[Rspamd-Users] Strange behavior when modifying files (emails rejected until file is updated)
SysAdmin EM
emawata at gmail.com
Fri Apr 24 20:58:32 UTC 2020
I am representing a very abnormal case. First I explain my settings.
I create this body filter:
BODY_CONTENT_RJT {
type = "content";
filter = "body";
map = "${LOCAL_CONFDIR}/local.d/body_reject.map.inc";
prefilter = true;
action = "reject";
regexp = true;
}
Into the file body_reject.map.inc, I identify the rules this way:
# file body_reject.map.inc
/I am an interesting and not boring girl/ BODY_REJECT_249:5
/Lick my pussy/ BODY_REJECT_250:15
/faith\_gg4desrie\@yahoo\.com$/ BODY_REJECT_251:15
/fideicomisario extranjero para transferir el dinero de mi herencia/
BODY_REJECT_252:15
/bsasbase\@hotmail\.com/ BODY_REJECT_253:15
/my private malware/ BODY_REJECT_254:15
when I modify the file, for a few seconds all emails are rejected:
2020-04-24 15:53:29 #18335(normal) <d40b28>; task; rspamd_task_write_log:
id: <em9e690558-d474-4ed7-bf10-f23781bc4ccf at silvina>, qid: <1jS3S4-0003Zp-
8X>, ip: 67.222.33.93, from: <silvina at martinez-asociados.com.ar>, (default:
T (reject): [15.00/30.00] [BODY_CONTENT_RJT(15.00){},ASN(0.00){asn:46606
, ipnet:67.222.32.0/19, country:US;}]), len: 18689, time: 12.706ms, dns
req: 1, digest: <7a275fe1f8ad88cf41f5861924e74874>, rcpts: <gabriel at fernande
z-laya.com.ar>, mime_rcpts: <gabriel at fernandez-laya.com.ar>, forced: reject
"Matched map: BODY_CONTENT_RJT"; score=nan (set by multimap)
I only see this symbol BODY_CONTENT_RJT(15.00){} I don't see the symbols
that I have added at the end of each rule to identify them.
# Rspamd log
2020-04-24 15:53:29 #18335(normal) <d40b28>; task;
rspamd_worker_body_handler: accepted connection from 172.17.2.232 port
51004, task ptr: 00007F6C5A8D2660
2020-04-24 15:53:29 #18335(normal) <d40b28>; task;
rspamd_mime_parse_message: mailbox input detected, enable workaround
2020-04-24 15:53:29 #18335(normal) <d40b28>; task; rspamd_message_parse:
loaded message; id: <em9e690558-d474-4ed7-bf10-f23781bc4ccf at silvina>;
queue-id: <1jS3S4-0003Zp-8X>; size: 18689; checksum:
<7a275fe1f8ad88cf41f5861924e74874>
2020-04-24 15:53:29 #18335(normal) <d40b28>; task;
rspamd_mime_part_detect_language: detected part language: es
2020-04-24 15:53:29 #18335(normal) <d40b28>; task;
rspamd_mime_part_detect_language: detected part language: es
2020-04-24 15:53:29 #18335(normal) <d40b28>; task;
rspamd_add_passthrough_result:
<em9e690558-d474-4ed7-bf10-f23781bc4ccf at silvina>: set pre-result to
'reject' (no score): 'Matched map: BODY_CONTENT_RJT' from multimap(1)
2020-04-24 15:53:29 #18335(normal) <d40b28>; task; rspamd_task_write_log:
id: <em9e690558-d474-4ed7-bf10-f23781bc4ccf at silvina>, qid:
<1jS3S4-0003Zp-8X>, ip: 67.222.33.93, from: <
silvina at martinez-asociados.com.ar>, (default: T (reject): [15.00/30.00]
[BODY_CONTENT_RJT(15.00){},ASN(0.00){asn:46606, ipnet:67.222.32.0/19,
country:US;}]), len: 18689, time: 12.706ms, dns req: 1, digest:
<7a275fe1f8ad88cf41f5861924e74874>, rcpts: <gabriel at fernandez-laya.com.ar>,
mime_rcpts: <gabriel at fernandez-laya.com.ar>, forced: reject "Matched map:
BODY_CONTENT_RJT"; score=nan (set by multimap)
2020-04-24 15:53:29 #18335(normal) <d40b28>; task;
rspamd_protocol_http_reply: regexp statistics: 0 pcre regexps scanned, 0
regexps matched, 184 regexps total, 0 regexps cached, 0B scanned using
pcre, 0B scanned total
Any ideas?
Regards,
More information about the Users
mailing list