[Rspamd-Users] Reject message : display cause in red in History

[Dominique Fournier CNRS]

Hi
I have defined some rules with reject action (like antivirus).
When a mail is rejected, in history, there is no information about the 
rule which apply and reject. The score is low, but the mail is rejected.


You will find a screenshot of a spam from this morning.

In the log, the explaination is well written :
rspamd[1102331]: <50bf26>; proxy; rspamd_task_write_log: id: 
<20231023110550.466F3A1083122682 at delmonintl.com>, qid: <1957617FB09>, 
ip: 82.115.209.230, from: <info at delmonintl.com>, (default: T (reject): 
[5.09/13.00] 
[HFILTER_HOSTNAME_UNKNOWN(2.50){},FAKE_REPLY(1.00){},RDNS_NONE(1.00){},SENDER_REP_SPAM(0.79){asn: 
200623(0.39), country: BA(0.01), ip: 
82.115.209.230(0.00);},DMARC_POLICY_ALLOW(-0.50){delmonintl.com;none;},MX_INVALID(0.50){},MIME_HTML_ONLY(0.20){},R_DKIM_ALLOW(-0.20){delmonintl.com:s=dkim;},R_SPF_ALLOW(-0.20){+mx;},MIME_GOOD(-0.10){multipart/mixed;},ONCE_RECEIVED(0.10){},ARC_NA(0.00){},ASN(0.00){asn:200623, 
ipnet:82.115.209.0/24, 
country:BA;},CLAM_VIRUS(0.00){Sanesecurity.Malware.29015.RtfHeur.Msg.UNOFFICIAL;},DKIM_TRACE(0.00){delmonintl.com:+;},FROM_EQ_ENVFROM(0.00){},FROM_HAS_DN(0.00){},FUZZY_BLOCKED(0.00){rspamd.com;},HAS_ATTACHMENT(0.00){},MID_RHS_MATCH_FROM(0.00){},MIME_TRACE(0.00){0:+;1:~;2:~;},RCPT_COUNT_ONE(0.00){1;},RCVD_COUNT_ZERO(0.00){0;},TO_DN_NONE(0.00){},TO_MATCH_ENVRCPT_ALL(0.00){}]), 
len: 160996, time: 1186.620ms, dns req: 21, digest: 
<16acbeb83b3e98c0aa1684ce791efaf9>, rcpts: <xxxx>, mime_rcpts: <xxxx>, 
forced: reject "Virus found : mail rejected"; score=nan (set by clamav)

Is there a way to display in red the CLAM_VIRUS line as it forced reject 
the mail ?

Thanks a lot

Dom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Capture d'?cran-2023-10-23 11:36:35.jpg
Type: image/jpeg
Size: 38592 bytes
Desc: not available
URL: <https://lists.rspamd.com/pipermail/users/attachments/20231023/dea3e03b/attachment.jpg>