summaryrefslogtreecommitdiffstats
path: root/rules/misc.lua
diff options
context:
space:
mode:
authorSteve Freegard <steve@stevefreegard.com>2017-03-24 15:34:25 +0000
committerSteve Freegard <steve@stevefreegard.com>2017-03-24 15:34:25 +0000
commit3458e67a9e2c87b343e77e2b76d5fb5f58522a37 (patch)
treee8488578e1135c1750ca821aca3bea2289fd914e /rules/misc.lua
parentf0a919310024f6b16d71687e0a9e866b7d2fac2f (diff)
downloadrspamd-3458e67a9e2c87b343e77e2b76d5fb5f58522a37.tar.gz
rspamd-3458e67a9e2c87b343e77e2b76d5fb5f58522a37.zip
Fix RCVD_TLS_ALL and add RCVD_TLS_LAST
Diffstat (limited to 'rules/misc.lua')
-rw-r--r--rules/misc.lua57
1 files changed, 49 insertions, 8 deletions
diff --git a/rules/misc.lua b/rules/misc.lua
index d4186a1b0..ae914ce21 100644
--- a/rules/misc.lua
+++ b/rules/misc.lua
@@ -187,20 +187,61 @@ rspamd_config.ENVFROM_VERP = {
group = "mailing_list"
}
-rspamd_config.RCVD_TLS_ALL = {
+local check_rcvd = rspamd_config:register_symbol{
+ name = 'CHECK_RCVD',
callback = function (task)
- local rcvds = task:get_header_full('Received')
+ local rcvds = task:get_received_headers()
if not rcvds then return false end
- local ret = fun.all(function(rc)
- return rc.flags and (rc.flags['ssl'] or rc.flags['authenticated'])
+ local tls = fun.all(function(rc)
+ return rc.flags and rc.flags['ssl']
end, rcvds)
- return ret
- end,
+ -- See if only the last hop was encrypted
+ if tls then
+ task:insert_result('RCVD_TLS_ALL', 1.0)
+ else
+ local rcvd = rcvds[1]
+ if rcvd.flags and rcvd.flags['ssl'] then
+ task:insert_result('RCVD_TLS_LAST', 1.0)
+ end
+ end
+
+ local auth = fun.any(function(rc)
+ return rc.flags and rc.flags['authenticated']
+ end, rcvds)
+
+ if auth then
+ task:insert_result('RCVD_VIA_SMTP_AUTH', 1.0)
+ end
+ end
+}
+
+rspamd_config:register_symbol{
+ type = 'virtual',
+ parent = check_rcvd,
+ name = 'RCVD_TLS_ALL',
+ description = 'All hops used encrypted transports',
+ score = 0.0,
+ group = 'encryption'
+}
+
+rspamd_config:register_symbol{
+ type = 'virtual',
+ parent = check_rcvd,
+ name = 'RCVD_TLS_LAST',
+ description = 'Last hop used encrypted transports',
+ score = 0.0,
+ group = 'encryption'
+}
+
+rspamd_config:register_symbol{
+ type = 'virtual',
+ parent = check_rcvd,
+ name = 'RCVD_VIA_SMTP_AUTH',
+ description = 'Message injected via SMTP AUTH',
score = 0.0,
- description = "All hops used encrypted transports",
- group = "encryption"
+ group = 'authentication'
}
rspamd_config.RCVD_HELO_USER = {