commit 8683c46: Include fuzzy hashes in meta data, if any
GitHub
noreply at github.com
Sat Oct 24 16:49:06 UTC 2020
Author: André Peters
Date: 2020-10-23 21:12:37 +0200
URL: https://github.com/rspamd/rspamd/commit/8683c4622bb89ba69492b6044b8a0b2f520d8762 (refs/pull/3530/head)
Include fuzzy hashes in meta data, if any
Tested:
```
[X-Rspamd-From] => unknown"
[X-Rspamd-Ip] => unknown"
[X-Rspamd-Subject] => asdasd"
[X-Rspamd-Qid] => unknown"
[X-Rspamd-Rcpt] => unknown"
[X-Rspamd-Action] => reject"
[X-Rspamd-Score] => 29.15"
[User-Agent] => rspamd-2.6"
[X-Rspamd-Fuzzy] => ["c62020f5ba6f4e3e403b6c67abb860954452fa662bf8c38dae06c17c70cc0b79720cf762e45fbeeea7d2fb17f9cf4b28c851bb70f2526b000dba852899c7ce67"]"
[X-Rspamd-User] => unknown"
[X-Rspamd-Symbols] => [{"score":0,"group":"policies","name":"ARC_NA","groups":["policies","arc"]},{"options":["andre.peters at tinc.gmbh"],"score":0,"group":"headers","name":"HAS_REPLYTO","groups":["headers"]},{"options":["andre at develcow.de"],"score":0,"group":"multimap","name":"RCPT_WANTS_SUBJECT_TAG","groups":["multimap"]},{"score":0,"group":"headers","name":"REPLYTO_EQ_FROM","groups":["headers"]},{"score":0,"group":"headers","name":"FROM_HAS_DN","groups":["headers"]},{"options":["11:c62020f5ba:1.00:bin"],"score":15,"group":"fuzzy","name":"LOCAL_FUZZY_DENIED","groups":["fuzzy"]},{"score":0.500000,"group":"headers","name":"MV_CASE","groups":["headers"]},{"score":1,"group":"composite","name":"POLICY_FAILURE","groups":["composite"]},{"options":["multipart/alternative","text/plain"],"score":-0.100000,"group":"mime_types","name":"MIME_GOOD","groups":["mime_types"]},{"options":["failed to scan and retransmits exceed"],"score":0,"group":"antivirus","name":"CLAM_VIRUS_FAIL","groups":["antivirus"]},{"options":["1"],"score":0,"group":"headers","name":"RCPT_COUNT_ONE","groups":["headers"]},{"options":["100.00%"],"score":2.500000,"group":"statistics","name":"BAYES_SPAM","groups":["statistics"]},{"score":0,"group":"headers","name":"TO_DN_EQ_ADDR_ALL","groups":["headers"]},{"options":["0"],"score":0,"group":"headers","name":"RCVD_COUNT_ZERO","groups":["headers"]},{"options":["develcow.de"],"score":0,"group":"multimap","name":"RCPT_MAILCOW_DOMAIN","groups":["multimap"]},{"score":0,"group":"policies","name":"R_DKIM_NA","groups":["policies","dkim"]},{"options":["0:+","1:+","2:~"],"score":0,"group":"mime_types","name":"MIME_TRACE","groups":["mime_types"]},{"options":["subject"],"score":0.250000,"group":"headers","name":"R_MIXED_CHARSET","groups":["headers"]},{"score":0.500000,"group":"Message ID","name":"MID_RHS_NOT_FQDN","groups":["Message ID"]},{"score":8.500000,"group":"hfilter","name":"HFILTER_HOSTNAME_UNKNOWN","groups":["hfilter"]},{"options":["tinc.gmbh : No valid SPF, No valid DKIM","none"],"score":1,"group":"policies","name":"DMARC_POLICY_SOFTFAIL","groups":["policies","dmarc"]}]"
[Content-Type] => text/plain"
[Content-Length] => 3825"
[Host] => nginx"
[Connection] => close"
```
Will print "unknown" if missing.
---
src/plugins/lua/metadata_exporter.lua | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/src/plugins/lua/metadata_exporter.lua b/src/plugins/lua/metadata_exporter.lua
index 20457461b..48a5ffce3 100644
--- a/src/plugins/lua/metadata_exporter.lua
+++ b/src/plugins/lua/metadata_exporter.lua
@@ -79,6 +79,21 @@ local function get_general_metadata(task, flatten, no_content)
local s = task:get_metric_score('default')[1]
r.score = flatten and string.format('%.2f', s) or s
+ local fuzzy = task:get_mempool():get_variable("fuzzy_hashes", "fstrings")
+ if fuzzy and #fuzzy > 0 then
+ local fz = {}
+ for _,h in ipairs(fuzzy) do
+ table.insert(fz, h)
+ end
+ if not flatten then
+ r.fuzzy = fz
+ else
+ r.fuzzy = table.concat(fz, ', ')
+ end
+ else
+ r.fuzzy = 'unknown'
+ end
+
local rcpt = task:get_recipients('smtp')
if rcpt then
local l = {}
More information about the Commits
mailing list