blob: 2adc1cc27b109bfdbed92bf6cd04fe6b512ea280 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
|
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
# parameters defined on the top level
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
# parameters defined on the top level
#
# For specific modules or configuration you can also modify
# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
#
# See https://rspamd.com/doc/tutorials/writing_rules.html for details
surbl {
.include(try=true,priority=5) "${DBDIR}/dynamic/surbl.conf"
.include(try=true,priority=1) "$LOCAL_CONFDIR/local.d/surbl.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/surbl.conf"
whitelist = "file://$CONFDIR/surbl-whitelist.inc";
exceptions = "file://$CONFDIR/2tld.inc";
rule {
suffix = "multi.surbl.org";
symbol = "SURBL_MULTI";
bits {
CRACKED_SURBL = 128; # From February 2016
ABUSE_SURBL = 64;
MW_SURBL_MULTI = 16;
PH_SURBL_MULTI = 8;
WS_SURBL_MULTI = 4;
SURBL_BLOCKED = 1;
}
}
rule {
suffix = "multi.uribl.com";
symbol = "URIBL_MULTI";
bits {
URIBL_BLOCKED = 1;
URIBL_BLACK = 2;
URIBL_GREY = 4;
URIBL_RED = 8;
}
}
rule {
suffix = "uribl.rambler.ru";
symbol = "RAMBLER_URIBL";
}
rule {
suffix = "dbl.spamhaus.org";
symbol = "DBL";
no_ip = true;
ips = {
# spam domain
DBL_SPAM = "127.0.1.2";
# phish domain
DBL_PHISH = "127.0.1.4";
# malware domain
DBL_MALWARE = "127.0.1.5";
# botnet C&C domain
DBL_BOTNET = "127.0.1.6";
# abused legit spam
DBL_ABUSE = "127.0.1.102";
# abused spammed redirector domain
DBL_ABUSE_REDIR = "127.0.1.103";
# abused legit phish
DBL_ABUSE_PHISH = "127.0.1.104";
# abused legit malware
DBL_ABUSE_MALWARE = "127.0.1.105";
# abused legit botnet C&C
DBL_ABUSE_BOTNET = "127.0.1.106";
# error - IP queries prohibited!
DBL_PROHIBIT = "127.0.1.255";
}
}
rule {
suffix = "sbl.spamhaus.org";
symbol = "SBL_URIBL";
resolve_ip = true;
ips {
URIBL_SBL = "127.0.0.2";
URIBL_SBL_CSS = "127.0.0.3";
}
}
rule {
suffix = "uribl.spameatingmonkey.net";
symbol = "SEM_URIBL_UNKNOWN";
bits {
SEM_URIBL = 2;
}
no_ip = true;
}
rule {
suffix = "fresh15.spameatingmonkey.net";
symbol = "SEM_URIBL_FRESH15_UNKNOWN";
bits {
SEM_URIBL_FRESH15 = 2;
}
no_ip = true;
}
}
|
