[Rspamd-Users] uribl url_compose_map
Reto Kupferschmid
kupferschmid at puzzle.ch
Tue Aug 17 10:19:05 UTC 2021
I just saw the proposed solution using "selector = 'urls:get_host'" and
that seems to work fine.
On 8/17/21 12:07 PM, Reto Kupferschmid wrote:
> Hello Everyone!
>
> We saw quite a few phishing attempts recently with urls ending in
> wixsite.com (e.g. badsubdomain.wixsite.com). If I manually check the
> fqdn against multi.surbl.org I get a positive result. Rspamd however
> does not detect the URL since only the tld component (wixsite.com) is
> checked. I was able to "fix" this by using a url_compose_map as
> described here:
> [1]https://rspamd.com/doc/modules/rbl.html#specific-url-composition-rul
> es.
> Is there a way to always check the fqdn (in addition to the tld
> component)?
>
> Thanks!
> Reto
>
> References
>
> 1. https://rspamd.com/doc/modules/rbl.html#specific-url-composition-rules
More information about the Users
mailing list