commit fea6bf4: [Minor] rbl: support use of different matchers for return codes
Andrew Lewis
nerf at judo.za.org
Thu Oct 26 10:07:03 UTC 2023
Author: Andrew Lewis
Date: 2023-10-24 13:23:13 +0200
URL: https://github.com/rspamd/rspamd/commit/fea6bf4c35ae7fd40c9d61edc2283d335347d998
[Minor] rbl: support use of different matchers for return codes
---
conf/modules.d/rbl.conf | 3 +++
lualib/plugins/rbl.lua | 16 ++++++++++++++++
src/plugins/lua/rbl.lua | 21 ++++++++++++++++++---
3 files changed, 37 insertions(+), 3 deletions(-)
diff --git a/conf/modules.d/rbl.conf b/conf/modules.d/rbl.conf
index c1ef6afaa..cb90d5d31 100644
--- a/conf/modules.d/rbl.conf
+++ b/conf/modules.d/rbl.conf
@@ -105,6 +105,7 @@ rbl {
ipv6 = true;
checks = ['from', 'received'];
is_whitelist = true;
+ matcher = "luapattern";
whitelist_exception = "RCVD_IN_DNSWL";
whitelist_exception = "RCVD_IN_DNSWL_NONE";
whitelist_exception = "RCVD_IN_DNSWL_LOW";
@@ -152,6 +153,7 @@ rbl {
rbl = "dwl.dnswl.org";
checks = ['dkim'];
ignore_whitelist = true;
+ matcher = "luapattern";
unknown = false;
returncodes {
@@ -222,6 +224,7 @@ rbl {
selector = "specific_urls_filter_map('surbl_hashbl_map', {limit = 10}).apply_methods('get_host', 'get_path').join_tables('/')",
hash = 'md5';
hash_len = 32;
+ matcher = "luapattern";
returncodes = {
SURBL_HASHBL_PHISH = "127.0.0.8";
SURBL_HASHBL_MALWARE = "127.0.0.16";
diff --git a/lualib/plugins/rbl.lua b/lualib/plugins/rbl.lua
index 02d0d3338..1a25c1ed3 100644
--- a/lualib/plugins/rbl.lua
+++ b/lualib/plugins/rbl.lua
@@ -107,6 +107,7 @@ local rule_schema_tbl = {
ipv6 = ts.boolean:is_optional(),
is_whitelist = ts.boolean:is_optional(),
local_exclude_ip_map = ts.string:is_optional(),
+ matcher = ts.one_of { "equality", "luapattern" }:is_optional(),
monitored_address = ts.string:is_optional(),
no_ip = ts.boolean:is_optional(),
process_script = ts.string:is_optional(),
@@ -199,6 +200,21 @@ local function convert_checks(rule)
rule.from = true
end
+ if rule.returncodes and not rule.matcher then
+ for _, v in pairs(rule.returncodes) do
+ for _, e in ipairs(v) do
+ if e:find('%', 1, true) then
+ rspamd_logger.warnx(rspamd_config, 'implicitly enabling luapattern matcher for rule %s', rule.symbol)
+ rule.matcher = 'luapattern'
+ break
+ end
+ end
+ if rule.matcher then
+ break
+ end
+ end
+ end
+
return rule
end
diff --git a/src/plugins/lua/rbl.lua b/src/plugins/lua/rbl.lua
index 7f97506bc..b6467c103 100644
--- a/src/plugins/lua/rbl.lua
+++ b/src/plugins/lua/rbl.lua
@@ -215,7 +215,17 @@ local function gen_check_rcvd_conditions(rbl, received_total)
end
end
-local function rbl_dns_process(task, rbl, to_resolve, results, err, resolve_table_elt)
+local matchers = {}
+
+matchers.equality = function(to_match, pattern)
+ return to_match == pattern
+end
+
+matchers.luapattern = function(to_match, pattern)
+ return string.find(to_match, '^' .. pattern .. '$') and true or false
+end
+
+local function rbl_dns_process(task, rbl, to_resolve, results, err, resolve_table_elt, match)
local function make_option(ip, label)
if ip then
return string.format('%s:%s:%s',
@@ -293,7 +303,7 @@ local function rbl_dns_process(task, rbl, to_resolve, results, err, resolve_tabl
elseif rbl.returncodes then
for s, codes in pairs(rbl.returncodes) do
for _, v in ipairs(codes) do
- if string.find(ipstr, '^' .. v .. '$') then
+ if match(ipstr, v) then
foundrc = true
insert_results(s)
break
@@ -858,6 +868,11 @@ local function gen_rbl_callback(rule)
description[#description + 1] = 'selector'
end
+ if not rule.matcher then
+ rule.matcher = 'equality'
+ end
+ local match = matchers[rule.matcher]
+
local callback_f = function(task)
-- DNS requests to issue (might be hashed afterwards)
local dns_req = {}
@@ -865,7 +880,7 @@ local function gen_rbl_callback(rule)
local function gen_rbl_dns_callback(resolve_table_elt)
return function(_, to_resolve, results, err)
- rbl_dns_process(task, rule, to_resolve, results, err, resolve_table_elt)
+ rbl_dns_process(task, rule, to_resolve, results, err, resolve_table_elt, match)
end
end
More information about the Commits
mailing list