Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | | Merge pull request #4914 from twesterhever/temp-rework-injector-composite | Vsevolod Stakhov | 2024-04-26 | 1 | -3/+12 | |
|\ \ | | | | | | | Rework composites for spam injected into compromised accounts | |||||
| * | | [Minor] Also respect HAS_XOIP for authenticated messages | twesterhever | 2024-04-09 | 1 | -1/+1 | |
| | | | ||||||
| * | | [Minor] Add some missing groups to existing composite rules | twesterhever | 2024-04-09 | 1 | -0/+3 | |
| | | | ||||||
| * | | [Minor] Rework composites for spam injected into compromised accounts | twesterhever | 2024-04-09 | 1 | -3/+9 | |
| |/ | ||||||
* / | [Minor] Increase RDNS_NONE score to 2.0 | twesterhever | 2024-04-09 | 1 | -1/+1 | |
|/ | ||||||
* | Revert "[Fix] Fix history key, as we use `{=` and not `{{` in templates" | Vsevolod Stakhov | 2024-02-21 | 1 | -1/+1 | |
| | ||||||
* | [Fix] Fix history key, as we use `{=` and not `{{` in templates | Vsevolod Stakhov | 2024-02-21 | 1 | -1/+1 | |
| | ||||||
* | [Minor] Add more returnbits to surbl configuration | Andrew Lewis | 2024-01-31 | 2 | -0/+14 | |
| | ||||||
* | [Feature] Allow to add templates to redis history prefix | Vsevolod Stakhov | 2024-01-29 | 1 | -1/+1 | |
| | | | | | Issue: #4793 Closes: #4793 | |||||
* | [Feature] rbl: support disabling or replacing url_whitelist per RBL | Andrew Lewis | 2023-12-12 | 1 | -0/+2 | |
| | ||||||
* | Merge pull request #4683 from twesterhever/temp-improve-freemail-aff | Vsevolod Stakhov | 2023-11-03 | 1 | -1/+1 | |
|\ | | | | | [Minor] Improve FREEMAIL_AFF capture rates | |||||
| * | [Minor] Improve FREEMAIL_AFF capture rates | twesterhever | 2023-11-03 | 1 | -1/+1 | |
| | | ||||||
* | | [Enhancement] Add composite rule for suspicious URLs in suspicious messages | twesterhever | 2023-11-03 | 1 | -0/+6 | |
|/ | ||||||
* | [Conf] Add note | Vsevolod Stakhov | 2023-11-02 | 1 | -1/+1 | |
| | | | | Issue: #4677 | |||||
* | [Minor] Reiterate on the previous changes | Andrew Lewis | 2023-10-26 | 1 | -3/+3 | |
| | | | | | - Demote message to info level - Name it returncodes_matcher for better specificity | |||||
* | [Minor] rbl: support use of different matchers for return codes | Andrew Lewis | 2023-10-24 | 1 | -0/+3 | |
| | ||||||
* | [Minor] RSPAMD_SHAREDIR is called SHAREDIR in configuration | Andrew Lewis | 2023-10-17 | 1 | -2/+2 | |
| | ||||||
* | [Rules] Blank spam detection | Andrew Lewis | 2023-10-13 | 1 | -0/+6 | |
| | ||||||
* | [Fix] Prevent DNSWL sabotage | Marc Dierksen | 2023-10-05 | 1 | -10/+10 | |
| | | | | | | | | | | | | | | | | When exceeding the query limit for DNSWL it can happen that instead of the returncode 127.0.0.255, that according to documentation (https://www.dnswl.org/?page_id=15) indicates a block, the returncode 127.0.10.3 is returned for all queries. According to documentation (https://www.dnswl.org/?page_id=15) the 127.0.10.3 returncode indicates the highest level of trustworthiness that should never be blocked and a category of 'some special cases'. As it turns out that documentation is a lie and that 127.0.10.3 returncode is used by DNSWL to intentionally sabotage email security by marking all sending servers as highly trustworthy (https://www.dnswl.org/?p=120). | |||||
* | [Minor] Move configuration to proper location | Andrew Lewis | 2023-10-02 | 1 | -0/+0 | |
| | ||||||
* | [Minor] Fix copypasta (#4469) | Andrew Lewis | 2023-10-02 | 1 | -3/+3 | |
| | ||||||
* | [Conf] Add new plugin default configuration | Vsevolod Stakhov | 2023-09-24 | 1 | -0/+31 | |
| | ||||||
* | Merge pull request #4575 from dragoangel/feat/add-phishing-feed-exclusions | Vsevolod Stakhov | 2023-08-22 | 2 | -0/+10 | |
|\ | | | | | [Feature] Support feed exclusions in phishing module | |||||
| * | Update phishing_group.conf | Dmitriy Alekseev | 2023-08-16 | 1 | -0/+4 | |
| | | ||||||
| * | Update phishing.conf | Dmitriy Alekseev | 2023-08-16 | 1 | -0/+6 | |
| | | ||||||
* | | Added support for Redis 6 ACL (username/password) | laodc | 2023-08-21 | 1 | -0/+1 | |
| | | ||||||
* | | [Minor] Align scores of Spamhaus DBL, SURBL, URIBL DNSBL symbols | twesterhever | 2023-08-02 | 1 | -12/+12 | |
| | | | | | | | | | | | | | | | | | | | | Given that they have about the same false positive rate, it makes sense to treat them equal in terms of scoring: - Particular threats (phishing, malware) are scored a bit higher than mere spam domain listings - "Abused legitimate" listings are scored lower for some DNSBLs already, this has now been aligned. - For SURBL, cracked and abused sites are treated with the same score. | |||||
* | | [Minor] Increase score of URIBL_XBL | twesterhever | 2023-08-02 | 1 | -1/+1 | |
| | | | | | | | | | | This aids with detecting FQDNs hosted on hacked machines, such as used in Fast Flux-style botnet spam. | |||||
* | | [Minor] Reduce score of URIBL_SBL_CSS | twesterhever | 2023-08-02 | 1 | -1/+1 | |
|/ | | | | | | | Given that CSS is an automated component of SBL, this should not receive the same scoring as manually conducted SBL listings. Particularly for shared hosting environments, CSS hits on IP addresses derived from FQDNs sometimes were found to be scored a bit too high. | |||||
* | Merge pull request #4556 from twesterhever/temp-improve-freemail-aff | Vsevolod Stakhov | 2023-08-02 | 1 | -1/+1 | |
|\ | | | | | [Minor] Improve catch rates of FREEMAIL_AFF | |||||
| * | [Minor] Improve catch rates of FREEMAIL_AFF | twesterhever | 2023-08-02 | 1 | -1/+1 | |
| | | ||||||
* | | Add composites exclusions for known Apple Mail bad symbols | Dmitriy Alekseev | 2023-07-11 | 1 | -0/+8 | |
|/ | ||||||
* | Merge pull request #4507 from ↵ | Vsevolod Stakhov | 2023-06-03 | 1 | -2/+9 | |
|\ | | | | | | | | | twesterhever/temp-composites-thread-hijacking-injector [Rules] Add thread hijacking composite rule | |||||
| * | [Minor] Fix RCVD_UNAUTH_PBL | twesterhever | 2023-06-02 | 1 | -2/+2 | |
| | | ||||||
| * | [Rules] Add thread hijacking composite rule | twesterhever | 2023-06-02 | 1 | -0/+7 | |
| | | ||||||
* | | Merge pull request #4505 from ↵ | Vsevolod Stakhov | 2023-06-03 | 2 | -2/+2 | |
|\ \ | | | | | | | | | | | | | twesterhever/temp-misc-cleanups-and-housekeeping-v2 [Minor] Assorted cleanup and housekeeping of configuration files, take 2 | |||||
| * | | [Minor] Fix quirk in CRACKED_SURBL rule description | twesterhever | 2023-05-26 | 1 | -1/+1 | |
| | | | ||||||
| * | | [Minor] Improve various rule descriptions | twesterhever | 2023-05-26 | 1 | -1/+1 | |
| | | | ||||||
* | | | [Minor] Improve HACKED_WP_PHISHING coverage | twesterhever | 2023-06-02 | 2 | -3/+3 | |
| |/ |/| | ||||||
* | | [Enhancement] Add composite rule for messages only containing a redirector URL | twesterhever | 2023-05-26 | 1 | -0/+6 | |
|/ | ||||||
* | [Conf] Remove outdated composite rules | Vsevolod Stakhov | 2023-05-09 | 1 | -10/+0 | |
| | ||||||
* | [Feature] Allow to use other methods when fasttext detection is enabled | Vsevolod Stakhov | 2023-05-02 | 1 | -0/+3 | |
| | ||||||
* | [Conf] Add missing attributes for the language detection configuration | Vsevolod Stakhov | 2023-04-30 | 1 | -0/+15 | |
| | ||||||
* | [Conf] Add language detection configuration | Vsevolod Stakhov | 2023-04-29 | 2 | -0/+16 | |
| | ||||||
* | [Conf] Add `one_shot` to some specific multimap rules | Vsevolod Stakhov | 2023-04-23 | 1 | -0/+7 | |
| | ||||||
* | [Feature] Add extra symbol when URL redirector reaches nested limit | Vsevolod Stakhov | 2023-04-22 | 1 | -0/+5 | |
| | | | | Issue: #4406 | |||||
* | fix incorrect asn references in bimi.conf | Mehmet Tolga Avcioglu | 2023-02-23 | 1 | -3/+4 | |
| | ||||||
* | Merge pull request #4351 from korgoth1/master | Vsevolod Stakhov | 2023-02-22 | 1 | -0/+9 | |
|\ | | | | | Checking for redirector url in mail | |||||
| * | Update conf/modules.d/multimap.conf | korgoth1 | 2022-11-27 | 1 | -1/+1 | |
| | | | | | | Co-authored-by: Vsevolod Stakhov <vsevolod@rspamd.com> | |||||
| * | Checking for redirector url in mail | korgoth1 | 2022-11-27 | 1 | -0/+9 | |
| | |