1 files changed, 192 insertions, 39 deletions

diff --git a/conf/modules.d/rbl.conf b/conf/modules.d/rbl.conf
index f8f8d02a1..caaee4b97 100644
--- a/conf/modules.d/rbl.conf
+++ b/conf/modules.d/rbl.conf
@@ -1,17 +1,16 @@
 # Please don't modify this file as your changes might be overwritten with
 # the next update.
 #
-# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
-# parameters defined on the top level
+# You can modify 'local.d/rbl.conf' to add and merge
+# parameters defined inside this section
 #
-# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
-# parameters defined on the top level
+# You can modify 'override.d/rbl.conf' to strictly override all
+# parameters defined inside this section
 #
-# For specific modules or configuration you can also modify
-# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
-# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
 #
-# See https://rspamd.com/doc/tutorials/writing_rules.html for details
+# Module documentation can be found at  https://rspamd.com/doc/modules/rbl.html
 
 rbl {
   default_from = true;
@@ -19,36 +18,32 @@ rbl {
   default_exclude_users = true;
   default_unknown = true;
 
+  url_whitelist = [
+    "https://maps.rspamd.com/rspamd/surbl-whitelist.inc.zst",
+    "$LOCAL_CONFDIR/local.d/maps.d/surbl-whitelist.inc.local",
+    "${DBDIR}/surbl-whitelist.inc.local",
+    "fallback+file://${CONFDIR}/maps.d/surbl-whitelist.inc"
+  ];
+
   rbls {
 
     spamhaus {
-      symbol = "RBL_SPAMHAUS";
-      rbl = "zen.spamhaus.org";
-      ipv6 = true;
-      returncodes {
-        RBL_SPAMHAUS_SBL = "127.0.0.2";
-        RBL_SPAMHAUS_CSS = "127.0.0.3";
-        RBL_SPAMHAUS_XBL = ["127.0.0.4", "127.0.0.5",
-            "127.0.0.6", "127.0.0.7"];
-        RBL_SPAMHAUS_PBL = ["127.0.0.10", "127.0.0.11"];
-        RBL_SPAMHAUS_DROP = "127.0.0.9";
-      }
-    }
-
-    spamhaus_received {
-      symbol = "RECEIVED_SPAMHAUS";
+      symbol = "SPAMHAUS"; # Augmented by prefixes
       rbl = "zen.spamhaus.org";
       ipv6 = true;
       received = true;
-      from = false;
-      ignore_whitelists = true;
+      from = true;
+      symbols_prefixes = {
+        received = 'RECEIVED',
+        from = 'RBL',
+      }
       returncodes {
-        RECEIVED_SPAMHAUS_SBL = "127.0.0.2";
-        RECEIVED_SPAMHAUS_CSS = "127.0.0.3";
-        RECEIVED_SPAMHAUS_XBL = ["127.0.0.4", "127.0.0.5",
+        SPAMHAUS_SBL = "127.0.0.2";
+        SPAMHAUS_CSS = "127.0.0.3";
+        SPAMHAUS_XBL = ["127.0.0.4", "127.0.0.5",
             "127.0.0.6", "127.0.0.7"];
-        RECEIVED_SPAMHAUS_PBL = ["127.0.0.10", "127.0.0.11"];
-        RECEIVED_SPAMHAUS_DROP = "127.0.0.9";
+        SPAMHAUS_PBL = ["127.0.0.10", "127.0.0.11"];
+        SPAMHAUS_DROP = "127.0.0.9";
       }
     }
 
@@ -128,18 +123,15 @@ rbl {
     }
 
     blocklistde {
-      symbol = "RBL_BLOCKLISTDE";
-      rbl = "bl.blocklist.de";
-      ipv6 = true;
-    }
-
-    blocklistde_received {
-      symbol = "RECEIVED_BLOCKLISTDE";
+      symbols_prefixes = {
+        received = 'RECEIVED',
+        from = 'RBL',
+      }
+      symbol = "BLOCKLISTDE";
       rbl = "bl.blocklist.de";
       ipv6 = true;
       received = true;
-      from = false;
-      ignore_whitelists = true;
+      from = true;
     }
 
     dnswl_dwl {
@@ -159,6 +151,167 @@ rbl {
         DWL_DNSWL_BLOCKED = "127.0.0.255";
       }
     }
+    # Old emails module
+    RSPAMD_EMAILBL {
+      ignore_defaults = true;
+      emails_delimiter = ".";
+      hash_format = "base32";
+      hash_len = 32;
+      rbl = "email.rspamd.com";
+      replyto = true;
+      hash = "blake2";
+      returncodes = {
+        RSPAMD_EMAILBL = "127.0.0.2";
+      }
+    }
+    MSBL_EBL {
+      ignore_defaults = true;
+      rbl = "ebl.msbl.org";
+      emails_domainonly = false;
+      replyto = true;
+      hash = "sha1";
+      returncodes = {
+        MSBL_EBL = [
+          "127.0.0.2",
+          "127.0.0.3"
+        ];
+        MSBL_EBL_GREY = [
+          "127.0.1.2",
+          "127.0.1.3"
+        ];
+      }
+    }
+    # Old SURBL module
+    "SURBL_MULTI" {
+      ignore_defaults = true;
+      rbl = "multi.surbl.org";
+      dkim = true;
+      emails = true;
+      emails_domainonly = true;
+      urls = true;
+
+      returnbits = {
+        CRACKED_SURBL = 128; # From February 2016
+        ABUSE_SURBL = 64;
+        MW_SURBL_MULTI = 16;
+        PH_SURBL_MULTI = 8;
+        SURBL_BLOCKED = 1;
+      }
+    }
+
+    "URIBL_MULTI" {
+      ignore_defaults = true;
+      rbl = "multi.uribl.com";
+      dkim = true;
+      emails = true;
+      emails_domainonly = true;
+      urls = true;
+
+      returnbits {
+        URIBL_BLOCKED = 1;
+        URIBL_BLACK = 2;
+        URIBL_GREY = 4;
+        URIBL_RED = 8;
+      }
+    }
+
+    "RSPAMD_URIBL" {
+      ignore_defaults = true;
+      rbl = "uribl.rspamd.com";
+      dkim = true;
+      emails = true;
+      emails_domainonly = true;
+      urls = true;
+      hash = 'blake2';
+      hash_len = 32;
+      hash_format = 'base32';
+
+      returncodes = {
+        RSPAMD_URIBL = [
+          "127.0.0.2",
+        ];
+      }
+    }
+
+    "DBL" {
+      ignore_defaults = true;
+      rbl = "dbl.spamhaus.org";
+      no_ip = true;
+      dkim = true;
+      emails = true;
+      emails_domainonly = true;
+      urls = true;
+
+      returncodes = {
+        # spam domain
+        DBL_SPAM = "127.0.1.2";
+        # phish domain
+        DBL_PHISH = "127.0.1.4";
+        # malware domain
+        DBL_MALWARE = "127.0.1.5";
+        # botnet C&C domain
+        DBL_BOTNET = "127.0.1.6";
+        # abused legit spam
+        DBL_ABUSE = "127.0.1.102";
+        # abused spammed redirector domain
+        DBL_ABUSE_REDIR = "127.0.1.103";
+        # abused legit phish
+        DBL_ABUSE_PHISH = "127.0.1.104";
+        # abused legit malware
+        DBL_ABUSE_MALWARE = "127.0.1.105";
+        # abused legit botnet C&C
+        DBL_ABUSE_BOTNET = "127.0.1.106";
+        # error - IP queries prohibited!
+        DBL_PROHIBIT = "127.0.1.255";
+      }
+    }
+
+    # Not enabled by default due to privacy concerns! (see also groups.d/surbl_group.conf)
+    #"SPAMHAUS_ZEN_URIBL" {
+    #  suffix = "zen.spamhaus.org";
+    #  resolve_ip = true;
+    #  check_emails = true;
+    #  ips {
+    #    URIBL_SBL = "127.0.0.2";
+    #    URIBL_SBL_CSS = "127.0.0.3";
+    #    URIBL_XBL = ["127.0.0.4", "127.0.0.5", "127.0.0.6", "127.0.0.7"];
+    #    URIBL_PBL = ["127.0.0.10", "127.0.0.11"];
+    #    URIBL_DROP = "127.0.0.9";
+    #  }
+    #}
+
+    "SEM_URIBL_UNKNOWN" {
+      ignore_defaults = true;
+      rbl = "uribl.spameatingmonkey.net";
+      no_ip = true;
+      dkim = true;
+      emails = true;
+      emails_domainonly = true;
+      urls = true;
+      returnbits {
+        SEM_URIBL = 2;
+      }
+    }
+
+    "SEM_URIBL_FRESH15_UNKNOWN" {
+      ignore_defaults = true;
+      rbl = "fresh15.spameatingmonkey.net";
+      no_ip = true;
+      dkim = true;
+      emails = true;
+      emails_domainonly = true;
+      urls = true;
+      returnbits {
+        SEM_URIBL_FRESH15 = 2;
+      }
+    }
+
+    # Proved to be broken
+    #"RBL_SARBL_BAD" {
+    #  suffix = "public.sarbl.org";
+    #  noip   = true;
+    #  images = true;
+    #}
   }
 
   .include(try=true,priority=5) "${DBDIR}/dynamic/rbl.conf"