summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVsevolod Stakhov <vsevolod@highsecure.ru>2016-03-19 11:22:36 +0000
committerVsevolod Stakhov <vsevolod@highsecure.ru>2016-03-19 11:22:36 +0000
commitb252d06f3ad200480255adb0beb3bf215cf030e4 (patch)
tree5b621ad594c6929b1a9b0ae251ae56abea163364
parent99b18d6183aa16afa94154fc4c953fe8c1853eca (diff)
downloadrspamd-b252d06f3ad200480255adb0beb3bf215cf030e4.tar.gz
rspamd-b252d06f3ad200480255adb0beb3bf215cf030e4.zip
[Doc] Use UCL highlighter instead of nginx
-rw-r--r--doc/markdown/architecture/index.md34
-rw-r--r--doc/markdown/configuration/composites.md10
-rw-r--r--doc/markdown/configuration/index.md4
-rw-r--r--doc/markdown/configuration/metrics.md10
-rw-r--r--doc/markdown/configuration/options.md4
-rw-r--r--doc/markdown/configuration/settings.md6
-rw-r--r--doc/markdown/configuration/ucl.md34
-rw-r--r--doc/markdown/lua/index.md2
-rw-r--r--doc/markdown/migration.md10
-rw-r--r--doc/markdown/modules/chartable.md4
-rw-r--r--doc/markdown/modules/dmarc.md4
-rw-r--r--doc/markdown/modules/fuzzy_check.md8
-rw-r--r--doc/markdown/modules/index.md6
-rw-r--r--doc/markdown/modules/multimap.md49
-rw-r--r--doc/markdown/modules/once_received.md2
-rw-r--r--doc/markdown/modules/phishing.md2
-rw-r--r--doc/markdown/modules/rbl.md4
-rw-r--r--doc/markdown/modules/spamassassin.md2
-rw-r--r--doc/markdown/modules/spf.md4
-rw-r--r--doc/markdown/modules/surbl.md10
-rw-r--r--doc/markdown/modules/trie.md4
-rw-r--r--doc/markdown/modules/whitelist.md4
-rw-r--r--doc/markdown/tutorials/migrate_sa.md4
-rw-r--r--doc/markdown/tutorials/writing_rules.md14
-rw-r--r--doc/markdown/workers/controller.md2
-rw-r--r--doc/markdown/workers/fuzzy_storage.md4
-rw-r--r--doc/markdown/workers/index.md12
-rw-r--r--doc/markdown/workers/normal.md2
28 files changed, 131 insertions, 124 deletions
diff --git a/doc/markdown/architecture/index.md b/doc/markdown/architecture/index.md
index 324c5260a..45e52fa8e 100644
--- a/doc/markdown/architecture/index.md
+++ b/doc/markdown/architecture/index.md
@@ -2,7 +2,7 @@
## Introduction
-Rspamd is a universal spam filtering system based on event-driven processing
+Rspamd is a universal spam filtering system based on event-driven processing
model. It means that rspamd is intended not to block anywhere in the code. To
process messages rspamd uses a set of so called `rules`. Each `rule` is a symbolic
name associated with some message property. For example, we can define the following
@@ -24,7 +24,7 @@ written in Lua. There is no real difference between these two types with the exc
that C modules are embeded all the time and can be enabled in `filters` attribute
in the `options` section of the config:
-~~~nginx
+~~~ucl
options {
filters = "regexp,surbl,spf,dkim,fuzzy_check,chartable,email";
...
@@ -83,7 +83,7 @@ Rspamd defines the following actions:
These actions are just recommendations for MTA and are not to be strictly followed.
For all actions that are greater or equal than `greylist` it is recommended to
perform explicit greylisting. `Add header` and `rewrite subject` actions are very
-close in semantics and are both considered as `probable spam`. `Reject` is a
+close in semantics and are both considered as `probable spam`. `Reject` is a
strong rule that usually means that a message should be really rejected by MTA.
The triggering score for these actions should be specified according to their logic
priorities. If two actions have the same weight, the result is unspecified.
@@ -106,7 +106,7 @@ Rspamd uses statistic algorithms to precise the final score of a message. Curren
the only algorithm defined is OSB-Bayes. You may find the concrete details of this
algorithm in the following [paper](http://osbf-lua.luaforge.net/papers/osbf-eddc.pdf).
Rspamd uses window size of 5 words in its classification. During classification procedure,
-rspamd split a message to a set of tokens.
+rspamd split a message to a set of tokens.
Tokens are separated by punctiation or space characters. Short tokens (less than 3 symbols) are ignored. For each token rspamd
calculates two non-cryptographic hashes used subsequently as indices. All these tokens
@@ -115,7 +115,7 @@ is a set of token chains, indexed by the first hash. A new token may be inserted
chain, and if this chain is full then rspamd tries to expire less significant tokens to
insert a new one. It is possible to obtain the current state of tokens by running
- rspamc stat
+ rspamc stat
command that asks controller for free and used tokens in each statfile.
Please note that if a statfile is close to be completely filled then during subsequent
@@ -123,23 +123,23 @@ learning you will loose existing data. Therefore, it is recommended to increase
such statfiles.
## Running rspamd
-
-There are several command-line options that can be passed to rspamd. All of them can be displayed by passing `--help` argument:
-All options are optional: by default rspamd would try to read `etc/rspamd.conf` config file and run as daemon. Also there is test mode that can be turned on by passing `-t` argument. In test mode, rspamd reads config file and checks its syntax. If a configuration file is OK, then exit code is zero. Test mode is useful for testing new config file withou rspamd restart. `--convert-config` option can be used to convert old style (pre 0.6.0) config to [ucl](../configuration/ucl.md) one:
+There are several command-line options that can be passed to rspamd. All of them can be displayed by passing `--help` argument:
+
+All options are optional: by default rspamd would try to read `etc/rspamd.conf` config file and run as daemon. Also there is test mode that can be turned on by passing `-t` argument. In test mode, rspamd reads config file and checks its syntax. If a configuration file is OK, then exit code is zero. Test mode is useful for testing new config file withou rspamd restart. `--convert-config` option can be used to convert old style (pre 0.6.0) config to [ucl](../configuration/ucl.md) one:
$ rspamd -c ./rspamd.xml --convert-conf ./rspamd.conf
-
+
## Managing rspamd using signals
-First of all, it is important to note that all user's signals should be sent to rspamd main process and not to its children (as for child processes these signals can have other meanings). To determine which process is main you can use two ways:
+First of all, it is important to note that all user's signals should be sent to rspamd main process and not to its children (as for child processes these signals can have other meanings). To determine which process is main you can use two ways:
-- by reading pidfile:
+- by reading pidfile:
$ cat pidfile
-- by getting process info:
+- by getting process info:
$ ps auxwww | grep rspamd
nobody 28378 0.0 0.2 49744 9424 rspamd: main process
@@ -147,14 +147,14 @@ First of all, it is important to note that all user's signals should be sent to
nobody 64083 0.0 0.3 51792 11036 rspamd: worker process
nobody 64084 0.0 2.7 158288 114200 rspamd: controller process
nobody 64085 0.0 1.8 116304 75228 rspamd: fuzzy storage
-
+
$ ps auxwww | grep rspamd | grep main
nobody 28378 0.0 0.2 49744 9424 rspamd: main process
After getting the pid of main process it is possible to manage rspamd with signals:
-
-- `SIGHUP` - restart rspamd: reread config file, start new workers (as well as controller and other processes), stop accepting connections by old workers, reopen all log files. Note that old workers would be terminated after one minute that should allow to process all pending requests. All new requests to rspamd will be processed by newly started workers.
+
+- `SIGHUP` - restart rspamd: reread config file, start new workers (as well as controller and other processes), stop accepting connections by old workers, reopen all log files. Note that old workers would be terminated after one minute that should allow to process all pending requests. All new requests to rspamd will be processed by newly started workers.
- `SIGTERM` - terminate rspamd system.
-- `SIGUSR1` - reopen log files (useful for log files rotation).
+- `SIGUSR1` - reopen log files (useful for log files rotation).
-These signals may be used in start scripts as it is done in `FreeBSD` start script. Restarting of rspamd is performed softly: no connections are dropped and if a new config is incorrect then the old config is used. \ No newline at end of file
+These signals may be used in start scripts as it is done in `FreeBSD` start script. Restarting of rspamd is performed softly: no connections are dropped and if a new config is incorrect then the old config is used.
diff --git a/doc/markdown/configuration/composites.md b/doc/markdown/configuration/composites.md
index 09815df25..88090cf33 100644
--- a/doc/markdown/configuration/composites.md
+++ b/doc/markdown/configuration/composites.md
@@ -9,7 +9,7 @@ in a joint expression.
For example, you can define a composite that is added when two of symbols are found:
-~~~nginx
+~~~ucl
composite {
name = "TEST_COMPOSITE";
expression = "SYMBOL1 and SYMBOL2";
@@ -31,7 +31,7 @@ You can use the following operations in a composite expression:
You also can use braces to define priorities. Otherwise operators are evaluated from left to right.
For example:
-~~~nginx
+~~~ucl
composite {
name = "TEST";
expression = "SYMBOL1 and SYMBOL2 and ( not SYMBOL3 | not SYMBOL4 | not SYMBOL5 )";
@@ -39,7 +39,7 @@ composite {
~~~
Composite rule can include other composites in the body. There is no restriction of definition order:
-~~~nginx
+~~~ucl
composite {
name = "TEST1";
expression = "SYMBOL1 AND TEST2";
@@ -66,9 +66,9 @@ For example, you have symbol `A` and `B` with weights `W_a` and `W_b` and a comp
It is also possible to include the whole group of symbols to a composite rule. This
efficiently means **any** symbol of the specified group:
-~~~nginx
+~~~ucl
composite {
name = "TEST2";
expression = "SYMBOL2 && !g:mua";
}
-~~~ \ No newline at end of file
+~~~
diff --git a/doc/markdown/configuration/index.md b/doc/markdown/configuration/index.md
index 23781003f..27467777e 100644
--- a/doc/markdown/configuration/index.md
+++ b/doc/markdown/configuration/index.md
@@ -25,7 +25,7 @@ parts.
The basic rspamd configuration is stored in $CONFDIR/rspamd.conf. By default, this
file looks like this one:
-~~~nginx
+~~~ucl
lua = "$CONFDIR/lua/rspamd.lua"
.include "$CONFDIR/options.conf"
@@ -53,7 +53,7 @@ section that describes composite symbols. Statistical filters are defined in
and internal modules) in [modules](../modules/index.md) section while modules itself are
loaded from the following portion of configuration:
-~~~nginx
+~~~ucl
modules {
path = "$PLUGINSDIR/lua/"
}
diff --git a/doc/markdown/configuration/metrics.md b/doc/markdown/configuration/metrics.md
index 88a6d7c07..639c6f08e 100644
--- a/doc/markdown/configuration/metrics.md
+++ b/doc/markdown/configuration/metrics.md
@@ -37,7 +37,7 @@ configuration defines merely the `default` metric.
Each metric is defined by a `metric` object in rspamd configuration. This object has one
mandatory attribute - `name` which defines the name of this metric:
-~~~nginx
+~~~ucl
metric {
# Define default metric
name = "default";
@@ -72,7 +72,7 @@ The content of this section is separated to the two main parts: symbols and acti
Actions section is an object of all actions defined by this metric. If some actions are skipped,
they won't be ever suggested by rspamd. Actions section looks as following:
-~~~nginx
+~~~ucl
metric {
...
actions {
@@ -96,7 +96,7 @@ Symbols are defined by an object with the following properties:
So far, the symbol definition looks like this one:
-~~~nginx
+~~~ucl
symbol {
name = "RWL_SPAMHAUS_WL_IND";
weight = -0.7;
@@ -114,7 +114,7 @@ Symbols can be grouped to specify their common functionality. For example, one m
which could be useful, for instance if some specific group should not unconditionally send a message
to `spam` class. Here is an example of such a functionality:
-~~~nginx
+~~~ucl
metric {
name = default; # This is mandatory option
@@ -136,4 +136,4 @@ metric {
}
}
}
-~~~ \ No newline at end of file
+~~~
diff --git a/doc/markdown/configuration/options.md b/doc/markdown/configuration/options.md
index 9d11a2007..29a7bde5e 100644
--- a/doc/markdown/configuration/options.md
+++ b/doc/markdown/configuration/options.md
@@ -5,7 +5,7 @@
Options section defines the basic rspamd behaviour and are global for all types of workers.
The default options are depicted in the following example configuration snippet:
-~~~nginx
+~~~ucl
filters = "chartable,dkim,spf,surbl,regexp,fuzzy_check";
raw_mode = false;
one_shot = false;
@@ -62,7 +62,7 @@ These options live in a separate subsection named `dns` and specify the behaviou
* `nameserver`: list (or array) of DNS servers to be used (if this option is missed, then `/etc/resolv.conf` is parsed instead). It is also possible to specify weights of DNS servers to balance the payload, e.g.
-~~~nginx
+~~~ucl
options {
dns {
# 9/10 on 127.0.0.1 and 1/10 to 8.8.8.8
diff --git a/doc/markdown/configuration/settings.md b/doc/markdown/configuration/settings.md
index 785692129..00432d241 100644
--- a/doc/markdown/configuration/settings.md
+++ b/doc/markdown/configuration/settings.md
@@ -9,13 +9,13 @@ and updated automatically if a corresponding file or URL has changed since last
To load settings as dynamic map, you can set 'settings' to a map string:
-~~~nginx
+~~~ucl
settings = "http://host/url"
~~~
If you don't want dynamic updates then you can set settings to an object:
-~~~nginx
+~~~ucl
settings {
setting1 = {
...
@@ -30,7 +30,7 @@ settings {
The settings file itself should contain a single section called "settings":
-~~~nginx
+~~~ucl
settings {
some_users {
priority = high;
diff --git a/doc/markdown/configuration/ucl.md b/doc/markdown/configuration/ucl.md
index 7fb49a9e2..56b582c1f 100644
--- a/doc/markdown/configuration/ucl.md
+++ b/doc/markdown/configuration/ucl.md
@@ -32,7 +32,7 @@ For example, you can write the same configuration in the following ways:
* in nginx like:
-~~~nginx
+~~~ucl
param = value;
section {
param = value;
@@ -43,7 +43,7 @@ section {
string = "something";
subsection {
host = {
- host = "hostname";
+ host = "hostname";
port = 900;
}
host = {
@@ -96,7 +96,7 @@ is equal to:
* There is no requirement of quotes for strings and keys, moreover, `:` may be replaced `=` or even be skipped for objects:
-~~~nginx
+~~~ucl
key = value;
section {
key = value;
@@ -146,7 +146,7 @@ is converted to:
UCL accepts named keys and organize them into objects hierarchy internally. Here is an example of this process:
-~~~nginx
+~~~ucl
section "blah" {
key = value;
}
@@ -157,7 +157,7 @@ section foo {
is converted to the following object:
-~~~nginx
+~~~ucl
section {
blah {
key = value;
@@ -167,10 +167,10 @@ section {
}
}
~~~
-
+
Plain definitions may be more complex and contain more than a single level of nested objects:
-
-~~~nginx
+
+~~~ucl
section "blah" "foo" {
key = value;
}
@@ -178,7 +178,7 @@ section "blah" "foo" {
is presented as:
-~~~nginx
+~~~ucl
section {
blah {
foo {
@@ -204,14 +204,14 @@ section {
UCL supports different style of comments:
-* single line: `#`
+* single line: `#`
* multiline: `/* ... */`
Multiline comments may be nested:
~~~c
# Sample single line comment
-/*
+/*
some comment
/* nested comment */
end of comment
@@ -222,7 +222,7 @@ Multiline comments may be nested:
UCL supports external macros both multiline and single line ones:
-~~~nginx
+~~~ucl
.macro "sometext";
.macro {
Some long text
@@ -234,7 +234,7 @@ Moreover, each macro can accept an optional list of arguments in braces. These
arguments themselves are the UCL object that is parsed and passed to a macro as
options:
-~~~nginx
+~~~ucl
.macro(param=value) "something";
.macro(param={key=value}) "something";
.macro(.include "params.conf") "something";
@@ -246,7 +246,7 @@ param = [value1, value2]) "something";
UCL also provide a convenient `include` macro to load content from another files
to the current UCL object. This macro accepts either path to file:
-~~~nginx
+~~~ucl
.include "/full/path.conf"
.include "./relative/path.conf"
.include "${CURDIR}/path.conf"
@@ -329,10 +329,10 @@ Here are some rules for this syntax:
key <<EOD
-
+
some
text
-
+
EOD
@@ -358,7 +358,7 @@ parsing and emitting and compared it with UCL. Here are results:
jansson: parsed json in 1.3899 seconds
jansson: emitted object in 0.2609 seconds
-
+
ucl: parsed input in 0.6649 seconds
ucl: emitted config in 0.2423 seconds
ucl: emitted json in 0.2329 seconds
diff --git a/doc/markdown/lua/index.md b/doc/markdown/lua/index.md
index 793b143da..d003959d9 100644
--- a/doc/markdown/lua/index.md
+++ b/doc/markdown/lua/index.md
@@ -6,7 +6,7 @@ Rspamd lua api is a core part of rspamd functionality. Lua is used for writing r
Many lua rules are shipped with rspamd. They can be included to rspamd by using tag **lua** in rspamd.conf:
-~~~nginx
+~~~ucl
lua = "$CONFDIR/lua/rspamd.lua"
~~~
diff --git a/doc/markdown/migration.md b/doc/markdown/migration.md
index 7995d1992..66d77f63c 100644
--- a/doc/markdown/migration.md
+++ b/doc/markdown/migration.md
@@ -16,7 +16,7 @@ Now both redis and sqlite3 follows the common principles for per-user statistics
If you need old behaviour, then you'd need to use separate classifier
for per-user statistics, for example:
-~~~nginx
+~~~ucl
classifier {
tokenizer {
name = "osb";
@@ -61,7 +61,7 @@ that now tokens are generated from the normalized words and there are various im
statistics model used in pre 1.0 versions. Therefore, to use all these advantages you should either **relearn**
your statistics or continue using your old statistics **without** new features by adding `compat` parameter:
-~~~nginx
+~~~ucl
classifier {
...
tokenizer {
@@ -73,7 +73,7 @@ classifier {
The recommended way to create statistics now is `sqlite3` backend (which is incompatible with old mmap backend however):
-~~~nginx
+~~~ucl
classifier {
type = "bayes";
tokenizer {
@@ -116,7 +116,7 @@ specified then `password` is used for both commands.
Here is an example of the full configuration of rspamd controller worker to
serve webui:
-~~~nginx
+~~~ucl
worker {
type = "controller";
bind_socket = "localhost:11334";
@@ -262,4 +262,4 @@ end
Rspamd now uses `HTTP` protocols for all operations, therefore an additional
client library is unlikely needed. The fallback to old `spamc` protocol has also
been implemented automatically to be compatible with `rmilter` and other software
-that uses `rspamc` protocol. \ No newline at end of file
+that uses `rspamc` protocol.
diff --git a/doc/markdown/modules/chartable.md b/doc/markdown/modules/chartable.md
index f5aa55322..5458427a0 100644
--- a/doc/markdown/modules/chartable.md
+++ b/doc/markdown/modules/chartable.md
@@ -2,9 +2,9 @@
This module allows to find number of characters from the different [unicode scripts](http://www.unicode.org/reports/tr24/). Finally, it evaluates number of scrips changes, e.g. 'a網絡a' is treated as 2 script changes - from latin to chineese and from chineese back to latin, divided by total number of unicode characters. If the product of this division is higher than threshold then a symbol is inserted. By default threshold is `0.1` meaning that script changes occurrs approximantely for 10% of characters.
-~~~nginx
+~~~ucl
chartable {
symbol = "R_CHARSET_MIXED";
threshold = 0.1;
}
-~~~ \ No newline at end of file
+~~~
diff --git a/doc/markdown/modules/dmarc.md b/doc/markdown/modules/dmarc.md
index c69fa3015..f71eb6f91 100644
--- a/doc/markdown/modules/dmarc.md
+++ b/doc/markdown/modules/dmarc.md
@@ -20,7 +20,7 @@ Please mention, that rspamd itself cannot send reports, it merely stores suffici
DMARC configuration is very simple:
-~~~nginx
+~~~ucl
dmarc {
servers = "localhost:6390";
key_prefix = "dmarc_"; # Keys would have format of dmarc_domain.com
@@ -41,4 +41,4 @@ When a message violates DMARC policy, rspamd adds the following information to `
where results are `true` or `false` meaning allow and reject values accordingly.
Unixtime and IP are inserted in text form. Keys are therefore `lists` in redis terminology.
-Keys are inserted to redis servers when a server is selected by hash value from sender's domain. \ No newline at end of file
+Keys are inserted to redis servers when a server is selected by hash value from sender's domain.
diff --git a/doc/markdown/modules/fuzzy_check.md b/doc/markdown/modules/fuzzy_check.md
index 4f41a5c04..13e8c6878 100644
--- a/doc/markdown/modules/fuzzy_check.md
+++ b/doc/markdown/modules/fuzzy_check.md
@@ -37,7 +37,7 @@ Fuzzy rules are defined as a set of `rule` definitions. Each `rule` must have se
list to check or learn and a set of flags and optional parameters. Here is an example of
rule's settings:
-~~~nginx
+~~~ucl
fuzzy_check {
rule {
# List of servers, can be an array or multi-value item
@@ -75,7 +75,7 @@ Each rule can have several maps defined by a `flag` value. For example, a single
fuzzy storage can contain both good and bad hashes that should have different symbols
and thus different weights. Maps are defined inside fuzzy rules as following:
-~~~nginx
+~~~ucl
fuzzy_check {
rule {
...
@@ -108,7 +108,7 @@ if the weight of hash is `100` and `max_score` will be `99`, then the rule will
added with the weight of `1`. If `max_score` is `200`, then the rule will be added with the
weight likely `0.2` (the real function is hyperbolic tangent). In the following configuration:
-~~~nginx
+~~~ucl
metric {
name = "default";
...
@@ -160,4 +160,4 @@ or delete hashes:
rspamc -f <flag> fuzzy_del ...
On learning, rspamd sends commands to **all** servers inside specific rule. On check,
-rspamd selects a server in round-robin matter. \ No newline at end of file
+rspamd selects a server in round-robin matter.
diff --git a/doc/markdown/modules/index.md b/doc/markdown/modules/index.md
index 4824f66a1..19af30565 100644
--- a/doc/markdown/modules/index.md
+++ b/doc/markdown/modules/index.md
@@ -14,7 +14,7 @@ to the main rspamd code. C modules are defined in the `options` section of rspam
configuration. If no `filters` attribute is defined then all modules are disabled.
The default configuration enables all modules explicitly:
-~~~nginx
+~~~ucl
filters = "chartable,dkim,spf,surbl,regexp,fuzzy_check";
~~~
@@ -37,7 +37,7 @@ reconfiguration. Should you want to write a lua module consult with the
[Lua API documentation](../lua/). To define path to lua modules there is a special section
named `modules` in rspamd:
-~~~nginx
+~~~ucl
modules {
path = "/path/to/dir/";
path = "/path/to/module.lua";
@@ -62,4 +62,4 @@ and performs some additional checks for such messages.
- [phishing](phishing.md) - detects messages with phished URLs.
- [ratelimit](ratelimit.md) - implements leaked bucket algorithm for ratelimiting and
uses `redis` to store data.
-- [trie](trie.md) - uses suffix trie for extra-fast patterns lookup in messages. \ No newline at end of file
+- [trie](trie.md) - uses suffix trie for extra-fast patterns lookup in messages.
diff --git a/doc/markdown/modules/multimap.md b/doc/markdown/modules/multimap.md
index db49cc831..290df9e49 100644
--- a/doc/markdown/modules/multimap.md
+++ b/doc/markdown/modules/multimap.md
@@ -65,7 +65,7 @@ following values:
No filters will be processed for a message if such a map matches.
-~~~nginx
+~~~ucl
multimap {
test { type = "ip"; map = "/tmp/ip.map"; symbol = "TESTMAP"; }
spamhaus { type = "dnsbl"; map = "pbl.spamhaus.org"; symbol = "R_IP_PBL";
@@ -107,31 +107,38 @@ Filename maps support this filters set:
Here are some examples of pre-filter configurations:
-~~~nginx
+~~~ucl
sender_from_whitelist_user {
- type = "from";
- filter = "email:user";
- map = "file:///tmp/from.map";
- symbol = "SENDER_FROM_WHITELIST_USER";
- action = "accept"; # Prefilter mode
+ type = "from";
+ filter = "email:user";
+ map = "file:///tmp/from.map";
+ symbol = "SENDER_FROM_WHITELIST_USER";
+ action = "accept"; # Prefilter mode
}
sender_from_regexp {
- type = "header";
- header = "from";
- filter = "regexp:/.*@/";
- map = "file:///tmp/from_re.map";
- symbol = "SENDER_FROM_REGEXP";
+ type = "header";
+ header = "from";
+ filter = "regexp:/.*@/";
+ map = "file:///tmp/from_re.map";
+ symbol = "SENDER_FROM_REGEXP";
}
url_map {
- type = "url";
- filter = "tld";
- map = "file:///tmp/url.map";
- symbol = "URL_MAP";
+ type = "url";
+ filter = "tld";
+ map = "file:///tmp/url.map";
+ symbol = "URL_MAP";
}
url_tld_re {
- type = "url";
- filter = "tld:regexp:/\.[^.]+$/"; # Extracts the last component of URL
- map = "file:///tmp/url.map";
- symbol = "URL_MAP_RE";
+ type = "url";
+ filter = "tld:regexp:/\.[^.]+$/"; # Extracts the last component of URL
+ map = "file:///tmp/url.map";
+ symbol = "URL_MAP_RE";
}
-~~~ \ No newline at end of file
+filename_blacklist {
+ type = "filename";
+ filter = "extension";
+ map = "/${LOCAL_CONFDIR}/filename.map";
+ symbol = "FILENAME_BLACKLISTED";
+ action = "reject";
+}
+~~~
diff --git a/doc/markdown/modules/once_received.md b/doc/markdown/modules/once_received.md
index 398ce1cb1..cb91522a5 100644
--- a/doc/markdown/modules/once_received.md
+++ b/doc/markdown/modules/once_received.md
@@ -8,7 +8,7 @@ The configuration of this module is pretty straightforward: specify `symbol` for
## Example
-~~~nginx
+~~~ucl
once_received {
good_host = "^mail";
bad_host = "static";
diff --git a/doc/markdown/modules/phishing.md b/doc/markdown/modules/phishing.md
index 8d742a9a1..4f6d86159 100644
--- a/doc/markdown/modules/phishing.md
+++ b/doc/markdown/modules/phishing.md
@@ -24,7 +24,7 @@ And the following URLs are considered as phished:
Here is an example of full module configuration.
-~~~nginx
+~~~ucl
phishing {
symbol = "R_PHISHING"; # Default symbol
diff --git a/doc/markdown/modules/rbl.md b/doc/markdown/modules/rbl.md
index 24bd3532b..b7e73a1d1 100644
--- a/doc/markdown/modules/rbl.md
+++ b/doc/markdown/modules/rbl.md
@@ -4,7 +4,7 @@ The RBL module provides support for checking the IPv4/IPv6 source address of a m
Configuration is structured as follows:
-~~~nginx
+~~~ucl
rbl {
# default settings defined here
rbls {
@@ -89,7 +89,7 @@ Can be set to a URL of a list of IPv4/IPv6 addresses & subnets not to be conside
RBL-specific subsection is structured as follows:
-~~~nginx
+~~~ucl
# Descriptive name of RBL or symbol if symbol is not defined.
an_rbl {
# Explicitly defined symbol
diff --git a/doc/markdown/modules/spamassassin.md b/doc/markdown/modules/spamassassin.md
index f41af3141..ca585241f 100644
--- a/doc/markdown/modules/spamassassin.md
+++ b/doc/markdown/modules/spamassassin.md
@@ -10,7 +10,7 @@ of spamassassin rules natively within rspamd. The configuration of this plugin
is very simple: just glue all your SA rules into a single file and feed it to
spamassassin module:
-~~~nginx
+~~~ucl
spamassassin {
ruleset = "/path/to/file";
# Limit search size to 100 kilobytes for all regular expressions
diff --git a/doc/markdown/modules/spf.md b/doc/markdown/modules/spf.md
index d858a7af3..281cd91b4 100644
--- a/doc/markdown/modules/spf.md
+++ b/doc/markdown/modules/spf.md
@@ -24,11 +24,11 @@ lifetimes is accordingly limited by the matching DNS record time to live.
You can manually specify the size of this cache by configuring SPF module:
-~~~nginx
+~~~ucl
spf {
spf_cache_size = 1k; # cache up to 1000 of the most recent SPF records
}
~~~
Currently, rspamd supports the full set of SPF elements, macroes and has internal
-protection from DNS recursion. \ No newline at end of file
+protection from DNS recursion.
diff --git a/doc/markdown/modules/surbl.md b/doc/markdown/modules/surbl.md
index 84f43b8c0..ec39a6c7d 100644
--- a/doc/markdown/modules/surbl.md
+++ b/doc/markdown/modules/surbl.md
@@ -14,7 +14,7 @@ a specific sort of license.
Nonetheless, they can be used by personal services or low volume requests free
of charge.
-~~~nginx
+~~~ucl
surbl {
# List of domains that are not checked by surbl
whitelist = "file://$CONFDIR/surbl-whitelist.inc";
@@ -81,7 +81,7 @@ it is possible to specify either `bit` or `ips` sections.
Since some URL lists do not accept `IP` addresses, it is also possible to disable sending of URLs with IP address in the host to such lists. That could be done by specifying `noip = true` option:
-~~~nginx
+~~~ucl
rule {
suffix = "dbl.spamhaus.org";
symbol = "DBL";
@@ -92,7 +92,7 @@ Since some URL lists do not accept `IP` addresses, it is also possible to disabl
It is also possible to check HTML images URLs using URL blacklists. Just specify `images = true` for such list and you are done:
-~~~nginx
+~~~ucl
rule {
suffix = "uribl.rambler.ru";
# Also check images
@@ -172,7 +172,7 @@ In general this procedure could be represented as following:
For example, [SBL list](https://www.spamhaus.org/sbl/) of `spamhaus` project provides such functions using `ZEN` multi list. This is included in rspamd default configuration:
-~~~nginx
+~~~ucl
rule {
suffix = "zen.spamhaus.org";
symbol = "ZEN_URIBL";
@@ -181,4 +181,4 @@ For example, [SBL list](https://www.spamhaus.org/sbl/) of `spamhaus` project pro
URIBL_SBL = "127.0.0.2";
}
}
-~~~ \ No newline at end of file
+~~~
diff --git a/doc/markdown/modules/trie.md b/doc/markdown/modules/trie.md
index 997f4d0df..18e9f6808 100644
--- a/doc/markdown/modules/trie.md
+++ b/doc/markdown/modules/trie.md
@@ -10,7 +10,7 @@ This module provides a convenient interface to the search trie structure.
Here is an example of trie configuration:
-~~~nginx
+~~~ucl
trie {
# Each subsection defines a single rule with associated symbol
SYMBOL1 {
@@ -36,4 +36,4 @@ Despite of the fact that aho-corasic trie is very fast, it supports merely plain
strings. Moreover, it cannot distinguish words boundaries, for example, a string
`test` will be found in texts `test`, `tests` or even `123testing`. Therefore, it
might be used to search some concrete and relatively specific patterns and should
-not be used for words match. \ No newline at end of file
+not be used for words match.
diff --git a/doc/markdown/modules/whitelist.md b/doc/markdown/modules/whitelist.md
index 403f103c3..ec4671e58 100644
--- a/doc/markdown/modules/whitelist.md
+++ b/doc/markdown/modules/whitelist.md
@@ -43,7 +43,7 @@ or if using map:
## Configuration example
-~~~nginx
+~~~ucl
whitelist {
rules {
WHITELIST_SPF = {
@@ -83,4 +83,4 @@ whitelist {
}
~~~
-Rspamd also comes with a set of pre-defined whitelisted domains that could be useful for start. \ No newline at end of file
+Rspamd also comes with a set of pre-defined whitelisted domains that could be useful for start.
diff --git a/doc/markdown/tutorials/migrate_sa.md b/doc/markdown/tutorials/migrate_sa.md
index 182c84a42..a85ff10ee 100644
--- a/doc/markdown/tutorials/migrate_sa.md
+++ b/doc/markdown/tutorials/migrate_sa.md
@@ -50,7 +50,7 @@ To install rspamd, I'd recommend using of the [official packages](https://rspamd
For those who has a lot of custom rules, there is good news: rspamd supports a certain set of SpamAssassin rules via special [plugin](../modules/spamassassin.md) that allows **direct** loading of SA rules into rspamd. You just need to specify all your configuration files in the plugin configuration:
-~~~nginx
+~~~ucl
spamassassin {
sa_main = "/etc/spamassassin/conf.d/*";
sa_local = "/etc/spamassassin/local.cf";
@@ -80,4 +80,4 @@ You can also setup rspamc to learn via passing messages to a certain email addre
learn-spam123: "| rspamc learn_spam"
learn-ham123: "| rspamc learn_ham"
-You'd need some less predictable aliases to avoid sending messages to such addresses by some adversary or just by a mistake to prevent statistics pollution. \ No newline at end of file
+You'd need some less predictable aliases to avoid sending messages to such addresses by some adversary or just by a mistake to prevent statistics pollution.
diff --git a/doc/markdown/tutorials/writing_rules.md b/doc/markdown/tutorials/writing_rules.md
index 38e1f56a9..4147c5a68 100644
--- a/doc/markdown/tutorials/writing_rules.md
+++ b/doc/markdown/tutorials/writing_rules.md
@@ -36,7 +36,7 @@ For the configuration rules you can take a look at the following examples:
rspamd.conf:
-~~~nginx
+~~~ucl
var1 = "value1";
section "name" {
@@ -46,7 +46,7 @@ section "name" {
rspamd.conf.local:
-~~~nginx
+~~~ucl
var1 = "value2";
section "name" {
@@ -56,7 +56,7 @@ section "name" {
Resulting config:
-~~~nginx
+~~~ucl
var1 = "value1";
var1 = "value2";
@@ -72,7 +72,7 @@ Override example:
rspamd.conf:
-~~~nginx
+~~~ucl
var1 = "value1";
section "name" {
@@ -82,7 +82,7 @@ section "name" {
rspamd.conf.override:
-~~~nginx
+~~~ucl
var1 = "value2";
section "name" {
@@ -92,7 +92,7 @@ section "name" {
Resulting config:
-~~~nginx
+~~~ucl
var1 = "value2";
# Note that var2 is removed completely
@@ -158,7 +158,7 @@ For built-in rules scores are placed in the file called `${CONFDIR}/metrics.conf
1. Define scores in `rspamd.conf.local` as following:
-~~~nginx
+~~~ucl
metric "default" {
symbol "MY_SYMBOL" {
description = "my cool rule";
diff --git a/doc/markdown/workers/controller.md b/doc/markdown/workers/controller.md
index 94c12310a..44f8e2b0b 100644
--- a/doc/markdown/workers/controller.md
+++ b/doc/markdown/workers/controller.md
@@ -25,7 +25,7 @@ To generate a keypair for the scanner you could use:
After that keypair should appear as following:
-~~~nginx
+~~~ucl
keypair {
pubkey = "tm8zjw3ougwj1qjpyweugqhuyg4576ctg6p7mbrhma6ytjewp4ry";
privkey = "ykkrfqbyk34i1ewdmn81ttcco1eaxoqgih38duib1e7b89h9xn3y";
diff --git a/doc/markdown/workers/fuzzy_storage.md b/doc/markdown/workers/fuzzy_storage.md
index a2d29826f..ad955a46a 100644
--- a/doc/markdown/workers/fuzzy_storage.md
+++ b/doc/markdown/workers/fuzzy_storage.md
@@ -110,7 +110,7 @@ to perform changes to fuzzy storage (you should also set `read_only = no` in you
Here is an example configuration of fuzzy storage:
-~~~nginx
+~~~ucl
worker {
type = "fuzzy";
bind_socket = "*:11335";
@@ -125,4 +125,4 @@ worker {
Rspamd fuzzy storage of version `0.8` can work with rspamd clients of all versions,
however, all updates from legacy versions (less that `0.8`) won't update fuzzy shingles
database. Rspamd [fuzzy check module](../modules/fuzzy_check.md) can work **only**
-with the recent rspamd fuzzy storage (it won't get anything from the legacy storages). \ No newline at end of file
+with the recent rspamd fuzzy storage (it won't get anything from the legacy storages).
diff --git a/doc/markdown/workers/index.md b/doc/markdown/workers/index.md
index 31d1d6b96..24208cebc 100644
--- a/doc/markdown/workers/index.md
+++ b/doc/markdown/workers/index.md
@@ -33,7 +33,7 @@ listens on an UDP port and does not save any state information.
All workers shares a set of common options. Here is a typical example of a normal
worker configuration that uses merely common worker options:
-~~~nginx
+~~~ucl
worker {
type = "normal";
bind_socket = "*:11333";
@@ -49,7 +49,7 @@ Here are options available to all workers:
`bind_socket` is the mostly common used option. It defines the address where worker should accept
connections. Rspamd allows both names and IP addresses for this option:
-~~~nginx
+~~~ucl
bind_socket = "localhost:11333";
bind_socket = "127.0.0.1:11333";
bind_socket = "[::1]:11333"; # note that you need to enclose ipv6 in '[]'
@@ -57,7 +57,7 @@ bind_socket = "[::1]:11333"; # note that you need to enclose ipv6 in '[]'
Also universal listening addresses are defined:
-~~~nginx
+~~~ucl
bind_socket = "*:11333"; # any ipv4 and ipv6 address
bind_socket = "*v4:11333"; # any ipv4 address
bind_socket = "*v6:11333"; # any ipv6 address
@@ -65,13 +65,13 @@ bind_socket = "*v6:11333"; # any ipv6 address
Moreover, you can specify systemd sockets if rspamd is invoked by systemd:
-~~~nginx
+~~~ucl
bind_socket = "systemd:1"; # the first socket passed by systemd throught environment
~~~
For unix sockets, it is also possible to specify owner and mode using this syntax:
-~~~nginx
+~~~ucl
bind_socket = "/tmp/rspamd.sock mode=0666 owner=user";
~~~
@@ -81,4 +81,4 @@ then `root` is used) and `0644` as access mask. Please mention that you need to
a weird result.
You can specify multiple `bind_socket` options to listen on as many addresses as
-you want. \ No newline at end of file
+you want.
diff --git a/doc/markdown/workers/normal.md b/doc/markdown/workers/normal.md
index 64cf4c479..9b935fb5a 100644
--- a/doc/markdown/workers/normal.md
+++ b/doc/markdown/workers/normal.md
@@ -17,7 +17,7 @@ To generate a keypair for the scanner you could use:
After that keypair should appear as following:
-~~~nginx
+~~~ucl
keypair {
pubkey = "tm8zjw3ougwj1qjpyweugqhuyg4576ctg6p7mbrhma6ytjewp4ry";
privkey = "ykkrfqbyk34i1ewdmn81ttcco1eaxoqgih38duib1e7b89h9xn3y";