commit a7aa9ad: [Minor] Remove FAKE_REPLY_C and move FAKE_REPLY rule to regexp module

Anton Yuzhaninov citrin+git at citrin.ru
Tue Dec 15 10:28:07 UTC 2020


Author: Anton Yuzhaninov
Date: 2020-12-12 19:30:46 +0000
URL: https://github.com/rspamd/rspamd/commit/a7aa9adc0cb2e6046b9136992eb41c0f89a2f401

[Minor] Remove FAKE_REPLY_C and move FAKE_REPLY rule to regexp module
FAKE_REPLY_C rule no longer works because MUA it used are no longer used
(and ones which are used changed headers they add).  In theory one can
test all popular modern MUA and see which add only References, which
only In-Reply-To and which add both headers.  But it will be a lot of
work to maintain such rule up to date.  It still has a small number of
hits, but mostly because some spammers use old X-Mailer headers.  This
should be addressed separately.

While here re-create FAKE_REPLY as a regexp module rule - this way it
should be more efficient.

---
 rules/headers_checks.lua | 15 ---------------
 rules/regexp/headers.lua | 27 +++++----------------------
 2 files changed, 5 insertions(+), 37 deletions(-)

diff --git a/rules/headers_checks.lua b/rules/headers_checks.lua
index ec8208d8c..b62676293 100644
--- a/rules/headers_checks.lua
+++ b/rules/headers_checks.lua
@@ -603,21 +603,6 @@ rspamd_config.MV_CASE = {
   group = 'headers'
 }
 
-rspamd_config.FAKE_REPLY = {
-  callback = function (task)
-    local subject = task:get_header('Subject')
-    if (subject and subject:lower():find('^re:')) then
-      local ref = task:get_header('References')
-      local rt  = task:get_header('In-Reply-To')
-      if (not (ref or rt)) then return true end
-    end
-    return false
-  end,
-  description = 'Fake reply',
-  score = 1.0,
-  group = 'headers'
-}
-
 local check_from_id = rspamd_config:register_symbol{
   name = 'CHECK_FROM',
   type = 'callback',
diff --git a/rules/regexp/headers.lua b/rules/regexp/headers.lua
index 2df12929f..21866ac7b 100644
--- a/rules/regexp/headers.lua
+++ b/rules/regexp/headers.lua
@@ -634,28 +634,11 @@ reconf['REPTO_QUOTE_YAHOO'] = {
   group = 'headers'
 }
 
--- MUA definitions
-local xm_gnus = 'X-Mailer=/^Gnus v/H'
-local xm_msoe5 = 'X-Mailer=/^Microsoft Outlook Express 5/H'
-local xm_msoe6 = 'X-Mailer=/^Microsoft Outlook Express 6/H'
-local xm_moz4 = 'X-Mailer=/^Mozilla 4/H'
-local xm_skyri = 'X-Mailer=/^SKYRiXgreen/H'
-local xm_wwwmail = 'X-Mailer=/^WWW-Mail \\d/H'
-local ua_gnus = 'User-Agent=/^Gnus/H'
-local ua_knode = 'User-Agent=/^KNode/H'
-local ua_mutt = 'User-Agent=/^Mutt/H'
-local ua_pan = 'User-Agent=/^Pan/H'
-local ua_xnews = 'User-Agent=/^Xnews/H'
-local no_inr_yes_ref = string.format('(%s) | (%s) | (%s) | (%s) | (%s) | (%s) | (%s) | (%s) | (%s) | (%s) | (%s)', xm_gnus, xm_msoe5, xm_msoe6, xm_moz4, xm_skyri, xm_wwwmail, ua_gnus, ua_knode, ua_mutt, ua_pan, ua_xnews)
-local subj_re = 'Subject=/^R[eE]:/H'
-local has_ref = '(header_exists(References) | header_exists(In-Reply-To))'
-local missing_ref = string.format('!(%s)', has_ref)
--- Fake reply (has RE in subject, but has no References header)
-reconf['FAKE_REPLY_C'] = {
-  re = string.format('(%s) & (%s) & (%s) & !(%s)', subj_re, missing_ref, no_inr_yes_ref, xm_msoe6),
-  score = 6.0,
-  description = 'Fake reply (has RE in subject, but has no References header)',
-  group = 'subject'
+reconf['FAKE_REPLY'] = {
+  re = [[Subject=/^re:/i & !(header_exists(In-Reply-To) | header_exists(References))]],
+  description = 'Fake reply',
+  score = 1.0,
+  group = 'headers'
 }
 
 -- Mime-OLE is needed but absent (e.g. fake Outlook or fake Ecxchange)


More information about the Commits mailing list