[Rspamd-Users] uribl url_compose_map
Reto Kupferschmid
kupferschmid+rspamd at puzzle.ch
Tue Aug 17 10:07:39 UTC 2021
Hello Everyone!
We saw quite a few phishing attempts recently with urls ending in
wixsite.com (e.g. badsubdomain.wixsite.com). If I manually check the
fqdn against multi.surbl.org I get a positive result. Rspamd however
does not detect the URL since only the tld component (wixsite.com) is
checked. I was able to "fix" this by using a url_compose_map as
described here:
[1]https://rspamd.com/doc/modules/rbl.html#specific-url-composition-rul
es.
Is there a way to always check the fqdn (in addition to the tld
component)?
Thanks!
Reto
References
1. https://rspamd.com/doc/modules/rbl.html#specific-url-composition-rules
More information about the Users
mailing list