aboutsummaryrefslogtreecommitdiffstats
path: root/conf
Commit message (Collapse)AuthorAgeFilesLines
...
* | Merge pull request #4914 from twesterhever/temp-rework-injector-compositeVsevolod Stakhov2024-04-261-3/+12
|\ \ | | | | | | Rework composites for spam injected into compromised accounts
| * | [Minor] Also respect HAS_XOIP for authenticated messagestwesterhever2024-04-091-1/+1
| | |
| * | [Minor] Add some missing groups to existing composite rulestwesterhever2024-04-091-0/+3
| | |
| * | [Minor] Rework composites for spam injected into compromised accountstwesterhever2024-04-091-3/+9
| |/
* / [Minor] Increase RDNS_NONE score to 2.0twesterhever2024-04-091-1/+1
|/
* Revert "[Fix] Fix history key, as we use `{=` and not `{{` in templates"Vsevolod Stakhov2024-02-211-1/+1
|
* [Fix] Fix history key, as we use `{=` and not `{{` in templatesVsevolod Stakhov2024-02-211-1/+1
|
* [Minor] Add more returnbits to surbl configurationAndrew Lewis2024-01-312-0/+14
|
* [Feature] Allow to add templates to redis history prefixVsevolod Stakhov2024-01-291-1/+1
| | | | | Issue: #4793 Closes: #4793
* [Feature] rbl: support disabling or replacing url_whitelist per RBLAndrew Lewis2023-12-121-0/+2
|
* Merge pull request #4683 from twesterhever/temp-improve-freemail-affVsevolod Stakhov2023-11-031-1/+1
|\ | | | | [Minor] Improve FREEMAIL_AFF capture rates
| * [Minor] Improve FREEMAIL_AFF capture ratestwesterhever2023-11-031-1/+1
| |
* | [Enhancement] Add composite rule for suspicious URLs in suspicious messagestwesterhever2023-11-031-0/+6
|/
* [Conf] Add noteVsevolod Stakhov2023-11-021-1/+1
| | | | Issue: #4677
* [Minor] Reiterate on the previous changesAndrew Lewis2023-10-261-3/+3
| | | | | - Demote message to info level - Name it returncodes_matcher for better specificity
* [Minor] rbl: support use of different matchers for return codesAndrew Lewis2023-10-241-0/+3
|
* [Minor] RSPAMD_SHAREDIR is called SHAREDIR in configurationAndrew Lewis2023-10-171-2/+2
|
* [Rules] Blank spam detectionAndrew Lewis2023-10-131-0/+6
|
* [Fix] Prevent DNSWL sabotageMarc Dierksen2023-10-051-10/+10
| | | | | | | | | | | | | | | | When exceeding the query limit for DNSWL it can happen that instead of the returncode 127.0.0.255, that according to documentation (https://www.dnswl.org/?page_id=15) indicates a block, the returncode 127.0.10.3 is returned for all queries. According to documentation (https://www.dnswl.org/?page_id=15) the 127.0.10.3 returncode indicates the highest level of trustworthiness that should never be blocked and a category of 'some special cases'. As it turns out that documentation is a lie and that 127.0.10.3 returncode is used by DNSWL to intentionally sabotage email security by marking all sending servers as highly trustworthy (https://www.dnswl.org/?p=120).
* [Minor] Move configuration to proper locationAndrew Lewis2023-10-021-0/+0
|
* [Minor] Fix copypasta (#4469)Andrew Lewis2023-10-021-3/+3
|
* [Conf] Add new plugin default configurationVsevolod Stakhov2023-09-241-0/+31
|
* Merge pull request #4575 from dragoangel/feat/add-phishing-feed-exclusionsVsevolod Stakhov2023-08-222-0/+10
|\ | | | | [Feature] Support feed exclusions in phishing module
| * Update phishing_group.confDmitriy Alekseev2023-08-161-0/+4
| |
| * Update phishing.confDmitriy Alekseev2023-08-161-0/+6
| |
* | Added support for Redis 6 ACL (username/password)laodc2023-08-211-0/+1
| |
* | [Minor] Align scores of Spamhaus DBL, SURBL, URIBL DNSBL symbolstwesterhever2023-08-021-12/+12
| | | | | | | | | | | | | | | | | | | | Given that they have about the same false positive rate, it makes sense to treat them equal in terms of scoring: - Particular threats (phishing, malware) are scored a bit higher than mere spam domain listings - "Abused legitimate" listings are scored lower for some DNSBLs already, this has now been aligned. - For SURBL, cracked and abused sites are treated with the same score.
* | [Minor] Increase score of URIBL_XBLtwesterhever2023-08-021-1/+1
| | | | | | | | | | This aids with detecting FQDNs hosted on hacked machines, such as used in Fast Flux-style botnet spam.
* | [Minor] Reduce score of URIBL_SBL_CSStwesterhever2023-08-021-1/+1
|/ | | | | | | Given that CSS is an automated component of SBL, this should not receive the same scoring as manually conducted SBL listings. Particularly for shared hosting environments, CSS hits on IP addresses derived from FQDNs sometimes were found to be scored a bit too high.
* Merge pull request #4556 from twesterhever/temp-improve-freemail-affVsevolod Stakhov2023-08-021-1/+1
|\ | | | | [Minor] Improve catch rates of FREEMAIL_AFF
| * [Minor] Improve catch rates of FREEMAIL_AFFtwesterhever2023-08-021-1/+1
| |
* | Add composites exclusions for known Apple Mail bad symbolsDmitriy Alekseev2023-07-111-0/+8
|/
* Merge pull request #4507 from ↵Vsevolod Stakhov2023-06-031-2/+9
|\ | | | | | | | | twesterhever/temp-composites-thread-hijacking-injector [Rules] Add thread hijacking composite rule
| * [Minor] Fix RCVD_UNAUTH_PBLtwesterhever2023-06-021-2/+2
| |
| * [Rules] Add thread hijacking composite ruletwesterhever2023-06-021-0/+7
| |
* | Merge pull request #4505 from ↵Vsevolod Stakhov2023-06-032-2/+2
|\ \ | | | | | | | | | | | | twesterhever/temp-misc-cleanups-and-housekeeping-v2 [Minor] Assorted cleanup and housekeeping of configuration files, take 2
| * | [Minor] Fix quirk in CRACKED_SURBL rule descriptiontwesterhever2023-05-261-1/+1
| | |
| * | [Minor] Improve various rule descriptionstwesterhever2023-05-261-1/+1
| | |
* | | [Minor] Improve HACKED_WP_PHISHING coveragetwesterhever2023-06-022-3/+3
| |/ |/|
* | [Enhancement] Add composite rule for messages only containing a redirector URLtwesterhever2023-05-261-0/+6
|/
* [Conf] Remove outdated composite rulesVsevolod Stakhov2023-05-091-10/+0
|
* [Feature] Allow to use other methods when fasttext detection is enabledVsevolod Stakhov2023-05-021-0/+3
|
* [Conf] Add missing attributes for the language detection configurationVsevolod Stakhov2023-04-301-0/+15
|
* [Conf] Add language detection configurationVsevolod Stakhov2023-04-292-0/+16
|
* [Conf] Add `one_shot` to some specific multimap rulesVsevolod Stakhov2023-04-231-0/+7
|
* [Feature] Add extra symbol when URL redirector reaches nested limitVsevolod Stakhov2023-04-221-0/+5
| | | | Issue: #4406
* fix incorrect asn references in bimi.confMehmet Tolga Avcioglu2023-02-231-3/+4
|
* Merge pull request #4351 from korgoth1/masterVsevolod Stakhov2023-02-221-0/+9
|\ | | | | Checking for redirector url in mail
| * Update conf/modules.d/multimap.confkorgoth12022-11-271-1/+1
| | | | | | Co-authored-by: Vsevolod Stakhov <vsevolod@rspamd.com>
| * Checking for redirector url in mailkorgoth12022-11-271-0/+9
| |