summaryrefslogtreecommitdiffstats
path: root/conf/modules.d
diff options
context:
space:
mode:
Diffstat (limited to 'conf/modules.d')
-rw-r--r--conf/modules.d/chartable.conf5
-rw-r--r--conf/modules.d/dkim.conf8
-rw-r--r--conf/modules.d/emails.conf3
-rw-r--r--conf/modules.d/forged_recipients.conf5
-rw-r--r--conf/modules.d/fuzzy_check.conf27
-rw-r--r--conf/modules.d/hfilter.conf10
-rw-r--r--conf/modules.d/ip_score.conf9
-rw-r--r--conf/modules.d/maillist.conf4
-rw-r--r--conf/modules.d/multimap.conf3
-rw-r--r--conf/modules.d/once_received.conf8
-rw-r--r--conf/modules.d/phishing.conf4
-rw-r--r--conf/modules.d/ratelimit.conf11
-rw-r--r--conf/modules.d/regexp.conf4
-rw-r--r--conf/modules.d/spf.conf5
-rw-r--r--conf/modules.d/surbl.conf231
15 files changed, 337 insertions, 0 deletions
diff --git a/conf/modules.d/chartable.conf b/conf/modules.d/chartable.conf
new file mode 100644
index 000000000..bf454f65a
--- /dev/null
+++ b/conf/modules.d/chartable.conf
@@ -0,0 +1,5 @@
+chartable {
+ .include(try=true,priority=1) "${DBDIR}/dynamic/forged_recipients.conf"
+ threshold = 0.300000;
+ symbol = "R_MIXED_CHARSET";
+} \ No newline at end of file
diff --git a/conf/modules.d/dkim.conf b/conf/modules.d/dkim.conf
new file mode 100644
index 000000000..e148783ea
--- /dev/null
+++ b/conf/modules.d/dkim.conf
@@ -0,0 +1,8 @@
+dkim {
+ .include(try=true,priority=1) "${DBDIR}/dynamic/dkim.conf"
+ dkim_cache_size = 2k;
+ dkim_cache_expire = 1d;
+ time_jitter = 6h;
+ trusted_only = false;
+ skip_multi = false;
+} \ No newline at end of file
diff --git a/conf/modules.d/emails.conf b/conf/modules.d/emails.conf
new file mode 100644
index 000000000..1adffca85
--- /dev/null
+++ b/conf/modules.d/emails.conf
@@ -0,0 +1,3 @@
+emails {
+ .include(try=true,priority=1) "${DBDIR}/dynamic/emails.conf"
+} \ No newline at end of file
diff --git a/conf/modules.d/forged_recipients.conf b/conf/modules.d/forged_recipients.conf
new file mode 100644
index 000000000..6f66674b6
--- /dev/null
+++ b/conf/modules.d/forged_recipients.conf
@@ -0,0 +1,5 @@
+forged_recipients {
+ .include(try=true,priority=1) "${DBDIR}/dynamic/forged_recipients.conf"
+ symbol_sender = "FORGED_SENDER";
+ symbol_rcpt = "FORGED_RECIPIENTS";
+} \ No newline at end of file
diff --git a/conf/modules.d/fuzzy_check.conf b/conf/modules.d/fuzzy_check.conf
new file mode 100644
index 000000000..80e1e911c
--- /dev/null
+++ b/conf/modules.d/fuzzy_check.conf
@@ -0,0 +1,27 @@
+fuzzy_check {
+ # Include dynamic conf for the rule
+ .include(try=true,priority=1) "${DBDIR}/dynamic/fuzzy_check.conf"
+ min_bytes = 300;
+ rule {
+ servers = "highsecure.ru:11335";
+ symbol = "FUZZY_UNKNOWN";
+ mime_types = ["application/*"];
+ max_score = 20.0;
+ read_only = yes;
+ skip_unknown = yes;
+ fuzzy_map = {
+ FUZZY_DENIED {
+ max_score = 20.0;
+ flag = 1;
+ }
+ FUZZY_PROB {
+ max_score = 10.0;
+ flag = 2;
+ }
+ FUZZY_WHITE {
+ max_score = 2.0;
+ flag = 3;
+ }
+ }
+ }
+} \ No newline at end of file
diff --git a/conf/modules.d/hfilter.conf b/conf/modules.d/hfilter.conf
new file mode 100644
index 000000000..484035450
--- /dev/null
+++ b/conf/modules.d/hfilter.conf
@@ -0,0 +1,10 @@
+hfilter {
+ .include(try=true,priority=1) "${DBDIR}/dynamic/hfilter.conf"
+ helo_enabled = true;
+ hostname_enabled = true;
+ url_enabled = true;
+ from_enabled = true;
+ rcpt_enabled = true;
+ mid_enabled = true;
+ rcpt_enabled = true;
+} \ No newline at end of file
diff --git a/conf/modules.d/ip_score.conf b/conf/modules.d/ip_score.conf
new file mode 100644
index 000000000..949aee333
--- /dev/null
+++ b/conf/modules.d/ip_score.conf
@@ -0,0 +1,9 @@
+ip_score {
+ .include(try=true,priority=1) "${DBDIR}/dynamic/ip_score.conf"
+# servers = "localhost";
+# treshold = 100;
+# reject_score = 3;
+# no_action_score = -2;
+# add_header_score = 1;
+# whitelist = "file:///ip_map";
+} \ No newline at end of file
diff --git a/conf/modules.d/maillist.conf b/conf/modules.d/maillist.conf
new file mode 100644
index 000000000..f6ee49c70
--- /dev/null
+++ b/conf/modules.d/maillist.conf
@@ -0,0 +1,4 @@
+maillist {
+ .include(try=true,priority=1) "${DBDIR}/dynamic/maillist.conf"
+ symbol = "MAILLIST";
+} \ No newline at end of file
diff --git a/conf/modules.d/multimap.conf b/conf/modules.d/multimap.conf
new file mode 100644
index 000000000..4115f67c8
--- /dev/null
+++ b/conf/modules.d/multimap.conf
@@ -0,0 +1,3 @@
+multimap {
+ .include(try=true,priority=1) "${DBDIR}/dynamic/multimap.conf"
+} \ No newline at end of file
diff --git a/conf/modules.d/once_received.conf b/conf/modules.d/once_received.conf
new file mode 100644
index 000000000..e0f7cd2b2
--- /dev/null
+++ b/conf/modules.d/once_received.conf
@@ -0,0 +1,8 @@
+once_received {
+ .include(try=true,priority=1) "${DBDIR}/dynamic/once_received.conf"
+ good_host = "mail";
+ bad_host = "static";
+ bad_host = "dynamic";
+ symbol_strict = "ONCE_RECEIVED_STRICT";
+ symbol = "ONCE_RECEIVED";
+}
diff --git a/conf/modules.d/phishing.conf b/conf/modules.d/phishing.conf
new file mode 100644
index 000000000..810a0f1b7
--- /dev/null
+++ b/conf/modules.d/phishing.conf
@@ -0,0 +1,4 @@
+phishing {
+ .include(try=true,priority=1) "${DBDIR}/dynamic/phishing.conf"
+ symbol = "PHISHING";
+} \ No newline at end of file
diff --git a/conf/modules.d/ratelimit.conf b/conf/modules.d/ratelimit.conf
new file mode 100644
index 000000000..c6f243708
--- /dev/null
+++ b/conf/modules.d/ratelimit.conf
@@ -0,0 +1,11 @@
+ratelimit {
+ .include(try=true,priority=1) "${DBDIR}/dynamic/ratelimit.conf"
+ limit = "to:100:0.033333333";
+ limit = "to_ip:30:0.025";
+ limit = "to_ip_from:20:0.01666666667";
+ limit = "bounce_to:10:0.000555556";
+ limit = "bounce_to_ip:5:0.000277778";
+ limit = "user:20:0.01666666667";
+ whitelisted_rcpts = "postmaster,mailer-daemon";
+ max_rcpt = 5;
+} \ No newline at end of file
diff --git a/conf/modules.d/regexp.conf b/conf/modules.d/regexp.conf
new file mode 100644
index 000000000..e1ef21032
--- /dev/null
+++ b/conf/modules.d/regexp.conf
@@ -0,0 +1,4 @@
+regexp {
+ .include(try=true,priority=1) "${DBDIR}/dynamic/regexp.conf"
+ max_size = 1M;
+} \ No newline at end of file
diff --git a/conf/modules.d/spf.conf b/conf/modules.d/spf.conf
new file mode 100644
index 000000000..3d9a6939e
--- /dev/null
+++ b/conf/modules.d/spf.conf
@@ -0,0 +1,5 @@
+spf {
+ .include(try=true,priority=1) "${DBDIR}/dynamic/spf.conf"
+ spf_cache_size = 2k;
+ spf_cache_expire = 1d;
+} \ No newline at end of file
diff --git a/conf/modules.d/surbl.conf b/conf/modules.d/surbl.conf
new file mode 100644
index 000000000..f52b50a74
--- /dev/null
+++ b/conf/modules.d/surbl.conf
@@ -0,0 +1,231 @@
+surbl {
+ .include(try=true,priority=1) "${DBDIR}/dynamic/surbl.conf"
+ whitelist = "file://$CONFDIR/surbl-whitelist.inc";
+ exceptions = "file://$CONFDIR/2tld.inc";
+
+ rule {
+ suffix = "multi.surbl.org";
+ symbol = "SURBL_MULTI";
+ bits {
+ JP_SURBL_MULTI = 64;
+ AB_SURBL_MULTI = 32;
+ MW_SURBL_MULTI = 16;
+ PH_SURBL_MULTI = 8;
+ WS_SURBL_MULTI = 4;
+ SC_SURBL_MULTI = 2;
+ }
+ }
+ rule {
+ suffix = "multi.uribl.com";
+ symbol = "URIBL_MULTI";
+ bits {
+ URIBL_BLACK = 2;
+ URIBL_GREY = 4;
+ URIBL_RED = 8;
+ }
+ }
+ rule {
+ suffix = "uribl.rambler.ru";
+ symbol = "RAMBLER_URIBL";
+ }
+ rule {
+ suffix = "dbl.spamhaus.org";
+ symbol = "DBL";
+ options = "noip";
+ ips = {
+ # spam domain
+ DBL_SPAM = "127.0.1.2";
+ # phish domain
+ DBL_PHISH = "127.0.1.4";
+ # malware domain
+ DBL_MALWARE = "127.0.1.5";
+ # botnet C&C domain
+ DBL_BOTNET = "127.0.1.6";
+ # abused legit spam
+ DBL_ABUSE = "127.0.1.102";
+ # abused spammed redirector domain
+ DBL_ABUSE_REDIR = "127.0.1.103";
+ # abused legit phish
+ DBL_ABUSE_PHISH = "127.0.1.104";
+ # abused legit malware
+ DBL_ABUSE_MALWARE = "127.0.1.105";
+ # abused legit botnet C&C
+ DBL_ABUSE_BOTNET = "127.0.1.106";
+ # error - IP queries prohibited!
+ DBL_PROHIBIT = "127.0.1.255";
+ }
+ }
+ rule {
+ suffix = "uribl.spameatingmonkey.net";
+ symbol = "SEM_URIBL_UNKNOWN";
+ bits {
+ SEM_URIBL = 2;
+ }
+ options = "noip";
+ }
+ rule {
+ suffix = "fresh15.spameatingmonkey.net";
+ symbol = "SEM_URIBL_FRESH15_UNKNOWN";
+ bits {
+ SEM_URIBL_FRESH15 = 2;
+ }
+ options = "noip";
+ }
+}
+
+rbl {
+
+ default_from = true;
+ default_received = false;
+ default_exclude_users = true;
+
+ private_ips = "127.0.0.0/8 10.0.0.0/8 192.168.0.0/16 169.254.0.0/16 172.16.0.0/12 100.64.0.0/10 fc00::/7 fe80::/10 fec0::/10 ::1";
+
+ rbls {
+
+ spamhaus {
+ symbol = "RBL_SPAMHAUS";
+ rbl = "zen.spamhaus.org";
+ ipv6 = true;
+ unknown = true;
+ returncodes {
+ RBL_SPAMHAUS_SBL = "127.0.0.2";
+ RBL_SPAMHAUS_CSS = "127.0.0.3";
+ RBL_SPAMHAUS_XBL = "127.0.0.4";
+ RBL_SPAMHAUS_XBL = "127.0.0.5";
+ RBL_SPAMHAUS_XBL = "127.0.0.6";
+ RBL_SPAMHAUS_XBL = "127.0.0.7";
+ RBL_SPAMHAUS_PBL = "127.0.0.10";
+ RBL_SPAMHAUS_PBL = "127.0.0.11";
+ }
+ }
+
+ spamhaus_xbl {
+ symbol = "RECEIVED_SPAMHAUS_XBL";
+ rbl = "xbl.spamhaus.org";
+ ipv6 = true;
+ received = true;
+ from = false;
+ ignore_whitelists = true;
+ }
+
+ spamhaus_swl {
+ symbol = "RWL_SPAMHAUS_WL";
+ rbl = "swl.spamhaus.org";
+ ipv6 = true;
+ is_whitelist = true;
+ unknown = true;
+ whitelist_exception = "RWL_SPAMHAUS_WL";
+ returncodes {
+ RWL_SPAMHAUS_WL_IND = "127.0.2.2";
+ RWL_SPAMHAUS_WL_TRANS = "127.0.2.3";
+ RWL_SPAMHAUS_WL_IND_EXP = "127.0.2.102";
+ RWL_SPAMHAUS_WL_TRANS_EXP = "127.0.2.103";
+ }
+ }
+
+ mailspike_bl {
+ symbol = "RBL_MAILSPIKE";
+ unknown = true;
+ rbl = "bl.mailspike.net";
+ returncodes {
+ RBL_MAILSPIKE_ZOMBIE = "127.0.0.2";
+ RBL_MAILSPIKE_WORST = "127.0.0.10";
+ RBL_MAILSPIKE_VERYBAD = "127.0.0.11";
+ RBL_MAILSPIKE_BAD = "127.0.0.12";
+ }
+ }
+
+ mailspike_wl {
+ symbol = "RWL_MAILSPIKE";
+ rbl = "wl.mailspike.net";
+ is_whitelist = true;
+ unknown = true;
+ whitelist_exception = "RWL_MAILSPIKE";
+ whitelist_exception = "RWL_MAILSPIKE_GOOD";
+ whitelist_exception = "RWL_MAILSPIKE_POSSIBLE";
+ returncodes {
+ RWL_MAILSPIKE_POSSIBLE = "127.0.0.17";
+ RWL_MAILSPIKE_GOOD = "127.0.0.18";
+ RWL_MAILSPIKE_VERYGOOD = "127.0.0.19";
+ RWL_MAILSPIKE_EXCELLENT = "127.0.0.20";
+ }
+ }
+
+ senderscore {
+ symbol = "RBL_SENDERSCORE";
+ rbl = "bl.score.senderscore.com";
+ }
+
+ abusech {
+ symbol = "RBL_ABUSECH";
+ rbl = "spam.abuse.ch";
+ }
+
+ uceprotect1 {
+ symbol = "RBL_UCEPROTECT_LEVEL1";
+ rbl = "dnsbl-1.uceprotect.net";
+ }
+
+ sorbs {
+ symbol = "RBL_SORBS";
+ rbl = "dnsbl.sorbs.net";
+ unknown = true;
+ returncodes {
+ # http:// www.sorbs.net/general/using.shtml
+ RBL_SORBS_HTTP = "127.0.0.2";
+ RBL_SORBS_SOCKS = "127.0.0.3";
+ RBL_SORBS_MISC = "127.0.0.4";
+ RBL_SORBS_SMTP = "127.0.0.5";
+ RBL_SORBS_RECENT = "127.0.0.6";
+ RBL_SORBS_WEB = "127.0.0.7";
+ RBL_SORBS_DUL = "127.0.0.10";
+ RBL_SORBS_BLOCK = "127.0.0.8";
+ RBL_SORBS_ZOMBIE = "127.0.0.9";
+ }
+ }
+
+ sem {
+ symbol = "RBL_SEM";
+ rbl = "bl.spameatingmonkey.net";
+ }
+
+ semIPv6 {
+ symbol = "RBL_SEM_IPV6";
+ rbl = "bl.ipv6.spameatingmonkey.net";
+ ipv4 = false;
+ ipv6 = true;
+ }
+
+ dnswl {
+ symbol = "RCVD_IN_DNSWL";
+ rbl = "list.dnswl.org";
+ ipv6 = true;
+ is_whitelist = true;
+ unknown = true;
+ whitelist_exception = "RCVD_IN_DNSWL";
+ whitelist_exception = "RCVD_IN_DNSWL_NONE";
+ whitelist_exception = "RCVD_IN_DNSWL_LOW";
+ whitelist_exception = "DNSWL_BLOCKED";
+ returncodes {
+ RCVD_IN_DNSWL_NONE = "127.0.%d+.0";
+ RCVD_IN_DNSWL_LOW = "127.0.%d+.1";
+ RCVD_IN_DNSWL_MED = "127.0.%d+.2";
+ RCVD_IN_DNSWL_HI = "127.0.%d+.3";
+ DNSWL_BLOCKED = "127.0.0.255";
+ }
+ }
+
+ rambleremails {
+ symbol = RAMBLER_EMAILBL;
+ rbl = "email-bl.rambler.ru";
+ from = false;
+ emails = true;
+ exclude_users = false;
+ exclude_private_ips = false;
+ exclude_local = false;
+ ignore_whitelists = true;
+ }
+
+ }
+} \ No newline at end of file
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-28 02:42:38 +0000