From a7aa9adc0cb2e6046b9136992eb41c0f89a2f401 Mon Sep 17 00:00:00 2001 From: Anton Yuzhaninov Date: Sat, 12 Dec 2020 19:30:46 +0000 Subject: [Minor] Remove FAKE_REPLY_C and move FAKE_REPLY rule to regexp module FAKE_REPLY_C rule no longer works because MUA it used are no longer used (and ones which are used changed headers they add). In theory one can test all popular modern MUA and see which add only References, which only In-Reply-To and which add both headers. But it will be a lot of work to maintain such rule up to date. It still has a small number of hits, but mostly because some spammers use old X-Mailer headers. This should be addressed separately. While here re-create FAKE_REPLY as a regexp module rule - this way it should be more efficient. --- rules/headers_checks.lua | 15 --------------- rules/regexp/headers.lua | 27 +++++---------------------- 2 files changed, 5 insertions(+), 37 deletions(-) diff --git a/rules/headers_checks.lua b/rules/headers_checks.lua index ec8208d8c..b62676293 100644 --- a/rules/headers_checks.lua +++ b/rules/headers_checks.lua @@ -603,21 +603,6 @@ rspamd_config.MV_CASE = { group = 'headers' } -rspamd_config.FAKE_REPLY = { - callback = function (task) - local subject = task:get_header('Subject') - if (subject and subject:lower():find('^re:')) then - local ref = task:get_header('References') - local rt = task:get_header('In-Reply-To') - if (not (ref or rt)) then return true end - end - return false - end, - description = 'Fake reply', - score = 1.0, - group = 'headers' -} - local check_from_id = rspamd_config:register_symbol{ name = 'CHECK_FROM', type = 'callback', diff --git a/rules/regexp/headers.lua b/rules/regexp/headers.lua index 2df12929f..21866ac7b 100644 --- a/rules/regexp/headers.lua +++ b/rules/regexp/headers.lua @@ -634,28 +634,11 @@ reconf['REPTO_QUOTE_YAHOO'] = { group = 'headers' } --- MUA definitions -local xm_gnus = 'X-Mailer=/^Gnus v/H' -local xm_msoe5 = 'X-Mailer=/^Microsoft Outlook Express 5/H' -local xm_msoe6 = 'X-Mailer=/^Microsoft Outlook Express 6/H' -local xm_moz4 = 'X-Mailer=/^Mozilla 4/H' -local xm_skyri = 'X-Mailer=/^SKYRiXgreen/H' -local xm_wwwmail = 'X-Mailer=/^WWW-Mail \\d/H' -local ua_gnus = 'User-Agent=/^Gnus/H' -local ua_knode = 'User-Agent=/^KNode/H' -local ua_mutt = 'User-Agent=/^Mutt/H' -local ua_pan = 'User-Agent=/^Pan/H' -local ua_xnews = 'User-Agent=/^Xnews/H' -local no_inr_yes_ref = string.format('(%s) | (%s) | (%s) | (%s) | (%s) | (%s) | (%s) | (%s) | (%s) | (%s) | (%s)', xm_gnus, xm_msoe5, xm_msoe6, xm_moz4, xm_skyri, xm_wwwmail, ua_gnus, ua_knode, ua_mutt, ua_pan, ua_xnews) -local subj_re = 'Subject=/^R[eE]:/H' -local has_ref = '(header_exists(References) | header_exists(In-Reply-To))' -local missing_ref = string.format('!(%s)', has_ref) --- Fake reply (has RE in subject, but has no References header) -reconf['FAKE_REPLY_C'] = { - re = string.format('(%s) & (%s) & (%s) & !(%s)', subj_re, missing_ref, no_inr_yes_ref, xm_msoe6), - score = 6.0, - description = 'Fake reply (has RE in subject, but has no References header)', - group = 'subject' +reconf['FAKE_REPLY'] = { + re = [[Subject=/^re:/i & !(header_exists(In-Reply-To) | header_exists(References))]], + description = 'Fake reply', + score = 1.0, + group = 'headers' } -- Mime-OLE is needed but absent (e.g. fake Outlook or fake Ecxchange) -- cgit v1.2.3