diff options
-rw-r--r-- | conf/modules.d/spf.conf | 10 | ||||
-rw-r--r-- | conf/modules.d/surbl.conf | 194 | ||||
-rw-r--r-- | conf/modules.d/whitelist.conf | 86 |
3 files changed, 145 insertions, 145 deletions
diff --git a/conf/modules.d/spf.conf b/conf/modules.d/spf.conf index fa66147a8..841b63ee8 100644 --- a/conf/modules.d/spf.conf +++ b/conf/modules.d/spf.conf @@ -14,10 +14,10 @@ # See https://rspamd.com/doc/tutorials/writing_rules.html for details spf { - spf_cache_size = 2k; - spf_cache_expire = 1d; + spf_cache_size = 2k; + spf_cache_expire = 1d; - .include(try=true,priority=5) "${DBDIR}/dynamic/spf.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/spf.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/spf.conf" + .include(try=true,priority=5) "${DBDIR}/dynamic/spf.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/spf.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/spf.conf" } diff --git a/conf/modules.d/surbl.conf b/conf/modules.d/surbl.conf index f8c046aa9..032b2d799 100644 --- a/conf/modules.d/surbl.conf +++ b/conf/modules.d/surbl.conf @@ -14,115 +14,115 @@ # See https://rspamd.com/doc/tutorials/writing_rules.html for details surbl { - whitelist = [ - "https://maps.rspamd.com/rspamd/surbl-whitelist.inc.zst", - "${DBDIR}/surbl-whitelist.inc.local", - "fallback+file://${CONFDIR}/surbl-whitelist.inc" - ]; - exceptions = [ - "https://maps.rspamd.com/rspamd/2tld.inc.zst", - "${DBDIR}/2tld.inc.local", - "fallback+file://${CONFDIR}/2tld.inc" - ]; + whitelist = [ + "https://maps.rspamd.com/rspamd/surbl-whitelist.inc.zst", + "${DBDIR}/surbl-whitelist.inc.local", + "fallback+file://${CONFDIR}/surbl-whitelist.inc" + ]; + exceptions = [ + "https://maps.rspamd.com/rspamd/2tld.inc.zst", + "${DBDIR}/2tld.inc.local", + "fallback+file://${CONFDIR}/2tld.inc" + ]; - rules { - "SURBL_MULTI" { - suffix = "multi.surbl.org"; - check_dkim = true; - bits { - CRACKED_SURBL = 128; # From February 2016 - ABUSE_SURBL = 64; - MW_SURBL_MULTI = 16; - PH_SURBL_MULTI = 8; - SURBL_BLOCKED = 1; - } - } - "URIBL_MULTI" { - suffix = "multi.uribl.com"; - check_dkim = true; - bits { - URIBL_BLOCKED = 1; - URIBL_BLACK = 2; - URIBL_GREY = 4; - URIBL_RED = 8; - } - } - "RSPAMD_URIBL" { - suffix = "uribl.rspamd.com"; - check_dkim = true; - process_script =<<EOD + rules { + "SURBL_MULTI" { + suffix = "multi.surbl.org"; + check_dkim = true; + bits { + CRACKED_SURBL = 128; # From February 2016 + ABUSE_SURBL = 64; + MW_SURBL_MULTI = 16; + PH_SURBL_MULTI = 8; + SURBL_BLOCKED = 1; + } + } + "URIBL_MULTI" { + suffix = "multi.uribl.com"; + check_dkim = true; + bits { + URIBL_BLOCKED = 1; + URIBL_BLACK = 2; + URIBL_GREY = 4; + URIBL_RED = 8; + } + } + "RSPAMD_URIBL" { + suffix = "uribl.rspamd.com"; + check_dkim = true; + process_script =<<EOD function(url, suffix) local cr = require "rspamd_cryptobox_hash" local h = cr.create(url):base32():sub(1, 32) return string.format("%s.%s", h, suffix) end EOD; - } - "DBL" { - suffix = "dbl.spamhaus.org"; - no_ip = true; - check_dkim = true; + } + "DBL" { + suffix = "dbl.spamhaus.org"; + no_ip = true; + check_dkim = true; - ips = { - # spam domain - DBL_SPAM = "127.0.1.2"; - # phish domain - DBL_PHISH = "127.0.1.4"; - # malware domain - DBL_MALWARE = "127.0.1.5"; - # botnet C&C domain - DBL_BOTNET = "127.0.1.6"; - # abused legit spam - DBL_ABUSE = "127.0.1.102"; - # abused spammed redirector domain - DBL_ABUSE_REDIR = "127.0.1.103"; - # abused legit phish - DBL_ABUSE_PHISH = "127.0.1.104"; - # abused legit malware - DBL_ABUSE_MALWARE = "127.0.1.105"; - # abused legit botnet C&C - DBL_ABUSE_BOTNET = "127.0.1.106"; - # error - IP queries prohibited! - DBL_PROHIBIT = "127.0.1.255"; - } - } + ips = { + # spam domain + DBL_SPAM = "127.0.1.2"; + # phish domain + DBL_PHISH = "127.0.1.4"; + # malware domain + DBL_MALWARE = "127.0.1.5"; + # botnet C&C domain + DBL_BOTNET = "127.0.1.6"; + # abused legit spam + DBL_ABUSE = "127.0.1.102"; + # abused spammed redirector domain + DBL_ABUSE_REDIR = "127.0.1.103"; + # abused legit phish + DBL_ABUSE_PHISH = "127.0.1.104"; + # abused legit malware + DBL_ABUSE_MALWARE = "127.0.1.105"; + # abused legit botnet C&C + DBL_ABUSE_BOTNET = "127.0.1.106"; + # error - IP queries prohibited! + DBL_PROHIBIT = "127.0.1.255"; + } + } - "SPAMHAUS_ZEN_URIBL" { - suffix = "zen.spamhaus.org"; - resolve_ip = true; - ips { - URIBL_SBL = "127.0.0.2"; - URIBL_SBL_CSS = "127.0.0.3"; - URIBL_XBL = ["127.0.0.4", "127.0.0.5", "127.0.0.6", "127.0.0.7"]; - URIBL_PBL = ["127.0.0.10", "127.0.0.11"]; - URIBL_DROP = "127.0.0.9"; - } - } + "SPAMHAUS_ZEN_URIBL" { + suffix = "zen.spamhaus.org"; + resolve_ip = true; + ips { + URIBL_SBL = "127.0.0.2"; + URIBL_SBL_CSS = "127.0.0.3"; + URIBL_XBL = ["127.0.0.4", "127.0.0.5", "127.0.0.6", "127.0.0.7"]; + URIBL_PBL = ["127.0.0.10", "127.0.0.11"]; + URIBL_DROP = "127.0.0.9"; + } + } - "SEM_URIBL_UNKNOWN" { - suffix = "uribl.spameatingmonkey.net"; - bits { - SEM_URIBL = 2; - } - no_ip = true; - } + "SEM_URIBL_UNKNOWN" { + suffix = "uribl.spameatingmonkey.net"; + bits { + SEM_URIBL = 2; + } + no_ip = true; + } - "SEM_URIBL_FRESH15_UNKNOWN" { - suffix = "fresh15.spameatingmonkey.net"; - bits { - SEM_URIBL_FRESH15 = 2; - } - no_ip = true; - } + "SEM_URIBL_FRESH15_UNKNOWN" { + suffix = "fresh15.spameatingmonkey.net"; + bits { + SEM_URIBL_FRESH15 = 2; + } + no_ip = true; + } - "RBL_SARBL_BAD" { - suffix = "public.sarbl.org"; - noip = true; - images = true; - } + "RBL_SARBL_BAD" { + suffix = "public.sarbl.org"; + noip = true; + images = true; } + } - .include(try=true,priority=5) "${DBDIR}/dynamic/surbl.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/surbl.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/surbl.conf" + .include(try=true,priority=5) "${DBDIR}/dynamic/surbl.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/surbl.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/surbl.conf" } diff --git a/conf/modules.d/whitelist.conf b/conf/modules.d/whitelist.conf index df4c30248..aa0da3161 100644 --- a/conf/modules.d/whitelist.conf +++ b/conf/modules.d/whitelist.conf @@ -14,50 +14,50 @@ # See https://rspamd.com/doc/tutorials/writing_rules.html for details whitelist { - rules { - "WHITELIST_SPF" = { - valid_spf = true; - domains = [ - "${DBDIR}/spf_whitelist.inc.local", - "fallback+file://${CONFDIR}/spf_whitelist.inc" - ]; - score = -1.0 - inverse_symbol = "BLACKLIST_SPF"; - } + rules { + "WHITELIST_SPF" = { + valid_spf = true; + domains = [ + "${DBDIR}/spf_whitelist.inc.local", + "fallback+file://${CONFDIR}/spf_whitelist.inc" + ]; + score = -1.0 + inverse_symbol = "BLACKLIST_SPF"; + } - "WHITELIST_DKIM" = { - valid_dkim = true; - domains = [ - "${DBDIR}/dkim_whitelist.inc.local", - "fallback+file://${CONFDIR}/dkim_whitelist.inc" - ]; - score = -1.0; - inverse_symbol = "BLACKLIST_DKIM"; - } - "WHITELIST_SPF_DKIM" = { - valid_spf = true; - valid_dkim = true; - domains = [ - "https://maps.rspamd.com/rspamd/spf_dkim_whitelist.inc.zst", - "${DBDIR}/spf_dkim_whitelist.inc.local", - "fallback+file://${CONFDIR}/spf_dkim_whitelist.inc" - ]; - score = -3.0; - inverse_symbol = "BLACKLIST_SPF_DKIM"; - } - "WHITELIST_DMARC" = { - valid_dmarc = true; - domains = [ - "https://maps.rspamd.com/rspamd/dmarc_whitelist_new.inc.zst", - "${DBDIR}/dmarc_whitelist.inc.local", - "fallback+file://${CONFDIR}/dmarc_whitelist.inc" - ]; - score = -7.0; - inverse_symbol = "BLACKLIST_DMARC"; - } + "WHITELIST_DKIM" = { + valid_dkim = true; + domains = [ + "${DBDIR}/dkim_whitelist.inc.local", + "fallback+file://${CONFDIR}/dkim_whitelist.inc" + ]; + score = -1.0; + inverse_symbol = "BLACKLIST_DKIM"; + } + "WHITELIST_SPF_DKIM" = { + valid_spf = true; + valid_dkim = true; + domains = [ + "https://maps.rspamd.com/rspamd/spf_dkim_whitelist.inc.zst", + "${DBDIR}/spf_dkim_whitelist.inc.local", + "fallback+file://${CONFDIR}/spf_dkim_whitelist.inc" + ]; + score = -3.0; + inverse_symbol = "BLACKLIST_SPF_DKIM"; + } + "WHITELIST_DMARC" = { + valid_dmarc = true; + domains = [ + "https://maps.rspamd.com/rspamd/dmarc_whitelist_new.inc.zst", + "${DBDIR}/dmarc_whitelist.inc.local", + "fallback+file://${CONFDIR}/dmarc_whitelist.inc" + ]; + score = -7.0; + inverse_symbol = "BLACKLIST_DMARC"; } + } - .include(try=true,priority=5) "${DBDIR}/dynamic/whitelist.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/whitelist.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/whitelist.conf" + .include(try=true,priority=5) "${DBDIR}/dynamic/whitelist.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/whitelist.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/whitelist.conf" } |