summaryrefslogtreecommitdiffstats
path: root/rules
Commit message (Collapse)AuthorAgeFilesLines
...
* [Fix] Trigger HTML_SHORT_LINK_IMG on any external imageVsevolod Stakhov2016-08-051-1/+1
|
* [Fix] Avoid `table.getn` method as it has been removed in lua 5.3Vsevolod Stakhov2016-07-042-4/+4
| | | | | Issue: #697 Reported by: @jessbo
* [Feature] Add support for non-standard BATV signaturesAlexander Moisseev2016-06-291-4/+24
|
* [Fix] Fix symbol name for spf soft failVsevolod Stakhov2016-06-081-1/+1
|
* [Fix] Fix processing of messages without received headersVsevolod Stakhov2016-06-051-14/+17
|
* [Fix] Fix possible FP in TRACKER_ID ruleVsevolod Stakhov2016-05-241-1/+1
|
* [Fix] Simplify MISSING_MIMEOLE ruleVsevolod Stakhov2016-05-241-5/+4
|
* [Minor] Fix percents output in R_PARTS_DIFFERVsevolod Stakhov2016-04-291-1/+2
|
* [Fix] Fix setting of score for parts differVsevolod Stakhov2016-04-281-2/+3
|
* [Fix] Fix dynamic scoring of subject symbolsVsevolod Stakhov2016-04-281-1/+1
| | | | Reported by: @moisseev
* [Minor] Rework subject rules as lua rulesVsevolod Stakhov2016-04-281-20/+41
|
* [Minor] Improve subject rulesAlexander Moisseev2016-04-281-36/+30
| | | | | Make scores depend on subject length Also resolves #548
* [Fix] Fix and rescore R_PARTS_DIFFER logicVsevolod Stakhov2016-04-271-6/+15
| | | | Signed-off-by: Vsevolod Stakhov <vsevolod@highsecure.ru>
* [Minor] Combine `header` and `headers` metric groupsAlexander Moisseev2016-04-261-7/+7
|
* Add MISSING_FROM testSteve Freegard2016-04-261-0/+12
|
* Update MULTIPLE_UNIQUE_HEADER to include RFC5322 rulesSteve Freegard2016-04-261-1/+11
|
* Raise MISSING_DATE on empty stringSteve Freegard2016-04-261-1/+2
|
* Fix `RCVD_TLS_ALL` rule when there are no `Received` headersAlexander Moisseev2016-04-251-0/+1
|
* Fix upstream_spam_filtersAlexey AL2016-04-231-0/+2
|
* [Fix] Reduce PRECEDENCE_BULK rule weightVsevolod Stakhov2016-04-221-1/+1
|
* New rulesSteve Freegard2016-04-224-0/+231
|
* [Minor] Attach domain part to `R_SUSPICIOUS_URL`Alexander Moisseev2016-04-151-9/+3
|
* [Fix] Fix regexp ruleVsevolod Stakhov2016-04-011-1/+1
|
* [Fix] Remove slow and unused rules `INVALID_EXIM_RECEIVED*`Vsevolod Stakhov2016-03-311-63/+1
|
* [Minor] Raise `LONG_SUBJ` thresholdAlexander Moisseev2016-03-171-1/+1
|
* [Minor] Use utf8 length for subjectVsevolod Stakhov2016-03-051-1/+1
|
* Add LONG_SUBJ ruleAlexander Moisseev2016-03-051-0/+14
|
* Don't trigger R_EMPTY_IMAGE on image linksAlexander Moisseev2016-02-201-1/+1
| | | | as they covered with `HTML_SHORT_LINK_IMG_1` rule. It should be safe for legitimate emails with images attached since `R_EMPTY_IMAGE` and `HTML_SHORT_LINK_IMG_1` won't be triggered at the same time any more.
* Don't trigger HTML_SHORT_LINK_IMG on small imagesAlexander Moisseev2016-02-201-1/+4
| | | It's common for legitimate emails to have small image links (buttons, social networks junk e.t.c.)
* Fix MISSING_MIMEOLE rule for modern OEVsevolod Stakhov2016-02-161-1/+6
| | | | | Issue: #514 Reported by: @ilyakruchinin
* Fix html images rules to reduce FP ratesVsevolod Stakhov2016-02-161-11/+31
| | | | | Suggested by: @moisseev Issue: #525
* More sanity checksVsevolod Stakhov2016-02-051-1/+1
|
* Add safety guard for ruleVsevolod Stakhov2016-02-051-1/+1
|
* Switch the rest to apache 2Vsevolod Stakhov2016-02-044-82/+42
|
* Fix rule when SMTP from is unavailableVsevolod Stakhov2016-01-291-1/+1
|
* Fix rules to avoid nil indexingVsevolod Stakhov2016-01-281-7/+15
|
* Fix HEADER_FORGED_MDN ruleVsevolod Stakhov2016-01-251-1/+1
|
* Add parsing to MDN rulesVsevolod Stakhov2016-01-251-4/+17
| | | | Issue: #480
* Add rule to detect spammers attempts to cheat mime parsingVsevolod Stakhov2016-01-241-0/+33
|
* Use `task:get_from()` to get senderVsevolod Stakhov2016-01-221-2/+2
|
* Add support for forged confirmation headersVsevolod Stakhov2016-01-221-1/+40
| | | | | | Issue: #480 Reported by: @AdUser Patch by: @AdUser
* Add `BROKEN_HEADERS` ruleVsevolod Stakhov2016-01-221-0/+13
|
* Add new Message-ID regexp for ThunderbirdAlexander Moisseev2016-01-101-1/+2
| | | | | Thunderbird version 46 and later is using new securely random Message-ID to avoid fingerprinting. https://bugzilla.mozilla.org/show_bug.cgi?id=902580 SeaMonkey (at least currentnightly build 2.42a1) is not affected by this change.
* Remove R_TO_SEEMS_AUTO as it generates a lot of FPVsevolod Stakhov2015-12-241-11/+8
|
* Add SUBJ_ALL_CAPS ruleVsevolod Stakhov2015-11-261-1/+25
|
* Add R_SUSPICIOUS_URL rule that detects obfusicated URL'sVsevolod Stakhov2015-11-201-0/+19
|
* SUSPICIOUS_IMAGES now trigger merely for embedded imagesVsevolod Stakhov2015-11-171-1/+1
|
* Improve empty image rule.Vsevolod Stakhov2015-11-171-12/+12
|
* Fix parsing of headersVsevolod Stakhov2015-10-191-28/+34
|
* Add module to get data from HTTP headersVsevolod Stakhov2015-10-192-0/+117
| | | | | Issue: #285 Reported by: @msimerson
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-21 01:32:45 +0000