aboutsummaryrefslogtreecommitdiffstats
path: root/rules/mid.lua
blob: 0b68fa612fb3a38b85da5fb77788cc307ba846ce (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
--[[
Copyright (c) 2016, Vsevolod Stakhov <vsevolod@highsecure.ru>
Copyright (c) 2016, Steve Freeguard

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
]]--

local function mid_check_func(task)
  local mid = task:get_header('Message-ID')
  if not mid then return false end
  -- Check for 'bare' IP addresses in RHS
  if mid:find("@%d+%.%d+%.%d+%.%d+>$") then
    task:insert_result('MID_BARE_IP', 1.0)
  end
  -- Check for non-FQDN RHS
  if mid:find("@[^%.]+>?$") then
    task:insert_result('MID_RHS_NOT_FQDN', 1.0)
  end
  -- Check for missing <>'s
  if not mid:find('^<[^>]+>$') then
    task:insert_result('MID_MISSING_BRACKETS', 1.0)
  end
  -- Check for IP literal in RHS
  if mid:find("@%[%d+%.%d+%.%d+%.%d+%]") then
    task:insert_result('MID_RHS_IP_LITERAL', 1.0)
  end
  -- Check From address atrributes against MID
  local from = task:get_from(2)
  if (from and from[1] and from[1].domain) then
    local fd = from[1].domain:lower()
    local _,_,md = mid:find("@([^>]+)>?$")
    -- See if all or part of the From address
    -- can be found in the Message-ID
    if (mid:lower():find(from[1].addr:lower(),1,true)) then
      task:insert_result('MID_CONTAINS_FROM', 1.0)
    elseif (md and fd == md:lower()) then
      task:insert_result('MID_RHS_MATCH_FROM', 1.0)
    end
  end
end

-- MID checks from Steve Freegard
local check_mid_id = rspamd_config:register_callback_symbol('CHECK_MID', 1.0,
  mid_check_func)
rspamd_config:register_virtual_symbol('MID_BARE_IP', 1.0, check_mid_id)
rspamd_config:set_metric_symbol('MID_BARE_IP', 2.0, 'Message-ID RHS is a bare IP address')
rspamd_config:register_virtual_symbol('MID_RHS_NOT_FQDN', 1.0, check_mid_id)
rspamd_config:set_metric_symbol('MID_RHS_NOT_FQDN', 0.5, 'Message-ID RHS is not a fully-qualified domain name')
rspamd_config:register_virtual_symbol('MID_MISSING_BRACKETS', 1.0, check_mid_id)
rspamd_config:set_metric_symbol('MID_MISSING_BRACKETS', 0.5, 'Message-ID is missing <>\'s')
rspamd_config:register_virtual_symbol('MID_RHS_IP_LITERAL', 1.0, check_mid_id)
rspamd_config:set_metric_symbol('MID_RHS_IP_LITERAL', 0.5, 'Message-ID RHS is an IP-literal')
rspamd_config:register_virtual_symbol('MID_CONTAINS_FROM', 1.0, check_mid_id)
rspamd_config:set_metric_symbol('MID_CONTAINS_FROM', 1.0, 'Message-ID contains From address')
rspamd_config:register_virtual_symbol('MID_RHS_MATCH_FROM', 1.0, check_mid_id)
rspamd_config:set_metric_symbol('MID_RHS_MATCH_FROM', 1.0, 'Message-ID RHS matches From domain')