rspamd.git - Rapid spam filtering system: https://github.com/rspamd/rspamd

	Commit message (Collapse)	Author	Age	Files	Lines
*	[Minor] Add HAS_FILE_URL rule for messages containing a file:// URL	twesterhever	2024-02-29	1	-0/+7
\| \| \| \| \| \| \| \| \|	These are frequently abused for distributing malware via non-HTTP protocols, such as public Samba servers. file:// URLs may also be abused for including files from the victims' machine in a message. Either way, a legitimate usecase is unlikely. Signed-off-by: twesterhever <40121680+twesterhever@users.noreply.github.com>
*	[Minor] Add rule for messages missing both X-Mailer and User-Agent header	twesterhever	2023-11-03	1	-0/+10
\|
*	[Fix] MISSING_MIMEOLE: avoid matching messages from Android GMail app (#4561)	Andrew Lewis	2023-09-14	1	-2/+4
\|
*	[Minor] Reformat all Lua code, no functional changes	Vsevolod Stakhov	2023-08-07	4	-67/+88
\|
*	[Minor] Tweak HAS_GOOGLE_REDIR to detect Google AMP URLs as well	twesterhever	2023-08-02	1	-1/+1
\| \| \| \|	Rationale: https://cofense.com/blog/google-amp-the-newest-of-evasive-phishing-tactic/
*	Adjust apple_x_mailer regex	Dmitriy Alekseev	2023-07-12	1	-1/+1
\|
*	[Minor] A bit better apple_x_mailer regex	Dmitriy Alekseev	2023-07-12	1	-1/+1
\|
*	Optimize apple_ios_x_mailer regex	Dmitriy Alekseev	2023-07-12	1	-1/+1
\|
*	Support regex rules to detect Apple Mail	Dmitriy Alekseev	2023-07-11	1	-3/+20
\|
*	Merge pull request #4497 from twesterhever/temp-improve-has-google-redir	Vsevolod Stakhov	2023-06-22	1	-2/+2
\|\ \| \| \| \|	[Enhancement] Improve detection of Google redirection URLs
\| *	[Minor] Remove superfluous '\|' in regular expression	twesterhever	2023-06-22	1	-1/+1
\| \|
\| *	[Minor] Simplify regular expression for HAS_GOOGLE_REDIR	twesterhever	2023-06-22	1	-1/+1
\| \| \| \| \| \| \| \|	https://github.com/rspamd/rspamd/pull/4497#issuecomment-1586265815
\| *	[Enhancement] Improve detection of Google redirection URLs	twesterhever	2023-05-26	1	-2/+2
\| \| \| \| \| \| \| \| \| \|	The list is derived from Firefox' static HPKP entires, retrieved from: https://searchfox.org/mozilla-central/source/security/manager/ssl/StaticHPKPins.h
* \|	Merge pull request #4494 from twesterhever/temp-arm-google-firebase	Vsevolod Stakhov	2023-06-11	1	-2/+2
\|\ \ \| \| \| \| \| \|	[Rules] Make Google Firebase rule productive
\| * \|	[Enhancement] Make Google Firebase rule productive	twesterhever	2023-05-26	1	-2/+2
\| \|/
* \|	Merge pull request #4495 from twesterhever/temp-onoin-url	Vsevolod Stakhov	2023-06-04	1	-1/+1
\|\ \ \| \| \| \| \| \|	[Minor] Move HAS_ONION_URI from "experimental" to "url" group
\| * \|	[Minor] Move HAS_ONION_URI from "experimental" to "url" group	twesterhever	2023-05-26	1	-1/+1
\| \|/
* /	[Minor] Improve various rule descriptions	twesterhever	2023-05-26	1	-50/+47
\|/
*	[Minor] Account for one more undisclosed-recipients address variant	Anton Yuzhaninov	2023-02-25	1	-1/+2
\|
*	Merge branch 'master' into temp-add-ipfs-heuristics	Vsevolod Stakhov	2023-02-20	2	-6/+12
\|\
\| *	add Betterbird to `user_agent_thunderbird`	georglauterbach	2023-02-19	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	See https://github.com/Betterbird/thunderbird-patches/issues/125 for reference. This way, Rspamd will not add `FORGED_MUA_MOZILLA_MAIL_MSGID_UNKNOWN` to mails sent perfectly find with Betterbird. Betterbird (<https://www.betterbird.eu/>) is an adjusted version of Thunderbird, fixing many bugs and adding long-wanted features. It is a common and well-known alternative to Thunderbird, so I think the addition is justified.
\| *	Merge pull request #4397 from twesterhever/temp-misc-cleanups-and-housekeeping	Vsevolod Stakhov	2023-02-17	2	-2/+1
\| \|\ \| \| \| \| \| \|	[Minor] Assorted cleanup and housekeeping of configuration files
\| \| *	[Minor] Fix some whitespace issues	twesterhever	2023-02-17	2	-2/+1
\| \| \|
\| * \|	Merge pull request #4401 from twesterhever/temp-google-firebase	Vsevolod Stakhov	2023-02-17	1	-0/+7
\| \|\ \ \| \| \| \| \| \| \| \|	[Enhancement] Add rule to detect Google Firebase URLs
\| \| * \|	[Enhancement] Add rule to detect Google Firebase URLs	twesterhever	2023-02-17	1	-0/+7
\| \| \|/
\| * /	[Enhancement] Make Google URL redirection rules productive	twesterhever	2023-02-17	1	-5/+5
\| \|/
\| *	[Minor] Use unicode property for currency detection	Vsevolod Stakhov	2022-10-29	1	-1/+1
\| \| \| \| \| \| \| \|	Issue: #4320
* \|	[Minor] Regexp is case-insensitive, omit redundant characters	twesterhever	2022-11-06	1	-1/+1
\| \|
* \|	[Minor] Fix rule comment	twesterhever	2022-11-06	1	-1/+1
\| \|
* \|	[Minor] Limit CIDv1 detection to 128 bytes	twesterhever	2022-11-06	1	-1/+1
\| \| \| \| \| \|	As requested by @vstakhov in https://github.com/rspamd/rspamd/pull/4310#pullrequestreview-1148226107, try to limit the performance impact of this regular expression. However, given that there does not seem to be a hard limit for CIDv1s in IPFS itself, using an hashing algorithm with large output my permit miscreants to get around this rule.
* \|	[Minor] Implement multibase prefixes for IPFS gateway URL rule	twesterhever	2022-11-06	1	-2/+2
\| \|
* \|	[Minor] Clarify that IPFS gateway URLs are likely considered malicious	twesterhever	2022-11-06	1	-2/+2
\| \|
* \|	[Enhancement] Add IPFS URL heuristic	twesterhever	2022-10-15	1	-1/+16
\|/
*	[Minor] Update more copyright years/email	Vsevolod Stakhov	2022-03-27	2	-2/+2
\|
*	Spelling (#4086)	Josh Soref	2022-02-22	1	-4/+4
\| \| \|	[Rework] Massive spelling fix from @jsoref
*	[Minor] Fix rule	Vsevolod Stakhov	2021-11-30	1	-1/+1
\|
*	[Rules] Remove ancient and inefficient rules	Vsevolod Stakhov	2021-11-29	1	-43/+0
\|
*	[Rules] Fix old rules to stop global functions usage	Vsevolod Stakhov	2021-11-29	1	-46/+72
\|
*	[Minor] Regexp: Extend upstream spam filter regexp	Sebastian Lipponer	2021-08-21	1	-1/+3
\|
*	[Rules] Micro-optimize X_PHP_EVAL	Anton Yuzhaninov	2021-08-05	1	-1/+1
\| \| \| \| \|	Remove /i flag from regexp string "eval()'d code" is always in lower case. While here use long string format for readability.
*	[Rules] Extend OLD_X_MAILER	Anton Yuzhaninov	2021-05-22	1	-3/+4
\| \| \| \|	Add more old iPhone/iPad Mail versions to the regexp.
*	[Rules] Extend FORGED_X_MAILER	Anton Yuzhaninov	2021-05-22	1	-3/+10
\| \| \| \| \|	Match in FORGED_X_MAILER fake iPhone Mail header with a random string in place of iOS build number, e. g. iPhone Mail (WKN0M)
*	[Minor] Make HAS_PHPMAILER_SIG regexps more specific	Anton Yuzhaninov	2021-04-27	1	-1/+7
\| \| \| \|	Use stricter regexp to avoid false matches.
*	[Rules] Reduce default weight for R_MISSING_CHARSET	Vsevolod Stakhov	2021-03-12	1	-1/+1
\|
*	[Fix] Fix Mozilla Message-ID detection	Alexander Moisseev	2021-02-05	1	-1/+1
\| \| \|	The left part of the Mozilla Message-ID is a hexadecimal timestamp. The regexp was mistakenly limited to 2021-01-14.
*	Fix typos in code comments	Pavel Rochnyack	2020-12-23	1	-3/+3
\|
*	[Minor] Fix missing comma	Vsevolod Stakhov	2020-12-22	1	-1/+1
\|
*	[Minor] Add rule for forged X-Mailer: Internet Mail Service	Anton Yuzhaninov	2020-12-22	1	-0/+15
\|
*	[Minor] Add {header} for header regexps	Anton Yuzhaninov	2020-12-22	1	-3/+3
\|
*	[Minor] Remove R_SAJDING and SUSPICIOUS_OPERA_10W_MSGID	Anton Yuzhaninov	2020-12-21	1	-22/+2
\| \| \| \|	These rules are no longer relevant.