commit 6598ceb: [Rework] Rbl: Rework defaults logic

Vsevolod Stakhov vsevolod at highsecure.ru
Tue Oct 20 09:00:08 UTC 2020 

Author: Vsevolod Stakhov
Date: 2020-10-20 09:57:21 +0100
URL: https://github.com/rspamd/rspamd/commit/6598ceb596b3171cf57d2106c9ffa0454b2a6e61 (HEAD -> master)

[Rework] Rbl: Rework defaults logic

---
 conf/modules.d/rbl.conf | 35 ++++++++++++++++++++++++-----------
 src/plugins/lua/rbl.lua |  9 ---------
 2 files changed, 24 insertions(+), 20 deletions(-)

diff --git a/conf/modules.d/rbl.conf b/conf/modules.d/rbl.conf
index cd995a0d4..6a0b37ce0 100644
--- a/conf/modules.d/rbl.conf
+++ b/conf/modules.d/rbl.conf
@@ -13,10 +13,13 @@
 # Module documentation can be found at  https://rspamd.com/doc/modules/rbl.html
 
 rbl {
-  default_from = true;
-  default_received = false;
   default_exclude_users = true;
+  default_exclude_local = true;
   default_unknown = true;
+  default_dkim_domainonly = true;
+  default_dkim_match_from = false;
+  default_ipv4 = true;
+  default_ipv6 = true;
 
   url_whitelist = [
     "https://maps.rspamd.com/rspamd/surbl-whitelist.inc.zst",
@@ -30,9 +33,10 @@ rbl {
     spamhaus {
       symbol = "SPAMHAUS"; # Augmented by prefixes
       rbl = "zen.spamhaus.org";
-      ipv6 = true;
+      # Check types
       received = true;
       from = true;
+
       symbols_prefixes = {
         received = 'RECEIVED',
         from = 'RBL',
@@ -53,6 +57,7 @@ rbl {
       symbol = "MAILSPIKE";
       rbl = "rep.mailspike.net";
       is_whitelist = true;
+      from = true; # Check source IP address
       whitelist_exception = "MAILSPIKE";
       whitelist_exception = "RWL_MAILSPIKE_GOOD";
       whitelist_exception = "RWL_MAILSPIKE_NEUTRAL";
@@ -74,6 +79,7 @@ rbl {
 
     senderscore {
       symbol = "RBL_SENDERSCORE";
+      from = true; # Check source IP address
       rbl = "bl.score.senderscore.com";
     }
 
@@ -81,6 +87,7 @@ rbl {
       symbol = "RBL_SEM";
       rbl = "bl.spameatingmonkey.net";
       ipv6 = false;
+      from = true; # Check source IP address
     }
 
     semIPv6 {
@@ -88,12 +95,15 @@ rbl {
       rbl = "bl.ipv6.spameatingmonkey.net";
       ipv4 = false;
       ipv6 = true;
+      from = true; # Check source IP address
     }
 
     dnswl {
       symbol = "RCVD_IN_DNSWL";
       rbl = "list.dnswl.org";
       ipv6 = true;
+      from = true; # Check source IP address
+      received = true; # Check source IP address
       is_whitelist = true;
       whitelist_exception = "RCVD_IN_DNSWL";
       whitelist_exception = "RCVD_IN_DNSWL_NONE";
@@ -113,6 +123,7 @@ rbl {
       symbol = "RBL_VIRUSFREE_UNKNOWN";
       rbl = "bip.virusfree.cz";
       ipv6 = true;
+      from = true; # Check source IP address
       returncodes {
         RBL_VIRUSFREE_BOTNET = "127.0.0.2";
       }
@@ -122,6 +133,7 @@ rbl {
       symbol = "RBL_NIXSPAM";
       rbl = "ix.dnsbl.manitu.net";
       ipv6 = true;
+      from = true; # Check source IP address
     }
 
     blocklistde {
@@ -136,6 +148,7 @@ rbl {
       from = true;
     }
 
+    # Dkim whitelist
     dnswl_dwl {
       symbol = "DWL_DNSWL";
       rbl = "dwl.dnswl.org";
@@ -153,16 +166,16 @@ rbl {
         DWL_DNSWL_BLOCKED = "127.0.0.255";
       }
     }
-    # Old emails module
+
     RSPAMD_EMAILBL {
       ignore_whitelist = true;
       ignore_defaults = true;
       emails_delimiter = ".";
-      emails = true;
       hash_format = "base32";
       hash_len = 32;
       rbl = "email.rspamd.com";
-      replyto = true;
+      emails = true; # Emails in body
+      replyto = true; # Email from reply-to header
       hash = "blake2";
       returncodes = {
         RSPAMD_EMAILBL = "127.0.0.2";
@@ -172,9 +185,9 @@ rbl {
       ignore_whitelist = true;
       ignore_defaults = true;
       rbl = "ebl.msbl.org";
-      emails = true;
+      emails = true; # Emails in body
+      replyto = true; # Email from reply-to header
       emails_domainonly = false;
-      replyto = true;
       hash = "sha1";
       returncodes = {
         MSBL_EBL = [
@@ -193,8 +206,8 @@ rbl {
       rbl = "multi.surbl.org";
       dkim = true;
       emails = true;
-      emails_domainonly = true;
       urls = true;
+      emails_domainonly = true;
 
       returnbits = {
         CRACKED_SURBL = 128; # From February 2016
@@ -210,8 +223,8 @@ rbl {
       rbl = "multi.uribl.com";
       dkim = true;
       emails = true;
-      emails_domainonly = true;
       urls = true;
+      emails_domainonly = true;
 
       returnbits {
         URIBL_BLOCKED = 1;
@@ -226,8 +239,8 @@ rbl {
       rbl = "uribl.rspamd.com";
       dkim = true;
       emails = true;
-      emails_domainonly = true;
       urls = true;
+      emails_domainonly = true;
       hash = 'blake2';
       hash_len = 32;
       hash_format = 'base32';
diff --git a/src/plugins/lua/rbl.lua b/src/plugins/lua/rbl.lua
index 122bfe515..8c96cff52 100644
--- a/src/plugins/lua/rbl.lua
+++ b/src/plugins/lua/rbl.lua
@@ -1118,22 +1118,13 @@ local default_options = {
   ['default_enabled'] = true,
   ['default_ipv4'] = true,
   ['default_ipv6'] = true,
-  ['default_received'] = false,
-  ['default_from'] = true,
   ['default_unknown'] = false,
-  ['default_rdns'] = false,
-  ['default_helo'] = false,
-  ['default_dkim'] = false,
   ['default_dkim_domainonly'] = true,
-  ['default_emails'] = false,
-  ['default_urls'] = false,
   ['default_emails_domainonly'] = false,
   ['default_exclude_private_ips'] = true,
   ['default_exclude_users'] = false,
   ['default_exclude_local'] = true,
   ['default_no_ip'] = false,
-  ['default_images'] = false,
-  ['default_replyto'] = false,
   ['default_dkim_match_from'] = false,
 }

More information about the Commits mailing list