aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins
diff options
context:
space:
mode:
authorDmitriy Alekseev <1865999+dragoangel@users.noreply.github.com>2023-08-21 20:17:27 +0300
committerGitHub <noreply@github.com>2023-08-21 20:17:27 +0300
commit77b10dbe2e32bec8b60cae6d51d8a7517ace3a1d (patch)
tree16df120aa7be3b74a3a6b11872c58dc43f752e00 /src/plugins
parent7d0d4e7beeb67930f8b0788e43e2b54a87fa95b7 (diff)
downloadrspamd-77b10dbe2e32bec8b60cae6d51d8a7517ace3a1d.tar.gz
rspamd-77b10dbe2e32bec8b60cae6d51d8a7517ace3a1d.zip
Update phishing.lua
Diffstat (limited to 'src/plugins')
-rw-r--r--src/plugins/lua/phishing.lua66
1 files changed, 43 insertions, 23 deletions
diff --git a/src/plugins/lua/phishing.lua b/src/plugins/lua/phishing.lua
index cd28ad05d..05e08c0f4 100644
--- a/src/plugins/lua/phishing.lua
+++ b/src/plugins/lua/phishing.lua
@@ -69,17 +69,21 @@ local function is_host_excluded(exclusion_map, host)
end
local function phishing_cb(task)
- local function check_phishing_map(map, exclusion_map, url, phish_symbol, excl_symbol)
+ local function check_phishing_map(table)
+ local phishing_data = {}
+ for k,v in pairs(table) do
+ phishing_data[k] = v
+ end
+ local url = phishing_data.url
local host = url:get_host()
- local excl_host = is_host_excluded(exclusion_map, host)
- if excl_host then
- task:insert_result(excl_symbol, 0.0, host)
+ if is_host_excluded(phishing_data.exclusion_map, host) then
+ task:insert_result(phishing_data.excl_symbol, 1.0, host)
return
end
if host then
- local elt = map[host]
+ local elt = phishing_data.map[host]
local found_path = false
local found_query = false
local data = nil
@@ -132,51 +136,57 @@ local function phishing_cb(task)
if found_query then
-- Query + path match
- task:insert_result(phish_symbol, 1.0, args)
+ task:insert_result(phishing_data.phish_symbol, 1.0, args)
else
-- Host + path match
if path then
- task:insert_result(phish_symbol, 0.3, args)
+ task:insert_result(phishing_data.phish_symbol, 0.3, args)
end
-- No path, no symbol
end
else
if url:is_phished() then
-- Only host matches
- task:insert_result(phish_symbol, 0.1, host)
+ task:insert_result(phishing_data.phish_symbol, 0.1, host)
end
end
end
end
end
- local function check_phishing_dns(dns_suffix, exclusion_map, url, phish_symbol, excl_symbol)
+ local function check_phishing_dns(table)
+ local phishing_data = {}
+ for k,v in pairs(table) do
+ phishing_data[k] = v
+ end
+ local url = phishing_data.url
+ local host = url:get_host()
+
+ if is_host_excluded(phishing_data.exclusion_map, host) then
+ task:insert_result(phishing_data.excl_symbol, 1.0, host)
+ return
+ end
+
local function compose_dns_query(elts)
local cr = require "rspamd_cryptobox_hash"
local h = cr.create()
for _, elt in ipairs(elts) do
h:update(elt)
end
- return string.format("%s.%s", h:base32():sub(1, 32), dns_suffix)
+ return string.format("%s.%s", h:base32():sub(1, 32), phishing_data.dns_suffix)
end
+
local r = task:get_resolver()
- local host = url:get_host()
local path = url:get_path()
local query = url:get_query()
- local excl_host = is_host_excluded(exclusion_map, host)
- if excl_host then
- task:insert_result(excl_symbol, 0.0, host)
- return
- end
-
if host and path then
local function host_host_path_cb(_, _, results, err)
if not err and results then
if not query then
- task:insert_result(phish_symbol, 1.0, results)
+ task:insert_result(phishing_data.phish_symbol, 1.0, results)
else
- task:insert_result(phish_symbol, 0.3, results)
+ task:insert_result(phishing_data.phish_symbol, 0.3, results)
end
end
end
@@ -192,7 +202,7 @@ local function phishing_cb(task)
if query then
local function host_host_path_query_cb(_, _, results, err)
if not err and results then
- task:insert_result(phish_symbol, 1.0, results)
+ task:insert_result(phishing_data.phish_symbol, 1.0, results)
end
end
@@ -223,16 +233,26 @@ local function phishing_cb(task)
local function do_loop_iter()
-- to emulate continue
local url = url_iter
+ local phishing_data = {}
+ phishing_data.url = url
+ phishing_data.exclusion_map = phishing_feed_exclusion_data
+ phishing_data.excl_symbol = phishing_feed_exclusion_symbol
if generic_service_hash then
- check_phishing_map(generic_service_data, phishing_feed_exclusion_data, url, generic_service_symbol, phishing_feed_exclusion_symbol)
+ phishing_data.map = generic_service_data
+ phishing_data.phish_symbol = generic_service_symbol
+ check_phishing_map(phishing_data)
end
if openphish_hash then
- check_phishing_map(openphish_data, phishing_feed_exclusion_data, url, openphish_symbol, phishing_feed_exclusion_symbol)
+ phishing_data.map = openphish_data
+ phishing_data.phish_symbol = openphish_symbol
+ check_phishing_map(phishing_data)
end
if phishtank_enabled then
- check_phishing_dns(phishtank_suffix, phishing_feed_exclusion_data, url, phishtank_symbol, phishing_feed_exclusion_symbol)
+ phishing_data.dns_suffix = phishtank_suffix
+ phishing_data.phish_symbol = phishtank_symbol
+ check_phishing_dns(phishing_data)
end
if url:is_phished() then