commit d47473f: [Minor] Tweak HAS_GOOGLE_REDIR to detect Google AMP URLs as well
twesterhever
40121680+twesterhever at users.noreply.github.com
Thu Aug 3 06:56:04 UTC 2023
Author: twesterhever
Date: 2023-08-02 13:32:13 +0000
URL: https://github.com/rspamd/rspamd/commit/d47473f55375db0de222fc1d2f31be7a8dbacb90 (refs/pull/4558/head)
[Minor] Tweak HAS_GOOGLE_REDIR to detect Google AMP URLs as well
Rationale: https://cofense.com/blog/google-amp-the-newest-of-evasive-phishing-tactic/
---
rules/regexp/headers.lua | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/rules/regexp/headers.lua b/rules/regexp/headers.lua
index b6b5e10d4..42c08ca3f 100644
--- a/rules/regexp/headers.lua
+++ b/rules/regexp/headers.lua
@@ -912,7 +912,7 @@ reconf['HAS_GUC_PROXY_URI'] = {
}
reconf['HAS_GOOGLE_REDIR'] = {
- re = '/\\.google\\.([a-z]{2,3}(|\\.[a-z]{2,3})|info|jobs)\\/url\\?/{url}i',
+ re = '/\\.google\\.([a-z]{2,3}(|\\.[a-z]{2,3})|info|jobs)\\/(amp\\/s\\/|url\\?)/{url}i',
description = 'Has google.com/url or alike Google redirection URL',
score = 1.0,
group = 'url'
More information about the Commits
mailing list