[Minor] rbl: support use of different matchers for return codes

3 files changed, 37 insertions, 3 deletions

diff --git a/conf/modules.d/rbl.conf b/conf/modules.d/rbl.conf
index c1ef6afaa..cb90d5d31 100644
--- a/conf/modules.d/rbl.conf
+++ b/conf/modules.d/rbl.conf
@@ -105,6 +105,7 @@ rbl {
       ipv6 = true;
       checks = ['from', 'received'];
       is_whitelist = true;
+      matcher = "luapattern";
       whitelist_exception = "RCVD_IN_DNSWL";
       whitelist_exception = "RCVD_IN_DNSWL_NONE";
       whitelist_exception = "RCVD_IN_DNSWL_LOW";
@@ -152,6 +153,7 @@ rbl {
       rbl = "dwl.dnswl.org";
       checks = ['dkim'];
       ignore_whitelist = true;
+      matcher = "luapattern";
       unknown = false;
 
       returncodes {
@@ -222,6 +224,7 @@ rbl {
       selector = "specific_urls_filter_map('surbl_hashbl_map', {limit = 10}).apply_methods('get_host', 'get_path').join_tables('/')",
       hash = 'md5';
       hash_len = 32;
+      matcher = "luapattern";
       returncodes = {
         SURBL_HASHBL_PHISH = "127.0.0.8";
         SURBL_HASHBL_MALWARE = "127.0.0.16";
diff --git a/lualib/plugins/rbl.lua b/lualib/plugins/rbl.lua
index 02d0d3338..1a25c1ed3 100644
--- a/lualib/plugins/rbl.lua
+++ b/lualib/plugins/rbl.lua
@@ -107,6 +107,7 @@ local rule_schema_tbl = {
   ipv6 = ts.boolean:is_optional(),
   is_whitelist = ts.boolean:is_optional(),
   local_exclude_ip_map = ts.string:is_optional(),
+  matcher = ts.one_of { "equality", "luapattern" }:is_optional(),
   monitored_address = ts.string:is_optional(),
   no_ip = ts.boolean:is_optional(),
   process_script = ts.string:is_optional(),
@@ -199,6 +200,21 @@ local function convert_checks(rule)
     rule.from = true
   end
 
+  if rule.returncodes and not rule.matcher then
+    for _, v in pairs(rule.returncodes) do
+      for _, e in ipairs(v) do
+        if e:find('%', 1, true) then
+          rspamd_logger.warnx(rspamd_config, 'implicitly enabling luapattern matcher for rule %s', rule.symbol)
+          rule.matcher = 'luapattern'
+          break
+        end
+      end
+      if rule.matcher then
+        break
+      end
+    end
+  end
+
   return rule
 end
 
diff --git a/src/plugins/lua/rbl.lua b/src/plugins/lua/rbl.lua
index 7f97506bc..b6467c103 100644
--- a/src/plugins/lua/rbl.lua
+++ b/src/plugins/lua/rbl.lua
@@ -215,7 +215,17 @@ local function gen_check_rcvd_conditions(rbl, received_total)
   end
 end
 
-local function rbl_dns_process(task, rbl, to_resolve, results, err, resolve_table_elt)
+local matchers = {}
+
+matchers.equality = function(to_match, pattern)
+  return to_match == pattern
+end
+
+matchers.luapattern = function(to_match, pattern)
+  return string.find(to_match, '^' .. pattern .. '$') and true or false
+end
+
+local function rbl_dns_process(task, rbl, to_resolve, results, err, resolve_table_elt, match)
   local function make_option(ip, label)
     if ip then
       return string.format('%s:%s:%s',
@@ -293,7 +303,7 @@ local function rbl_dns_process(task, rbl, to_resolve, results, err, resolve_tabl
     elseif rbl.returncodes then
       for s, codes in pairs(rbl.returncodes) do
         for _, v in ipairs(codes) do
-          if string.find(ipstr, '^' .. v .. '$') then
+          if match(ipstr, v) then
             foundrc = true
             insert_results(s)
             break
@@ -858,6 +868,11 @@ local function gen_rbl_callback(rule)
     description[#description + 1] = 'selector'
   end
 
+  if not rule.matcher then
+    rule.matcher = 'equality'
+  end
+  local match = matchers[rule.matcher]
+
   local callback_f = function(task)
     -- DNS requests to issue (might be hashed afterwards)
     local dns_req = {}
@@ -865,7 +880,7 @@ local function gen_rbl_callback(rule)
 
     local function gen_rbl_dns_callback(resolve_table_elt)
       return function(_, to_resolve, results, err)
-        rbl_dns_process(task, rule, to_resolve, results, err, resolve_table_elt)
+        rbl_dns_process(task, rule, to_resolve, results, err, resolve_table_elt, match)
       end
     end