aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--doc/markdown/modules/phishing.md5
-rw-r--r--src/plugins/lua/phishing.lua4
2 files changed, 6 insertions, 3 deletions
diff --git a/doc/markdown/modules/phishing.md b/doc/markdown/modules/phishing.md
index 5218cc908..55884f287 100644
--- a/doc/markdown/modules/phishing.md
+++ b/doc/markdown/modules/phishing.md
@@ -58,6 +58,9 @@ payments system phishing.
Finally, the default symbol is yielded- if `domains` is specified then
only if the phished domain is found in the related map.
+Maps for this module can consist of effective second level domain parts (eSLD)
+or whole domain parts of the URLs (FQDN) as well.
+
## Openphish support
Since version 1.3, there is [openphish](https://openphish.com) support in rspamd.
@@ -108,4 +111,4 @@ To enable phishtank feed, you can edit `local.d/phishing.conf` file and add the
phishtank_enabled = true;
# Where nginx is installed
phishtank_map = "http://localhost:8080/data/online-valid.json";
-~~~ \ No newline at end of file
+~~~
diff --git a/src/plugins/lua/phishing.lua b/src/plugins/lua/phishing.lua
index 11363953c..ec9b9d2ad 100644
--- a/src/plugins/lua/phishing.lua
+++ b/src/plugins/lua/phishing.lua
@@ -136,7 +136,7 @@ local function phishing_cb(task)
if #redirector_domains > 0 then
for _,rule in ipairs(redirector_domains) do
- if rule['map']:get_key(url:get_tld()) then
+ if rule['map']:get_key(tld) or rule['map']:get_key(url:get_host()) then
task:insert_result(rule['symbol'], weight, ptld .. '->' .. tld)
found = true
end
@@ -144,7 +144,7 @@ local function phishing_cb(task)
end
if not found and #strict_domains > 0 then
for _,rule in ipairs(strict_domains) do
- if rule['map']:get_key(ptld) then
+ if rule['map']:get_key(ptld) or rule['map']:get_key(purl:get_host()) then
task:insert_result(rule['symbol'], 1.0, ptld .. '->' .. tld)
found = true
end