diff options
Diffstat (limited to 'conf/modules.d')
-rw-r--r-- | conf/modules.d/chartable.conf | 10 | ||||
-rw-r--r-- | conf/modules.d/dkim.conf | 16 | ||||
-rw-r--r-- | conf/modules.d/dmarc.conf | 6 | ||||
-rw-r--r-- | conf/modules.d/emails.conf | 62 | ||||
-rw-r--r-- | conf/modules.d/forged_recipients.conf | 10 | ||||
-rw-r--r-- | conf/modules.d/fuzzy_check.conf | 60 | ||||
-rw-r--r-- | conf/modules.d/hfilter.conf | 18 | ||||
-rw-r--r-- | conf/modules.d/ip_score.conf | 6 | ||||
-rw-r--r-- | conf/modules.d/maillist.conf | 8 | ||||
-rw-r--r-- | conf/modules.d/mid.conf | 20 | ||||
-rw-r--r-- | conf/modules.d/mime_types.conf | 42 | ||||
-rw-r--r-- | conf/modules.d/multimap.conf | 254 | ||||
-rw-r--r-- | conf/modules.d/once_received.conf | 18 | ||||
-rw-r--r-- | conf/modules.d/phishing.conf | 32 | ||||
-rw-r--r-- | conf/modules.d/ratelimit.conf | 50 | ||||
-rw-r--r-- | conf/modules.d/rbl.conf | 296 | ||||
-rw-r--r-- | conf/modules.d/regexp.conf | 8 | ||||
-rw-r--r-- | conf/modules.d/replies.conf | 26 | ||||
-rw-r--r-- | conf/modules.d/reputation.conf | 6 |
19 files changed, 474 insertions, 474 deletions
diff --git a/conf/modules.d/chartable.conf b/conf/modules.d/chartable.conf index ad08eaf48..8112147f0 100644 --- a/conf/modules.d/chartable.conf +++ b/conf/modules.d/chartable.conf @@ -14,9 +14,9 @@ # See https://rspamd.com/doc/tutorials/writing_rules.html for details chartable { - threshold = 0.300000; - symbol = "R_MIXED_CHARSET"; - .include(try=true,priority=5) "${DBDIR}/dynamic/chartable.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/chartable.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/chartable.conf" + threshold = 0.300000; + symbol = "R_MIXED_CHARSET"; + .include(try=true,priority=5) "${DBDIR}/dynamic/chartable.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/chartable.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/chartable.conf" } diff --git a/conf/modules.d/dkim.conf b/conf/modules.d/dkim.conf index 2cb0e903e..c57b57d14 100644 --- a/conf/modules.d/dkim.conf +++ b/conf/modules.d/dkim.conf @@ -14,13 +14,13 @@ # See https://rspamd.com/doc/tutorials/writing_rules.html for details dkim { - dkim_cache_size = 2k; - dkim_cache_expire = 1d; - time_jitter = 6h; - trusted_only = false; - skip_multi = false; + dkim_cache_size = 2k; + dkim_cache_expire = 1d; + time_jitter = 6h; + trusted_only = false; + skip_multi = false; - .include(try=true,priority=5) "${DBDIR}/dynamic/dkim.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/dkim.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/dkim.conf" + .include(try=true,priority=5) "${DBDIR}/dynamic/dkim.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/dkim.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/dkim.conf" } diff --git a/conf/modules.d/dmarc.conf b/conf/modules.d/dmarc.conf index 2944a2dcb..bd1b74b97 100644 --- a/conf/modules.d/dmarc.conf +++ b/conf/modules.d/dmarc.conf @@ -14,7 +14,7 @@ # See https://rspamd.com/doc/tutorials/writing_rules.html for details dmarc { - .include(try=true,priority=5) "${DBDIR}/dynamic/dmarc.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/dmarc.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/dmarc.conf" + .include(try=true,priority=5) "${DBDIR}/dynamic/dmarc.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/dmarc.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/dmarc.conf" } diff --git a/conf/modules.d/emails.conf b/conf/modules.d/emails.conf index 74a67cf46..8511eed2b 100644 --- a/conf/modules.d/emails.conf +++ b/conf/modules.d/emails.conf @@ -14,36 +14,36 @@ # See https://rspamd.com/doc/tutorials/writing_rules.html for details emails { - rules { - RSPAMD_EMAILBL { - delimiter = "."; - encoding = "base32"; - hashlen = 32; - dnsbl = "email.rspamd.com"; - check_replyto = true; - hash = "blake2"; - returncodes = { - RSPAMD_EMAILBL = "127.0.0.2"; - } - } - MSBL_EBL { - dnsbl = "ebl.msbl.org"; - domain_only = false; - check_replyto = true; - hash = "sha1"; - returncodes = { - MSBL_EBL = [ - "127.0.0.2", - "127.0.0.3" - ]; - MSBL_EBL_GREY = [ - "127.0.1.2", - "127.0.1.3" - ]; - } - } + rules { + RSPAMD_EMAILBL { + delimiter = "."; + encoding = "base32"; + hashlen = 32; + dnsbl = "email.rspamd.com"; + check_replyto = true; + hash = "blake2"; + returncodes = { + RSPAMD_EMAILBL = "127.0.0.2"; + } } - .include(try=true,priority=5) "${DBDIR}/dynamic/emails.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/emails.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/emails.conf" + MSBL_EBL { + dnsbl = "ebl.msbl.org"; + domain_only = false; + check_replyto = true; + hash = "sha1"; + returncodes = { + MSBL_EBL = [ + "127.0.0.2", + "127.0.0.3" + ]; + MSBL_EBL_GREY = [ + "127.0.1.2", + "127.0.1.3" + ]; + } + } + } + .include(try=true,priority=5) "${DBDIR}/dynamic/emails.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/emails.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/emails.conf" } diff --git a/conf/modules.d/forged_recipients.conf b/conf/modules.d/forged_recipients.conf index fe17d1e4d..510172af5 100644 --- a/conf/modules.d/forged_recipients.conf +++ b/conf/modules.d/forged_recipients.conf @@ -14,10 +14,10 @@ # See https://rspamd.com/doc/tutorials/writing_rules.html for details forged_recipients { - symbol_sender = "FORGED_SENDER"; - symbol_rcpt = "FORGED_RECIPIENTS"; + symbol_sender = "FORGED_SENDER"; + symbol_rcpt = "FORGED_RECIPIENTS"; - .include(try=true,priority=5) "${DBDIR}/dynamic/forged_recipients.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/forged_recipients.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/forged_recipients.conf" + .include(try=true,priority=5) "${DBDIR}/dynamic/forged_recipients.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/forged_recipients.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/forged_recipients.conf" } diff --git a/conf/modules.d/fuzzy_check.conf b/conf/modules.d/fuzzy_check.conf index 2569a6881..6f0fe808c 100644 --- a/conf/modules.d/fuzzy_check.conf +++ b/conf/modules.d/fuzzy_check.conf @@ -14,36 +14,36 @@ # See https://rspamd.com/doc/tutorials/writing_rules.html for details fuzzy_check { - min_bytes = 1k; # Since small parts and small attachments causes too many FP - timeout = 2s; - retransmits = 1; - rule "rspamd.com" { - algorithm = "mumhash"; - servers = "round-robin:fuzzy1.rspamd.com:11335,fuzzy2.rspamd.com:11335"; - encryption_key = "icy63itbhhni8bq15ntp5n5symuixf73s1kpjh6skaq4e7nx5fiy"; - symbol = "FUZZY_UNKNOWN"; - mime_types = ["*"]; + min_bytes = 1k; # Since small parts and small attachments causes too many FP + timeout = 2s; + retransmits = 1; + rule "rspamd.com" { + algorithm = "mumhash"; + servers = "round-robin:fuzzy1.rspamd.com:11335,fuzzy2.rspamd.com:11335"; + encryption_key = "icy63itbhhni8bq15ntp5n5symuixf73s1kpjh6skaq4e7nx5fiy"; + symbol = "FUZZY_UNKNOWN"; + mime_types = ["*"]; + max_score = 20.0; + read_only = yes; + skip_unknown = yes; + short_text_direct_hash = true; + fuzzy_map = { + FUZZY_DENIED { max_score = 20.0; - read_only = yes; - skip_unknown = yes; - short_text_direct_hash = true; - fuzzy_map = { - FUZZY_DENIED { - max_score = 20.0; - flag = 1; - } - FUZZY_PROB { - max_score = 10.0; - flag = 2; - } - FUZZY_WHITE { - max_score = 2.0; - flag = 3; - } - } + flag = 1; + } + FUZZY_PROB { + max_score = 10.0; + flag = 2; + } + FUZZY_WHITE { + max_score = 2.0; + flag = 3; + } } - # Include dynamic conf for the rule - .include(try=true,priority=5) "${DBDIR}/dynamic/fuzzy_check.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/fuzzy_check.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/fuzzy_check.conf" + } + # Include dynamic conf for the rule + .include(try=true,priority=5) "${DBDIR}/dynamic/fuzzy_check.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/fuzzy_check.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/fuzzy_check.conf" } diff --git a/conf/modules.d/hfilter.conf b/conf/modules.d/hfilter.conf index d14376304..05b5a604c 100644 --- a/conf/modules.d/hfilter.conf +++ b/conf/modules.d/hfilter.conf @@ -14,14 +14,14 @@ # See https://rspamd.com/doc/tutorials/writing_rules.html for details hfilter { - helo_enabled = true; - hostname_enabled = true; - url_enabled = true; - from_enabled = true; - rcpt_enabled = true; - mid_enabled = false; + helo_enabled = true; + hostname_enabled = true; + url_enabled = true; + from_enabled = true; + rcpt_enabled = true; + mid_enabled = false; - .include(try=true,priority=5) "${DBDIR}/dynamic/hfilter.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/hfilter.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/hfilter.conf" + .include(try=true,priority=5) "${DBDIR}/dynamic/hfilter.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/hfilter.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/hfilter.conf" } diff --git a/conf/modules.d/ip_score.conf b/conf/modules.d/ip_score.conf index 16a4f7686..065c6ca2e 100644 --- a/conf/modules.d/ip_score.conf +++ b/conf/modules.d/ip_score.conf @@ -20,7 +20,7 @@ ip_score { # no_action_score = -2; # add_header_score = 1; # whitelist = "file:///ip_map"; - .include(try=true,priority=5) "${DBDIR}/dynamic/ip_score.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/ip_score.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/ip_score.conf" + .include(try=true,priority=5) "${DBDIR}/dynamic/ip_score.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/ip_score.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/ip_score.conf" } diff --git a/conf/modules.d/maillist.conf b/conf/modules.d/maillist.conf index d06a3cdfb..f86bf06cc 100644 --- a/conf/modules.d/maillist.conf +++ b/conf/modules.d/maillist.conf @@ -14,8 +14,8 @@ # See https://rspamd.com/doc/tutorials/writing_rules.html for details maillist { - symbol = "MAILLIST"; - .include(try=true,priority=5) "${DBDIR}/dynamic/maillist.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/maillist.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/maillist.conf" + symbol = "MAILLIST"; + .include(try=true,priority=5) "${DBDIR}/dynamic/maillist.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/maillist.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/maillist.conf" } diff --git a/conf/modules.d/mid.conf b/conf/modules.d/mid.conf index 589ce746a..8c153b6b9 100644 --- a/conf/modules.d/mid.conf +++ b/conf/modules.d/mid.conf @@ -14,15 +14,15 @@ # See https://rspamd.com/doc/tutorials/writing_rules.html for details mid = { - source = { - url = [ - "https://maps.rspamd.com/rspamd/mid.inc.zst", - "$LOCAL_CONFDIR/local.d/mid.inc", - "fallback+file://${CONFDIR}/mid.inc" - ]; - } + source = { + url = [ + "https://maps.rspamd.com/rspamd/mid.inc.zst", + "$LOCAL_CONFDIR/local.d/mid.inc", + "fallback+file://${CONFDIR}/mid.inc" + ]; + } - .include(try=true,priority=5) "${DBDIR}/dynamic/mid.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/mid.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/mid.conf" + .include(try=true,priority=5) "${DBDIR}/dynamic/mid.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/mid.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/mid.conf" } diff --git a/conf/modules.d/mime_types.conf b/conf/modules.d/mime_types.conf index 7bbc0aa08..a92f426a3 100644 --- a/conf/modules.d/mime_types.conf +++ b/conf/modules.d/mime_types.conf @@ -14,27 +14,27 @@ # See https://rspamd.com/doc/tutorials/writing_rules.html for details mime_types { - file = [ - "https://maps.rspamd.com/rspamd/mime_types.inc.zst", - "${DBDIR}/mime_types.inc.local", - "fallback+file://${CONFDIR}/mime_types.inc" - ] + file = [ + "https://maps.rspamd.com/rspamd/mime_types.inc.zst", + "${DBDIR}/mime_types.inc.local", + "fallback+file://${CONFDIR}/mime_types.inc" + ] - # Match specific extensions to specific content types - extension_map = { - html = "text/html"; - txt = [ - "message/disposition-notification", - "text/plain", - "text/rfc822-headers" - ]; - pdf = [ - "application/octet-stream", - "application/pdf" - ]; - } + # Match specific extensions to specific content types + extension_map = { + html = "text/html"; + txt = [ + "message/disposition-notification", + "text/plain", + "text/rfc822-headers" + ]; + pdf = [ + "application/octet-stream", + "application/pdf" + ]; + } - .include(try=true,priority=5) "${DBDIR}/dynamic/mime_types.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/mime_types.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/mime_types.conf" + .include(try=true,priority=5) "${DBDIR}/dynamic/mime_types.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/mime_types.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/mime_types.conf" } diff --git a/conf/modules.d/multimap.conf b/conf/modules.d/multimap.conf index b71f4d653..540775ee1 100644 --- a/conf/modules.d/multimap.conf +++ b/conf/modules.d/multimap.conf @@ -14,155 +14,155 @@ # See https://rspamd.com/doc/tutorials/writing_rules.html for details multimap { - # Freemail Addresses - freemail_envfrom { - type = "from"; - filter = "email:domain"; - map = "https://maps.rspamd.com/freemail/free.txt.zst"; - symbol = "FREEMAIL_ENVFROM"; - description = "Envelope From is a Freemail address"; - score = 0.0; - } + # Freemail Addresses + freemail_envfrom { + type = "from"; + filter = "email:domain"; + map = "https://maps.rspamd.com/freemail/free.txt.zst"; + symbol = "FREEMAIL_ENVFROM"; + description = "Envelope From is a Freemail address"; + score = 0.0; + } - freemail_envrcpt { - type = "rcpt"; - filter = "email:domain"; - map = "https://maps.rspamd.com/freemail/free.txt.zst"; - symbol = "FREEMAIL_ENVRCPT"; - description = "Envelope Recipient is a Freemail address"; - score = 0.0; - } + freemail_envrcpt { + type = "rcpt"; + filter = "email:domain"; + map = "https://maps.rspamd.com/freemail/free.txt.zst"; + symbol = "FREEMAIL_ENVRCPT"; + description = "Envelope Recipient is a Freemail address"; + score = 0.0; + } - freemail_from { - type = "header"; - header = "from"; - filter = "email:domain"; - map = "https://maps.rspamd.com/freemail/free.txt.zst"; - symbol = "FREEMAIL_FROM"; - description = "From is a Freemail address"; - score = 0.0; - } + freemail_from { + type = "header"; + header = "from"; + filter = "email:domain"; + map = "https://maps.rspamd.com/freemail/free.txt.zst"; + symbol = "FREEMAIL_FROM"; + description = "From is a Freemail address"; + score = 0.0; + } - freemail_to { - type = "header"; - header = "To"; - filter = "email:domain"; - map = "https://maps.rspamd.com/freemail/free.txt.zst"; - symbol = "FREEMAIL_TO"; - description = "To is a Freemail address"; - score = 0.0; - } + freemail_to { + type = "header"; + header = "To"; + filter = "email:domain"; + map = "https://maps.rspamd.com/freemail/free.txt.zst"; + symbol = "FREEMAIL_TO"; + description = "To is a Freemail address"; + score = 0.0; + } - freemail_cc { - type = "header"; - header = "Cc"; - filter = "email:domain"; - map = "https://maps.rspamd.com/freemail/free.txt.zst"; - symbol = "FREEMAIL_CC"; - description = "To is a Freemail address"; - score = 0.0; - } + freemail_cc { + type = "header"; + header = "Cc"; + filter = "email:domain"; + map = "https://maps.rspamd.com/freemail/free.txt.zst"; + symbol = "FREEMAIL_CC"; + description = "To is a Freemail address"; + score = 0.0; + } - freemail_replyto { - type = "header"; - header = "Reply-To"; - filter = "email:domain"; - map = "https://maps.rspamd.com/freemail/free.txt.zst"; - symbol = "FREEMAIL_REPLYTO"; - description = "Reply-To is a Freemail address"; - score = 0.0; - } + freemail_replyto { + type = "header"; + header = "Reply-To"; + filter = "email:domain"; + map = "https://maps.rspamd.com/freemail/free.txt.zst"; + symbol = "FREEMAIL_REPLYTO"; + description = "Reply-To is a Freemail address"; + score = 0.0; + } - # Disposable Addresses - disposable_envfrom { - type = "from"; - filter = "email:domain"; - map = "https://rspamd.com/freemail/disposable.txt.zst"; - symbol = "DISPOSABLE_ENVFROM"; - description = "Envelope From is a Disposable e-mail address"; - score = 0.0; - } + # Disposable Addresses + disposable_envfrom { + type = "from"; + filter = "email:domain"; + map = "https://rspamd.com/freemail/disposable.txt.zst"; + symbol = "DISPOSABLE_ENVFROM"; + description = "Envelope From is a Disposable e-mail address"; + score = 0.0; + } - disposable_envrcpt { - type = "rcpt"; - filter = "email:domain"; - map = "https://maps.rspamd.com/freemail/disposable.txt.zst"; - symbol = "DISPOSABLE_ENVRCPT"; - description = "Envelope Recipient is a Disposable e-mail address"; - score = 0.0; - } + disposable_envrcpt { + type = "rcpt"; + filter = "email:domain"; + map = "https://maps.rspamd.com/freemail/disposable.txt.zst"; + symbol = "DISPOSABLE_ENVRCPT"; + description = "Envelope Recipient is a Disposable e-mail address"; + score = 0.0; + } - disposable_from { - type = "header"; - header = "from"; - filter = "email:domain"; - map = "https://maps.rspamd.com/freemail/disposable.txt.zst"; - symbol = "DISPOSABLE_FROM"; - description = "From a Disposable e-mail address"; - score = 0.0; - } + disposable_from { + type = "header"; + header = "from"; + filter = "email:domain"; + map = "https://maps.rspamd.com/freemail/disposable.txt.zst"; + symbol = "DISPOSABLE_FROM"; + description = "From a Disposable e-mail address"; + score = 0.0; + } - disposable_to { - type = "header"; - header = "To"; - filter = "email:domain"; - map = "https://maps.rspamd.com/freemail/disposable.txt.zst"; - symbol = "DISPOSABLE_TO"; - description = "To a disposable e-mail address"; - score = 0.0; - } + disposable_to { + type = "header"; + header = "To"; + filter = "email:domain"; + map = "https://maps.rspamd.com/freemail/disposable.txt.zst"; + symbol = "DISPOSABLE_TO"; + description = "To a disposable e-mail address"; + score = 0.0; + } - disposable_cc { - type = "header"; - header = "Cc"; - filter = "email:domain"; - map = "https://maps.rspamd.com/freemail/disposable.txt.zst"; - symbol = "DISPOSABLE_CC"; - description = "To a disposable e-mail address"; - score = 0.0; - } + disposable_cc { + type = "header"; + header = "Cc"; + filter = "email:domain"; + map = "https://maps.rspamd.com/freemail/disposable.txt.zst"; + symbol = "DISPOSABLE_CC"; + description = "To a disposable e-mail address"; + score = 0.0; + } - disposable_replyto { - type = "header"; - header = "Reply-To"; - filter = "email:domain"; - map = "https://maps.rspamd.com/freemail/disposable.txt.zst"; - symbol = "DISPOSABLE_REPLYTO"; - description = "Reply-To a disposable e-mail address"; - score = 0.0; - } + disposable_replyto { + type = "header"; + header = "Reply-To"; + filter = "email:domain"; + map = "https://maps.rspamd.com/freemail/disposable.txt.zst"; + symbol = "DISPOSABLE_REPLYTO"; + description = "Reply-To a disposable e-mail address"; + score = 0.0; + } - .include(try=true,priority=5) "${DBDIR}/dynamic/multimap.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/multimap.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/multimap.conf" + .include(try=true,priority=5) "${DBDIR}/dynamic/multimap.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/multimap.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/multimap.conf" } /* Example setup sender_from_whitelist_user { - type = "from"; - filter = "email:user"; - map = "file:///tmp/from.map"; - symbol = "SENDER_FROM_WHITELIST_USER"; - action = "accept"; # Prefilter mode + type = "from"; + filter = "email:user"; + map = "file:///tmp/from.map"; + symbol = "SENDER_FROM_WHITELIST_USER"; + action = "accept"; # Prefilter mode } sender_from_regexp { - type = "header"; - header = "from"; - filter = 'regexp:/.*@/'; - map = "file:///tmp/from_re.map"; - symbol = "SENDER_FROM_REGEXP"; + type = "header"; + header = "from"; + filter = 'regexp:/.*@/'; + map = "file:///tmp/from_re.map"; + symbol = "SENDER_FROM_REGEXP"; } url_map { - type = "url"; - filter = "tld"; - map = "file:///tmp/url.map"; - symbol = "URL_MAP"; + type = "url"; + filter = "tld"; + map = "file:///tmp/url.map"; + symbol = "URL_MAP"; } url_tld_re { - type = "url"; - filter = 'tld:regexp:/\.[^.]+$/'; # Extracts the last component of URL - map = "file:///tmp/url.map"; - symbol = "URL_MAP_RE"; + type = "url"; + filter = 'tld:regexp:/\.[^.]+$/'; # Extracts the last component of URL + map = "file:///tmp/url.map"; + symbol = "URL_MAP_RE"; } */ diff --git a/conf/modules.d/once_received.conf b/conf/modules.d/once_received.conf index 233d662ef..c0aaf3330 100644 --- a/conf/modules.d/once_received.conf +++ b/conf/modules.d/once_received.conf @@ -14,14 +14,14 @@ # See https://rspamd.com/doc/tutorials/writing_rules.html for details once_received { - good_host = "mail"; - bad_host = "static"; - bad_host = "dynamic"; - symbol_strict = "ONCE_RECEIVED_STRICT"; - symbol = "ONCE_RECEIVED"; - symbol_mx = "DIRECT_TO_MX"; + good_host = "mail"; + bad_host = "static"; + bad_host = "dynamic"; + symbol_strict = "ONCE_RECEIVED_STRICT"; + symbol = "ONCE_RECEIVED"; + symbol_mx = "DIRECT_TO_MX"; - .include(try=true,priority=5) "${DBDIR}/dynamic/once_received.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/once_received.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/once_received.conf" + .include(try=true,priority=5) "${DBDIR}/dynamic/once_received.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/once_received.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/once_received.conf" } diff --git a/conf/modules.d/phishing.conf b/conf/modules.d/phishing.conf index 511e618dc..c86e2af41 100644 --- a/conf/modules.d/phishing.conf +++ b/conf/modules.d/phishing.conf @@ -14,22 +14,22 @@ # See https://rspamd.com/doc/tutorials/writing_rules.html for details phishing { - symbol = "PHISHING"; - # Disabled by default - openphish_enabled = false; - openphish_premium = false; - openphish_map = "https://www.openphish.com/feed.txt"; - # Disabled by default - phishtank_enabled = true; + symbol = "PHISHING"; + # Disabled by default + openphish_enabled = false; + openphish_premium = false; + openphish_map = "https://www.openphish.com/feed.txt"; + # Disabled by default + phishtank_enabled = true; - # Make exclusions for known redirectors - redirector_domains = [ - "https://maps.rspamd.com/rspamd/redirectors.inc.zst:REDIRECTOR_FALSE", - "$LOCAL_CONFDIR/local.d/redirectors.inc:LOCAL_REDIRECTOR_FALSE", - "fallback+file://${CONFDIR}/redirectors.inc:REDIRECTOR_FALSE" - ]; + # Make exclusions for known redirectors + redirector_domains = [ + "https://maps.rspamd.com/rspamd/redirectors.inc.zst:REDIRECTOR_FALSE", + "$LOCAL_CONFDIR/local.d/redirectors.inc:LOCAL_REDIRECTOR_FALSE", + "fallback+file://${CONFDIR}/redirectors.inc:REDIRECTOR_FALSE" + ]; - .include(try=true,priority=5) "${DBDIR}/dynamic/phishing.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/phishing.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/phishing.conf" + .include(try=true,priority=5) "${DBDIR}/dynamic/phishing.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/phishing.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/phishing.conf" } diff --git a/conf/modules.d/ratelimit.conf b/conf/modules.d/ratelimit.conf index c7f415583..9007c77e9 100644 --- a/conf/modules.d/ratelimit.conf +++ b/conf/modules.d/ratelimit.conf @@ -14,33 +14,33 @@ # See https://rspamd.com/doc/tutorials/writing_rules.html for details ratelimit { - #rates { - # Predefined ratelimit - #to = { - # bucket = { - # burst = 100; - # rate = 0.01666666666666666666; # leak 1 message per minute - # } - #} - # or define it with selector - #other_limit_alt = { - # selector = 'rcpts:addr.take_n(5)'; - # bucket = { - # burst = 100; - # rate = "1 / 1m"; # leak 1 message per minute - # } - #} + #rates { + # Predefined ratelimit + #to = { + # bucket = { + # burst = 100; + # rate = 0.01666666666666666666; # leak 1 message per minute + # } #} - # If symbol is specified, then it is inserted *instead* of setting result to soft reject - #symbol = "R_RATELIMIT"; + # or define it with selector + #other_limit_alt = { + # selector = 'rcpts:addr.take_n(5)'; + # bucket = { + # burst = 100; + # rate = "1 / 1m"; # leak 1 message per minute + # } + #} + #} + # If symbol is specified, then it is inserted *instead* of setting result to soft reject + #symbol = "R_RATELIMIT"; - # If info_symbol is specified, then it is inserted next to set the result - #info_symbol = "R_RATELIMIT_INFO"; + # If info_symbol is specified, then it is inserted next to set the result + #info_symbol = "R_RATELIMIT_INFO"; - whitelisted_rcpts = "postmaster,mailer-daemon"; - max_rcpt = 5; + whitelisted_rcpts = "postmaster,mailer-daemon"; + max_rcpt = 5; - .include(try=true,priority=5) "${DBDIR}/dynamic/ratelimit.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/ratelimit.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/ratelimit.conf" + .include(try=true,priority=5) "${DBDIR}/dynamic/ratelimit.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/ratelimit.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/ratelimit.conf" } diff --git a/conf/modules.d/rbl.conf b/conf/modules.d/rbl.conf index 141f3c20b..f8f8d02a1 100644 --- a/conf/modules.d/rbl.conf +++ b/conf/modules.d/rbl.conf @@ -14,154 +14,154 @@ # See https://rspamd.com/doc/tutorials/writing_rules.html for details rbl { - default_from = true; - default_received = false; - default_exclude_users = true; - default_unknown = true; - - rbls { - - spamhaus { - symbol = "RBL_SPAMHAUS"; - rbl = "zen.spamhaus.org"; - ipv6 = true; - returncodes { - RBL_SPAMHAUS_SBL = "127.0.0.2"; - RBL_SPAMHAUS_CSS = "127.0.0.3"; - RBL_SPAMHAUS_XBL = ["127.0.0.4", "127.0.0.5", - "127.0.0.6", "127.0.0.7"]; - RBL_SPAMHAUS_PBL = ["127.0.0.10", "127.0.0.11"]; - RBL_SPAMHAUS_DROP = "127.0.0.9"; - } - } - - spamhaus_received { - symbol = "RECEIVED_SPAMHAUS"; - rbl = "zen.spamhaus.org"; - ipv6 = true; - received = true; - from = false; - ignore_whitelists = true; - returncodes { - RECEIVED_SPAMHAUS_SBL = "127.0.0.2"; - RECEIVED_SPAMHAUS_CSS = "127.0.0.3"; - RECEIVED_SPAMHAUS_XBL = ["127.0.0.4", "127.0.0.5", - "127.0.0.6", "127.0.0.7"]; - RECEIVED_SPAMHAUS_PBL = ["127.0.0.10", "127.0.0.11"]; - RECEIVED_SPAMHAUS_DROP = "127.0.0.9"; - } - } - - mailspike { - symbol = "MAILSPIKE"; - rbl = "rep.mailspike.net"; - is_whitelist = true; - whitelist_exception = "MAILSPIKE"; - whitelist_exception = "RWL_MAILSPIKE_GOOD"; - whitelist_exception = "RWL_MAILSPIKE_NEUTRAL"; - whitelist_exception = "RWL_MAILSPIKE_POSSIBLE"; - whitelist_exception = "RBL_MAILSPIKE_WORST"; - whitelist_exception = "RBL_MAILSPIKE_VERYBAD"; - whitelist_exception = "RBL_MAILSPIKE_BAD"; - returncodes { - RBL_MAILSPIKE_WORST = "127.0.0.10"; - RBL_MAILSPIKE_VERYBAD = "127.0.0.11"; - RBL_MAILSPIKE_BAD = "127.0.0.12"; - RWL_MAILSPIKE_NEUTRAL = ["127.0.0.16", "127.0.0.15", "127.0.0.14", "127.0.0.13"]; - RWL_MAILSPIKE_POSSIBLE = "127.0.0.17"; - RWL_MAILSPIKE_GOOD = "127.0.0.18"; - RWL_MAILSPIKE_VERYGOOD = "127.0.0.19"; - RWL_MAILSPIKE_EXCELLENT = "127.0.0.20"; - } - } - - senderscore { - symbol = "RBL_SENDERSCORE"; - rbl = "bl.score.senderscore.com"; - } - - sem { - symbol = "RBL_SEM"; - rbl = "bl.spameatingmonkey.net"; - ipv6 = false; - } - - semIPv6 { - symbol = "RBL_SEM_IPV6"; - rbl = "bl.ipv6.spameatingmonkey.net"; - ipv4 = false; - ipv6 = true; - } - - dnswl { - symbol = "RCVD_IN_DNSWL"; - rbl = "list.dnswl.org"; - ipv6 = true; - is_whitelist = true; - whitelist_exception = "RCVD_IN_DNSWL"; - whitelist_exception = "RCVD_IN_DNSWL_NONE"; - whitelist_exception = "RCVD_IN_DNSWL_LOW"; - whitelist_exception = "DNSWL_BLOCKED"; - returncodes { - RCVD_IN_DNSWL_NONE = "127.0.%d+.0"; - RCVD_IN_DNSWL_LOW = "127.0.%d+.1"; - RCVD_IN_DNSWL_MED = "127.0.%d+.2"; - RCVD_IN_DNSWL_HI = "127.0.%d+.3"; - DNSWL_BLOCKED = "127.0.0.255"; - } - } - - # Provided by https://virusfree.cz - virusfree { - symbol = "RBL_VIRUSFREE_UNKNOWN"; - rbl = "bip.virusfree.cz"; - ipv6 = true; - returncodes { - RBL_VIRUSFREE_BOTNET = "127.0.0.2"; - } - } - - nixspam { - symbol = "RBL_NIXSPAM"; - rbl = "ix.dnsbl.manitu.net"; - ipv6 = true; - } - - blocklistde { - symbol = "RBL_BLOCKLISTDE"; - rbl = "bl.blocklist.de"; - ipv6 = true; - } - - blocklistde_received { - symbol = "RECEIVED_BLOCKLISTDE"; - rbl = "bl.blocklist.de"; - ipv6 = true; - received = true; - from = false; - ignore_whitelists = true; - } - - dnswl_dwl { - symbol = "DWL_DNSWL"; - rbl = "dwl.dnswl.org"; - dkim = true; - dkim_domainonly = false; - dkim_match_from = true; - ignore_whitelist = true; - unknown = false; - - returncodes { - DWL_DNSWL_NONE = "127.0.%d+.0"; - DWL_DNSWL_LOW = "127.0.%d+.1"; - DWL_DNSWL_MED = "127.0.%d+.2"; - DWL_DNSWL_HI = "127.0.%d+.3"; - DWL_DNSWL_BLOCKED = "127.0.0.255"; - } - } + default_from = true; + default_received = false; + default_exclude_users = true; + default_unknown = true; + + rbls { + + spamhaus { + symbol = "RBL_SPAMHAUS"; + rbl = "zen.spamhaus.org"; + ipv6 = true; + returncodes { + RBL_SPAMHAUS_SBL = "127.0.0.2"; + RBL_SPAMHAUS_CSS = "127.0.0.3"; + RBL_SPAMHAUS_XBL = ["127.0.0.4", "127.0.0.5", + "127.0.0.6", "127.0.0.7"]; + RBL_SPAMHAUS_PBL = ["127.0.0.10", "127.0.0.11"]; + RBL_SPAMHAUS_DROP = "127.0.0.9"; + } } - .include(try=true,priority=5) "${DBDIR}/dynamic/rbl.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/rbl.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/rbl.conf" + spamhaus_received { + symbol = "RECEIVED_SPAMHAUS"; + rbl = "zen.spamhaus.org"; + ipv6 = true; + received = true; + from = false; + ignore_whitelists = true; + returncodes { + RECEIVED_SPAMHAUS_SBL = "127.0.0.2"; + RECEIVED_SPAMHAUS_CSS = "127.0.0.3"; + RECEIVED_SPAMHAUS_XBL = ["127.0.0.4", "127.0.0.5", + "127.0.0.6", "127.0.0.7"]; + RECEIVED_SPAMHAUS_PBL = ["127.0.0.10", "127.0.0.11"]; + RECEIVED_SPAMHAUS_DROP = "127.0.0.9"; + } + } + + mailspike { + symbol = "MAILSPIKE"; + rbl = "rep.mailspike.net"; + is_whitelist = true; + whitelist_exception = "MAILSPIKE"; + whitelist_exception = "RWL_MAILSPIKE_GOOD"; + whitelist_exception = "RWL_MAILSPIKE_NEUTRAL"; + whitelist_exception = "RWL_MAILSPIKE_POSSIBLE"; + whitelist_exception = "RBL_MAILSPIKE_WORST"; + whitelist_exception = "RBL_MAILSPIKE_VERYBAD"; + whitelist_exception = "RBL_MAILSPIKE_BAD"; + returncodes { + RBL_MAILSPIKE_WORST = "127.0.0.10"; + RBL_MAILSPIKE_VERYBAD = "127.0.0.11"; + RBL_MAILSPIKE_BAD = "127.0.0.12"; + RWL_MAILSPIKE_NEUTRAL = ["127.0.0.16", "127.0.0.15", "127.0.0.14", "127.0.0.13"]; + RWL_MAILSPIKE_POSSIBLE = "127.0.0.17"; + RWL_MAILSPIKE_GOOD = "127.0.0.18"; + RWL_MAILSPIKE_VERYGOOD = "127.0.0.19"; + RWL_MAILSPIKE_EXCELLENT = "127.0.0.20"; + } + } + + senderscore { + symbol = "RBL_SENDERSCORE"; + rbl = "bl.score.senderscore.com"; + } + + sem { + symbol = "RBL_SEM"; + rbl = "bl.spameatingmonkey.net"; + ipv6 = false; + } + + semIPv6 { + symbol = "RBL_SEM_IPV6"; + rbl = "bl.ipv6.spameatingmonkey.net"; + ipv4 = false; + ipv6 = true; + } + + dnswl { + symbol = "RCVD_IN_DNSWL"; + rbl = "list.dnswl.org"; + ipv6 = true; + is_whitelist = true; + whitelist_exception = "RCVD_IN_DNSWL"; + whitelist_exception = "RCVD_IN_DNSWL_NONE"; + whitelist_exception = "RCVD_IN_DNSWL_LOW"; + whitelist_exception = "DNSWL_BLOCKED"; + returncodes { + RCVD_IN_DNSWL_NONE = "127.0.%d+.0"; + RCVD_IN_DNSWL_LOW = "127.0.%d+.1"; + RCVD_IN_DNSWL_MED = "127.0.%d+.2"; + RCVD_IN_DNSWL_HI = "127.0.%d+.3"; + DNSWL_BLOCKED = "127.0.0.255"; + } + } + + # Provided by https://virusfree.cz + virusfree { + symbol = "RBL_VIRUSFREE_UNKNOWN"; + rbl = "bip.virusfree.cz"; + ipv6 = true; + returncodes { + RBL_VIRUSFREE_BOTNET = "127.0.0.2"; + } + } + + nixspam { + symbol = "RBL_NIXSPAM"; + rbl = "ix.dnsbl.manitu.net"; + ipv6 = true; + } + + blocklistde { + symbol = "RBL_BLOCKLISTDE"; + rbl = "bl.blocklist.de"; + ipv6 = true; + } + + blocklistde_received { + symbol = "RECEIVED_BLOCKLISTDE"; + rbl = "bl.blocklist.de"; + ipv6 = true; + received = true; + from = false; + ignore_whitelists = true; + } + + dnswl_dwl { + symbol = "DWL_DNSWL"; + rbl = "dwl.dnswl.org"; + dkim = true; + dkim_domainonly = false; + dkim_match_from = true; + ignore_whitelist = true; + unknown = false; + + returncodes { + DWL_DNSWL_NONE = "127.0.%d+.0"; + DWL_DNSWL_LOW = "127.0.%d+.1"; + DWL_DNSWL_MED = "127.0.%d+.2"; + DWL_DNSWL_HI = "127.0.%d+.3"; + DWL_DNSWL_BLOCKED = "127.0.0.255"; + } + } + } + + .include(try=true,priority=5) "${DBDIR}/dynamic/rbl.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/rbl.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/rbl.conf" } diff --git a/conf/modules.d/regexp.conf b/conf/modules.d/regexp.conf index f76527871..61514642f 100644 --- a/conf/modules.d/regexp.conf +++ b/conf/modules.d/regexp.conf @@ -14,9 +14,9 @@ # See https://rspamd.com/doc/tutorials/writing_rules.html for details regexp { - max_size = 1M; + max_size = 1M; - .include(try=true,priority=5) "${DBDIR}/dynamic/regexp.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/regexp.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/regexp.conf" + .include(try=true,priority=5) "${DBDIR}/dynamic/regexp.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/regexp.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/regexp.conf" } diff --git a/conf/modules.d/replies.conf b/conf/modules.d/replies.conf index 47cffb5e9..d149623ed 100644 --- a/conf/modules.d/replies.conf +++ b/conf/modules.d/replies.conf @@ -14,18 +14,18 @@ # See https://rspamd.com/doc/tutorials/writing_rules.html for details replies { - # This setting is non-default & is required to be set - # Redis servers to use - #servers = "localhost"; - # This setting is non-default & may be desirable - #action = "no action"; - # These are default settings you may want to change - expire = 86400; - key_prefix = "rr"; - message = "Message is reply to one we originated"; - symbol = "REPLY"; + # This setting is non-default & is required to be set + # Redis servers to use + #servers = "localhost"; + # This setting is non-default & may be desirable + #action = "no action"; + # These are default settings you may want to change + expire = 86400; + key_prefix = "rr"; + message = "Message is reply to one we originated"; + symbol = "REPLY"; - .include(try=true,priority=5) "${DBDIR}/dynamic/replies.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/replies.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/replies.conf" + .include(try=true,priority=5) "${DBDIR}/dynamic/replies.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/replies.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/replies.conf" } diff --git a/conf/modules.d/reputation.conf b/conf/modules.d/reputation.conf index 412341f2c..245be6f9b 100644 --- a/conf/modules.d/reputation.conf +++ b/conf/modules.d/reputation.conf @@ -29,7 +29,7 @@ reputation { # symbol = "SPF_REPUTATION"; # } # } - .include(try=true,priority=5) "${DBDIR}/dynamic/reputation.conf" - .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/reputation.conf" - .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/reputation.conf" + .include(try=true,priority=5) "${DBDIR}/dynamic/reputation.conf" + .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/reputation.conf" + .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/reputation.conf" } |