Merge branch 'master' into vstakhov-utf8-mime

2 files changed, 87 insertions, 19 deletions

diff --git a/rules/archives.lua b/rules/archives.lua
index 83ac27df8..c582b93bd 100644
--- a/rules/archives.lua
+++ b/rules/archives.lua
@@ -2,19 +2,19 @@ local rspamd_regexp = require "rspamd_regexp"
 local lua_maps = require "lua_maps"
 
 local clickbait_map = lua_maps.map_add_from_ucl(
-  {
-    string.format('%s/maps.d/%s', rspamd_paths.CONFDIR, 'exe_clickbait.inc'),
-    string.format('%s/local.d/maps.d/%s', rspamd_paths.LOCAL_CONFDIR, 'exe_clickbait.inc')
-  },
-  'regexp',
-  'Inappropriate descriptions for executables'
+    {
+      string.format('%s/maps.d/%s', rspamd_paths.CONFDIR, 'exe_clickbait.inc'),
+      string.format('%s/local.d/maps.d/%s', rspamd_paths.LOCAL_CONFDIR, 'exe_clickbait.inc')
+    },
+    'regexp',
+    'Inappropriate descriptions for executables'
 )
 
 local exe_re = rspamd_regexp.create_cached([[/\.exe$|\.com$/i]])
 local img_re = rspamd_regexp.create_cached([[/\.img$/i]])
 local rar_re = rspamd_regexp.create_cached([[/\.rar$|\.r[0-9]{2}$/i]])
 
-local id = rspamd_config:register_symbol{
+local id = rspamd_config:register_symbol {
   callback = function(task)
     local num_checked = 0
     local have_subject_clickbait = false
@@ -52,7 +52,7 @@ local id = rspamd_config:register_symbol{
           local name = info.name
 
           if img_re:match(name) then
-            local ratio = info.uncompressed_size/info.compressed_size
+            local ratio = info.uncompressed_size / info.compressed_size
             if ratio >= 500 then
               task:insert_result('UDF_COMPRESSION_500PLUS', 1.0)
             end
@@ -86,7 +86,7 @@ local id = rspamd_config:register_symbol{
   type = 'callback',
 }
 
-rspamd_config:register_symbol{
+rspamd_config:register_symbol {
   description = 'exe file in archive with clickbait filename',
   group = 'malware',
   name = 'EXE_ARCHIVE_CLICKBAIT_FILENAME',
@@ -96,7 +96,7 @@ rspamd_config:register_symbol{
   type = 'virtual',
 }
 
-rspamd_config:register_symbol{
+rspamd_config:register_symbol {
   description = 'exe file in archive with clickbait subject',
   group = 'malware',
   name = 'EXE_ARCHIVE_CLICKBAIT_SUBJECT',
@@ -106,47 +106,47 @@ rspamd_config:register_symbol{
   type = 'virtual',
 }
 
-rspamd_config:register_symbol{
+rspamd_config:register_symbol {
   description = 'exe file in archive',
   group = 'malware',
   name = 'EXE_IN_ARCHIVE',
   one_shot = true,
   parent = id,
-  score = 0.5,
+  score = 1.5,
   type = 'virtual',
 }
 
-rspamd_config:register_symbol{
+rspamd_config:register_symbol {
   description = 'rar with wrong extension containing exe file',
   group = 'malware',
   name = 'EXE_IN_MISIDENTIFIED_RAR',
   one_shot = true,
   parent = id,
-  score = 2.0,
+  score = 5.0,
   type = 'virtual',
 }
 
-rspamd_config:register_symbol{
+rspamd_config:register_symbol {
   description = 'rar with wrong extension',
   group = 'malware',
   name = 'MISIDENTIFIED_RAR',
   one_shot = true,
   parent = id,
-  score = 2.0,
+  score = 4.0,
   type = 'virtual',
 }
 
-rspamd_config:register_symbol{
+rspamd_config:register_symbol {
   description = 'single file container bearing executable',
   group = 'malware',
   name = 'SINGLE_FILE_ARCHIVE_WITH_EXE',
   one_shot = true,
   parent = id,
-  score = 1.0,
+  score = 5.0,
   type = 'virtual',
 }
 
-rspamd_config:register_symbol{
+rspamd_config:register_symbol {
   description = 'very well compressed img file in archive',
   name = 'UDF_COMPRESSION_500PLUS',
   one_shot = true,
diff --git a/rules/misc.lua b/rules/misc.lua
index faf4a8fb8..4ddb00dfb 100644
--- a/rules/misc.lua
+++ b/rules/misc.lua
@@ -862,3 +862,71 @@ rspamd_config.COMPLETELY_EMPTY = {
   group = 'blankspam',
   score = 15
 }
+
+-- Preserve compatibility
+local rdns_auth_and_local_conf = lua_util.config_check_local_or_authed(rspamd_config, 'once_received',
+    false, false)
+-- Check for the hostname if it was not set
+local rnds_check_id = rspamd_config:register_symbol {
+  name = 'RDNS_CHECK',
+  callback = function(task)
+    if not task:get_hostname() then
+      -- Try to resolve
+      local task_ip = task:get_ip()
+      if task_ip and task_ip:is_valid() then
+        local rspamd_logger = require "rspamd_logger"
+        local function rdns_dns_cb(_, to_resolve, results, err)
+          if err and (err ~= 'requested record is not found' and err ~= 'no records with this name') then
+            rspamd_logger.errx(task, 'error looking up %s: %s', to_resolve, err)
+            task:insert_result('RDNS_DNSFAIL', 1.0)
+          end
+
+          if not results then
+            task:insert_result('RDNS_NONE', 1.0)
+          else
+            rspamd_logger.infox(task, 'source hostname has not been passed to Rspamd from MTA, ' ..
+                'but we could resolve source IP address PTR %s as "%s"',
+                to_resolve, results[1])
+            task:set_hostname(results[1])
+          end
+        end
+        task:get_resolver():resolve_ptr({ task = task,
+                                          name = task_ip:to_string(),
+                                          callback = rdns_dns_cb,
+                                          forced = true
+        })
+      end
+    end
+  end,
+  type = 'prefilter',
+  -- TODO: settings might need to use this symbol if they depend on hostname...
+  priority = lua_util.symbols_priorities.top - 1,
+  description = 'Check if hostname has been resolved by MTA',
+  condition = function(task)
+    local task_ip = task:get_ip()
+    if ((not rdns_auth_and_local_conf[1] and task:get_user()) or
+        (not rdns_auth_and_local_conf[2] and task_ip and task_ip:is_local())) then
+      return false
+    end
+
+    return true
+  end
+}
+
+rspamd_config:register_symbol {
+  type = 'virtual',
+  name = 'RDNS_DNSFAIL',
+  score = 0.0,
+  description = 'DNS failure resolving RDNS',
+  group = 'hfilter',
+  parent = rnds_check_id,
+
+}
+rspamd_config:register_symbol {
+  type = 'virtual',
+  name = 'RDNS_NONE',
+  score = 2.0,
+  description = 'DNS failure resolving RDNS',
+  group = 'hfilter',
+  parent = rnds_check_id,
+}
\ No newline at end of file