aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSteve Freegard <steve@stevefreegard.com>2017-03-24 15:34:25 +0000
committerSteve Freegard <steve@stevefreegard.com>2017-03-24 15:34:25 +0000
commit3458e67a9e2c87b343e77e2b76d5fb5f58522a37 (patch)
treee8488578e1135c1750ca821aca3bea2289fd914e
parentf0a919310024f6b16d71687e0a9e866b7d2fac2f (diff)
downloadrspamd-3458e67a9e2c87b343e77e2b76d5fb5f58522a37.tar.gz
rspamd-3458e67a9e2c87b343e77e2b76d5fb5f58522a37.zip
Fix RCVD_TLS_ALL and add RCVD_TLS_LAST
-rw-r--r--rules/misc.lua57
-rw-r--r--rules/regexp/headers.lua8
2 files changed, 49 insertions, 16 deletions
diff --git a/rules/misc.lua b/rules/misc.lua
index d4186a1b0..ae914ce21 100644
--- a/rules/misc.lua
+++ b/rules/misc.lua
@@ -187,20 +187,61 @@ rspamd_config.ENVFROM_VERP = {
group = "mailing_list"
}
-rspamd_config.RCVD_TLS_ALL = {
+local check_rcvd = rspamd_config:register_symbol{
+ name = 'CHECK_RCVD',
callback = function (task)
- local rcvds = task:get_header_full('Received')
+ local rcvds = task:get_received_headers()
if not rcvds then return false end
- local ret = fun.all(function(rc)
- return rc.flags and (rc.flags['ssl'] or rc.flags['authenticated'])
+ local tls = fun.all(function(rc)
+ return rc.flags and rc.flags['ssl']
end, rcvds)
- return ret
- end,
+ -- See if only the last hop was encrypted
+ if tls then
+ task:insert_result('RCVD_TLS_ALL', 1.0)
+ else
+ local rcvd = rcvds[1]
+ if rcvd.flags and rcvd.flags['ssl'] then
+ task:insert_result('RCVD_TLS_LAST', 1.0)
+ end
+ end
+
+ local auth = fun.any(function(rc)
+ return rc.flags and rc.flags['authenticated']
+ end, rcvds)
+
+ if auth then
+ task:insert_result('RCVD_VIA_SMTP_AUTH', 1.0)
+ end
+ end
+}
+
+rspamd_config:register_symbol{
+ type = 'virtual',
+ parent = check_rcvd,
+ name = 'RCVD_TLS_ALL',
+ description = 'All hops used encrypted transports',
+ score = 0.0,
+ group = 'encryption'
+}
+
+rspamd_config:register_symbol{
+ type = 'virtual',
+ parent = check_rcvd,
+ name = 'RCVD_TLS_LAST',
+ description = 'Last hop used encrypted transports',
+ score = 0.0,
+ group = 'encryption'
+}
+
+rspamd_config:register_symbol{
+ type = 'virtual',
+ parent = check_rcvd,
+ name = 'RCVD_VIA_SMTP_AUTH',
+ description = 'Message injected via SMTP AUTH',
score = 0.0,
- description = "All hops used encrypted transports",
- group = "encryption"
+ group = 'authentication'
}
rspamd_config.RCVD_HELO_USER = {
diff --git a/rules/regexp/headers.lua b/rules/regexp/headers.lua
index c14dd3500..af63d7131 100644
--- a/rules/regexp/headers.lua
+++ b/rules/regexp/headers.lua
@@ -905,11 +905,3 @@ reconf['HAS_XOIP'] = {
score = 0.0,
group = 'headers'
}
-
-reconf['RCVD_VIA_SMTP_AUTH'] = {
- re = "Received=/\\bE?SMTPS?A\\b/ || Received=/\\bauthenticated\\b/i",
- description = "Recieved using SMTP AUTH",
- score = 0,
- group = 'headers'
-}
-