From 92ec1c97019c4a5547c115a90e00b257399a8a47 Mon Sep 17 00:00:00 2001 From: Carsten Rosenberg Date: Sun, 13 Jan 2019 15:42:09 +0100 Subject: [Minor] external_services config + groups --- conf/groups.conf | 12 ++++- conf/modules.d/external_services.conf | 91 +++++++++++++++++++++++++++++++++++ 2 files changed, 102 insertions(+), 1 deletion(-) create mode 100644 conf/modules.d/external_services.conf (limited to 'conf') diff --git a/conf/groups.conf b/conf/groups.conf index 02e714174..3e06b5d07 100644 --- a/conf/groups.conf +++ b/conf/groups.conf @@ -107,5 +107,15 @@ group "neural" { .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/neural_group.conf" } +group "antivirus" { + .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/antivirus_group.conf" + .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/antivirus_group.conf" +} + +group "external_services" { + .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/external_services.conf" + .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/external_services.conf" +} + .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/groups.conf" -.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/groups.conf" \ No newline at end of file +.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/groups.conf" diff --git a/conf/modules.d/external_services.conf b/conf/modules.d/external_services.conf new file mode 100644 index 000000000..3995a7c70 --- /dev/null +++ b/conf/modules.d/external_services.conf @@ -0,0 +1,91 @@ +# Please don't modify this file as your changes might be overwritten with +# the next update. +# +# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine +# parameters defined on the top level +# +# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add +# parameters defined on the top level +# +# For specific modules or configuration you can also modify +# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults +# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults +# +# See https://rspamd.com/doc/tutorials/writing_rules.html for details + +external_services { + oletools { + # If set force this action if any virus is found (default unset: no action is forced) + # action = "reject"; + # If set, then rejection message is set to this value (mention single quotes) + # If `max_size` is set, messages > n bytes in size are not scanned + # max_size = 20000000; + # log_clean = true; + # servers = "127.0.0.1:10050"; + # cache_expire = 86400; + # scan_mime_parts = true; + # extended = false; + # if `patterns` is specified virus name will be matched against provided regexes and the related + # symbol will be yielded if a match is found. If no match is found, default symbol is yielded. + patterns { + # symbol_name = "pattern"; + JUST_EICAR = "^Eicar-Test-Signature$"; + } + # mime-part regex matching in content-type or filename + mime_parts_filter_regex { + #GEN1 = "application\/octet-stream"; + DOC2 = "application\/msword"; + DOC3 = "application\/vnd\.ms-word.*"; + XLS = "application\/vnd\.ms-excel.*"; + PPT = "application\/vnd\.ms-powerpoint.*"; + GEN2 = "application\/vnd\.openxmlformats-officedocument.*"; + } + # Mime-Part filename extension matching (no regex) + mime_parts_filter_ext { + doc = "doc"; + dot = "dot"; + docx = "docx"; + dotx = "dotx"; + docm = "docm"; + dotm = "dotm"; + xls = "xls"; + xlt = "xlt"; + xla = "xla"; + xlsx = "xlsx"; + xltx = "xltx"; + xlsm = "xlsm"; + xltm = "xltm"; + xlam = "xlam"; + xlsb = "xlsb"; + ppt = "ppt"; + pot = "pot"; + pps = "pps"; + ppa = "ppa"; + pptx = "pptx"; + potx = "potx"; + ppsx = "ppsx"; + ppam = "ppam"; + pptm = "pptm"; + potm = "potm"; + ppsm = "ppsm"; + } + # `whitelist` points to a map of IP addresses. Mail from these addresses is not scanned. + whitelist = "/etc/rspamd/antivirus.wl"; + } + dcc { + # If set force this action if any virus is found (default unset: no action is forced) + # action = "reject"; + # If set, then rejection message is set to this value (mention single quotes) + # If `max_size` is set, messages > n bytes in size are not scanned + max_size = 20000000; + #servers = "127.0.0.1:10045"; + # if `patterns` is specified virus name will be matched against provided regexes and the related + # symbol will be yielded if a match is found. If no match is found, default symbol is yielded. + patterns { + # symbol_name = "pattern"; + JUST_EICAR = "^Eicar-Test-Signature$"; + } + # `whitelist` points to a map of IP addresses. Mail from these addresses is not scanned. + whitelist = "/etc/rspamd/antivirus.wl"; + } +} -- cgit v1.2.3 From c2eaa5503fb6f5df753913b87e0b78e5beaa47d1 Mon Sep 17 00:00:00 2001 From: Carsten Rosenberg Date: Mon, 14 Jan 2019 15:06:35 +0100 Subject: [Fix] groups.conf - filename typo --- conf/groups.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'conf') diff --git a/conf/groups.conf b/conf/groups.conf index 3e06b5d07..51e2a6522 100644 --- a/conf/groups.conf +++ b/conf/groups.conf @@ -113,8 +113,8 @@ group "antivirus" { } group "external_services" { - .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/external_services.conf" - .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/external_services.conf" + .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/external_services_group.conf" + .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/external_services_group.conf" } .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/groups.conf" -- cgit v1.2.3