Commit Graph

455 Commits

Author SHA1 Message Date
andryyy
520056a489
[Rspamd] Quarantine, Pushover: Respect active = 2 while processing 2020-09-26 21:58:49 +02:00
andryyy
1e244e9c0c
[Rspamd] Quarantine, Pushover: Respect active = 2 while processing 2020-09-26 21:58:28 +02:00
andryyy
642ef1a515
[Rspamd] Pushover, quarantine: also process 2020-09-26 21:55:04 +02:00
andryyy
e5f0e1da44
[Rspamd] Fix prio for includes in overrides 2020-09-24 20:30:58 +02:00
andryyy
c355bc2b69
[Rspamd] Prepare SMTP ip restriction, WIP 2020-09-23 11:21:28 +02:00
andryyy
2c9140f9f0 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2020-09-15 12:01:15 +02:00
andryyy
28041b1d97
[Rspamd] Encrypt fuzzy communication, switch to Rspamd 2.6 2020-09-15 11:01:20 +02:00
Noa J
c1034b890d
[Rspamd] Add open-relay-check@mailcow.email to monitoring_nolog.map (#3757) 2020-09-13 13:07:21 +02:00
andryyy
943730de47
[Rspamd] Add filter to global mime black- and whitelists to only match addr 2020-09-12 20:11:18 +02:00
Dmitriy Alekseev
7feb589b90
[Rspamd] Add iso/img to bad extensions (#3753) 2020-09-12 12:21:12 +02:00
Dmitriy Alekseev
eb12c2f8cd
[Rspamd] Disable extension cloaking (#3754) 2020-09-12 12:20:55 +02:00
andryyy
c201a712cb
[Rspamd] Macro check was fixed, remove doc and xls ban for now... 2020-09-09 16:02:14 +02:00
andryyy
013b3f88da
[Rspamd] Meta exporter and settings map: read vars.local.inc.php 2020-09-06 08:54:36 +02:00
andryyy
92074b0edb
[Rspamd] doc and xls are blocked 2020-09-03 15:33:39 +02:00
Dmitriy Alekseev
070cdb7787
Update arc.conf (#3686) 2020-07-31 19:47:03 +02:00
Dmitriy Alekseev
5b52e15fec
Update dkim_signing.conf (#3685) 2020-07-31 19:46:39 +02:00
Marcel Caspar
3dc2b1a721
[Rspamd] Add urlhaus map to rspamd (#3683)
add the list with online malware urls from URLhaus into rspamd to check against
2020-07-30 15:24:29 +02:00
andryyy
a349629a5a
[Rspamd] Remove spoofed unauth symbol from mails from whitelisted fwd hosts 2020-07-29 13:57:33 +02:00
andryyy
c673c2a6cc
[Rspamd] Add hint to composite, minor 2020-07-02 07:53:22 +02:00
andryyy
7304add084
[Watchdog] Update compose file, update image
[Rspamd] Temporarily disable over-signing, as Cyren does mark those mails as DKIM invalid (blame them, not us)
2020-06-23 21:22:22 +02:00
andryyy
414cbbef6b
[Rspamd] Change whitelisted senders map from prefilter to score -2050 2020-06-19 22:07:10 +02:00
andryyy
115c6540e2 [Rspamd] Consistent LOCAL_CONFDIR 2020-06-03 08:34:24 +02:00
andryyy
702f221a2d
[Rspamd] More bulk headers 2020-06-01 09:55:45 +02:00
andryyy
b208037b49
[Rspamd] Do not exclude fwd hosts from dmarc checks 2020-05-23 20:32:56 +02:00
andryyy
4881f617a5
[Rspamd] Changes to WHITELISTED_FWD_HOST composite handling 2020-05-23 12:20:57 +02:00
andryyy
615ef47f27
[Rspamd] More excludes for fwd hosts, minor fix to FORGED_W_BAD_POLICY 2020-05-23 11:16:33 +02:00
andryyy
347e65736e
[Rspamd] IP WL is no more a prefilter to prevent unsigned mail 2020-05-20 12:15:33 +02:00
andryyy
857fa0314b
[Rspamd] Further increase bounce rl 2020-05-08 14:01:16 +02:00
andryyy
b5c59046ed
[Rspamd] Score spoofed senders higher 2020-05-06 20:15:18 +02:00
andryyy
bba9adaa6e
[Rspamd] Set bounce RL to 20 / 1h ; Fix BAZAR (test) 2020-04-29 21:08:33 +02:00
andryyy
e7a5c98704
[Rspamd] Disable upstream checks for SIEVE_HOST 2020-04-27 20:48:12 +02:00
andryyy
d392257289 [Web] Some changes
[SOGo] Allow to not spawn SOGo but an idling shell
[Rspamd] Remove X-CSA-Complaints from bulk headers...
2020-04-27 20:47:28 +02:00
andryyy
35d3586950
[Rspamd] Pushover: Fixes 2020-04-16 22:29:01 +02:00
andryyy
47a15c21aa
[Rspamd] Pushover, check sender by regex 2020-04-16 21:58:30 +02:00
andryyy
6efe0d5aab
[Rspamd] Moore Pushover fixes 2020-04-16 15:42:10 +02:00
andryyy
fec0f688b1
[Rspamd] More Pushover fixes 2020-04-16 13:38:19 +02:00
andryyy
1be3ca3fb9
[Rspamd] Pushover fixes 2020-04-16 12:23:27 +02:00
andryyy
c67bb75071
[Rspamd] More pushover options 2020-04-16 11:32:53 +02:00
andryyy
5d37f2af4f
[Rspamd] Fix maps #2 2020-04-14 21:14:21 +02:00
andryyy
960fe1fdba
[Rspamd] Fix maps 2020-04-14 21:13:53 +02:00
andryyy
d883bb246b
[Rspamd] Increase bulk header score 2020-04-14 10:34:09 +02:00
andryyy
b25a842e5d
[Rspamd] Block more promio spam crap 2020-04-14 10:31:53 +02:00
andryyy
ce6d6a01f3
[Rspamd] Remove policy checks from SPOOFED_UNAUTH, since SPF can be valid in envelope from, while forging the header from field 2020-04-12 21:13:31 +02:00
andryyy
dc3eb44544
[Rspamd] Add more bulk headers 2020-04-12 13:07:51 +02:00
andryyy
f38be3a8b0
[Rspamd] Slightly reduce BAD REP POL score 2020-04-11 08:27:11 +02:00
andryyy
cb599db61e
[Rspamd] Fix quarantine and pushover notifications 2020-04-11 08:02:15 +02:00
andryyy
ccdb7fcd26
[Rspamd] Add metadata exporter for unauthed mail 2020-04-10 20:55:49 +02:00
andryyy
eeea1b393c
[Rspamd] Remove upstream spam check results from mail by fwd hosts 2020-04-10 20:54:26 +02:00
andryyy
65aa7b0a92
[Rspamd] Use empty-env-from@localhost as placeholder for empty env from senders in quarantine 2020-04-08 21:55:17 +02:00
Michael Kuron
ca4c7c51dc
[rspamd] Restore add header forced action (#3440)
Revert 0474de88b1. Fixed since c3a4c6d311.
2020-03-31 19:21:03 +02:00
andryyy
e491b835e5
[Rspamd] And even more spam headers 2020-03-21 20:39:07 +01:00
andryyy
6a523fc497
[Rspamd] Moooore spam crap 2020-03-21 20:34:55 +01:00
andryyy
d460061e7a
[Rspamd] More spam headers 2020-03-21 20:19:58 +01:00
andryyy
b0ff2ddb50
[Rspamd] Add more bulk headers (feel free to contribute) 2020-03-21 20:13:44 +01:00
andryyy
0474de88b1
[Rspamd] Forced action add header seems to be broken atm, switching to rewrite subject until fixed 2020-03-10 07:20:18 +01:00
andryyy
537b7dad14
[Rspamd] Add fuzzy hashes to headers, if matched 2020-03-08 12:24:42 +01:00
andryyy
fc460fd806
[Rspamd] Reduce CSA crap to 2.0 2020-03-06 18:16:54 +01:00
andryyy
f532422726
[Rspamd, Web] Escape monitoring hosts, add regex maps to vars file 2020-03-06 08:38:01 +01:00
andryyy
bbd53d7f4f
[Rspamd] Add X-CSA to bulk headers 2020-03-06 08:33:00 +01:00
andryyy
d248bb660c
[Rspamd] Reduce Sorbs recent score
[Rspamd] Add annoying CSA to bulk symbols and score then with 3.2
[Rspamd] Update to 2.4
2020-03-06 07:14:06 +01:00
andryyy
c9f455a2b1
[Rspamd] Move monitoring hosts to monitoring_nolog.map file 2020-03-04 11:53:07 +01:00
Ry3nlNaToR
93965fdc30
Added mailflowmonitoring.com to no log Rspamd (#3384) 2020-03-04 06:08:54 +01:00
andryyy
580b700eec
[Rspamd] Quarantine: Set sender to null@localhost when sender is missing 2020-03-03 19:10:28 +01:00
andryyy
49d4f6f897
[Rspamd] Set fixed name for fuzzy store 2020-02-26 14:30:44 +01:00
andryyy
e1f165b9dc
[Rspamd] Add mailcow fuzzy hash store 2020-02-26 14:24:19 +01:00
andryyy
c9a4715dfc
[Rspamd] Disable 304 until SOGO_CONTACT triggers an update, needs rework 2020-02-25 11:14:59 +01:00
andryyy
9d04d0ee4a
[Rspamd] Add X-Last-TLS-Session-Version header 2020-02-09 19:08:28 +01:00
andryyy
8a3fc802c5 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2020-02-06 07:04:31 +01:00
andryyy
ad55dd8f05
[Rspamd] Use redis master for RL operations in pipe_rl 2020-02-05 11:02:31 +01:00
Michael Kuron
3cdbe7b73c
Reduce Rspamd DNSBL false positives (#3311)
* rspamd: ignore Spamhaus XBL for Received headers

* rspamd: ignore SORBS RBL for forwarding hosts

* rspamd: ignore RBLs for forwarding hosts
2020-02-04 12:35:52 +01:00
André Peters
60fb5498ff
Update mime_types.conf 2020-02-04 12:06:20 +01:00
André Peters
96a507c927
Update mime_types.conf 2020-02-04 12:05:24 +01:00
andryyy
d83013667b
[Rspamd] Do not normalise domains to eSLD for ARC 2020-01-19 13:17:23 +01:00
andryyy
57af5103c7
[Rspamd] Ratelimit for bounces reduced, max_rcpt for ratelimit increased 2020-01-18 16:32:27 +01:00
Michael Kuron
4c2e13009b rspamd: More comprehensive attachment handling (#3273)
- block all Office documents with macros
- don’t just block all doc files
- mark some more Windows executable extensions as bad
2020-01-17 22:19:12 +01:00
andryyy
4e46d44e79
[Rspamd] Allow empty envfrom for system mails, add only Dovecot to sign_networks and sign by header when sign_networks fires.
ARC remains active for forwards. Result: fully signed and trusted forwards and signed rejects in sieve.
2020-01-12 12:21:21 +01:00
andryyy
791e0831ad
[Rspamd] Fix DKIM, fixes #3262 2020-01-12 11:39:53 +01:00
andryyy
5f73629493
[Rspamd] Set rspamd as trusted host, rspamd is not spoofing 2020-01-10 20:39:52 +01:00
andryyy
03cbed5002
[Rspamd] allow_hdrfrom_mismatch true, auth_only false (sieve) 2020-01-10 20:39:11 +01:00
andryyy
203dd12497
[Rspamd] Fix groups 2020-01-06 18:47:51 +01:00
andryyy
6d5677eb32
[Rspamd] Decrease weight of missed charset 2020-01-05 11:34:03 +01:00
andryyy
b098696b89
[Rspamd] Fix groups.conf syntax 2020-01-05 11:24:13 +01:00
andryyy
ad1f243667
[Postfix] Set CA path for smtpd
[Rspamd] Split deprecated metrics.conf to actions.conf and groups.conf
2020-01-05 11:21:04 +01:00
andryyy
58a00cf7ea
[Web, Rspamd] Add bad language map, add map to mailcow UI 2019-12-22 18:57:28 +01:00
andryyy
5a0df09361
[Rspamd] Rate .doc with +10, decrease default bayes ham score 2019-12-20 15:44:58 +01:00
andryyy
7b4ed3bf64
[Rspamd] Lower map watch interval 2019-12-02 10:54:22 +01:00
andryyy
d57e2b58c1
[Rspamd] Reduce ptr fail score 2019-11-24 16:09:59 +01:00
andryyy
19d0eedeba
[Rspamd] Add FORGED_W_BAD_POLICY 2019-11-24 16:08:58 +01:00
andryyy
e0535bedbb
[Rspamd] Set new last modified when changing Rspamd settings 2019-11-18 16:42:56 +01:00
andryyy
7a87c492ed
[Rspamd] Fix bad ASN map format 2019-11-18 13:26:16 +01:00
andryyy
d67e4e83c9
[Rspamd] Increase score for BAD_REP_POLICIES 2019-11-15 23:51:48 +01:00
andryyy
56ddc4bd26
[Rspamd] Add new default reject message
[Rspamd] Add Sorbs
2019-11-15 07:58:04 +01:00
andryyy
64f8ed2fbc
[Rspamd] Increase invalid PTR score 2019-11-14 10:17:58 +01:00
andryyy
99326f81de
[Rspamd, Postfix] Move PTR check to Postfix 2019-11-14 10:16:51 +01:00
Michael Kuron
fbc7b7dce5 rspamd: Don't remove WHITELISTED_FWD_HOST if SOGO_CONTACT present (#3084) 2019-11-11 08:20:46 +01:00
andryyy
bcc28784f7
[Rspamd] CL is not a fishy tld 2019-11-02 12:02:49 +01:00
andryyy
7f8b13434d
[Rspamd, Dovecot] Do not use Schaal rules - probably too much for Rspamd 2.x to handle, mem leak? 2019-10-31 20:43:07 +01:00
andryyy
50020bf1f0
[Rspamd] Remove neural, other gbc options 2019-10-31 19:55:42 +01:00
andryyy
6655ada308
[Rspamd] Remove unwanted options after talking to Vsevo 2019-10-31 19:03:20 +01:00
andryyy
df3d78f03b
[Rspamd] Reset logging 2019-10-30 20:18:21 +01:00
andryyy
27de9dbf92
[Rspamd] Slight changes to improve memory usage
[Web] Dirty hack to touch Rspamd maps a second time
2019-10-30 20:07:58 +01:00
andryyy
c0f39e5cac Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2019-10-29 18:36:53 +01:00
andryyy
a71f590b1e
[Rspamd] Remove score from neural 2019-10-29 18:36:49 +01:00
andryyy
8683e4bd9a
[Rspamd] Use last-modified headers to not read unmodified settings map every 30 seconds 2019-10-29 14:21:58 +01:00
Michael Kuron
c63967f7be
Rspamd: increase redis timeout 2019-10-26 13:00:31 +02:00
andryyy
be4099182b
[Rspamd] Do not log watchdog mails 2019-10-21 20:42:43 +02:00
andryyy
d5ee7de66a
[Rspamd] Disable info logging, re-enable silent logging, only apply MILTER_HEADERS symbol to watchdog Rspamd settings map 2019-10-20 21:48:30 +02:00
andryyy
ee57b5921f
[Rspamd] Various fixes for Rspamd 2.0, neural network activated, autolearning activated (auto-keeps a ratio) 2019-10-12 13:14:34 +02:00
andryyy
0cfa056faa
[Rspamd] Do not quaratine if symbol is GLOBAL_X_BL 2019-10-10 12:38:24 +02:00
andryyy
a231ecaed5
[Rspamd] Fix ARC defaults, thanks to klausenbusk 2019-09-23 10:44:58 +02:00
andryyy
287c577fc4
[Rspamd] Set !ARC_ALLOW to SPF FAIL check 2019-09-23 10:44:26 +02:00
ntimo
ba6c5b7197
[Rspamd] Updated bad_word maps 2019-09-17 20:39:08 +02:00
ntimo
3ca014ee79
[Rspamd] Added multimap config for bad_words_de.map 2019-09-16 18:18:56 +02:00
ntimo
005ed2cadc
[Rspamd] Split bad words into multiple files per language 2019-09-15 11:53:04 +02:00
André Peters
d1e56ab7bc
Update fishy_tlds.map 2019-09-10 16:48:40 +02:00
André Peters
f87beded34
Update fishy_tlds.map 2019-09-05 14:32:04 +02:00
andryyy
8d0b2678fe
[Rspamd] Remove some TLDs from fishy map 2019-09-04 08:14:35 +02:00
andryyy
9c714b34a4
[Rspamd] Bad word update and score change 2019-08-30 19:30:38 +02:00
andryyy
569296dcdc
[Rspamd] More bad words - todo: split by language 2019-08-30 18:54:54 +02:00
andryyy
5a89dc114d
[Rspamd] Minor changes to fishy tlds and bad words 2019-08-29 18:57:37 +02:00
andryyy
6e82a35929
[Rspamd] Important fix for fishy maps 2019-08-28 15:04:53 +02:00
andryyy
1414e9df00
[Rspamd] Reduce fishy tld score
[Compose] Update Dovecot image
2019-08-28 14:37:04 +02:00
andryyy
a5d569e0ca
[Rspamd] Reduce fishy tld score 2019-08-28 14:26:01 +02:00
andryyy
01fe856d05
[Rspamd] Fix a domain name 2019-08-28 13:05:42 +02:00
andryyy
23ae0c3cc1
[Rspamd] Filter 'em bad words from 'em bad tlds 2019-08-28 13:03:15 +02:00
andryyy
e342016534
[Rspamd] Fix scores of UCE 2019-08-22 22:08:22 +02:00
andryyy
084eb008a1
[Rspamd] Add UCE to RBL 2019-08-22 16:34:03 +02:00
andryyy
9bbf9dc68e
[Rspamd] Fix and improve settings map 2019-08-21 21:07:51 +02:00
andryyy
3a26365b51
[Rspamd] Change SA ruleset name 2019-08-21 14:37:30 +02:00
andryyy
db0719f068
[Rspamd] Fix IP whitelist 2019-07-22 13:50:05 +02:00
andryyy
71df10892c
[Rspamd] Add custom IP whitelist template 2019-07-22 13:38:47 +02:00
André Peters
83136c7876
Merge pull request #2789 from patschi/patch-6
Remove DMARC descriptions from polices_group
2019-07-16 21:30:44 +02:00
Patrik Kernstock
197f27b705
Remove DMARC descriptions from polices_group
Remove descriptions as they are inherited from the default rspamd configuration anyway
2019-07-16 20:15:11 +02:00
Michael Kuron
cecbbe9e82
Remove score from R_DKIM_PERMFAIL
This error happens when there is no public key in DNS for that selector.
2019-07-16 20:03:37 +02:00
André Peters
84f4f43b27
Update policies_group.conf 2019-07-12 23:15:27 +02:00
andryyy
2efd27e40e
[Olefy] A new container is born, thanks to @c-rosenberg
[ACME] Autoconfig is back (re-added to SAN list by default for all mail domains)
[Rspamd] Added comment to composite
2019-06-25 18:52:05 +02:00
andryyy
f2d1a56104
[Rspamd] Increase OLEFY_MACRO score 2019-06-20 10:18:43 +02:00
andryyy
04940429ba
[Rspamd] Add oletools via olefy, big thanks to @c-rosenberg 2019-06-16 17:35:58 +02:00
andryyy
6f99f06c6d
[Rspamd] Add OLEFY_MACRO symbol 2019-06-16 17:35:24 +02:00
andryyy
9c347e36fc
[Rspamd] Less aggressive bayes 2019-06-16 17:34:58 +02:00
andryyy
e43951331c
[Rspamd] Sign ARC inbonud, thanks to @Kraeutergarten 2019-06-11 11:41:59 +02:00
andryyy
de3a89ac7a
[Postfix] Remove duplicate proxy read maps, add resource maps 2019-06-09 16:49:02 +02:00
andryyy
395f0f7a3d
[Rspamd] Remove authenticated user from auth results header
[Dovecot] Fix permissions of console
[Compose] New Dovecot image
2019-05-29 18:02:14 +02:00
andryyy
ba14f0f113
[Rspamd] Fix spoofing detection 2019-05-20 15:14:42 +02:00
andryyy
3ffa7e1f33
[Rspamd] Add SIEVE_HOST map and skip spoof check for these IPs 2019-05-18 22:44:06 +02:00
andryyy
45359bb6cf
[Rspamd] Do not apply SPOOFED_UNAUTH on ARC_ALLOW
[Dovecot] Set sieve_redirect_envelope_from to rcpt
2019-05-18 09:18:00 +02:00
andryyy
5c07cca529
[Rspamd] Change spoofed mail handling 2019-05-09 11:48:38 +02:00
andryyy
456e92c830
[Rspamd] Set to to_ip to_ip_from rate buckets to 100 / 1s 2019-05-09 11:32:16 +02:00
André Peters
61433a4488
Merge pull request #2541 from sriccio/master
Allow to easily add custom plugins to rspamd
2019-05-05 22:33:32 +02:00
andryyy
28c8c53a6e
[Rspamd] meta_exporter: return false if not matched
[Compose] Update Dovecot image
2019-05-01 22:50:38 +02:00