diff options
author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2020-10-20 09:57:21 +0100 |
---|---|---|
committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2020-10-20 09:57:21 +0100 |
commit | 6598ceb596b3171cf57d2106c9ffa0454b2a6e61 (patch) | |
tree | 2e3e4c8df0bf8d08dd8900fc655a9633c948017d | |
parent | 9794220fa8c50fe1d797a75da2e9b258f1079d90 (diff) | |
download | rspamd-6598ceb596b3171cf57d2106c9ffa0454b2a6e61.tar.gz rspamd-6598ceb596b3171cf57d2106c9ffa0454b2a6e61.zip |
[Rework] Rbl: Rework defaults logic
-rw-r--r-- | conf/modules.d/rbl.conf | 35 | ||||
-rw-r--r-- | src/plugins/lua/rbl.lua | 9 |
2 files changed, 24 insertions, 20 deletions
diff --git a/conf/modules.d/rbl.conf b/conf/modules.d/rbl.conf index cd995a0d4..6a0b37ce0 100644 --- a/conf/modules.d/rbl.conf +++ b/conf/modules.d/rbl.conf @@ -13,10 +13,13 @@ # Module documentation can be found at https://rspamd.com/doc/modules/rbl.html rbl { - default_from = true; - default_received = false; default_exclude_users = true; + default_exclude_local = true; default_unknown = true; + default_dkim_domainonly = true; + default_dkim_match_from = false; + default_ipv4 = true; + default_ipv6 = true; url_whitelist = [ "https://maps.rspamd.com/rspamd/surbl-whitelist.inc.zst", @@ -30,9 +33,10 @@ rbl { spamhaus { symbol = "SPAMHAUS"; # Augmented by prefixes rbl = "zen.spamhaus.org"; - ipv6 = true; + # Check types received = true; from = true; + symbols_prefixes = { received = 'RECEIVED', from = 'RBL', @@ -53,6 +57,7 @@ rbl { symbol = "MAILSPIKE"; rbl = "rep.mailspike.net"; is_whitelist = true; + from = true; # Check source IP address whitelist_exception = "MAILSPIKE"; whitelist_exception = "RWL_MAILSPIKE_GOOD"; whitelist_exception = "RWL_MAILSPIKE_NEUTRAL"; @@ -74,6 +79,7 @@ rbl { senderscore { symbol = "RBL_SENDERSCORE"; + from = true; # Check source IP address rbl = "bl.score.senderscore.com"; } @@ -81,6 +87,7 @@ rbl { symbol = "RBL_SEM"; rbl = "bl.spameatingmonkey.net"; ipv6 = false; + from = true; # Check source IP address } semIPv6 { @@ -88,12 +95,15 @@ rbl { rbl = "bl.ipv6.spameatingmonkey.net"; ipv4 = false; ipv6 = true; + from = true; # Check source IP address } dnswl { symbol = "RCVD_IN_DNSWL"; rbl = "list.dnswl.org"; ipv6 = true; + from = true; # Check source IP address + received = true; # Check source IP address is_whitelist = true; whitelist_exception = "RCVD_IN_DNSWL"; whitelist_exception = "RCVD_IN_DNSWL_NONE"; @@ -113,6 +123,7 @@ rbl { symbol = "RBL_VIRUSFREE_UNKNOWN"; rbl = "bip.virusfree.cz"; ipv6 = true; + from = true; # Check source IP address returncodes { RBL_VIRUSFREE_BOTNET = "127.0.0.2"; } @@ -122,6 +133,7 @@ rbl { symbol = "RBL_NIXSPAM"; rbl = "ix.dnsbl.manitu.net"; ipv6 = true; + from = true; # Check source IP address } blocklistde { @@ -136,6 +148,7 @@ rbl { from = true; } + # Dkim whitelist dnswl_dwl { symbol = "DWL_DNSWL"; rbl = "dwl.dnswl.org"; @@ -153,16 +166,16 @@ rbl { DWL_DNSWL_BLOCKED = "127.0.0.255"; } } - # Old emails module + RSPAMD_EMAILBL { ignore_whitelist = true; ignore_defaults = true; emails_delimiter = "."; - emails = true; hash_format = "base32"; hash_len = 32; rbl = "email.rspamd.com"; - replyto = true; + emails = true; # Emails in body + replyto = true; # Email from reply-to header hash = "blake2"; returncodes = { RSPAMD_EMAILBL = "127.0.0.2"; @@ -172,9 +185,9 @@ rbl { ignore_whitelist = true; ignore_defaults = true; rbl = "ebl.msbl.org"; - emails = true; + emails = true; # Emails in body + replyto = true; # Email from reply-to header emails_domainonly = false; - replyto = true; hash = "sha1"; returncodes = { MSBL_EBL = [ @@ -193,8 +206,8 @@ rbl { rbl = "multi.surbl.org"; dkim = true; emails = true; - emails_domainonly = true; urls = true; + emails_domainonly = true; returnbits = { CRACKED_SURBL = 128; # From February 2016 @@ -210,8 +223,8 @@ rbl { rbl = "multi.uribl.com"; dkim = true; emails = true; - emails_domainonly = true; urls = true; + emails_domainonly = true; returnbits { URIBL_BLOCKED = 1; @@ -226,8 +239,8 @@ rbl { rbl = "uribl.rspamd.com"; dkim = true; emails = true; - emails_domainonly = true; urls = true; + emails_domainonly = true; hash = 'blake2'; hash_len = 32; hash_format = 'base32'; diff --git a/src/plugins/lua/rbl.lua b/src/plugins/lua/rbl.lua index 122bfe515..8c96cff52 100644 --- a/src/plugins/lua/rbl.lua +++ b/src/plugins/lua/rbl.lua @@ -1118,22 +1118,13 @@ local default_options = { ['default_enabled'] = true, ['default_ipv4'] = true, ['default_ipv6'] = true, - ['default_received'] = false, - ['default_from'] = true, ['default_unknown'] = false, - ['default_rdns'] = false, - ['default_helo'] = false, - ['default_dkim'] = false, ['default_dkim_domainonly'] = true, - ['default_emails'] = false, - ['default_urls'] = false, ['default_emails_domainonly'] = false, ['default_exclude_private_ips'] = true, ['default_exclude_users'] = false, ['default_exclude_local'] = true, ['default_no_ip'] = false, - ['default_images'] = false, - ['default_replyto'] = false, ['default_dkim_match_from'] = false, } |