aboutsummaryrefslogtreecommitdiffstats
path: root/rules/regexp
diff options
context:
space:
mode:
authorAlexander Moisseev <moiseev@mezonplus.ru>2016-01-10 19:30:17 +0300
committerAlexander Moisseev <moiseev@mezonplus.ru>2016-01-10 19:30:17 +0300
commit9703e506a963a6c44774744efb5b00bf8d8bc2d9 (patch)
treeae17264b83959f63b80920925f8f4c27d55d9324 /rules/regexp
parent5a4566af6e715e15ea8dce6776cdc7b9bd03b5bf (diff)
downloadrspamd-9703e506a963a6c44774744efb5b00bf8d8bc2d9.tar.gz
rspamd-9703e506a963a6c44774744efb5b00bf8d8bc2d9.zip
Add new Message-ID regexp for Thunderbird
Thunderbird version 46 and later is using new securely random Message-ID to avoid fingerprinting. https://bugzilla.mozilla.org/show_bug.cgi?id=902580 SeaMonkey (at least currentnightly build 2.42a1) is not affected by this change.
Diffstat (limited to 'rules/regexp')
-rw-r--r--rules/regexp/headers.lua3
1 files changed, 2 insertions, 1 deletions
diff --git a/rules/regexp/headers.lua b/rules/regexp/headers.lua
index e0679c583..394ad2373 100644
--- a/rules/regexp/headers.lua
+++ b/rules/regexp/headers.lua
@@ -262,13 +262,14 @@ local user_agent_seamonkey = 'User-Agent=/^\\s*Mozilla\\/5\\.0\\s.+\\sSeaMonkey\
local user_agent_mozilla = string.format('(%s) & !(%s) & !(%s)', user_agent_mozilla5, user_agent_thunderbird, user_agent_seamonkey)
-- Mozilla based common Message-ID template
local mozilla_msgid_common = 'Message-ID=/^\\s*<[\\dA-F]{8}\\.\\d{1,7}\\@([^>\\.]+\\.)+[^>\\.]+>$/H'
+local mozilla_msgid_common_sec = 'Message-ID=/^\\s*<[\\da-f]{8}-([\\da-f]{4}-){3}[\\da-f]{12}\\@([^>\\.]+\\.)+[^>\\.]+>$/H'
local mozilla_msgid = 'Message-ID=/^\\s*<(3[3-9A-F]|4[\\dA-F]|5[\\dA-F])[\\dA-F]{6}\\.(\\d0){1,4}\\d\\@([^>\\.]+\\.)+[^>\\.]+>$/H'
-- Summary rule for forged Mozilla Mail Message-ID header
reconf['FORGED_MUA_MOZILLA_MAIL_MSGID'] = string.format('(%s) & (%s) & !(%s) & !(%s)', user_agent_mozilla, mozilla_msgid_common, mozilla_msgid, unusable_msgid)
reconf['FORGED_MUA_MOZILLA_MAIL_MSGID_UNKNOWN'] = string.format('(%s) & !(%s) & !(%s) & !(%s)', user_agent_mozilla, mozilla_msgid_common, mozilla_msgid, unusable_msgid)
-- Summary rule for forged Thunderbird Message-ID header
reconf['FORGED_MUA_THUNDERBIRD_MSGID'] = string.format('(%s) & (%s) & !(%s) & !(%s)', user_agent_thunderbird, mozilla_msgid_common, mozilla_msgid, unusable_msgid)
-reconf['FORGED_MUA_THUNDERBIRD_MSGID_UNKNOWN'] = string.format('(%s) & !(%s) & !(%s) & !(%s)', user_agent_thunderbird, mozilla_msgid_common, mozilla_msgid, unusable_msgid)
+reconf['FORGED_MUA_THUNDERBIRD_MSGID_UNKNOWN'] = string.format('(%s) & !((%s) | (%s)) & !(%s) & !(%s)', user_agent_thunderbird, mozilla_msgid_common, mozilla_msgid_common_sec, mozilla_msgid, unusable_msgid)
-- Summary rule for forged Seamonkey Message-ID header
reconf['FORGED_MUA_SEAMONKEY_MSGID'] = string.format('(%s) & (%s) & !(%s) & !(%s)', user_agent_seamonkey, mozilla_msgid_common, mozilla_msgid, unusable_msgid)
reconf['FORGED_MUA_SEAMONKEY_MSGID_UNKNOWN'] = string.format('(%s) & !(%s) & !(%s) & !(%s)', user_agent_seamonkey, mozilla_msgid_common, mozilla_msgid, unusable_msgid)