| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | [Minor] Make API consistent | Vsevolod Stakhov | 2024-09-27 | 1 | -1/+1 |
| | | |||||
| * | [Minor] Simplify condition and add them merely when mime utf is enabled | Vsevolod Stakhov | 2024-07-17 | 1 | -9/+13 |
| | | |||||
| * | [Rules] Fix some old rules | Vsevolod Stakhov | 2024-07-16 | 1 | -7/+10 |
| | | |||||
| * | correct headers.lua | ishisora | 2024-05-21 | 1 | -1/+1 |
| | | |||||
| * | [Minor] Exclude User-Agent: Mozilla Thunderbird from XM_UA_NO_VERSION | gami | 2024-05-14 | 1 | -1/+1 |
| | | |||||
| * | [Minor] Exclude User-Agent: Mozilla Thunderbird from XM_UA_NO_VERSION | gami | 2024-05-14 | 1 | -2/+3 |
| | | |||||
| * | [Minor] Constrain Content-Description regexp | twesterhever | 2024-05-01 | 1 | -1/+1 |
| | | |||||
| * | [Minor] Remove superflous "string.format()" | twesterhever | 2024-05-01 | 1 | -1/+1 |
| | | |||||
| * | [Enhancement] Catch "Mail message body" Content-Description | twesterhever | 2024-04-28 | 1 | -0/+7 |
| | | | | | This header frequently surfaces in spam, mostly advance fee fraud. | ||||
| * | [Minor] Add rule for presence of Content-Description header | twesterhever | 2024-04-28 | 1 | -0/+7 |
| | | |||||
| * | [Minor] Add rule for localhost HELOs in Received headers | twesterhever | 2024-03-24 | 1 | -0/+7 |
| | | |||||
| * | [Minor] Add HAS_FILE_URL rule for messages containing a file:// URL | twesterhever | 2024-02-29 | 1 | -0/+7 |
| | | | | | | | | | | These are frequently abused for distributing malware via non-HTTP protocols, such as public Samba servers. file:// URLs may also be abused for including files from the victims' machine in a message. Either way, a legitimate usecase is unlikely. Signed-off-by: twesterhever <40121680+twesterhever@users.noreply.github.com> | ||||
| * | [Minor] Add rule for messages missing both X-Mailer and User-Agent header | twesterhever | 2023-11-03 | 1 | -0/+10 |
| | | |||||
| * | [Fix] MISSING_MIMEOLE: avoid matching messages from Android GMail app (#4561) | Andrew Lewis | 2023-09-14 | 1 | -2/+4 |
| | | |||||
| * | [Minor] Reformat all Lua code, no functional changes | Vsevolod Stakhov | 2023-08-07 | 4 | -67/+88 |
| | | |||||
| * | [Minor] Tweak HAS_GOOGLE_REDIR to detect Google AMP URLs as well | twesterhever | 2023-08-02 | 1 | -1/+1 |
| | | | | | Rationale: https://cofense.com/blog/google-amp-the-newest-of-evasive-phishing-tactic/ | ||||
| * | Adjust apple_x_mailer regex | Dmitriy Alekseev | 2023-07-12 | 1 | -1/+1 |
| | | |||||
| * | [Minor] A bit better apple_x_mailer regex | Dmitriy Alekseev | 2023-07-12 | 1 | -1/+1 |
| | | |||||
| * | Optimize apple_ios_x_mailer regex | Dmitriy Alekseev | 2023-07-12 | 1 | -1/+1 |
| | | |||||
| * | Support regex rules to detect Apple Mail | Dmitriy Alekseev | 2023-07-11 | 1 | -3/+20 |
| | | |||||
| * | Merge pull request #4497 from twesterhever/temp-improve-has-google-redir | Vsevolod Stakhov | 2023-06-22 | 1 | -2/+2 |
| |\ | | | | | [Enhancement] Improve detection of Google redirection URLs | ||||
| | * | [Minor] Remove superfluous '|' in regular expression | twesterhever | 2023-06-22 | 1 | -1/+1 |
| | | | |||||
| | * | [Minor] Simplify regular expression for HAS_GOOGLE_REDIR | twesterhever | 2023-06-22 | 1 | -1/+1 |
| | | | | | | | | | https://github.com/rspamd/rspamd/pull/4497#issuecomment-1586265815 | ||||
| | * | [Enhancement] Improve detection of Google redirection URLs | twesterhever | 2023-05-26 | 1 | -2/+2 |
| | | | | | | | | | | | The list is derived from Firefox' static HPKP entires, retrieved from: https://searchfox.org/mozilla-central/source/security/manager/ssl/StaticHPKPins.h | ||||
| * | | Merge pull request #4494 from twesterhever/temp-arm-google-firebase | Vsevolod Stakhov | 2023-06-11 | 1 | -2/+2 |
| |\ \ | | | | | | | [Rules] Make Google Firebase rule productive | ||||
| | * | | [Enhancement] Make Google Firebase rule productive | twesterhever | 2023-05-26 | 1 | -2/+2 |
| | |/ | |||||
| * | | Merge pull request #4495 from twesterhever/temp-onoin-url | Vsevolod Stakhov | 2023-06-04 | 1 | -1/+1 |
| |\ \ | | | | | | | [Minor] Move HAS_ONION_URI from "experimental" to "url" group | ||||
| | * | | [Minor] Move HAS_ONION_URI from "experimental" to "url" group | twesterhever | 2023-05-26 | 1 | -1/+1 |
| | |/ | |||||
| * / | [Minor] Improve various rule descriptions | twesterhever | 2023-05-26 | 1 | -50/+47 |
| |/ | |||||
| * | [Minor] Account for one more undisclosed-recipients address variant | Anton Yuzhaninov | 2023-02-25 | 1 | -1/+2 |
| | | |||||
| * | Merge branch 'master' into temp-add-ipfs-heuristics | Vsevolod Stakhov | 2023-02-20 | 2 | -6/+12 |
| |\ | |||||
| | * | add Betterbird to `user_agent_thunderbird` | georglauterbach | 2023-02-19 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | | See https://github.com/Betterbird/thunderbird-patches/issues/125 for reference. This way, Rspamd will not add `FORGED_MUA_MOZILLA_MAIL_MSGID_UNKNOWN` to mails sent perfectly find with Betterbird. Betterbird (<https://www.betterbird.eu/>) is an adjusted version of Thunderbird, fixing many bugs and adding long-wanted features. It is a common and well-known alternative to Thunderbird, so I think the addition is justified. | ||||
| | * | Merge pull request #4397 from twesterhever/temp-misc-cleanups-and-housekeeping | Vsevolod Stakhov | 2023-02-17 | 2 | -2/+1 |
| | |\ | | | | | | | [Minor] Assorted cleanup and housekeeping of configuration files | ||||
| | | * | [Minor] Fix some whitespace issues | twesterhever | 2023-02-17 | 2 | -2/+1 |
| | | | | |||||
| | * | | Merge pull request #4401 from twesterhever/temp-google-firebase | Vsevolod Stakhov | 2023-02-17 | 1 | -0/+7 |
| | |\ \ | | | | | | | | | [Enhancement] Add rule to detect Google Firebase URLs | ||||
| | | * | | [Enhancement] Add rule to detect Google Firebase URLs | twesterhever | 2023-02-17 | 1 | -0/+7 |
| | | |/ | |||||
| | * / | [Enhancement] Make Google URL redirection rules productive | twesterhever | 2023-02-17 | 1 | -5/+5 |
| | |/ | |||||
| | * | [Minor] Use unicode property for currency detection | Vsevolod Stakhov | 2022-10-29 | 1 | -1/+1 |
| | | | | | | | | | Issue: #4320 | ||||
| * | | [Minor] Regexp is case-insensitive, omit redundant characters | twesterhever | 2022-11-06 | 1 | -1/+1 |
| | | | |||||
| * | | [Minor] Fix rule comment | twesterhever | 2022-11-06 | 1 | -1/+1 |
| | | | |||||
| * | | [Minor] Limit CIDv1 detection to 128 bytes | twesterhever | 2022-11-06 | 1 | -1/+1 |
| | | | | | | | As requested by @vstakhov in https://github.com/rspamd/rspamd/pull/4310#pullrequestreview-1148226107, try to limit the performance impact of this regular expression. However, given that there does not seem to be a hard limit for CIDv1s in IPFS itself, using an hashing algorithm with large output my permit miscreants to get around this rule. | ||||
| * | | [Minor] Implement multibase prefixes for IPFS gateway URL rule | twesterhever | 2022-11-06 | 1 | -2/+2 |
| | | | |||||
| * | | [Minor] Clarify that IPFS *gateway* URLs are likely considered malicious | twesterhever | 2022-11-06 | 1 | -2/+2 |
| | | | |||||
| * | | [Enhancement] Add IPFS URL heuristic | twesterhever | 2022-10-15 | 1 | -1/+16 |
| |/ | |||||
| * | [Minor] Update more copyright years/email | Vsevolod Stakhov | 2022-03-27 | 2 | -2/+2 |
| | | |||||
| * | Spelling (#4086) | Josh Soref | 2022-02-22 | 1 | -4/+4 |
| | | | | [Rework] Massive spelling fix from @jsoref | ||||
| * | [Minor] Fix rule | Vsevolod Stakhov | 2021-11-30 | 1 | -1/+1 |
| | | |||||
| * | [Rules] Remove ancient and inefficient rules | Vsevolod Stakhov | 2021-11-29 | 1 | -43/+0 |
| | | |||||
| * | [Rules] Fix old rules to stop global functions usage | Vsevolod Stakhov | 2021-11-29 | 1 | -46/+72 |
| | | |||||
| * | [Minor] Regexp: Extend upstream spam filter regexp | Sebastian Lipponer | 2021-08-21 | 1 | -1/+3 |
| | | |||||
 |
index : rspamd.git | |
| Rapid spam filtering system: https://github.com/rspamd/rspamd | www-data |
| aboutsummaryrefslogtreecommitdiffstats |