diff options
| -rw-r--r-- | conf/metrics.conf | 5 | ||||
| -rw-r--r-- | rules/regexp/headers.lua | 19 |
2 files changed, 8 insertions, 16 deletions
diff --git a/conf/metrics.conf b/conf/metrics.conf index b0347f1e2..90513fb1a 100644 --- a/conf/metrics.conf +++ b/conf/metrics.conf @@ -150,11 +150,6 @@ metric { name = "R_RCVD_SPAMBOTS"; } symbol { - weight = 2.0; - description = "To header seems to be autogenerated"; - name = "R_TO_SEEMS_AUTO"; - } - symbol { weight = 1.0; description = "Subject needs encoding"; name = "SUBJECT_NEEDS_ENCODING"; diff --git a/rules/regexp/headers.lua b/rules/regexp/headers.lua index 50bc4d07e..e0679c583 100644 --- a/rules/regexp/headers.lua +++ b/rules/regexp/headers.lua @@ -6,9 +6,9 @@ -- The ASF licenses this file to you under the Apache License, Version 2.0 -- (the "License"); you may not use this file except in compliance with -- the License. You may obtain a copy of the License at: --- +-- -- http://www.apache.org/licenses/LICENSE-2.0 --- +-- -- Unless required by applicable law or agreed to in writing, software -- distributed under the License is distributed on an "AS IS" BASIS, -- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -35,11 +35,11 @@ reconf['R_NO_SPACE_IN_FROM'] = 'From=/\\S<[-\\w\\.]+\\@[-\\w\\.]+>/X' rspamd_config.MISSING_SUBJECT = function(task) local hdr = task:get_header('Subject') - + if not hdr or #hdr == 0 then return true end - + return false end @@ -66,16 +66,13 @@ reconf['MISSING_MID'] = '!header_exists(Message-Id)'; -- Received seems to be fake reconf['R_RCVD_SPAMBOTS'] = 'Received=/^from \\[\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\] by [-.\\w+]{5,255}; [SMTWF][a-z][a-z], [\\s\\d]?\\d [JFMAJSOND][a-z][a-z] \\d{4} \\d{2}:\\d{2}:\\d{2} [-+]\\d{4}$/mH' --- To header seems to be autogenerated -reconf['R_TO_SEEMS_AUTO'] = 'To=/^\\"?(?<bt>[-.\\w]{1,64})\\"?\\s<\\k<bt>\\@/H' - -- Charset is missing in message reconf['R_MISSING_CHARSET']= string.format('content_type_is_type(text) & !content_type_has_param(charset) & !%s', r_cte_7bit); -- Subject seems to be spam reconf['R_SAJDING'] = 'Subject=/\\bsajding(?:om|a)?\\b/iH' --- Find forged Outlook MUA +-- Find forged Outlook MUA -- Yahoo groups messages local yahoo_bulk = 'Received=/from \\[\\S+\\] by \\S+\\.(?:groups|scd|dcn)\\.yahoo\\.com with NNFMP/H' -- Outlook MUA @@ -169,7 +166,7 @@ local sympatico_msgid = 'Message-Id=/^<?BAYC\\d+-PASMTP\\d+[A-Z0-9]{25}\\@CEZ\\. -- Mailman message id local mailman_msgid = 'Message-ID=/^<mailman\\.\\d+\\.\\d+\\.\\d+\\..+\\@\\S+>$/H' -- Message id seems to be forged -local unusable_msgid = string.format('(%s | %s | %s | %s | %s | %s)', +local unusable_msgid = string.format('(%s | %s | %s | %s | %s | %s)', lyris_ezml_remailer, wacky_sendmail_version, iplanet_messaging_server, hotmail_baydav_msgid, sympatico_msgid, mailman_msgid) -- Outlook express data seems to be forged local forged_oe = string.format('(%s & !%s & !%s & !%s)', oe_mua, oe_msgid_1, oe_msgid_2, unusable_msgid) @@ -185,12 +182,12 @@ local forged_outlook_dollars = string.format('(%s & !%s & !%s & !%s & !%s & !%s) local fmo_excl_o3416 = 'X-Mailer=/^Microsoft Outlook, Build 10.0.3416$/H' local fmo_excl_oe3790 = 'X-Mailer=/^Microsoft Outlook Express 6.00.3790.3959$/H' -- Summary rule for forged outlook -reconf['FORGED_MUA_OUTLOOK'] = string.format('(%s | %s) & !%s & !%s & !%s', +reconf['FORGED_MUA_OUTLOOK'] = string.format('(%s | %s) & !%s & !%s & !%s', forged_oe, forged_outlook_dollars, fmo_excl_o3416, fmo_excl_oe3790, vista_msgid) -- HTML outlook signs local mime_html = 'content_type_is_type(text) & content_type_is_subtype(/.?html/)' -local tag_exists_html = 'has_html_tag(html)' +local tag_exists_html = 'has_html_tag(html)' local tag_exists_head = 'has_html_tag(head)' local tag_exists_meta = 'has_html_tag(meta)' local tag_exists_body = 'has_html_tag(body)' |