aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* [WebUI] Update map editormoisseev2023-10-279-14/+36
| | | | CodeJar 3.7.0 -> 4.2.0
* Merge pull request #4657 from fatalbanana/rbl_matchersVsevolod Stakhov2023-10-264-14/+100
|\ | | | | [Feature] rbl: support use of different matchers for return codes
| * [Minor] Reiterate on the previous changesAndrew Lewis2023-10-264-16/+16
| | | | | | | | | | - Demote message to info level - Name it returncodes_matcher for better specificity
| * [Feature] rbl: support globbed return codesAndrew Lewis2023-10-253-3/+17
| |
| * [Feature] rbl: support checking returncodes by CIDRAndrew Lewis2023-10-253-21/+44
| |
| * [Feature] rbl: support checking returncodes by regexAndrew Lewis2023-10-243-5/+20
| |
| * [Minor] rbl: support use of different matchers for return codesAndrew Lewis2023-10-243-3/+37
| |
* | Merge pull request #4656 from twesterhever/temp-tighten-attachment-policyVsevolod Stakhov2023-10-251-6/+25
|\ \ | | | | | | Tighten rspamd's attachment policy
| * | [Minor] Remove duplicate *.app attachment typetwesterhever2023-10-251-1/+0
| | | | | | | | | | | | Reported by @fatalbanana.
| * | Revert "[Minor] Increase scoring of *.exe attachments"twesterhever2023-10-241-1/+1
| | | | | | | | | | | | | | | | | | Reverted based on feedback by @moisseev. This reverts commit 8171424d846a3e33b5d0f9f7f4ee09ec8d553a03.
| * | [Minor] Add additional bad attachment typestwesterhever2023-10-221-0/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - app: Executable Application, blocked in Outlook by default - aspx: Active Server Page Extended, blocked in Outlook by default - dll: Dynamic-link Library - dqy: Microsoft Query File, blocking recommended in MS365 - iqy: ditto - mht: MHTML File, often abused for phishing and exploit attempts - mhtml: ditto - oqy: Microsoft Query File, blocking recommended in MS365 - rqy: ditto - slk: Microsoft Symbolic Link - wim: Windows Imaging Format
| * | [Minor] Increase scoring of *.exe attachmentstwesterhever2023-10-221-1/+1
| | | | | | | | | | | | | | | These are already banned in most environments, including GMail and Outlook. We may as well bump this score up to 4 eventually.
| * | [Minor] Incorporate additional bad attachments from Microsofttwesterhever2023-10-221-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These are as follows: - htc: HTML Component File - pyc: Compiled Python Script - pyo: Optimized Compiled Python Module - pyw: Python Script To Be Executed With Suppressed Terminal Window - pyz: Python Zip Application - pyzw: Python Zip Application - vhd: Virtual Hard Disk - vhdx: Virtual Hard Disk Extended - wsf: Windows Script File Note that the Python file types remain unscored in archives, so distribution of these in source tarballs and the like is not affected by this commit. Source: https://support.microsoft.com/en-us/office/blocked-attachments-in-outlook-434752e1-02d3-4e90-9124-8b81e49a8519?ui=en-us&rs=en-us&ad=us
| * | [Minor] Refer to third parties for attachment handling whenever possibletwesterhever2023-10-221-6/+6
| | | | | | | | | | | | | | | | | | | | | This avoids confusion and enqueries to the rspamd project, if it is made clear that the decision to score certain attachments high has been incorporated from a well-known third party, such as Google's or Microsoft's attachment handling policy.
* | | Merge pull request #4661 from moisseev/webuiVsevolod Stakhov2023-10-252-9/+20
|\ \ \ | | | | | | | | [WebUI] Fix history table vanishing
| * | | [WebUI] Fix history table vanishingmoisseev2023-10-252-9/+20
| |/ / | | | | | | | | | on repeated rows per page input
* | | [Minor] Improve diagnosticsVsevolod Stakhov2023-10-241-7/+15
| | |
* | | [Fix] Deal with fmtlib exceptions properlyVsevolod Stakhov2023-10-231-139/+166
|/ /
* | [Minor] Try to fix ICAP scanners by adding use_specific_content_type parameterVsevolod Stakhov2023-10-221-5/+14
| | | | | | | | Issue: #4643
* | [Minor] Simplify by using <filesystem>Vsevolod Stakhov2023-10-211-64/+33
|/
* Merge pull request #4649 from fatalbanana/rspamd_sharedirVsevolod Stakhov2023-10-171-2/+2
|\ | | | | [Minor] RSPAMD_SHAREDIR is called SHAREDIR in configuration
| * [Minor] RSPAMD_SHAREDIR is called SHAREDIR in configurationAndrew Lewis2023-10-171-2/+2
| |
* | Merge pull request #4648 from fatalbanana/luacheckVsevolod Stakhov2023-10-173-11/+17
|\ \ | |/ |/| [Test] Banish luacheck from functional tests
| * [Test] Banish luacheck from functional testsAndrew Lewis2023-10-173-11/+17
| | | | | | | | - Use luacheck from GitLab
* | Merge pull request #4587 from fatalbanana/dmarc_subdomainsVsevolod Stakhov2023-10-162-10/+8
|\ \ | |/ |/| [Fix] DMARC reporting: fix reporting for subdomains
| * [Fix] DMARC reporting: fix reporting for subdomainsAndrew Lewis2023-10-162-10/+8
|/ | | | - Reported by: @bilym
* Merge pull request #4645 from moisseev/webuiVsevolod Stakhov2023-10-162-18/+28
|\ | | | | [WebUI] Add control to invert action filter
| * [WebUI] Add control to invert action filtermoisseev2023-10-152-5/+28
| | | | | | | | | | | | to scan results and history tables Issue: #4098
| * [Minor] Remove unused FooTable hookmoisseev2023-10-111-13/+0
| | | | | | | | | | as the ability to set dropdown value through the FooTable options is not used in the project.
* | [Minor] Do not use `setproctitle` on LinuxVsevolod Stakhov2023-10-141-1/+4
| | | | | | | | Issue: #4634
* | Merge pull request #4640 from dzjaivnt/dzjaivnt-patch-1Vsevolod Stakhov2023-10-141-6/+6
|\ \ | | | | | | Dzjaivnt patch 1
| * | Update dmarc.luadzjaivnt2023-10-121-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With name: dmarc; dmarc.lua:191: munging debug: {[domain] = domain.tld [flags] = {[valid] = true, [braced] = true}, [name] = Name [domain.tld], [raw] = <user@domain.tld>, [addr] = user@domain.tld, [user] = user} dmarc; dmarc.lua:234: munged DMARC header for domain.tld: Name [domain.tld] via mark <otheruser@otherdomain.tld> -> user@domain.tld Without name: dmarc; dmarc.lua:191: munging debug: {[domain] = domain.tld [flags] = {[valid] = true, [braced] = true}, [name] = , [raw] = <user@domain.tld>, [addr] = user@domain.tld, [user] = user} dmarc.lua:234: munged DMARC header for domain.tld: user via otheruser <otheruser@otherdomain.tld> -> user@domain.tld
| * | Update dmarc.luadzjaivnt2023-10-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When from.name is Nil its still show up, with != "" not Then you get From: via user <user@domain.tld> Instead of From: otheruser via user <user@domain.tld> Debug: 2023-10-12 12:08:15 #725504(normal) <0b948d>; dmarc; dmarc.lua:191: munging debug: {[user] = user, [domain] = domain.tld, [flags] = {[valid] = true}, [name] = , [raw] = user@domain.tld, [addr] = user@domain.tld}
| * | Update dmarc.luadzjaivnt2023-10-121-3/+3
| | | | | | | | | Debug logs where broken, so muning functionality not working at all.
* | | Merge pull request #4642 from twesterhever/temp-cue-attachmentsVsevolod Stakhov2023-10-131-0/+1
|\ \ \ | | | | | | | | [Minor] Treat *.cue attachments as harmful
| * | | [Minor] Treat *.cue attachments as harmfultwesterhever2023-10-131-0/+1
| | | | | | | | | | | | | | | | Rationale: https://arstechnica.com/information-technology/2023/10/one-click-remote-code-exploit-in-cd-cue-files-affects-most-gnome-based-linux-distros/
* | | | Merge pull request #4644 from fatalbanana/blankspamVsevolod Stakhov2023-10-135-4/+43
|\ \ \ \ | |/ / / |/| | | [Rules] Blank spam detection
| * | | [Rules] Blank spam detectionAndrew Lewis2023-10-135-4/+43
|/ / /
* | | [Minor] Fix build on some systemsVsevolod Stakhov2023-10-121-0/+6
| | |
* | | Merge pull request #4639 from a16bitsysop/backwardVsevolod Stakhov2023-10-122-18/+25
|\ \ \ | |/ / |/| | [Minor] Make compiling with backward-cpp optional
| * | [Fix] backport fix for dlfcn.h from backward-cppDuncan Bellamy2023-10-121-14/+13
| | | | | | | | | | | | | | | | | | | | | https://github.com/bombela/backward-cpp/commit/65fc89e210655aaa707337bc21d19f45805ac8a2 backport fix for powerpc as well https://github.com/bombela/backward-cpp/commit/4bec538c996e155d487db9aef0fc2f1996202f8e
| * | [Minor] Make compiling with backward-cpp optionalDuncan Bellamy2023-10-121-4/+12
|/ /
* / [Minor] Update versionVsevolod Stakhov2023-10-111-1/+1
|/
* Release 3.7.13.7.1Vsevolod Stakhov2023-10-072-1/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * [CritFix] Fix leak in `gzip` function * [Feature] Add ICAP Content-Type and Filename * [Feature] Add `logging`->`task_max_elts` option * [Feature] Add utility to split string like stuff for C++ code * [Feature] Allow to set HTTP auth parameters for the maps * [Feature] Check for plugin configuration errors on `configtest` * [Feature] `known_senders` plugin * [Feature] Use backward-cpp instead of manual libunwind stuff * [Feature] rbl: support checking numeric URLs in isolation * [Fix] CMakeLists.txt remove whitespace added by linter as it makes tests fail * [Fix] Change Date: header location to conform with RFC * [Fix] Correct format pattern for RE tree tempfile name * [Fix] Correct format string for unw_word_t * [Fix] Do not accept invalid ucl object types * [Fix] Do not pollute public headers with libev internals * [Fix] Do not set output type if list application failed * [Fix] Fix `url:set_redirected` method * [Fix] Fix format string and some length issues * [Fix] Fix grammar definition for content-disposition attributes * [Fix] Fix lua schema enrichment logic for Redis params * [Fix] Fix lua stack corruption when logging large tables * [Fix] Fix merge table utility * [Fix] Fix output of non-RSA DKIM keys * [Fix] Fix some corner cases of single-host urls parsing * [Fix] Fix various issues in the `url_redirector` plugin * [Fix] MISSING_MIMEOLE: avoid matching messages from Android GMail app (#4561) * [Fix] Prevent DNSWL sabotage * [Fix] Try to fix unzip function * [Fix] rbl: really fix dependency registration when symbols_prefixes is used * [Fix] rspamadm mime: arguments beginning with letter `t` * [Rework] Breaking: return back to semver * [Rework] Move rcl logic to C++
* [Minor] Remove outdated fileVsevolod Stakhov2023-10-061-495/+0
|
* [Minor] Apply schema for all fuzzy rulesVsevolod Stakhov2023-10-051-1/+14
|
* Merge pull request #4627 from netcon-consulting/dnswlVsevolod Stakhov2023-10-051-10/+10
|\ | | | | [Fix] Prevent DNSWL sabotage
| * [Fix] Prevent DNSWL sabotageMarc Dierksen2023-10-051-10/+10
|/ | | | | | | | | | | | | | | | When exceeding the query limit for DNSWL it can happen that instead of the returncode 127.0.0.255, that according to documentation (https://www.dnswl.org/?page_id=15) indicates a block, the returncode 127.0.10.3 is returned for all queries. According to documentation (https://www.dnswl.org/?page_id=15) the 127.0.10.3 returncode indicates the highest level of trustworthiness that should never be blocked and a category of 'some special cases'. As it turns out that documentation is a lie and that 127.0.10.3 returncode is used by DNSWL to intentionally sabotage email security by marking all sending servers as highly trustworthy (https://www.dnswl.org/?p=120).
* Merge pull request #4625 from fatalbanana/native_ifVsevolod Stakhov2023-10-037-45/+109
|\ | | | | [Test] Use Robot Framework native IF
| * [Test] Use Robot Framework native IFAndrew Lewis2023-10-027-45/+109
| | | | | | | | - Since 4.0 (March 2021)
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-28 13:48:57 +0000