diff options
author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2016-07-03 21:55:47 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-07-03 21:55:47 +0100 |
commit | 1215abae340183478b25327e872f23df4295a86f (patch) | |
tree | e55b6f52728882f7059d8038511c90c9b22ee48b | |
parent | bfc1d38ca6f9d07bc2a9b2b4c4b6bb5ec66db688 (diff) | |
parent | 31099153e4b3c2df66bba7c5c97973f445f6cf59 (diff) | |
download | rspamd-1215abae340183478b25327e872f23df4295a86f.tar.gz rspamd-1215abae340183478b25327e872f23df4295a86f.zip |
Merge pull request #694 from moisseev/phishing-FQDN
[Feature] Supprort FQDNs in phishing module maps
-rw-r--r-- | doc/markdown/modules/phishing.md | 5 | ||||
-rw-r--r-- | src/plugins/lua/phishing.lua | 4 |
2 files changed, 6 insertions, 3 deletions
diff --git a/doc/markdown/modules/phishing.md b/doc/markdown/modules/phishing.md index 5218cc908..55884f287 100644 --- a/doc/markdown/modules/phishing.md +++ b/doc/markdown/modules/phishing.md @@ -58,6 +58,9 @@ payments system phishing. Finally, the default symbol is yielded- if `domains` is specified then only if the phished domain is found in the related map. +Maps for this module can consist of effective second level domain parts (eSLD) +or whole domain parts of the URLs (FQDN) as well. + ## Openphish support Since version 1.3, there is [openphish](https://openphish.com) support in rspamd. @@ -108,4 +111,4 @@ To enable phishtank feed, you can edit `local.d/phishing.conf` file and add the phishtank_enabled = true; # Where nginx is installed phishtank_map = "http://localhost:8080/data/online-valid.json"; -~~~
\ No newline at end of file +~~~ diff --git a/src/plugins/lua/phishing.lua b/src/plugins/lua/phishing.lua index 11363953c..ec9b9d2ad 100644 --- a/src/plugins/lua/phishing.lua +++ b/src/plugins/lua/phishing.lua @@ -136,7 +136,7 @@ local function phishing_cb(task) if #redirector_domains > 0 then for _,rule in ipairs(redirector_domains) do - if rule['map']:get_key(url:get_tld()) then + if rule['map']:get_key(tld) or rule['map']:get_key(url:get_host()) then task:insert_result(rule['symbol'], weight, ptld .. '->' .. tld) found = true end @@ -144,7 +144,7 @@ local function phishing_cb(task) end if not found and #strict_domains > 0 then for _,rule in ipairs(strict_domains) do - if rule['map']:get_key(ptld) then + if rule['map']:get_key(ptld) or rule['map']:get_key(purl:get_host()) then task:insert_result(rule['symbol'], 1.0, ptld .. '->' .. tld) found = true end |