol>
+ <!-- Recipients list seems to be sorted -->
+ <symbol weight="3.50" description="Recipients list seems to be sorted">SORTED_RECIPS</symbol>
+ <!-- Spambots signatures in received headers -->
+ <symbol weight="3.00" description="Spambots signatures in received headers">R_RCVD_SPAMBOTS</symbol>
+ <!-- To header seems to be autogenerated -->
+ <symbol weight="2.00" description="To header seems to be autogenerated">R_TO_SEEMS_AUTO</symbol>
+ <!-- Subject needs encoding -->
+ <symbol weight="1.00" description="Subject needs encoding">SUBJECT_NEEDS_ENCODING</symbol>
+ <!-- Spam string at the end of message to make statistics faults 0-->
+ <symbol weight="3.84" description="Spam string at the end of message to make statistics faults 0">TRACKER_ID</symbol>
+ <!-- No space in from header -->
+ <symbol weight="1.00" description="No space in from header">R_NO_SPACE_IN_FROM</symbol>
+ <!-- Subject seems to be spam --> 
+ <symbol weight="8.00" description="Subject seems to be spam">R_SAJDING</symbol>
+ <!-- Detects bad content-transfer-encoding for text parts -->
+ <symbol weight="3.00" description="Detects bad content-transfer-encoding for text parts">R_BAD_CTE_7BIT</symbol>
+ <!-- Flash redirect on imageshack.us -->
+ <symbol weight="10.00" description="Flash redirect on imageshack.us">R_FLASH_REDIR_IMGSHACK</symbol>
+ <!-- Message id is incorrect -->
+ <symbol weight="5.00" description="Message id is incorrect">INVALID_MSGID</symbol>
+ <!-- Message id is missing -->
+ <symbol weight="3.00" description="Message id is missing ">MISSING_MID</symbol>
+ <!-- Recipients are not the same as RCPT TO: mail command -->
+ <symbol weight="3.00" description="Recipients are not the same as RCPT TO: mail command">FORGED_RECIPIENTS</symbol>
+ <!-- Recipients are not the same as RCPT TO: mail command, but from maillist -->
+ <symbol weight="0.00" description="Recipients are not the same as RCPT TO: mail command, but from maillist">FORGED_RECIPIENTS_MAILLIST</symbol>
+ <!-- Forged Exchange messages -->
+ <symbol weight="2.00" description="Forged Exchange messages ">RATWARE_MS_HASH</symbol>
+ <!-- Reply-type in content-type -->
+ <symbol weight="1.00" description="Reply-type in content-type">STOX_REPLY_TYPE</symbol>
+ <!-- IP in received headers is in PBL -->
+ <symbol weight="3.00" description="IP in received headers is in PBL">R_IP_PBL</symbol>
+ <!-- One received header in a message -->
+ <symbol weight="1.00" description="One received header in a message ">ONCE_RECEIVED</symbol>
+ <!-- One received header with 'bad' patterns inside -->
+ <symbol weight="4.00" description="One received header with 'bad' patterns inside">ONCE_RECEIVED_STRICT</symbol>
+ <!-- Received headers contains addresses from RBL -->
+ <symbol weight="1.00" description="Received headers contains addresses from RBL">RECEIVED_RBL</symbol>
+ <!-- Text and HTML parts differ -->
+ <symbol weight="3.00" description="Text and HTML parts differ">R_PARTS_DIFFER</symbol>
+ <!-- Only Content-Type header without other MIME headers -->
+ <symbol weight="2.00" description="Only Content-Type header without other MIME headers">MIME_HEADER_CTYPE_ONLY</symbol>
+ <!-- Message contains empty parts and image -->
+ <symbol weight="2.00" description="Message contains empty parts and image ">R_EMPTY_IMAGE</symbol>
+
+ <!-- Drugs patterns inside message -->
+ <symbol weight="2.00" description="Drugs patterns inside message">DRUGS_MANYKINDS</symbol>
+ <!-- Specific drugs signatures -->
+ <symbol weight="2.00" description="">DRUGS_ANXIETY</symbol>
+ <symbol weight="2.00" description="">DRUGS_MUSCLE</symbol>
+ <symbol weight="2.00" description="">DRUGS_ANXIETY_EREC</symbol>
+ <symbol weight="2.00" description="">DRUGS_DIET</symbol>
+ <symbol weight="2.00" description="">DRUGS_ERECTILE</symbol>
+
+ <!-- 2 or 3 'advance fee' patterns in a message -->
+ <symbol weight="3.30" description="2 'advance fee' patterns in a message">ADVANCE_FEE_2</symbol>
+ <symbol weight="2.12" description="3 'advance fee' patterns in a message">ADVANCE_FEE_3</symbol>
+
+ <!-- Lotto signatures -->
+ <symbol weight="8.00" description="Lotto signatures">R_LOTTO</symbol>
+
+ <!-- Statistics -->
+ <symbol weight="3.00" description="Message probably spam, probability: ">BAYES_SPAM</symbol>
+ <symbol weight="-3.00" description="Message probably ham, probability: ">BAYES_HAM</symbol>
+
+ <!-- Fuzzy lists example -->
+ <symbol weight="1.00" description="">R_FUZZY</symbol>
+ <symbol weight="1.00" description="">R_FUZZY1</symbol>
+ <symbol weight="1.00" description="">R_FUZZY2</symbol>
+ <symbol weight="1.00" description="">R_FUZZY3</symbol>
+
+ <!-- DKIM rules -->
+ <symbol weight="1.0" description="DKIM policy reject">R_DKIM_REJECT</symbol>
+ <symbol weight="0.0" description="DKIM policy temporary fail">R_DKIM_TEMPFAIL</symbol>
+ <symbol weight="-0.5" description="DKIM policy allow">R_DKIM_ALLOW</symbol>
+
+ <!-- SPF rules -->
+ <symbol weight="3.00" description="SPF verification failed">R_SPF_FAIL</symbol>
+ <symbol weight="1.00" description="SPF verification soft-failed">R_SPF_SOFTFAIL</symbol>
+ <symbol weight="-3.00" description="SPF verification alowed">R_SPF_ALLOW</symbol>
+
+ <!-- Message seems to be from maillist -->
+ <symbol weight="-2.00" description="Message seems to be from maillist">MAILLIST</symbol>
+
+ <!-- multi.surbl.org lists (more details at http://www.surbl.org) -->
+ <!-- Phishing and malware sites -->
+ <symbol weight="10.50" description="Phishing and malware sites">PH_SURBL_MULTI</symbol>
+ <!-- Outblaze URI Blacklist -->
+ <symbol weight="10.50" description="Outblaze URI Blacklist">OB_SURBL_MULTI</symbol>
+ <!-- AbuseButler web sites -->
+ <symbol weight="10.50" description="AbuseButler web sites">AB_SURBL_MULTI</symbol>
+ <!-- SpamCop web sites -->
+ <symbol weight="10.50" description="SpamCop web sites">SC_SURBL_MULTI</symbol>
+ <!-- jwSpamSpy + Prolocation sites -->
+ <symbol weight="10.50" description="jwSpamSpy + Prolocation sites">JP_SURBL_MULTI</symbol>
+ <!-- sa-blacklist web sites -->
+ <symbol weight="10.50" description="sa-blacklist web sites ">WS_SURBL_MULTI</symbol>
+
+ <!-- rambler.ru uribl -->
+ <symbol weight="12.50" description="rambler.ru uribl">RAMBLER_URIBL</symbol>
+ 
+ <!-- DBL uribl -->
+ <symbol weight="11.50" description="dbl.spamhaus.org uribl">DBL</symbol>
+
+ <!-- rambler.ru emailbl -->
+ <symbol weight="9.50" description="rambler.ru emailbl">RAMBLER_EMAILBL</symbol>
+
+ <!-- Phished mail -->
+ <symbol weight="5.0" description="Phished mail">PHISHING</symbol>
+
+ <!-- Tabs as delimiters between header names and header values -->
+ <symbol weight="1.0" description="Header From begins with tab">HEADER_FROM_DELIMITER_TAB</symbol>
+ <symbol weight="1.0" description="Header To begins with tab">HEADER_TO_DELIMITER_TAB</symbol>
+ <symbol weight="1.0" description="Header Cc begins with tab">HEADER_CC_DELIMITER_TAB</symbol>
+ <symbol weight="1.0" description="Header Reply-To begins with tab">HEADER_REPLYTO_DELIMITER_TAB</symbol>
+ <symbol weight="1.0" description="Header Date begins with tab">HEADER_DATE_DELIMITER_TAB</symbol>
+
+ <!-- Empty delimiters between header names and header values -->
+ <symbol weight="1.0" description="Header From has no delimiter between header name and header value">HEADER_FROM_EMPTY_DELIMITER</symbol>
+ <symbol weight="1.0" description="Header To has no delimiter between header name and header value">HEADER_TO_EMPTY_DELIMITER</symbol>
+ <symbol weight="1.0" description="Header Cc has no delimiter between header name and header value">HEADER_CC_EMPTY_DELIMITER</symbol>
+ <symbol weight="1.0" description="Header Reply-To has no delimiter between header name and header value">HEADER_REPLYTO_EMPTY_DELIMITER</symbol>
+ <symbol weight="1.0" description="Header Date has no delimiter between header name and header value">HEADER_DATE_EMPTY_DELIMITER</symbol>
+
+ <!-- Received headers -->
+ <symbol weight="4.0" description="Header Received has raw illegal character">RCVD_ILLEGAL_CHARS</symbol>
+ <symbol weight="4.0" description="Fake helo mail.ru in header Received from non mail.ru sender address">FAKE_RECEIVED_mail_ru</symbol>
+ <symbol weight="4.0" description="Fake smtp.yandex.ru Received">FAKE_RECEIVED_smtp_yandex_ru</symbol>
+ <symbol weight="3.6" description="Forged generic Received">FORGED_GENERIC_RECEIVED</symbol>
+ <symbol weight="3.6" description="Forged generic Received">FORGED_GENERIC_RECEIVED2</symbol>
+ <symbol weight="3.6" description="Forged generic Received">FORGED_GENERIC_RECEIVED3</symbol>
+ <symbol weight="3.6" description="Forged generic Received">FORGED_GENERIC_RECEIVED4</symbol>
+ <symbol weight="4.6" description="Forged generic Received">FORGED_GENERIC_RECEIVED5</symbol>
+ <symbol weight="3.0" description="Invalid Postfix Received">INVALID_POSTFIX_RECEIVED</symbol>
+ <symbol weight="5.0" description="Invalid Exim Received">INVALID_EXIM_RECEIVED</symbol>
+ <symbol weight="3.0" description="Invalid Exim Received">INVALID_EXIM_RECEIVED2</symbol>
+
+ <!-- Date checks -->
+ <symbol weight="1.5" description="Message date is in future">DATE_IN_FUTURE</symbol>
+ <symbol weight="1.0" description="Message date is in past">DATE_IN_PAST</symbol>
+</metric>
+<!-- End of metrics section -->
+
+<!-- Composites section -->
+<composite name="FORGED_RECIPIENTS_MAILLIST">FORGED_RECIPIENTS &amp; -MAILLIST</composite>
+<composite name="FORGED_MUA_OUTLOOK_MAILLIST">FORGED_MUA_OUTLOOK &amp; -MAILLIST</composite>
+<!-- End of composites section -->
+
+<!-- Workers section -->
+<worker>
+  <type>fuzzy</type>
+  <bind_socket>localhost:11335</bind_socket>
+  <count>1</count>
+  <maxfiles>2048</maxfiles>
+<!-- Other params -->
+    <hashfile>/var/lib/rspamd/fuzzy.db</hashfile>
+    <use_judy>yes</use_judy>
+</worker>
+<worker>
+  <type>controller</type>
+  <bind_socket>localhost:11334</bind_socket>
+  <count>1</count>
+  <maxfiles>2048</maxfiles>
+<!-- Other params -->
+    <password>q1</password>
+</worker>
+<worker>
+  <type>normal</type>
+  <bind_socket>*:11333</bind_socket>
+  <maxfiles>2048</maxfiles>
+<!-- Other params -->
+</worker>
+<!-- Webui worker -->
+<worker>
+  <type>webui</type>
+  <count>1</count>
+  <bind_socket>localhost:11336</bind_socket>
+  <!-- UI password, should be changed to something more secure -->
+  <password>q1</password>
+</worker>
+
+<!-- End of workers section -->
+
+<!-- Modules section -->
+<!-- fuzzy_check -->
+<module name="fuzzy_check">
+  <servers>localhost:11335</servers>
+  <symbol>R_FUZZY</symbol>
+  <min_bytes>300</min_bytes>
+  <max_score>10</max_score>
+  <mime_types>application/pdf</mime_types>
+  <fuzzy_map>1:R_FUZZY1:10,2:R_FUZZY2:5,3:R_FUZZY3:-2.1</fuzzy_map>
+</module>
+
+
+<!-- forged_recipients -->
+<module name="forged_recipients">
+  <symbol_sender>FORGED_SENDER</symbol_sender>
+  <symbol_rcpt>FORGED_RECIPIENTS</symbol_rcpt>
+</module>
+
+<!-- maillist -->
+<module name="maillist">
+  <symbol>MAILLIST</symbol>
+</module>
+
+<!-- surbl -->
+<module name="surbl">
+  <whitelist>file:///etc/rspamd/surbl-whitelist.inc</whitelist>
+  <exceptions>file:///etc/rspamd/2tld.inc</exceptions>
+  <bit_64>JP</bit_64>
+  <bit_32>AB</bit_32>
+  <bit_16>OB</bit_16>
+  <bit_8>PH</bit_8>
+  <bit_4>WS</bit_4>
+  <bit_2>SC</bit_2>
+  <suffix_RAMBLER_URIBL>uribl.rambler.ru</suffix_RAMBLER_URIBL>
+  <option name="suffix_%b_SURBL_MULTI">multi.surbl.org</option>
+  <suffix_DBL>dbl.spamhaus.org</suffix_DBL>
+  <!-- Do not send ip urls to this URIBL -->
+  <options_DBL>noip</options_DBL>
+<!-- Redirector sample setup -->
+<!--
+  <redirector_read_timeout>10s</redirector_read_timeout>
+  <redirector_connect_timeout>1s</redirector_connect_timeout>
+  <redirector>localhost:8080</redirector>
+ -->
+</module>
+
+<!-- received_rbl -->
+<module name="received_rbl">
+  <symbol>RECEIVED_RBL</symbol>
+  <rbl>pbl.spamhaus.org</rbl>
+  <rbl>xbl.spamhaus.org</rbl>
+  <rbl>insecure-bl.rambler.ru</rbl>
+</module>
+
+<!-- whitelist -->
+<!-- Example of using HTTP maps for whitelisting
+<module name="whitelist">
+  <ip_whitelist>http://highsecure.ru/grey_whitelist.conf</ip_whitelist>
+  <symbol_ip>WHITELIST_IP</symbol_ip>
+</module>
+-->
+
+<!-- chartable -->
+<module name="chartable">
+  <!-- Division of symbols from different charsets to a total number of symbols -->
+  <threshold>0.3</threshold>
+  <symbol>R_MIXED_CHARSET</symbol>
+</module>
+
+<!-- once_received -->
+<module name="once_received">
+  <good_host>mail</good_host>
+  <bad_host>static</bad_host>
+  <bad_host>dynamic</bad_host>
+  <symbol_strict>ONCE_RECEIVED_STRICT</symbol_strict>
+  <symbol>ONCE_RECEIVED</symbol>
+</module>
+
+<!-- multimap -->
+<module name="multimap">
+<!--
+	<rule>type = header, header = To, pattern = @(.+)>?$, map = file:///etc/rspamd/rcpt_test, symbol = R_RCPT_WHITELIST, description = RCPT whitelist</rule>
+	<rule>type = ip, map = file:///etc/rspamd/ip_test, symbol = R_IP_WHITELIST, description = IP whitelist</rule>
+-->
+	<rule>type = dnsbl, map = pbl.spamhaus.org, symbol = R_IP_PBL, description = PBL dns block list</rule>
+</module>
+
+<!-- phishing -->
+<module name="phishing">
+   <symbol>PHISHING</symbol>
+   <!-- Check phishing only for specified domains
+	<domains>file://path/to/domains</domains> 
+	-->
+   <!-- If phishing detected for that domains insert another symbol specified after semicolon symbol
+	<strict_domains>file://path/to/domains:STRICT_PHISHING</strict_domains> 
+	-->
+</module>
+
+<!-- Trie module -->
+<!-- 
+<module name="trie">
+  <rule>TRIE1:bad pattern</rule>
+  <rule>TRIE2:file:///var/lib/rspamd/bad_patterns.list</rule>
+</module>
+-->
+
+<!-- Emails blacklist -->
+<module name="emails">
+  <rule>symbol = RAMBLER_EMAILBL, dnsbl = email-bl.rambler.ru, domain_only = false</rule>
+</module>
+
+<!-- SPF module setup -->
+<module name="spf">
+ <!-- Cache setup for spf records to accelerate spf checks -->
+ <spf_cache_size>2048</spf_cache_size>
+ <spf_cache_expire>1d</spf_cache_expire>
+</module>
+
+<!-- DKIM module setup -->
+<module name="dkim">
+ <!-- Cache setup for dkim records to accelerate dkim checks -->
+ <dkim_cache_size>2048</dkim_cache_size>
+ <dkim_cache_expire>1d</dkim_cache_expire>
+ <!-- Domains list can be added, each domain file entry can be in format:
+	  <domain_name> [<score_reject>:<score_allow>]
+	  where scores are multiplier for this domain, if scores are skipped
+	  normal multiplier is used -->
+ <!-- <domains>file:///some/path</domains> -->
+
+ <!-- Whitelist is ip/mask list of whitelisted ips to skip dkim check -->
+ <!-- <whitelist>file:///some/path</whitelist> -->
+
+ <!-- Time jitter is value in seconds to ignore comparing timestamp of signatures -->
+ <time_jitter>1m</time_jitter>
+
+ <!-- Check only trusted domains from 'domains' list -->
+ <trusted_only>no</trusted_only>
+
+ <!-- Skip mails with several DKIM signatures -->
+ <skip_multi>no</skip_multi>
+</module>
+
+<!-- Rstelimit module setup -->
+<!-- Disabled by default till servers option is properly set -->
+<module name="ratelimit">
+  <!-- List of servers to store limits in format: host1[:port][,host2[:port]]
+  	 port 6379 is used by default, if no servers defined, this module is not enabled -->
+  <!-- <servers>localhost</servers> -->
+
+  <!-- limits description, type:burst:leak_rate -->
+  <!-- per rcpt limit, 100 messages burst, 2 messages per minute leak rate -->
+  <limit>to:100:0.033333333</limit>
+  <!-- per rcpt/ip limit, 30 messages burst, 1.5 messages per minute leak rate -->
+  <limit>to_ip:30:0.025</limit>
+  <!-- per rcpt/ip/from limit, 20 messages burst, 1 messages per minute leak rate -->
+  <limit>to_ip_from:20:0.01666666667</limit>
+
+  <!-- per rcpt bounce limit, 10 messages burst, 2 messages per hour leak rate -->
+  <limit>bounce_to:10:0.000555556</limit>
+  <!-- per rcpt/ip bounce limit, 5 messages burst, 1 messages per hour leak rate -->
+  <limit>bounce_to_ip:5:0.000277778</limit>
+
+  <!-- Whitelist map -->
+  <!-- <whitelisted_ip>file:///some/path</whitelisted_ip> -->
+
+  <!-- List of whitelisted recipients -->
+  <whitelisted_rcpts>postmaster,mailer-daemon</whitelisted_rcpts>
+
+  <!-- Limit if recipients to check -->
+  <max_rcpt>5</max_rcpt>
+</module>
+
+<!-- Regexp module configuration -->
+<module name="regexp">
+  <!-- Maximum size of text for regexp checks -->
+  <max_size>1M</max_size>
+</module>
+
+<!-- End of modules section -->
+<!-- Classifiers section -->
+<!--
+<classifier type="winnow">
+ <tokenizer>osb-text</tokenizer>
+ <metric>default</metric>
+ <min_tokens>20</min_tokens>
+ <statfile>
+  <symbol>WINNOW_HAM</symbol>
+  <size>100M</size>
+  <path>/var/lib/rspamd/data.ham</path>
+ </statfile>
+ <statfile>
+  <symbol>WINNOW_SPAM</symbol>
+  <size>100M</size>
+  <path>/var/lib/rspamd/data.spam</path>
+ </statfile>
+</classifier>
+-->
+<!-- Example of slave
+<classifier type="bayes">
+ <tokenizer>osb-text</tokenizer>
+ <metric>default</metric>
+ <min_tokens>10</min_tokens>
+ <learn_threshold>0.2</learn_threshold>
+ <statfile>
+  <symbol>BAYES_HAM</symbol>
+  <size>10M</size>
+  <path>/var/lib/rspamd/bayes_slave.ham</path>
+  <binlog_master>localhost:11334</binlog_master>
+  <binlog>slave</binlog>
+ </statfile>
+ <statfile>
+  <symbol>BAYES_SPAM</symbol>
+  <size>10M</size>
+  <path>/var/lib/rspamd/bayes_slave.spam</path>
+  <binlog>slave</binlog>
+  <binlog_master>localhost:11334</binlog_master>
+ </statfile>
+</classifier>
+-->
+
+<!-- Example of language specific statfiles -->
+
+<!--
+<classifier type="bayes">
+ <tokenizer>osb-text</tokenizer>
+ <metric>default</metric>
+ <min_tokens>10</min_tokens>
+ <max_tokens>1000</max_tokens>
+ <statfile>
+  <symbol>BAYES_HAM_RU</symbol>
+  <size>50M</size>
+  <path>/var/lib/rspamd/bayes_ru.ham</path>
+  <param name="language">ru</param>
+ </statfile>
+ <statfile>
+  <symbol>BAYES_SPAM_RU</symbol>
+  <size>50M</size>
+  <path>/var/lib/rspamd/bayes_ru.spam</path>
+  <param name="language">ru</param>
+ </statfile>
+ <statfile>
+  <symbol>BAYES_HAM</symbol>
+  <size>50M</size>
+  <path>/var/lib/rspamd/bayes.ham</path>
+ </statfile>
+ <statfile>
+  <symbol>BAYES_SPAM</symbol>
+  <size>50M</size>
+  <path>/var/lib/rspamd/bayes.spam</path>
+ </statfile>
+</classifier>
+-->
+
+<!-- Ordinary statistic for a small mail system -->
+<classifier type="bayes">
+ <tokenizer>osb-text</tokenizer>
+ <metric>default</metric>
+ <min_tokens>10</min_tokens>
+ <max_tokens>1000</max_tokens>
+ <statfile>
+  <symbol>BAYES_HAM</symbol>
+  <size>20M</size>
+  <path>/var/lib/rspamd/bayes.ham</path>
+ </statfile>
+ <statfile>
+  <symbol>BAYES_SPAM</symbol>
+  <size>20M</size>
+  <path>/var/lib/rspamd/bayes.spam</path>
+ </statfile>
+</classifier>
+
+<!-- Advanced meta-classification statistic -->
+<!--
+<classifier type="bayes">
+ <tokenizer>osb-text</tokenizer>
+ <metric>default</metric>
+ <min_tokens>6</min_tokens>
+ <max_tokens>5000</max_tokens>
+ <statfile>
+  <symbol>BAYES_HAM</symbol>
+  <size>50M</size>
+  <path>/var/lib/rspamd/bayes.ham</path>
+  <spam>no</spam>
+ </statfile>
+ <statfile>
+  <symbol>BAYES_SPAM</symbol>
+  <size>50M</size>
+  <path>/var/lib/rspamd/bayes.spam</path>
+  <spam>yes</spam>
+ </statfile>
+ <statfile>
+  <symbol>BAYES_HAM_RU</symbol>
+  <size>50M</size>
+  <path>/var/lib/rspamd/bayes_ru.ham</path>
+  <language>ru</language>
+  <spam>no</spam>
+ </statfile>
+ <statfile>
+  <symbol>BAYES_SPAM_RU</symbol>
+  <size>50M</size>
+  <path>/var/lib/rspamd/bayes_ru.spam</path>
+  <language>ru</language>
+  <spam>yes</spam>
+ </statfile>
+
+ <statfile>
+  <symbol>BAYES_SPAM</symbol>
+  <size>10M</size>
+  <path>/var/lib/rspamd/bayes_manyrcpt.spam</path>
+  <spam>yes</spam>
+  <label>many recipients</label>
+ </statfile>
+ <statfile>
+  <symbol>BAYES_HAM</symbol>
+  <size>10M</size>
+  <path>/var/lib/rspamd/bayes_manyrcpt.ham</path>
+  <spam>no</spam>
+  <label>many recipients</label>
+ </statfile>
+
+ <statfile>
+  <symbol>BAYES_SPAM</symbol>
+  <size>10M</size>
+  <path>/var/lib/rspamd/bayes_undisclosedrcpt.spam</path>
+  <spam>yes</spam>
+  <label>undisclosed recipients</label>
+ </statfile>
+ <statfile>
+  <symbol>BAYES_HAM</symbol>
+  <size>10M</size>
+  <path>/var/lib/rspamd/bayes_undisclosedrcpt.ham</path>
+  <spam>no</spam>
+  <label>undisclosed recipients</label>
+ </statfile>
+
+ <statfile>
+  <symbol>BAYES_SPAM</symbol>
+  <size>10M</size>
+  <path>/var/lib/rspamd/bayes_maillist.spam</path>
+  <spam>yes</spam>
+  <label>maillist</label>
+ </statfile>
+ <statfile>
+  <symbol>BAYES_HAM</symbol>
+  <size>10M</size>
+  <path>/var/lib/rspamd/bayes_maillist.ham</path>
+  <spam>no</spam>
+  <label>maillist</label>
+ </statfile>
+
+ <statfile>
+  <symbol>BAYES_SPAM</symbol>
+  <size>10M</size>
+  <path>/var/lib/rspamd/bayes_longsubject.spam</path>
+  <spam>yes</spam>
+  <label>long subject</label>
+ </statfile>
+ <statfile>
+  <symbol>BAYES_HAM</symbol>
+  <size>10M</size>
+  <path>/var/lib/rspamd/bayes_longsubject.ham</path>
+  <spam>no</spam>
+  <label>long subject</label>
+ </statfile>
+
+ <statfile>
+  <symbol>BAYES_SPAM</symbol>
+  <size>10M</size>
+  <path>/var/lib/rspamd/bayes_replyto.spam</path>
+  <spam>yes</spam>
+  <label>different reply to</label>
+ </statfile>
+ <statfile>
+  <symbol>BAYES_HAM</symbol>
+  <size>10M</size>
+  <path>/var/lib/rspamd/bayes_replyto.ham</path>
+  <spam>no</spam>
+  <label>different reply to</label>
+ </statfile>
+
+ <statfile>
+  <symbol>BAYES_SPAM</symbol>
+  <size>10M</size>
+  <path>/var/lib/rspamd/bayes_replymessage.spam</path>
+  <spam>yes</spam>
+  <label>reply message</label>
+ </statfile>
+ <statfile>
+  <symbol>BAYES_HAM</symbol>
+  <size>10M</size>
+  <path>/var/lib/rspamd/bayes_replymessage.ham</path>
+  <spam>no</spam>
+  <label>reply message</label>
+ </statfile>
+</classifier>
+-->
+
+<!-- End of classifiers section -->
+
+<!-- Modules section -->
+<modules>
+	<path>/etc/rspamd/plugins/lua/</path>
+</modules>
+<!-- End of modules section -->
+
+</rspamd>
diff --git a/debian/rules b/debian/rules
index 36b16de7d..54b8a8407 100755
--- a/debian/rules
+++ b/debian/rules
@@ -6,7 +6,6 @@ include /usr/share/dpkg/buildflags.mk
 include /usr/share/cdbs/1/rules/debhelper.mk
 include /usr/share/cdbs/1/class/cmake.mk
 
-DEB_CMAKE_NORMAL_ARGS+= -DETC_PREFIX=/etc -DMAN_PREFIX=/usr/share/man -DLOCALSTATES_PREFIX=/var/run -DLIBDIR=/usr/lib -DINCLUDEDIR=/usr/include -DNO_SHARED=ON -DDEBIAN_BUILD=1 -DRSPAMD_GROUP=nobody
+DEB_CMAKE_NORMAL_ARGS+= -DETC_PREFIX=/etc -DMAN_PREFIX=/usr/share/man -DLOCALSTATES_PREFIX=/var/lib -DLIBDIR=/usr/lib -DINCLUDEDIR=/usr/include -DNO_SHARED=ON -DDEBIAN_BUILD=1 -DRSPAMD_GROUP=rspamd -DRSPAMD_USER=rspamd
 clean::
-	rm -f src/modules.c
-
+	rm -f src/modules.c
\ No newline at end of file
diff --git a/src/plugins/lua/multimap.lua b/src/plugins/lua/multimap.lua
index fe213b8e6..0366d4843 100644
--- a/src/plugins/lua/multimap.lua
+++ b/src/plugins/lua/multimap.lua
@@ -241,7 +241,8 @@ local function add_multimap_rule(params)
 		header = nil,
 		pattern = nil,
 		map = nil,
-		symbol = nil
+		symbol = nil,
+		description = 'undefined multimap map'
 	}
 	for _,param in ipairs(params) do
 		local _,_,name,value = string.find(param, '(%w+)%s*=%s*(.+)')
@@ -272,6 +273,8 @@ local function add_multimap_rule(params)
 			newrule['map'] = value
 		elseif name == 'symbol' then
 			newrule['symbol'] = value
+		elseif name == 'description' then
+			newrule['description'] = value
 		else
 			rspamd_logger.err('invalid rule option: '.. name)
 			return nil
@@ -295,7 +298,7 @@ local function add_multimap_rule(params)
 		end
 	else
 		if newrule['type'] == 'ip' then
-			newrule['ips'] = rspamd_config:add_radix_map (newrule['map'])
+			newrule['ips'] = rspamd_config:add_radix_map (newrule['map'], newrule['description'])
 			if newrule['ips'] then
 				table.insert(rules, newrule)
 				return newrule
@@ -303,7 +306,7 @@ local function add_multimap_rule(params)
 				rspamd_logger.warn('Cannot add rule: map doesn\'t exists: ' .. newrule['map'])
 			end
 		elseif newrule['type'] == 'header' or newrule['type'] == 'rcpt' or newrule['type'] == 'from' then
-			newrule['hash'] = rspamd_config:add_hash_map (newrule['map'])
+			newrule['hash'] = rspamd_config:add_hash_map (newrule['map'], newrule['description'])
 			if newrule['hash'] then
 				table.insert(rules, newrule)
 				return newrule
diff --git a/src/plugins/lua/phishing.lua b/src/plugins/lua/phishing.lua
index e3def6fd9..4d72ff806 100644
--- a/src/plugins/lua/phishing.lua
+++ b/src/plugins/lua/phishing.lua
@@ -76,7 +76,7 @@ if opts then
 				if type(rspamd_config.get_api_version) ~= 'nil' then
 					rspamd_config:register_virtual_symbol(sym, 1)
 				end
-				local rmap = rspamd_config:add_hash_map (map)
+				local rmap = rspamd_config:add_hash_map (map, 'Phishing strict domains map')
 				if rmap then
 					local rule = {symbol = sym, map = rmap}
 					table.insert(strict_domains, rule)
diff --git a/src/plugins/lua/ratelimit.lua b/src/plugins/lua/ratelimit.lua
index 39bac5534..787f9fc94 100644
--- a/src/plugins/lua/ratelimit.lua
+++ b/src/plugins/lua/ratelimit.lua
@@ -305,7 +305,7 @@ if opts then
 	end
 	
 	if opts['whitelisted_ip'] then
-		whitelisted_ip = rspamd_config:add_hash_map (opts['whitelisted_ip'])
+		whitelisted_ip = rspamd_config:add_hash_map (opts['whitelisted_ip'], 'Ratelimit whitelist ip map')
 	end
 	
 	if opts['max_rcpt'] then
@@ -323,4 +323,5 @@ if opts then
 			rspamd_config:register_post_filter(rate_set)
 		end
 	end
-end
\ No newline at end of file
+end
+