diff options
author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2018-11-12 14:32:52 +0000 |
---|---|---|
committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2018-11-12 14:32:52 +0000 |
commit | 18d4509d6acdcd416cbafd2905666315771cb25e (patch) | |
tree | e16e91ffa72d86e17f5c8ab74a0cd6cfa01ceaad | |
parent | 6112b5c30705f38e1fe3ce2becf81f1ef21bf07a (diff) | |
download | rspamd-18d4509d6acdcd416cbafd2905666315771cb25e.tar.gz rspamd-18d4509d6acdcd416cbafd2905666315771cb25e.zip |
[Minor] Make LEAKED_PASSWORD_SCAM rule more strict
-rw-r--r-- | rules/regexp/misc.lua | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/rules/regexp/misc.lua b/rules/regexp/misc.lua index 0a399e2ad..2332cd6ce 100644 --- a/rules/regexp/misc.lua +++ b/rules/regexp/misc.lua @@ -63,11 +63,12 @@ reconf['HAS_ONION_URI'] = { local password_in_subject = [[Subject=/\bpassword\b/i]] local password_in_body = [[/\bpassword\b/i{sa_body}]] -local btc_wallet = [[/^[13][0-9a-zA-Z]{25,34}$/{words}]] +local btc_wallet_address = [[/^[13][0-9a-zA-Z]{25,34}$/{words}]] +local wallet_word = [[/^wallet$/i{words}]] reconf['LEAKED_PASSWORD_SCAM'] = { - re = string.format('(%s | %s) & %s', password_in_subject, - password_in_body, btc_wallet), + re = string.format('(%s | %s) & %s & %s', password_in_subject, + password_in_body, btc_wallet_address, wallet_word), description = 'Contains password word and BTC wallet address', score = 7.0, group = 'scams' |