commit 1b47339: [Fix] RBL: allow for multiple matches of the same label if types are different
Andrew Lewis
nerf at judo.za.org
Wed Oct 14 20:07:09 UTC 2020
Author: Andrew Lewis
Date: 2020-10-14 16:08:55 +0200
URL: https://github.com/rspamd/rspamd/commit/1b473398a40b09d1ffc2a648b138081a4be06953 (refs/pull/3518/head)
[Fix] RBL: allow for multiple matches of the same label if types are different
- Also log full hostname in case of unknown result
---
src/plugins/lua/rbl.lua | 50 ++++++++++++++++++++++---------------
test/functional/cases/300_rbl.robot | 5 ++++
2 files changed, 35 insertions(+), 20 deletions(-)
diff --git a/src/plugins/lua/rbl.lua b/src/plugins/lua/rbl.lua
index 846a864a6..122bfe515 100644
--- a/src/plugins/lua/rbl.lua
+++ b/src/plugins/lua/rbl.lua
@@ -188,31 +188,37 @@ local function gen_check_rcvd_conditions(rbl, received_total)
end
local function rbl_dns_process(task, rbl, to_resolve, results, err, resolve_table_elt)
- local function make_option(ip)
+ local function make_option(ip, label)
if ip then
return string.format('%s:%s:%s',
resolve_table_elt.orig,
- resolve_table_elt.what,
+ label,
ip)
else
return string.format('%s:%s',
resolve_table_elt.orig,
- resolve_table_elt.what)
+ label)
end
end
- local function insert_result(s, ip)
+ local function insert_result(s, ip, label)
if rbl.symbols_prefixes then
- local prefix = rbl.symbols_prefixes[resolve_table_elt.what]
+ local prefix = rbl.symbols_prefixes[label]
if not prefix then
- rspamd_logger.warnx(task, 'unlisted symbol prefix for %s', resolve_table_elt.what)
- task:insert_result(s, 1.0, make_option(ip))
+ rspamd_logger.warnx(task, 'unlisted symbol prefix for %s', label)
+ task:insert_result(s, 1.0, make_option(ip, label))
else
- task:insert_result(prefix .. '_' .. s, 1.0, make_option(ip))
+ task:insert_result(prefix .. '_' .. s, 1.0, make_option(ip, label))
end
else
- task:insert_result(s, 1.0, make_option(ip))
+ task:insert_result(s, 1.0, make_option(ip, label))
+ end
+ end
+
+ local function insert_results(s, ip)
+ for label in pairs(resolve_table_elt.what) do
+ insert_result(s, ip, label)
end
end
@@ -236,7 +242,7 @@ local function rbl_dns_process(task, rbl, to_resolve, results, err, resolve_tabl
end
if rbl.returncodes == nil and rbl.returnbits == nil and rbl.symbol ~= nil then
- insert_result(rbl.symbol)
+ insert_results(rbl.symbol)
return
end
@@ -251,7 +257,7 @@ local function rbl_dns_process(task, rbl, to_resolve, results, err, resolve_tabl
for _,check_bit in ipairs(bits) do
if bit.band(ipnum, check_bit) == check_bit then
foundrc = true
- insert_result(s)
+ insert_results(s)
-- Here, we continue with other bits
end
end
@@ -261,7 +267,7 @@ local function rbl_dns_process(task, rbl, to_resolve, results, err, resolve_tabl
for _,v in ipairs(codes) do
if string.find(ipstr, '^' .. v .. '$') then
foundrc = true
- insert_result(s)
+ insert_results(s)
break
end
end
@@ -270,10 +276,10 @@ local function rbl_dns_process(task, rbl, to_resolve, results, err, resolve_tabl
if not foundrc then
if rbl.unknown and rbl.symbol then
- insert_result(rbl.symbol, ipstr)
+ insert_results(rbl.symbol, ipstr)
else
- rspamd_logger.errx(task, 'RBL %1 returned unknown result: %2',
- rbl.rbl, ipstr)
+ rspamd_logger.errx(task, '%1 returned unknown result: %2',
+ to_resolve, ipstr)
end
end
end
@@ -319,13 +325,13 @@ local function gen_rbl_callback(rule)
return false
end
- local function add_dns_request(task, req, forced, is_ip, requests_table, what, whitelist)
+ local function add_dns_request(task, req, forced, is_ip, requests_table, label, whitelist)
local req_str = req
if is_ip then
req_str = tostring(req)
end
- if whitelist and is_whitelisted(task, req, req_str, whitelist, what) then
+ if whitelist and is_whitelisted(task, req, req_str, whitelist, label) then
return
end
@@ -339,6 +345,9 @@ local function gen_rbl_callback(rule)
if forced and not nreq.forced then
nreq.forced = true
end
+ if not nreq.what[label] then
+ nreq.what[label] = true
+ end
return true,nreq -- Duplicate
else
@@ -354,7 +363,7 @@ local function gen_rbl_callback(rule)
n = processed,
orig = req_str,
resolve_ip = resolve_ip,
- what = what,
+ what = {[label] = true},
}
requests_table[req] = nreq
end
@@ -377,7 +386,7 @@ local function gen_rbl_callback(rule)
n = to_resolve,
orig = req_str,
resolve_ip = resolve_ip,
- what = what,
+ what = {[label] = true},
}
requests_table[req] = nreq
end
@@ -788,8 +797,9 @@ local function gen_rbl_callback(rule)
-- Check if we have rspamd{ip} userdata
if type(dns_res) == 'userdata' then
-- Add result as an actual RBL request
+ local label = next(orig_resolve_table_elt.what)
local dup,nreq = add_dns_request(task, dns_res, false, true,
- resolved_req, orig_resolve_table_elt.what)
+ resolved_req, label)
-- Add original name
if not dup then
nreq.orig = nreq.orig .. ':' .. orig_resolve_table_elt.n
diff --git a/test/functional/cases/300_rbl.robot b/test/functional/cases/300_rbl.robot
index 17fd4f19c..55f46e5fd 100644
--- a/test/functional/cases/300_rbl.robot
+++ b/test/functional/cases/300_rbl.robot
@@ -64,6 +64,11 @@ SELECTORS
Expect Symbol With Option RBL_SELECTOR_MULTIPLE example.com:sel_from
Expect Symbol With Option RBL_SELECTOR_MULTIPLE example.org:sel_helo
+SELECTORS COMBINED
+ Scan File ${TESTDIR}/messages/btc.eml From=user at example.org Helo=example.org
+ Expect Symbol With Option RBL_SELECTOR_MULTIPLE example.org:sel_from
+ Expect Symbol With Option RBL_SELECTOR_MULTIPLE example.org:sel_helo
+
*** Keywords ***
Rbl Setup
${PLUGIN_CONFIG} = Get File ${TESTDIR}/configs/rbl.conf
More information about the Commits
mailing list