diff options
-rw-r--r-- | doc/markdown/modules/phishing.md | 5 | ||||
-rw-r--r-- | src/plugins/lua/phishing.lua | 4 |
2 files changed, 6 insertions, 3 deletions
diff --git a/doc/markdown/modules/phishing.md b/doc/markdown/modules/phishing.md index 5218cc908..55884f287 100644 --- a/doc/markdown/modules/phishing.md +++ b/doc/markdown/modules/phishing.md @@ -58,6 +58,9 @@ payments system phishing. Finally, the default symbol is yielded- if `domains` is specified then only if the phished domain is found in the related map. +Maps for this module can consist of effective second level domain parts (eSLD) +or whole domain parts of the URLs (FQDN) as well. + ## Openphish support Since version 1.3, there is [openphish](https://openphish.com) support in rspamd. @@ -108,4 +111,4 @@ To enable phishtank feed, you can edit `local.d/phishing.conf` file and add the phishtank_enabled = true; # Where nginx is installed phishtank_map = "http://localhost:8080/data/online-valid.json"; -~~~
\ No newline at end of file +~~~ diff --git a/src/plugins/lua/phishing.lua b/src/plugins/lua/phishing.lua index 11363953c..ec9b9d2ad 100644 --- a/src/plugins/lua/phishing.lua +++ b/src/plugins/lua/phishing.lua @@ -136,7 +136,7 @@ local function phishing_cb(task) if #redirector_domains > 0 then for _,rule in ipairs(redirector_domains) do - if rule['map']:get_key(url:get_tld()) then + if rule['map']:get_key(tld) or rule['map']:get_key(url:get_host()) then task:insert_result(rule['symbol'], weight, ptld .. '->' .. tld) found = true end @@ -144,7 +144,7 @@ local function phishing_cb(task) end if not found and #strict_domains > 0 then for _,rule in ipairs(strict_domains) do - if rule['map']:get_key(ptld) then + if rule['map']:get_key(ptld) or rule['map']:get_key(purl:get_host()) then task:insert_result(rule['symbol'], 1.0, ptld .. '->' .. tld) found = true end |