summaryrefslogtreecommitdiffstats
path: root/rules/misc.lua
diff options
context:
space:
mode:
Diffstat (limited to 'rules/misc.lua')
-rw-r--r--rules/misc.lua18
1 files changed, 18 insertions, 0 deletions
diff --git a/rules/misc.lua b/rules/misc.lua
index 2a14a1493..fa06e142e 100644
--- a/rules/misc.lua
+++ b/rules/misc.lua
@@ -397,3 +397,21 @@ rspamd_config.MISSING_FROM = {
group = 'header',
description = 'Missing From: header'
}
+
+rspamd_config.FORGED_X_PHP_SCRIPT1 = {
+ callback = function (task)
+ local hdr = task:get_header('X-PHP-Script', true)
+ if not hdr then return end
+ local re_txt = ' for (\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}), (\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})'
+ local re = rspamd_regexp.get_cached(re_txt)
+ if not re then
+ re = rspamd_regexp.create_cached(re_txt)
+ end
+ local m = re:search(hdr, true, true)
+ if not m and m[2] and m[3] then return end
+ return m[2] == m[3]
+ end,
+ score = 4.0,
+ description = 'X-PHP-Script header appears forged',
+ group = 'header'
+}
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-12 08:05:48 +0000