commit 15bb413: [Rules] Improve LEAKED_PASSWORD_SCAM detection
Vsevolod Stakhov
vsevolod at highsecure.ru
Fri Jan 11 17:42:04 UTC 2019
Author: Vsevolod Stakhov
Date: 2019-01-11 17:41:22 +0000
URL: https://github.com/rspamd/rspamd/commit/15bb41399416edd2bad85cfb3295700925f2a91d (HEAD -> master)
[Rules] Improve LEAKED_PASSWORD_SCAM detection
---
rules/regexp/misc.lua | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/rules/regexp/misc.lua b/rules/regexp/misc.lua
index 3a78ec969..9d5f2dd2b 100644
--- a/rules/regexp/misc.lua
+++ b/rules/regexp/misc.lua
@@ -61,14 +61,14 @@ reconf['HAS_ONION_URI'] = {
group = 'experimental'
}
-local password_in_words = [[/^password/i{words}]]
+local password_in_words = [[/^pass(?:(?:word)|(?:phrase))/i{words}]]
local btc_wallet_address = [[/^[13][0-9a-zA-Z]{25,34}$/{words}]]
local wallet_word = [[/^wallet$/i{words}]]
local broken_unicode = [[has_flag(bad_unicode)]]
reconf['LEAKED_PASSWORD_SCAM'] = {
- re = string.format('%s & %s & (%s | %s)',
- password_in_words, btc_wallet_address, wallet_word, broken_unicode),
+ re = string.format('%s & (%s | %s | %s)',
+ btc_wallet_address, password_in_words, wallet_word, broken_unicode),
description = 'Contains password word and BTC wallet address',
score = 7.0,
group = 'scams'
More information about the Commits
mailing list