diff options
| author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2016-11-26 14:31:21 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2016-11-26 14:31:21 +0000 |
| commit | 258223e5f14e9d42eb5fcf223a372f0886256452 (patch) | |
| tree | b4f6d205213193d42454bba1013b1bff37bbe2f8 /src | |
| parent | 1afcd6015ec2f627f1a3c0f71e4624dc8967ffce (diff) | |
| parent | 170aa65a0414ebd83b0df05f547403f5a9051b3f (diff) | |
| download | rspamd-258223e5f14e9d42eb5fcf223a372f0886256452.tar.gz rspamd-258223e5f14e9d42eb5fcf223a372f0886256452.zip | |
Merge pull request #1156 from smfreegard/rules_161117
Rules updates
Diffstat (limited to 'src')
| -rw-r--r-- | src/plugins/lua/mid.lua | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/src/plugins/lua/mid.lua b/src/plugins/lua/mid.lua index 0ca26b91f..7ff38bb9d 100644 --- a/src/plugins/lua/mid.lua +++ b/src/plugins/lua/mid.lua @@ -60,6 +60,55 @@ local function known_mid_cb(task) end end +local check_mid_id = rspamd_config:register_callback_symbol('CHECK_MID', 1.0, + function (task) + local mid = task:get_header('Message-ID') + if not mid then return false end + -- Check for 'bare' IP addresses in RHS + if mid:find("@%d+%.%d+%.%d+%.%d+>$") then + task:insert_result('MID_BARE_IP', 1.0) + end + -- Check for non-FQDN RHS + if mid:find("@[^%.]+>?$") then + task:insert_result('MID_RHS_NOT_FQDN', 1.0) + end + -- Check for missing <>'s + if not mid:find('^<[^>]+>$') then + task:insert_result('MID_MISSING_BRACKETS', 1.0) + end + -- Check for IP literal in RHS + if mid:find("@%[%d+%.%d+%.%d+%.%d+%]") then + task:insert_result('MID_RHS_IP_LITERAL', 1.0) + end + -- Check From address atrributes against MID + local from = task:get_from(2) + if (from and from[1] and from[1].domain) then + local fd = from[1].domain:lower() + local _,_,md = mid:find("@([^>]+)>?$") + -- See if all or part of the From address + -- can be found in the Message-ID + if (mid:lower():find(from[1].addr:lower(),1,true)) then + task:insert_result('MID_CONTAINS_FROM', 1.0) + elseif (md and fd == md:lower()) then + task:insert_result('MID_RHS_MATCH_FROM', 1.0) + end + end + end +) + +rspamd_config:register_virtual_symbol('MID_BARE_IP', 1.0, check_mid_id) +rspamd_config:set_metric_symbol('MID_BARE_IP', 2.0, 'Message-ID RHS is a bare IP address') +rspamd_config:register_virtual_symbol('MID_RHS_NOT_FQDN', 1.0, check_mid_id) +rspamd_config:set_metric_symbol('MID_RHS_NOT_FQDN', 0.5, 'Message-ID RHS is not a fully-qualified domain name') +rspamd_config:register_virtual_symbol('MID_MISSING_BRACKETS', 1.0, check_mid_id) +rspamd_config:set_metric_symbol('MID_MISSING_BRACKETS', 0.5, 'Message-ID is missing <>\'s') +rspamd_config:register_virtual_symbol('MID_RHS_IP_LITERAL', 1.0, check_mid_id) +rspamd_config:set_metric_symbol('MID_RHS_IP_LITERAL', 0.5, 'Message-ID RHS is an IP-literal') +rspamd_config:register_virtual_symbol('MID_CONTAINS_FROM', 1.0, check_mid_id) +rspamd_config:set_metric_symbol('MID_CONTAINS_FROM', 1.0, 'Message-ID contains From address') +rspamd_config:register_virtual_symbol('MID_RHS_MATCH_FROM', 1.0, check_mid_id) +rspamd_config:set_metric_symbol('MID_RHS_MATCH_FROM', 1.0, 'Message-ID RHS matches From domain') + local opts = rspamd_config:get_all_opt('mid') if opts then for k,v in pairs(opts) do |