commit af4a3ad: [Conf] Move all to rbl
Vsevolod Stakhov
vsevolod at highsecure.ru
Mon Sep 2 15:56:07 UTC 2019
Author: Vsevolod Stakhov
Date: 2019-09-02 16:36:45 +0100
URL: https://github.com/rspamd/rspamd/commit/af4a3addb0c025b3ccff39396475c96a71c56536
[Conf] Move all to rbl
---
conf/modules.d/emails.conf | 45 +-----------
conf/modules.d/rbl.conf | 161 +++++++++++++++++++++++++++++++++++++++++
conf/modules.d/surbl.conf | 16 +---
conf/scores.d/surbl_group.conf | 78 ++++++++++----------
4 files changed, 202 insertions(+), 98 deletions(-)
diff --git a/conf/modules.d/emails.conf b/conf/modules.d/emails.conf
index 8511eed2b..dab752e2a 100644
--- a/conf/modules.d/emails.conf
+++ b/conf/modules.d/emails.conf
@@ -1,48 +1,5 @@
-# Please don't modify this file as your changes might be overwritten with
-# the next update.
-#
-# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
-# parameters defined on the top level
-#
-# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
-# parameters defined on the top level
-#
-# For specific modules or configuration you can also modify
-# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
-# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
-#
-# See https://rspamd.com/doc/tutorials/writing_rules.html for details
-
+# Deprecated! Use rbl module
emails {
- rules {
- RSPAMD_EMAILBL {
- delimiter = ".";
- encoding = "base32";
- hashlen = 32;
- dnsbl = "email.rspamd.com";
- check_replyto = true;
- hash = "blake2";
- returncodes = {
- RSPAMD_EMAILBL = "127.0.0.2";
- }
- }
- MSBL_EBL {
- dnsbl = "ebl.msbl.org";
- domain_only = false;
- check_replyto = true;
- hash = "sha1";
- returncodes = {
- MSBL_EBL = [
- "127.0.0.2",
- "127.0.0.3"
- ];
- MSBL_EBL_GREY = [
- "127.0.1.2",
- "127.0.1.3"
- ];
- }
- }
- }
.include(try=true,priority=5) "${DBDIR}/dynamic/emails.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/emails.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/emails.conf"
diff --git a/conf/modules.d/rbl.conf b/conf/modules.d/rbl.conf
index f8f8d02a1..d6919b655 100644
--- a/conf/modules.d/rbl.conf
+++ b/conf/modules.d/rbl.conf
@@ -159,6 +159,167 @@ rbl {
DWL_DNSWL_BLOCKED = "127.0.0.255";
}
}
+ # Old emails module
+ RSPAMD_EMAILBL {
+ ignore_defaults = true;
+ emails_delimiter = ".";
+ hash_type = "base32";
+ hash_len = 32;
+ rbl = "email.rspamd.com";
+ replyto = true;
+ hash = "blake2";
+ returncodes = {
+ RSPAMD_EMAILBL = "127.0.0.2";
+ }
+ }
+ MSBL_EBL {
+ ignore_defaults = true;
+ rbl = "ebl.msbl.org";
+ emails_domainonly = false;
+ replyto = true;
+ hash = "sha1";
+ returncodes = {
+ MSBL_EBL = [
+ "127.0.0.2",
+ "127.0.0.3"
+ ];
+ MSBL_EBL_GREY = [
+ "127.0.1.2",
+ "127.0.1.3"
+ ];
+ }
+ }
+ # Old SURBL module
+ "SURBL_MULTI" {
+ ignore_defaults = true;
+ rbl = "multi.surbl.org";
+ dkim = true;
+ emails = true;
+ emails_domainonly = true;
+ urls = true;
+
+ returnbits = {
+ CRACKED_SURBL = 128; # From February 2016
+ ABUSE_SURBL = 64;
+ MW_SURBL_MULTI = 16;
+ PH_SURBL_MULTI = 8;
+ SURBL_BLOCKED = 1;
+ }
+ }
+
+ "URIBL_MULTI" {
+ ignore_defaults = true;
+ rbl = "multi.uribl.com";
+ dkim = true;
+ emails = true;
+ emails_domainonly = true;
+ urls = true;
+
+ returnbits {
+ URIBL_BLOCKED = 1;
+ URIBL_BLACK = 2;
+ URIBL_GREY = 4;
+ URIBL_RED = 8;
+ }
+ }
+
+ "RSPAMD_URIBL" {
+ ignore_defaults = true;
+ rbl = "uribl.rspamd.com";
+ dkim = true;
+ emails = true;
+ emails_domainonly = true;
+ urls = true;
+ hash = 'blake2';
+ hash_len = 32;
+ hash_type = 'base32';
+
+ returncodes = {
+ RSPAMD_URIBL = [
+ "127.0.0.2",
+ ];
+ }
+ }
+
+ "DBL" {
+ ignore_defaults = true;
+ rbl = "dbl.spamhaus.org";
+ no_ip = true;
+ dkim = true;
+ emails = true;
+ emails_domainonly = true;
+ urls = true;
+
+ returncodes = {
+ # spam domain
+ DBL_SPAM = "127.0.1.2";
+ # phish domain
+ DBL_PHISH = "127.0.1.4";
+ # malware domain
+ DBL_MALWARE = "127.0.1.5";
+ # botnet C&C domain
+ DBL_BOTNET = "127.0.1.6";
+ # abused legit spam
+ DBL_ABUSE = "127.0.1.102";
+ # abused spammed redirector domain
+ DBL_ABUSE_REDIR = "127.0.1.103";
+ # abused legit phish
+ DBL_ABUSE_PHISH = "127.0.1.104";
+ # abused legit malware
+ DBL_ABUSE_MALWARE = "127.0.1.105";
+ # abused legit botnet C&C
+ DBL_ABUSE_BOTNET = "127.0.1.106";
+ # error - IP queries prohibited!
+ DBL_PROHIBIT = "127.0.1.255";
+ }
+ }
+
+ # Not enabled by default due to privacy concerns! (see also groups.d/surbl_group.conf)
+ #"SPAMHAUS_ZEN_URIBL" {
+ # suffix = "zen.spamhaus.org";
+ # resolve_ip = true;
+ # check_emails = true;
+ # ips {
+ # URIBL_SBL = "127.0.0.2";
+ # URIBL_SBL_CSS = "127.0.0.3";
+ # URIBL_XBL = ["127.0.0.4", "127.0.0.5", "127.0.0.6", "127.0.0.7"];
+ # URIBL_PBL = ["127.0.0.10", "127.0.0.11"];
+ # URIBL_DROP = "127.0.0.9";
+ # }
+ #}
+
+ "SEM_URIBL_UNKNOWN" {
+ ignore_defaults = true;
+ rbl = "uribl.spameatingmonkey.net";
+ no_ip = true;
+ dkim = true;
+ emails = true;
+ emails_domainonly = true;
+ urls = true;
+ returnbits {
+ SEM_URIBL = 2;
+ }
+ }
+
+ "SEM_URIBL_FRESH15_UNKNOWN" {
+ ignore_defaults = true;
+ rbl = "fresh15.spameatingmonkey.net";
+ no_ip = true;
+ dkim = true;
+ emails = true;
+ emails_domainonly = true;
+ urls = true;
+ returnbits {
+ SEM_URIBL_FRESH15 = 2;
+ }
+ }
+
+ # Proved to be broken
+ #"RBL_SARBL_BAD" {
+ # suffix = "public.sarbl.org";
+ # noip = true;
+ # images = true;
+ #}
}
.include(try=true,priority=5) "${DBDIR}/dynamic/rbl.conf"
diff --git a/conf/modules.d/surbl.conf b/conf/modules.d/surbl.conf
index bc7f47791..a64256f10 100644
--- a/conf/modules.d/surbl.conf
+++ b/conf/modules.d/surbl.conf
@@ -1,18 +1,4 @@
-# Please don't modify this file as your changes might be overwritten with
-# the next update.
-#
-# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
-# parameters defined on the top level
-#
-# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
-# parameters defined on the top level
-#
-# For specific modules or configuration you can also modify
-# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
-# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
-#
-# See https://rspamd.com/doc/tutorials/writing_rules.html for details
-
+# Deprecated, use RBL module!
surbl {
whitelist = [
"https://maps.rspamd.com/rspamd/surbl-whitelist.inc.zst",
diff --git a/conf/scores.d/surbl_group.conf b/conf/scores.d/surbl_group.conf
index 271f911c5..93befa085 100644
--- a/conf/scores.d/surbl_group.conf
+++ b/conf/scores.d/surbl_group.conf
@@ -176,43 +176,43 @@ symbols = {
one_shot = true;
groups = ["uribl"];
}
- "SPAMHAUS_ZEN_URIBL" {
- weight = 0.0;
- description = "Spamhaus ZEN URIBL: Filtered result";
- groups = ["spamhaus"];
- }
- "URIBL_SBL" {
- weight = 6.5;
- description = "A domain in the message body resolves to an IP listed in Spamhaus SBL";
- one_shot = true;
- groups = ["v"];
- }
- "URIBL_SBL_CSS" {
- weight = 6.5;
- description = "A domain in the message body resolves to an IP listed in Spamhaus SBL CSS";
- one_shot = true;
- groups = ["spamhaus"];
- }
- "URIBL_XBL" {
- weight = 1.5;
- description = "A domain in the message body resolves to an IP listed in Spamhaus XBL";
- one_shot = true;
- groups = ["spamhaus"];
- }
- "URIBL_PBL" {
- weight = 0.01;
- description = "A domain in the message body resolves to an IP listed in Spamhaus PBL";
- groups = ["spamhaus"];
- }
- "URIBL_DROP" {
- weight = 5.0;
- description = "A domain in the message body resolves to an IP listed in Spamhaus DROP";
- one_shot = true;
- groups = ["spamhaus"];
- }
- "RBL_SARBL_BAD" {
- weight = 2.5;
- description = "A domain in the message body is blacklisted in SARBL";
- one_shot = true;
- }
+ #"SPAMHAUS_ZEN_URIBL" {
+ # weight = 0.0;
+ # description = "Spamhaus ZEN URIBL: Filtered result";
+ # groups = ["spamhaus"];
+ #}
+ #"URIBL_SBL" {
+ # weight = 6.5;
+ # description = "A domain in the message body resolves to an IP listed in Spamhaus SBL";
+ # one_shot = true;
+ # groups = ["v"];
+ #}
+ #"URIBL_SBL_CSS" {
+ # weight = 6.5;
+ # description = "A domain in the message body resolves to an IP listed in Spamhaus SBL CSS";
+ # one_shot = true;
+ # groups = ["spamhaus"];
+ #}
+ #"URIBL_XBL" {
+ # weight = 1.5;
+ # description = "A domain in the message body resolves to an IP listed in Spamhaus XBL";
+ # one_shot = true;
+ # groups = ["spamhaus"];
+ #}
+ #"URIBL_PBL" {
+ # weight = 0.01;
+ # description = "A domain in the message body resolves to an IP listed in Spamhaus PBL";
+ # groups = ["spamhaus"];
+ #}
+ #"URIBL_DROP" {
+ # weight = 5.0;
+ # description = "A domain in the message body resolves to an IP listed in Spamhaus DROP";
+ # one_shot = true;
+ # groups = ["spamhaus"];
+ #}
+ #"RBL_SARBL_BAD" {
+ # weight = 2.5;
+ # description = "A domain in the message body is blacklisted in SARBL";
+ # one_shot = true;
+ #}
}
More information about the Commits
mailing list