diff options
author | Anton Yuzhaninov <citrin+git@citrin.ru> | 2020-12-12 19:30:46 +0000 |
---|---|---|
committer | Anton Yuzhaninov <citrin+git@citrin.ru> | 2020-12-12 19:30:46 +0000 |
commit | a7aa9adc0cb2e6046b9136992eb41c0f89a2f401 (patch) | |
tree | 6370aa7f5605be7f4c934649b1a4989c12f2570a /rules/regexp | |
parent | df5e7c7fb3079306562875dabc36448ede06c69c (diff) | |
download | rspamd-a7aa9adc0cb2e6046b9136992eb41c0f89a2f401.tar.gz rspamd-a7aa9adc0cb2e6046b9136992eb41c0f89a2f401.zip |
[Minor] Remove FAKE_REPLY_C and move FAKE_REPLY rule to regexp module
FAKE_REPLY_C rule no longer works because MUA it used are no longer used
(and ones which are used changed headers they add). In theory one can
test all popular modern MUA and see which add only References, which
only In-Reply-To and which add both headers. But it will be a lot of
work to maintain such rule up to date. It still has a small number of
hits, but mostly because some spammers use old X-Mailer headers. This
should be addressed separately.
While here re-create FAKE_REPLY as a regexp module rule - this way it
should be more efficient.
Diffstat (limited to 'rules/regexp')
-rw-r--r-- | rules/regexp/headers.lua | 27 |
1 files changed, 5 insertions, 22 deletions
diff --git a/rules/regexp/headers.lua b/rules/regexp/headers.lua index 2df12929f..21866ac7b 100644 --- a/rules/regexp/headers.lua +++ b/rules/regexp/headers.lua @@ -634,28 +634,11 @@ reconf['REPTO_QUOTE_YAHOO'] = { group = 'headers' } --- MUA definitions -local xm_gnus = 'X-Mailer=/^Gnus v/H' -local xm_msoe5 = 'X-Mailer=/^Microsoft Outlook Express 5/H' -local xm_msoe6 = 'X-Mailer=/^Microsoft Outlook Express 6/H' -local xm_moz4 = 'X-Mailer=/^Mozilla 4/H' -local xm_skyri = 'X-Mailer=/^SKYRiXgreen/H' -local xm_wwwmail = 'X-Mailer=/^WWW-Mail \\d/H' -local ua_gnus = 'User-Agent=/^Gnus/H' -local ua_knode = 'User-Agent=/^KNode/H' -local ua_mutt = 'User-Agent=/^Mutt/H' -local ua_pan = 'User-Agent=/^Pan/H' -local ua_xnews = 'User-Agent=/^Xnews/H' -local no_inr_yes_ref = string.format('(%s) | (%s) | (%s) | (%s) | (%s) | (%s) | (%s) | (%s) | (%s) | (%s) | (%s)', xm_gnus, xm_msoe5, xm_msoe6, xm_moz4, xm_skyri, xm_wwwmail, ua_gnus, ua_knode, ua_mutt, ua_pan, ua_xnews) -local subj_re = 'Subject=/^R[eE]:/H' -local has_ref = '(header_exists(References) | header_exists(In-Reply-To))' -local missing_ref = string.format('!(%s)', has_ref) --- Fake reply (has RE in subject, but has no References header) -reconf['FAKE_REPLY_C'] = { - re = string.format('(%s) & (%s) & (%s) & !(%s)', subj_re, missing_ref, no_inr_yes_ref, xm_msoe6), - score = 6.0, - description = 'Fake reply (has RE in subject, but has no References header)', - group = 'subject' +reconf['FAKE_REPLY'] = { + re = [[Subject=/^re:/i & !(header_exists(In-Reply-To) | header_exists(References))]], + description = 'Fake reply', + score = 1.0, + group = 'headers' } -- Mime-OLE is needed but absent (e.g. fake Outlook or fake Ecxchange) |