diff options
| author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2019-07-03 14:07:10 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-07-03 14:07:10 +0100 |
| commit | 2839580137ce1f5f0bac060aa2a65d0457333c77 (patch) | |
| tree | 3014a2b5dda3a6654876ce23fb32e32b027268fc | |
| parent | 31fa076b50d0600c6c12c36ad892eaf3735e4e75 (diff) | |
| parent | 3e0ceea8e061e19554794582fee1518fe65d10bd (diff) | |
| download | rspamd-2839580137ce1f5f0bac060aa2a65d0457333c77.tar.gz rspamd-2839580137ce1f5f0bac060aa2a65d0457333c77.zip | |
Merge pull request #2954 from smfreegard/master
[Rules] Add MIME_BASE64_TEXT_BOGUS rule
| -rw-r--r-- | rules/headers_checks.lua | 55 |
1 files changed, 32 insertions, 23 deletions
diff --git a/rules/headers_checks.lua b/rules/headers_checks.lua index d8e4b5903..ab51c8e03 100644 --- a/rules/headers_checks.lua +++ b/rules/headers_checks.lua @@ -25,7 +25,7 @@ local E = {} local rcvd_cb_id = rspamd_config:register_symbol{ name = 'CHECK_RECEIVED', - type = 'callback,mime', + type = 'callback', score = 0.0, group = 'headers', callback = function(task) @@ -114,7 +114,7 @@ rspamd_config:register_symbol{ local prio_cb_id = rspamd_config:register_symbol { name = 'HAS_X_PRIO', - type = 'callback,mime', + type = 'callback', description = 'X-Priority check callback rule', score = 0.0, group = 'headers', @@ -186,7 +186,7 @@ local function get_raw_header(task, name) end local check_replyto_id = rspamd_config:register_symbol({ - type = 'callback,mime', + type = 'callback', name = 'CHECK_REPLYTO', score = 0.0, group = 'headers', @@ -334,7 +334,7 @@ rspamd_config:register_dependency('CHECK_REPLYTO', 'CHECK_FROM') local check_mime_id = rspamd_config:register_symbol{ name = 'CHECK_MIME', - type = 'callback,mime', + type = 'callback', group = 'headers', score = 0.0, callback = function(task) @@ -576,7 +576,6 @@ rspamd_config.MISSING_FROM = { return false end, score = 2.0, - type = 'mime', group = 'headers', description = 'Missing From: header' } @@ -598,7 +597,6 @@ rspamd_config.MULTIPLE_FROM = { end, score = 9.0, group = 'headers', - type = 'mime', description = 'Multiple addresses in From' } @@ -609,8 +607,7 @@ rspamd_config.MV_CASE = { end, description = 'Mime-Version .vs. MIME-Version', score = 0.5, - group = 'headers', - type = 'mime', + group = 'headers' } rspamd_config.FAKE_REPLY = { @@ -625,13 +622,12 @@ rspamd_config.FAKE_REPLY = { end, description = 'Fake reply', score = 1.0, - group = 'headers', - type = 'mime', + group = 'headers' } local check_from_id = rspamd_config:register_symbol{ name = 'CHECK_FROM', - type = 'callback,mime', + type = 'callback', score = 0.0, group = 'headers', callback = function(task) @@ -994,8 +990,7 @@ rspamd_config.CTYPE_MISSING_DISPOSITION = { end, description = 'Binary content-type not specified as an attachment', score = 4.0, - type = 'mime', - group = 'headers' + group = 'mime' } rspamd_config.CTYPE_MIXED_BOGUS = { @@ -1023,8 +1018,7 @@ rspamd_config.CTYPE_MIXED_BOGUS = { end, description = 'multipart/mixed without non-textual part', score = 1.0, - type = 'mime', - group = 'headers' + group = 'mime' } local function check_for_base64_text(part) @@ -1060,8 +1054,26 @@ rspamd_config.MIME_BASE64_TEXT = { end, description = 'Has text part encoded in base64', score = 0.1, - group = 'headers', - type = 'mime', + group = 'mime' +} + +rspamd_config.MIME_BASE64_TEXT_BOGUS = { + callback = function(task) + local parts = task:get_text_parts() + if (not parts) then return false end + -- Check each part and look for base64 encoded text parts + -- where the part does not have any 8bit characters within it + for _, part in ipairs(parts) do + local mimepart = part:get_mimepart(); + if (check_for_base64_text(mimepart) and not part:has_8bit()) then + return true + end + end + return false + end, + description = 'Has text part encoded in base64 that does not contain any 8bit characters', + score = 1.0, + group = 'mime' } local function is_8bit_addr(addr) @@ -1082,8 +1094,7 @@ rspamd_config.INVALID_FROM_8BIT = { end, description = 'Invalid 8bit character in From header', score = 6.0, - group = 'headers', - type = 'mime', + group = 'headers' } rspamd_config.INVALID_RCPT_8BIT = { @@ -1098,8 +1109,7 @@ rspamd_config.INVALID_RCPT_8BIT = { end, description = 'Invalid 8bit character in recipients headers', score = 6.0, - group = 'headers', - type = 'mime', + group = 'headers' } rspamd_config.XM_CASE = { @@ -1109,6 +1119,5 @@ rspamd_config.XM_CASE = { end, description = 'X-mailer .vs. X-Mailer', score = 0.5, - group = 'headers', - type = 'mime', + group = 'headers' } |