summaryrefslogtreecommitdiffstats
path: root/conf/modules.conf
diff options
context:
space:
mode:
Diffstat (limited to 'conf/modules.conf')
-rw-r--r--conf/modules.conf349
1 files changed, 184 insertions, 165 deletions
diff --git a/conf/modules.conf b/conf/modules.conf
index 3bd62c672..ad875ece3 100644
--- a/conf/modules.conf
+++ b/conf/modules.conf
@@ -1,36 +1,40 @@
# Rspamd modules configuration
+
fuzzy_check {
min_bytes = 300;
- rule {
- servers = "highsecure.ru:11335";
- symbol = "FUZZY_UNKNOWN";
- mime_types = "application/pdf";
- max_score = 20.0;
- read_only = yes;
- skip_unknown = yes;
- fuzzy_map = {
- FUZZY_DENIED {
- max_score = 20.0;
- flag = 1
- }
- FUZZY_PROB {
- max_score = 10.0;
- flag = 2
- }
- FUZZY_WHITE {
- max_score = 2.0;
- flag = 3
- }
- }
- }
+ rule {
+ servers = "highsecure.ru:11335";
+ symbol = "FUZZY_UNKNOWN";
+ mime_types = "application/pdf";
+ max_score = 20.0;
+ read_only = yes;
+ skip_unknown = yes;
+ fuzzy_map = {
+ FUZZY_DENIED {
+ max_score = 20.0;
+ flag = 1;
+ }
+ FUZZY_PROB {
+ max_score = 10.0;
+ flag = 2;
+ }
+ FUZZY_WHITE {
+ max_score = 2.0;
+ flag = 3;
+ }
+ }
+ }
}
+
forged_recipients {
symbol_sender = "FORGED_SENDER";
symbol_rcpt = "FORGED_RECIPIENTS";
}
+
maillist {
symbol = "MAILLIST";
}
+
surbl {
whitelist = "file://$CONFDIR/surbl-whitelist.inc";
exceptions = "file://$CONFDIR/2tld.inc";
@@ -65,16 +69,26 @@ surbl {
symbol = "DBL";
options = "noip";
ips = {
- DBL_SPAM = "127.0.1.2"; # spam domain
- DBL_PHISH = "127.0.1.4"; # phish domain
- DBL_MALWARE = "127.0.1.5"; # malware domain
- DBL_BOTNET = "127.0.1.6"; # botnet C&C domain
- DBL_ABUSE = "127.0.1.102"; # abused legit spam
- DBL_ABUSE_REDIR = "127.0.1.103"; # abused spammed redirector domain
- DBL_ABUSE_PHISH = "127.0.1.104"; # abused legit phish
- DBL_ABUSE_MALWARE = "127.0.1.105"; # abused legit malware
- DBL_ABUSE_BOTNET = "127.0.1.106"; # abused legit botnet C&C
- DBL_PROHIBIT = "127.0.1.255"; # IP queries prohibited!
+ # spam domain
+ DBL_SPAM = "127.0.1.2";
+ # phish domain
+ DBL_PHISH = "127.0.1.4";
+ # malware domain
+ DBL_MALWARE = "127.0.1.5";
+ # botnet C&C domain
+ DBL_BOTNET = "127.0.1.6";
+ # abused legit spam
+ DBL_ABUSE = "127.0.1.102";
+ # abused spammed redirector domain
+ DBL_ABUSE_REDIR = "127.0.1.103";
+ # abused legit phish
+ DBL_ABUSE_PHISH = "127.0.1.104";
+ # abused legit malware
+ DBL_ABUSE_MALWARE = "127.0.1.105";
+ # abused legit botnet C&C
+ DBL_ABUSE_BOTNET = "127.0.1.106";
+ # error - IP queries prohibited!
+ DBL_PROHIBIT = "127.0.1.255";
}
}
rule {
@@ -94,150 +108,152 @@ surbl {
options = "noip";
}
}
+
rbl {
- default_from = true;
- default_received = false;
- default_exclude_users = true;
-
- private_ips = "127.0.0.0/8 10.0.0.0/8 192.168.0.0/16 169.254.0.0/16 172.16.0.0/12 100.64.0.0/10 fc00::/7 fe80::/10 fec0::/10 ::1";
-
- rbls {
-
- spamhaus {
- symbol = "RBL_SPAMHAUS";
- rbl = "zen.spamhaus.org";
- ipv6 = true;
- returncodes {
- RBL_SPAMHAUS_SBL = "127.0.0.2";
- RBL_SPAMHAUS_CSS = "127.0.0.3";
- RBL_SPAMHAUS_XBL = "127.0.0.4";
- RBL_SPAMHAUS_XBL = "127.0.0.5";
- RBL_SPAMHAUS_XBL = "127.0.0.6";
- RBL_SPAMHAUS_XBL = "127.0.0.7";
- RBL_SPAMHAUS_PBL = "127.0.0.10";
- RBL_SPAMHAUS_PBL = "127.0.0.11";
+ default_from = true;
+ default_received = false;
+ default_exclude_users = true;
+
+ private_ips = "127.0.0.0/8 10.0.0.0/8 192.168.0.0/16 169.254.0.0/16 172.16.0.0/12 100.64.0.0/10 fc00::/7 fe80::/10 fec0::/10 ::1";
+
+ rbls {
+
+ spamhaus {
+ symbol = "RBL_SPAMHAUS";
+ rbl = "zen.spamhaus.org";
+ ipv6 = true;
+ returncodes {
+ RBL_SPAMHAUS_SBL = "127.0.0.2";
+ RBL_SPAMHAUS_CSS = "127.0.0.3";
+ RBL_SPAMHAUS_XBL = "127.0.0.4";
+ RBL_SPAMHAUS_XBL = "127.0.0.5";
+ RBL_SPAMHAUS_XBL = "127.0.0.6";
+ RBL_SPAMHAUS_XBL = "127.0.0.7";
+ RBL_SPAMHAUS_PBL = "127.0.0.10";
+ RBL_SPAMHAUS_PBL = "127.0.0.11";
+ }
}
- }
- spamhaus_xbl {
- symbol = "RECEIVED_SPAMHAUS_XBL";
- rbl = "xbl.spamhaus.org";
- ipv6 = true;
- received = true;
- from = false;
- }
-
- spamhaus_swl {
- symbol = "RWL_SPAMHAUS_WL";
- rbl = "swl.spamhaus.org";
- ipv6 = true;
- is_whitelist = true;
- returncodes {
- RWL_SPAMHAUS_WL_IND = "127.0.2.2";
- RWL_SPAMHAUS_WL_TRANS = "127.0.2.3";
- RWL_SPAMHAUS_WL_IND_EXP = "127.0.2.102";
- RWL_SPAMHAUS_WL_TRANS_EXP = "127.0.2.103";
+ spamhaus_xbl {
+ symbol = "RECEIVED_SPAMHAUS_XBL";
+ rbl = "xbl.spamhaus.org";
+ ipv6 = true;
+ received = true;
+ from = false;
}
- }
- mailspike_bl {
- rbl = "bl.mailspike.net";
- returncodes {
- RBL_MAILSPIKE_ZOMBIE = "127.0.0.2";
- RBL_MAILSPIKE_WORST = "127.0.0.10";
- RBL_MAILSPIKE_VERYBAD = "127.0.0.11";
- RBL_MAILSPIKE_BAD = "127.0.0.12";
- }
- }
+ spamhaus_swl {
+ symbol = "RWL_SPAMHAUS_WL";
+ rbl = "swl.spamhaus.org";
+ ipv6 = true;
+ is_whitelist = true;
+ returncodes {
+ RWL_SPAMHAUS_WL_IND = "127.0.2.2";
+ RWL_SPAMHAUS_WL_TRANS = "127.0.2.3";
+ RWL_SPAMHAUS_WL_IND_EXP = "127.0.2.102";
+ RWL_SPAMHAUS_WL_TRANS_EXP = "127.0.2.103";
+ }
+ }
- mailspike_wl {
- rbl = "wl.mailspike.net";
- is_whitelist = true;
- returncodes {
- RWL_MAILSPIKE_POSSIBLE = "127.0.0.17";
- RWL_MAILSPIKE_GOOD = "127.0.0.18";
- RWL_MAILSPIKE_VERYGOOD = "127.0.0.19";
- RWL_MAILSPIKE_EXCELLENT = "127.0.0.20";
- }
- }
-
- senderscore {
- symbol = "RBL_SENDERSCORE";
- rbl = "bl.score.senderscore.com";
- }
-
- abusech {
- symbol = "RBL_ABUSECH";
- rbl = "spam.abuse.ch";
- }
-
- uceprotect1 {
- symbol = "RBL_UCEPROTECT_LEVEL1";
- rbl = "dnsbl-1.uceprotect.net";
- }
-
- sorbs {
- symbol = "RBL_SORBS";
- rbl = "dnsbl.sorbs.net";
- returncodes {
- #http://www.sorbs.net/general/using.shtml
- RBL_SORBS_HTTP = "127.0.0.2"
- RBL_SORBS_SOCKS = "127.0.0.3"
- RBL_SORBS_MISC = "127.0.0.4"
- RBL_SORBS_SMTP = "127.0.0.5"
- RBL_SORBS_RECENT = "127.0.0.6"
- RBL_SORBS_WEB = "127.0.0.7"
- RBL_SORBS_DUL = "127.0.0.10"
- RBL_SORBS_BLOCK = "127.0.0.8"
- RBL_SORBS_ZOMBIE = "127.0.0.9"
- }
- }
-
- sem {
- symbol = "RBL_SEM";
- rbl = "bl.spameatingmonkey.net";
- }
-
- semIPv6 {
- symbol = "RBL_SEM_IPV6";
- rbl = "bl.ipv6.spameatingmonkey.net";
- ipv4 = false;
- ipv6 = true;
- }
+ mailspike_bl {
+ rbl = "bl.mailspike.net";
+ returncodes {
+ RBL_MAILSPIKE_ZOMBIE = "127.0.0.2";
+ RBL_MAILSPIKE_WORST = "127.0.0.10";
+ RBL_MAILSPIKE_VERYBAD = "127.0.0.11";
+ RBL_MAILSPIKE_BAD = "127.0.0.12";
+ }
+ }
- dnswl {
- symbol = "RCVD_IN_DNSWL";
- rbl = "list.dnswl.org";
- ipv6 = true;
- is_whitelist = true;
- returncodes {
- RCVD_IN_DNSWL_NONE = "127.0.%d+.0";
- RCVD_IN_DNSWL_LOW = "127.0.%d+.1";
- RCVD_IN_DNSWL_MED = "127.0.%d+.2";
- RCVD_IN_DNSWL_HI = "127.0.%d+.3";
- DNSWL_BLOCKED = "127.0.0.255";
+ mailspike_wl {
+ rbl = "wl.mailspike.net";
+ is_whitelist = true;
+ returncodes {
+ RWL_MAILSPIKE_POSSIBLE = "127.0.0.17";
+ RWL_MAILSPIKE_GOOD = "127.0.0.18";
+ RWL_MAILSPIKE_VERYGOOD = "127.0.0.19";
+ RWL_MAILSPIKE_EXCELLENT = "127.0.0.20";
+ }
}
- }
- rambleremails {
- symbol = RAMBLER_EMAILBL;
- rbl = email-bl.rambler.ru;
- from = false;
- emails = true;
- exclude_users = false;
- exclude_private_ips = false;
- exclude_local = false;
- ignore_whitelists = true;
- }
+ senderscore {
+ symbol = "RBL_SENDERSCORE";
+ rbl = "bl.score.senderscore.com";
+ }
+
+ abusech {
+ symbol = "RBL_ABUSECH";
+ rbl = "spam.abuse.ch";
+ }
+
+ uceprotect1 {
+ symbol = "RBL_UCEPROTECT_LEVEL1";
+ rbl = "dnsbl-1.uceprotect.net";
+ }
+
+ sorbs {
+ symbol = "RBL_SORBS";
+ rbl = "dnsbl.sorbs.net";
+ returncodes {
+ # http:// www.sorbs.net/general/using.shtml
+ RBL_SORBS_HTTP = "127.0.0.2";
+ RBL_SORBS_SOCKS = "127.0.0.3";
+ RBL_SORBS_MISC = "127.0.0.4";
+ RBL_SORBS_SMTP = "127.0.0.5";
+ RBL_SORBS_RECENT = "127.0.0.6";
+ RBL_SORBS_WEB = "127.0.0.7";
+ RBL_SORBS_DUL = "127.0.0.10";
+ RBL_SORBS_BLOCK = "127.0.0.8";
+ RBL_SORBS_ZOMBIE = "127.0.0.9";
+ }
+ }
+
+ sem {
+ symbol = "RBL_SEM";
+ rbl = "bl.spameatingmonkey.net";
+ }
- }
+ semIPv6 {
+ symbol = "RBL_SEM_IPV6";
+ rbl = "bl.ipv6.spameatingmonkey.net";
+ ipv4 = false;
+ ipv6 = true;
+ }
+
+ dnswl {
+ symbol = "RCVD_IN_DNSWL";
+ rbl = "list.dnswl.org";
+ ipv6 = true;
+ is_whitelist = true;
+ returncodes {
+ RCVD_IN_DNSWL_NONE = "127.0.%d+.0";
+ RCVD_IN_DNSWL_LOW = "127.0.%d+.1";
+ RCVD_IN_DNSWL_MED = "127.0.%d+.2";
+ RCVD_IN_DNSWL_HI = "127.0.%d+.3";
+ DNSWL_BLOCKED = "127.0.0.255";
+ }
+ }
+
+ rambleremails {
+ symbol = RAMBLER_EMAILBL;
+ rbl = "email-bl.rambler.ru";
+ from = false;
+ emails = true;
+ exclude_users = false;
+ exclude_private_ips = false;
+ exclude_local = false;
+ ignore_whitelists = true;
+ }
+
+ }
}
chartable {
threshold = 0.300000;
symbol = "R_MIXED_CHARSET";
}
+
once_received {
good_host = "mail";
bad_host = "static";
@@ -252,12 +268,15 @@ once_received {
phishing {
symbol = "PHISHING";
}
+
#emails {
#}
+
spf {
spf_cache_size = 2k;
spf_cache_expire = 1d;
}
+
dkim {
dkim_cache_size = 2k;
dkim_cache_expire = 1d;
@@ -282,12 +301,12 @@ regexp {
}
ip_score {
-# servers = "localhost";
-# treshold = 100;
-# reject_score = 3;
-# no_action_score = -2;
-# add_header_score = 1;
-# whitelist = "file:///ip_map";
+# servers = "localhost";
+# treshold = 100;
+# reject_score = 3;
+# no_action_score = -2;
+# add_header_score = 1;
+# whitelist = "file:///ip_map";
}
hfilter {