From ca544184414ace43c48cbf53bb878b5d7d480020 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=B4me=20Lebleu?= Date: Mon, 28 Mar 2016 19:11:50 +0200 Subject: [PATCH] [enh] Use new rspamd configuration system to override metrics --- data/hooks/conf_regen/31-rspamd | 7 +- data/templates/rspamd/metrics.conf | 1163 ------------------- data/templates/rspamd/metrics.conf.override | 8 + debian/control | 2 +- 4 files changed, 14 insertions(+), 1166 deletions(-) delete mode 100644 data/templates/rspamd/metrics.conf create mode 100644 data/templates/rspamd/metrics.conf.override diff --git a/data/hooks/conf_regen/31-rspamd b/data/hooks/conf_regen/31-rspamd index 7b17a8ac1..ad2af232d 100644 --- a/data/hooks/conf_regen/31-rspamd +++ b/data/hooks/conf_regen/31-rspamd @@ -14,8 +14,11 @@ function safe_copy () { cd /usr/share/yunohost/templates/rspamd -# Copy Rspamd configuration -safe_copy metrics.conf /etc/rspamd/metrics.conf +# Create configuration directories +sudo mkdir -p /etc/rspamd/local.d /etc/rspamd/override.d + +# Copy specific configuration to override the defaults +safe_copy metrics.conf.override /etc/rspamd/override.d/metrics.conf # Install Rspamd sieve script safe_copy rspamd.sieve /etc/dovecot/global_script/rspamd.sieve diff --git a/data/templates/rspamd/metrics.conf b/data/templates/rspamd/metrics.conf deleted file mode 100644 index 1236b2a3e..000000000 --- a/data/templates/rspamd/metrics.conf +++ /dev/null @@ -1,1163 +0,0 @@ -# Metrics settings - -metric { - name = "default"; - # If this param is set to non-zero - # then a metric would accept all symbols - # unknown_weight = 1.0 - - actions { - reject = 21; - add_header = 8; - greylist = 4; - }; - - group { - name = "header"; - symbol { - weight = 2.0; - description = "Subject is missing inside message"; - name = "MISSING_SUBJECT"; - } - symbol { - weight = 2.100000; - description = "Message pretends to be send from Outlook but has 'strange' tags "; - name = "FORGED_OUTLOOK_TAGS"; - } - symbol { - weight = 0.30; - description = "Sender is forged (different From: header and smtp MAIL FROM: addresses)"; - name = "FORGED_SENDER"; - } - symbol { - weight = 3.500000; - description = "Recipients seems to be autogenerated (works if recipients count is more than 5)"; - name = "SUSPICIOUS_RECIPS"; - } - symbol { - weight = 6.0; - description = "Fake reply (has RE in subject, but has not References header)"; - name = "FAKE_REPLY_C"; - } - symbol { - weight = 1.0; - description = "Messages that have only HTML part"; - name = "MIME_HTML_ONLY"; - } - symbol { - weight = 2.0; - description = "Forged yahoo msgid"; - name = "FORGED_MSGID_YAHOO"; - } - symbol { - weight = 2.0; - description = "Forged The Bat! MUA headers"; - name = "FORGED_MUA_THEBAT_BOUN"; - } - symbol { - weight = 5.0; - description = "Charset is missing in a message"; - name = "R_MISSING_CHARSET"; - } - symbol { - weight = 2.0; - description = "Two received headers with ip addresses"; - name = "RCVD_DOUBLE_IP_SPAM"; - } - symbol { - weight = 5.0; - description = "Forged outlook HTML signature"; - name = "FORGED_OUTLOOK_HTML"; - } - symbol { - weight = 5.0; - description = "Recipients are absent or undisclosed"; - name = "R_UNDISC_RCPT"; - } - symbol { - weight = 2.0; - description = "Fake helo for verizon provider"; - name = "FM_FAKE_HELO_VERIZON"; - } - symbol { - weight = 2.0; - description = "Quoted reply-to from yahoo (seems to be forged)"; - name = "REPTO_QUOTE_YAHOO"; - } - symbol { - weight = 5.0; - description = "Mime-OLE is needed but absent (e.g. fake Outlook or fake Exchange)"; - name = "MISSING_MIMEOLE"; - } - symbol { - weight = 2.0; - description = "To header is missing"; - name = "MISSING_TO"; - } - symbol { - weight = 1.500000; - description = "From that contains encoded characters while base 64 is not needed as all symbols are 7bit"; - name = "FROM_EXCESS_BASE64"; - } - symbol { - weight = 1.200000; - description = "From that contains encoded characters while quoted-printable is not needed as all symbols are 7bit"; - name = "FROM_EXCESS_QP"; - } - symbol { - weight = 1.500000; - description = "To that contains encoded characters while base 64 is not needed as all symbols are 7bit"; - name = "TO_EXCESS_BASE64"; - } - symbol { - weight = 1.200000; - description = "To that contains encoded characters while quoted-printable is not needed as all symbols are 7bit"; - name = "TO_EXCESS_QP"; - } - symbol { - weight = 1.500000; - description = "Reply-To that contains encoded characters while base 64 is not needed as all symbols are 7bit"; - name = "REPLYTO_EXCESS_BASE64"; - } - symbol { - weight = 1.200000; - description = "Reply-To that contains encoded characters while quoted-printable is not needed as all symbols are 7bit"; - name = "REPLYTO_EXCESS_QP"; - } - symbol { - weight = 1.500000; - description = "Cc that contains encoded characters while base 64 is not needed as all symbols are 7bit"; - name = "CC_EXCESS_BASE64"; - } - symbol { - weight = 1.200000; - description = "Cc that contains encoded characters while quoted-printable is not needed as all symbols are 7bit"; - name = "CC_EXCESS_QP"; - } - symbol { - weight = 5.0; - description = "Mixed characters in a message"; - name = "R_MIXED_CHARSET"; - } - symbol { - weight = 3.500000; - description = "Recipients list seems to be sorted"; - name = "SORTED_RECIPS"; - } - symbol { - weight = 3.0; - description = "Spambots signatures in received headers"; - name = "R_RCVD_SPAMBOTS"; - } - symbol { - weight = 2.0; - description = "To header seems to be autogenerated"; - name = "R_TO_SEEMS_AUTO"; - } - symbol { - weight = 1.0; - description = "Subject needs encoding"; - name = "SUBJECT_NEEDS_ENCODING"; - } - symbol { - weight = 3.840000; - description = "Spam string at the end of message to make statistics faults 0"; - name = "TRACKER_ID"; - } - symbol { - weight = 1.0; - description = "No space in from header"; - name = "R_NO_SPACE_IN_FROM"; - } - symbol { - weight = 8.0; - description = "Subject seems to be spam"; - name = "R_SAJDING"; - } - symbol { - weight = 3.0; - description = "Detects bad content-transfer-encoding for text parts"; - name = "R_BAD_CTE_7BIT"; - } - symbol { - weight = 10.0; - description = "Flash redirect on imageshack.us"; - name = "R_FLASH_REDIR_IMGSHACK"; - } - symbol { - weight = 5.0; - description = "Message id is incorrect"; - name = "INVALID_MSGID"; - } - symbol { - weight = 3.0; - description = "Message id is missing "; - name = "MISSING_MID"; - } - symbol { - weight = 1.0; - description = "Recipients are not the same as RCPT TO: mail command"; - name = "FORGED_RECIPIENTS"; - } - symbol { - weight = 0.0; - description = "Recipients are not the same as RCPT TO: mail command, but a message from a maillist"; - name = "FORGED_RECIPIENTS_MAILLIST"; - } - symbol { - weight = 0.0; - description = "Sender is not the same as MAIL FROM: envelope, but a message is from a maillist"; - name = "FORGED_SENDER_MAILLIST"; - } - symbol { - weight = 2.0; - description = "Forged Exchange messages "; - name = "RATWARE_MS_HASH"; - } - symbol { - weight = 1.0; - description = "Reply-type in content-type"; - name = "STOX_REPLY_TYPE"; - } - symbol { - weight = 0.1; - description = "One received header in a message "; - name = "ONCE_RECEIVED"; - } - symbol { - weight = 2.0; - description = "One received header with 'bad' patterns inside"; - name = "ONCE_RECEIVED_STRICT"; - } - symbol { - weight = 2.0; - description = "Only Content-Type header without other MIME headers"; - name = "MIME_HEADER_CTYPE_ONLY"; - } - symbol { - weight = -1.0; - description = "Message seems to be from maillist"; - name = "MAILLIST"; - } - symbol { - weight = 1.0; - description = "Header From begins with tab"; - name = "HEADER_FROM_DELIMITER_TAB"; - } - symbol { - weight = 1.0; - description = "Header To begins with tab"; - name = "HEADER_TO_DELIMITER_TAB"; - } - symbol { - weight = 1.0; - description = "Header Cc begins with tab"; - name = "HEADER_CC_DELIMITER_TAB"; - } - symbol { - weight = 1.0; - description = "Header Reply-To begins with tab"; - name = "HEADER_REPLYTO_DELIMITER_TAB"; - } - symbol { - weight = 1.0; - description = "Header Date begins with tab"; - name = "HEADER_DATE_DELIMITER_TAB"; - } - symbol { - weight = 1.0; - description = "Header From has no delimiter between header name and header value"; - name = "HEADER_FROM_EMPTY_DELIMITER"; - } - symbol { - weight = 1.0; - description = "Header To has no delimiter between header name and header value"; - name = "HEADER_TO_EMPTY_DELIMITER"; - } - symbol { - weight = 1.0; - description = "Header Cc has no delimiter between header name and header value"; - name = "HEADER_CC_EMPTY_DELIMITER"; - } - symbol { - weight = 1.0; - description = "Header Reply-To has no delimiter between header name and header value"; - name = "HEADER_REPLYTO_EMPTY_DELIMITER"; - } - symbol { - weight = 1.0; - description = "Header Date has no delimiter between header name and header value"; - name = "HEADER_DATE_EMPTY_DELIMITER"; - } - symbol { - weight = 4.0; - description = "Header Received has raw illegal character"; - name = "RCVD_ILLEGAL_CHARS"; - } - symbol { - weight = 4.0; - description = "Fake helo mail.ru in header Received from non mail.ru sender address"; - name = "FAKE_RECEIVED_mail_ru"; - } - symbol { - weight = 4.0; - description = "Fake smtp.yandex.ru Received"; - name = "FAKE_RECEIVED_smtp_yandex_ru"; - } - symbol { - weight = 3.600000; - description = "Forged generic Received"; - name = "FORGED_GENERIC_RECEIVED"; - } - symbol { - weight = 3.600000; - description = "Forged generic Received"; - name = "FORGED_GENERIC_RECEIVED2"; - } - symbol { - weight = 3.600000; - description = "Forged generic Received"; - name = "FORGED_GENERIC_RECEIVED3"; - } - symbol { - weight = 3.600000; - description = "Forged generic Received"; - name = "FORGED_GENERIC_RECEIVED4"; - } - symbol { - weight = 4.600000; - description = "Forged generic Received"; - name = "FORGED_GENERIC_RECEIVED5"; - } - symbol { - weight = 3.0; - description = "Invalid Postfix Received"; - name = "INVALID_POSTFIX_RECEIVED"; - } - symbol { - weight = 5.0; - description = "Invalid Exim Received"; - name = "INVALID_EXIM_RECEIVED"; - } - symbol { - weight = 3.0; - description = "Invalid Exim Received"; - name = "INVALID_EXIM_RECEIVED2"; - } - } - - group { - name = "mua"; - symbol { - weight = 4.0; - description = "Message pretends to be send from The Bat! but has forged Message-ID"; - name = "FORGED_MUA_THEBAT_MSGID"; - } - symbol { - weight = 3.0; - description = "Message pretends to be send from The Bat! but has forged Message-ID"; - name = "FORGED_MUA_THEBAT_MSGID_UNKNOWN"; - } - symbol { - weight = 3.0; - description = "Message pretends to be send from KMail but has forged Message-ID"; - name = "FORGED_MUA_KMAIL_MSGID"; - } - symbol { - weight = 2.500000; - description = "Message pretends to be send from KMail but has forged Message-ID"; - name = "FORGED_MUA_KMAIL_MSGID_UNKNOWN"; - } - symbol { - weight = 4.0; - description = "Message pretends to be send from Opera Mail but has forged Message-ID"; - name = "FORGED_MUA_OPERA_MSGID"; - } - symbol { - weight = 4.0; - description = "Message pretends to be send from suspicious Opera Mail/10.x (Windows) but has forged Message-ID, apparently from KMail"; - name = "SUSPICIOUS_OPERA_10W_MSGID"; - } - symbol { - weight = 4.0; - description = "Message pretends to be send from Mozilla Mail but has forged Message-ID"; - name = "FORGED_MUA_MOZILLA_MAIL_MSGID"; - } - symbol { - weight = 2.500000; - description = "Message pretends to be send from Mozilla Mail but has forged Message-ID"; - name = "FORGED_MUA_MOZILLA_MAIL_MSGID_UNKNOWN"; - } - symbol { - weight = 4.0; - description = "Forged mail pretending to be from Mozilla Thunderbird but has forged Message-ID"; - name = "FORGED_MUA_THUNDERBIRD_MSGID"; - } - symbol { - weight = 2.500000; - description = "Forged mail pretending to be from Mozilla Thunderbird but has forged Message-ID"; - name = "FORGED_MUA_THUNDERBIRD_MSGID_UNKNOWN"; - } - symbol { - weight = 4.0; - description = "Forged mail pretending to be from Mozilla Seamonkey but has forged Message-ID"; - name = "FORGED_MUA_SEAMONKEY_MSGID"; - } - symbol { - weight = 2.500000; - description = "Forged mail pretending to be from Mozilla Seamonkey but has forged Message-ID"; - name = "FORGED_MUA_SEAMONKEY_MSGID_UNKNOWN"; - } - symbol { - weight = 3.0; - description = "Forged outlook MUA"; - name = "FORGED_MUA_OUTLOOK"; - } - } - symbol { - weight = 0.0; - description = "Avoid false positives for FORGED_MUA_* in maillist"; - name = "FORGED_MUA_MAILLIST"; - } - - group { - name = "body"; - symbol { - weight = 9.0; - description = "White color on white background in HTML messages"; - name = "R_WHITE_ON_WHITE"; - } - symbol { - weight = 3.0; - description = "Short html part with a link to an image"; - name = "HTML_SHORT_LINK_IMG_1"; - } - symbol { - weight = 1.0; - description = "Short html part with a link to an image"; - name = "HTML_SHORT_LINK_IMG_2"; - } - symbol { - weight = 0.5; - description = "Short html part with a link to an image"; - name = "HTML_SHORT_LINK_IMG_3"; - } - symbol { - weight = 5.0; - description = "Suspicious boundary in header Content-Type"; - name = "SUSPICIOUS_BOUNDARY"; - } - symbol { - weight = 4.0; - description = "Suspicious boundary in header Content-Type"; - name = "SUSPICIOUS_BOUNDARY2"; - } - symbol { - weight = 3.0; - description = "Suspicious boundary in header Content-Type"; - name = "SUSPICIOUS_BOUNDARY3"; - } - symbol { - weight = 4.0; - description = "Suspicious boundary in header Content-Type"; - name = "SUSPICIOUS_BOUNDARY4"; - } - symbol { - weight = 3.0; - description = "Text and HTML parts differ"; - name = "R_PARTS_DIFFER"; - } - - symbol { - weight = 2.0; - description = "Message contains empty parts and image"; - name = "R_EMPTY_IMAGE"; - } - symbol { - weight = 2.0; - description = "Drugs patterns inside message"; - name = "DRUGS_MANYKINDS"; - } - symbol { - weight = 2.0; - description = ""; - name = "DRUGS_ANXIETY"; - } - symbol { - weight = 2.0; - description = ""; - name = "DRUGS_MUSCLE"; - } - symbol { - weight = 2.0; - description = ""; - name = "DRUGS_ANXIETY_EREC"; - } - symbol { - weight = 2.0; - description = ""; - name = "DRUGS_DIET"; - } - symbol { - weight = 2.0; - description = ""; - name = "DRUGS_ERECTILE"; - } - symbol { - weight = 3.300000; - description = "2 'advance fee' patterns in a message"; - name = "ADVANCE_FEE_2"; - } - symbol { - weight = 2.120000; - description = "3 'advance fee' patterns in a message"; - name = "ADVANCE_FEE_3"; - } - symbol { - weight = 8.0; - description = "Lotto signatures"; - name = "R_LOTTO"; - } - } - - group { - name = "rbl"; - symbol { - name = "DNSWL_BLOCKED"; - weight = 0.0; - description = "Resolver blocked due to excessive queries"; - } - symbol { - name = "RCVD_IN_DNSWL"; - weight = 0.0; - description = "Unrecognised result from dnswl.org"; - } - symbol { - name = "RCVD_IN_DNSWL_NONE"; - weight = 0.0; - description = "Sender listed at http://www.dnswl.org, low none"; - } - symbol { - name = "RCVD_IN_DNSWL_LOW"; - weight = 0.0; - description = "Sender listed at http://www.dnswl.org, low trust"; - } - symbol { - name = "RCVD_IN_DNSWL_MED"; - weight = 0.0; - description = "Sender listed at http://www.dnswl.org, medium trust"; - } - symbol { - name = "RCVD_IN_DNSWL_HI"; - weight = 0.0; - description = "Sender listed at http://www.dnswl.org, high trust"; - } - - symbol { - name = "RBL_SPAMHAUS"; - weight = 0.0; - description = "Unrecognised result from Spamhaus zen"; - } - symbol { - name = "RBL_SPAMHAUS_SBL"; - weight = 2.0; - description = "From address is listed in zen sbl"; - } - symbol { - name = "RBL_SPAMHAUS_CSS"; - weight = 2.0; - description = "From address is listed in zen css"; - } - symbol { - name = "RBL_SPAMHAUS_XBL"; - weight = 4.0; - description = "From address is listed in zen xbl"; - } - symbol { - name = "RBL_SPAMHAUS_PBL"; - weight = 2.0; - description = "From address is listed in zen pbl"; - } - symbol { - name = "RECEIVED_SPAMHAUS_XBL"; - weight = 3.0; - description = "Received address is listed in zen pbl"; - one_shot = true; - } - - symbol { - name = "RWL_SPAMHAUS_WL"; - weight = 0.0; - description = "Unrecognised result from Spamhaus whitelist"; - } - symbol { - name = "RWL_SPAMHAUS_WL_IND"; - weight = 0.0; - description = "Sender listed at Spamhaus whitelist"; - } - symbol { - name = "RWL_SPAMHAUS_WL_TRANS"; - weight = 0.0; - description = "Sender listed at Spamhaus whitelist"; - } - symbol { - name = "RWL_SPAMHAUS_WL_IND_EXP"; - weight = 0.0; - description = "Sender listed at Spamhaus whitelist"; - } - symbol { - name = "RWL_SPAMHAUS_WL_TRANS_EXP"; - weight = 0.0; - description = "Sender listed at Spamhaus whitelist"; - } - - symbol { - weight = 2.0; - description = "From address is listed in senderscore.com BL"; - name = "RBL_SENDERSCORE"; - } - symbol { - weight = 1.0; - description = "From address is listed in ABUSE.CH BL"; - name = "RBL_ABUSECH"; - } - symbol { - weight = 1.0; - description = "From address is listed in UCEPROTECT LEVEL1 BL"; - name = "RBL_UCEPROTECT_LEVEL1"; - } - symbol { - name = "RBL_MAILSPIKE"; - weight = 0.0; - description = "Unrecognised result from Mailspike blacklist"; - } - symbol { - name = "RWL_MAILSPIKE"; - weight = 0.0; - description = "Unrecognised result from Mailspike whitelist"; - } - symbol { - name = "RBL_MAILSPIKE_ZOMBIE"; - weight = 2.0; - description = "From address is listed in RBL"; - } - symbol { - name = "RBL_MAILSPIKE_WORST"; - weight = 2.0; - description = "From address is listed in RBL"; - } - symbol { - name = "RBL_MAILSPIKE_VERYBAD"; - weight = 1.5; - description = "From address is listed in RBL"; - } - symbol { - name = "RBL_MAILSPIKE_BAD"; - weight = 1.0; - description = "From address is listed in RBL"; - } - symbol { - name = "RWL_MAILSPIKE_POSSIBLE"; - weight = 0.0; - description = "From address is listed in RWL"; - } - symbol { - name = "RWL_MAILSPIKE_GOOD"; - weight = 0.0; - description = "From address is listed in RWL"; - } - symbol { - name = "RWL_MAILSPIKE_VERYGOOD"; - weight = 0.0; - description = "From address is listed in RWL"; - } - symbol { - name = "RWL_MAILSPIKE_EXCELLENT"; - weight = 0.0; - description = "From address is listed in RWL"; - } - - symbol { - weight = 0.0; - name = "RBL_SORBS"; - description = "Unrecognised result from SORBS RBL"; - } - symbol { - weight = 2.5; - name = "RBL_SORBS_HTTP"; - description = "List of Open HTTP Proxy Servers."; - } - symbol { - weight = 2.5; - name = "RBL_SORBS_SOCKS"; - description = "List of Open SOCKS Proxy Servers."; - } - symbol { - weight = 1.0; - name = "RBL_SORBS_MISC"; - description = "List of open Proxy Servers not listed in the SOCKS or HTTP lists."; - } - symbol { - weight = 3.0; - name = "RBL_SORBS_SMTP"; - description = "List of Open SMTP relay servers."; - } - symbol { - weight = 1.5; - name = "RBL_SORBS_RECENT"; - description = "List of hosts that have been noted as sending spam/UCE/UBE to the admins of SORBS within the last 28 days (includes new.spam.dnsbl.sorbs.net)."; - } - symbol { - weight = 0.4; - name = "RBL_SORBS_WEB"; - description = "List of web (WWW) servers which have spammer abusable vulnerabilities (e.g. FormMail scripts)"; - } - symbol { - weight = 2.0; - name = "RBL_SORBS_DUL"; - description = "Dynamic IP Address ranges (NOT a Dial Up list!)"; - } - symbol { - weight = 1.0; - name = "RBL_SORBS_BLOCK"; - description = "List of hosts demanding that they never be tested by SORBS."; - } - symbol { - weight = 1.0; - name = "RBL_SORBS_ZOMBIE"; - description = "List of networks hijacked from their original owners, some of which have already used for spamming."; - } - - symbol { - weight = 1.0; - name = "RBL_SEM"; - description = "Address is listed in Spameatingmonkey RBL"; - } - - symbol { - weight = 1.0; - name = "RBL_SEM_IPV6"; - description = "Address is listed in Spameatingmonkey RBL (ipv6)"; - } - } - - group { - name = "bayes"; - - symbol { - weight = 3.0; - description = "Message probably spam, probability: "; - name = "BAYES_SPAM"; - } - symbol { - weight = -3.0; - description = "Message probably ham, probability: "; - name = "BAYES_HAM"; - } - } - - group { - name = "fuzzy"; - symbol { - weight = 5.0; - description = "Generic fuzzy hash match"; - name = "FUZZY_UNKNOWN"; - } - symbol { - weight = 10.0; - description = "Denied fuzzy hash"; - name = "FUZZY_DENIED"; - } - symbol { - weight = 5.0; - description = "Probable fuzzy hash"; - name = "FUZZY_PROB"; - } - symbol { - weight = -2.1; - description = "Whitelisted fuzzy hash"; - name = "FUZZY_WHITE"; - } - } - - group { - name = "spf"; - symbol { - weight = 1.0; - description = "SPF verification failed"; - name = "R_SPF_FAIL"; - } - symbol { - weight = 0.0; - description = "SPF verification soft-failed"; - name = "R_SPF_SOFTFAIL"; - } - symbol { - weight = 0.0; - description = "SPF policy is neutral"; - name = "R_SPF_NEUTRAL"; - } - symbol { - weight = -1.1; - description = "SPF verification alowed"; - name = "R_SPF_ALLOW"; - } - } - - group { - name = "dkim"; - symbol { - weight = 1.0; - description = "DKIM verification failed"; - name = "R_DKIM_REJECT"; - } - symbol { - weight = 0.0; - description = "DKIM verification soft-failed"; - name = "R_DKIM_TEMPFAIL"; - } - symbol { - weight = -1.1; - description = "DKIM verification succeed"; - name = "R_DKIM_ALLOW"; - one_shot = true; - } - } - - group { - name = "surbl"; - symbol { - weight = 5.500000; - description = "SURBL: Phishing sites"; - name = "PH_SURBL_MULTI"; - } - symbol { - weight = 5.500000; - description = "SURBL: Malware sites"; - name = "MW_SURBL_MULTI"; - } - symbol { - weight = 5.500000; - description = "SURBL: AbuseButler web sites"; - name = "AB_SURBL_MULTI"; - } - symbol { - weight = 5.500000; - description = "SURBL: SpamCop web sites"; - name = "SC_SURBL_MULTI"; - } - symbol { - weight = 5.500000; - description = "SURBL: jwSpamSpy + Prolocation sites"; - name = "JP_SURBL_MULTI"; - } - symbol { - weight = 5.500000; - description = "SURBL: sa-blacklist web sites "; - name = "WS_SURBL_MULTI"; - } - symbol { - weight = 4.500000; - description = "rambler.ru uribl"; - name = "RAMBLER_URIBL"; - } - - symbol { - weight = 0.0; - name = "SEM_URIBL_UNKNOWN"; - description = "Spameatingmonkey uribl unknown"; - } - symbol { - weight = 3.5; - name = "SEM_URIBL"; - description = "Spameatingmonkey uribl"; - } - - symbol { - weight = 0.0; - name = "SEM_URIBL_FRESH15_UNKNOWN"; - description = "Spameatingmonkey uribl unknown"; - } - symbol { - weight = 3.0; - name = "SEM_URIBL_FRESH15"; - description = "Spameatingmonkey uribl. Domains registered in the last 15 days (.AERO,.BIZ,.COM,.INFO,.NAME,.NET,.PRO,.SK,.TEL,.US)"; - } - - symbol { - weight = 0.000000; - description = "DBL uribl unknown symbol (error)"; - name = "DBL"; - } - symbol { - weight = 6.500000; - description = "DBL uribl spam"; - name = "DBL_SPAM"; - } - symbol { - weight = 6.500000; - description = "DBL uribl phishing"; - name = "DBL_PHISH"; - } - symbol { - weight = 6.500000; - description = "DBL uribl malware"; - name = "DBL_MALWARE"; - } - symbol { - weight = 5.500000; - description = "DBL uribl botnet C&C domain"; - name = "DBL_BOTNET"; - } - symbol { - weight = 6.500000; - description = "DBL uribl abused legit spam"; - name = "DBL_ABUSE"; - } - symbol { - weight = 1.500000; - description = "DBL uribl abused spammed redirector domain"; - name = "DBL_ABUSE_REDIR"; - } - symbol { - weight = 7.500000; - description = "DBL uribl abused legit phish"; - name = "DBL_ABUSE_PHISH"; - } - symbol { - weight = 7.500000; - description = "DBL uribl abused legit malware"; - name = "DBL_ABUSE_MALWARE"; - } - symbol { - weight = 5.500000; - description = "DBL uribl abused legit botnet C&C"; - name = "DBL_ABUSE_BOTNET"; - } - symbol { - weight = 0.00000; - description = "DBL uribl IP queries prohibited!"; - name = "DBL_PROHIBIT"; - } - symbol { - weight = 7.5; - description = "uribl.com black url"; - name = "URIBL_BLACK"; - } - symbol { - weight = 3.5; - description = "uribl.com red url"; - name = "URIBL_RED"; - } - symbol { - weight = 1.5; - description = "uribl.com grey url"; - name = "URIBL_GREY"; - } - symbol { - weight = 9.500000; - description = "rambler.ru emailbl"; - name = "RAMBLER_EMAILBL"; - } - } - - group { - name = "phishing"; - - symbol { - weight = 5.0; - description = "Phished mail"; - name = "PHISHING"; - } - } - - group { - name = "date"; - - symbol { - weight = 4.0; - description = "Message date is in future"; - name = "DATE_IN_FUTURE"; - } - symbol { - weight = 1.0; - description = "Message date is in past"; - name = "DATE_IN_PAST"; - } - symbol { - weight = 1.0; - description = "Message date is missing"; - name = "MISSING_DATE"; - } - } - - group { - name = "hfilter"; - - symbol { - weight = 3.00; - name = "HFILTER_HELO_BAREIP"; - description = "Helo host is bare ip"; - } - symbol { - weight = 4.50; - name = "HFILTER_HELO_BADIP"; - description = "Helo host is very bad ip"; - } - symbol { - weight = 2.00; - name = "HFILTER_HELO_UNKNOWN"; - description = "Helo host empty or unknown"; - } - symbol { - weight = 0.5; - name = "HFILTER_HELO_1"; - description = "Helo host checks (very low)"; - } - symbol { - weight = 1.00; - name = "HFILTER_HELO_2"; - description = "Helo host checks (low)"; - } - symbol { - weight = 2.00; - name = "HFILTER_HELO_3"; - description = "Helo host checks (medium)"; - } - symbol { - weight = 2.50; - name = "HFILTER_HELO_4"; - description = "Helo host checks (hard)"; - } - symbol { - weight = 3.00; - name = "HFILTER_HELO_5"; - description = "Helo host checks (very hard)"; - } - symbol { - weight = 0.5; - name = "HFILTER_HOSTNAME_1"; - description = "Hostname checks (very low)"; - } - symbol { - weight = 1.00; - name = "HFILTER_HOSTNAME_2"; - description = "Hostname checks (low)"; - } - symbol { - weight = 2.00; - name = "HFILTER_HOSTNAME_3"; - description = "Hostname checks (medium)"; - } - symbol { - weight = 2.50; - name = "HFILTER_HOSTNAME_4"; - description = "Hostname checks (hard)"; - } - symbol { - weight = 3.00; - name = "HFILTER_HOSTNAME_5"; - description = "Hostname checks (very hard)"; - } - symbol { - weight = 0.20; - name = "HFILTER_HELO_NORESOLVE_MX"; - description = "MX found in Helo and no resolve"; - } - symbol { - weight = 0.3; - name = "HFILTER_HELO_NORES_A_OR_MX"; - description = "Helo no resolve to A or MX"; - } - symbol { - weight = 1.00; - name = "HFILTER_HELO_IP_A"; - description = "Helo A IP != hostname IP"; - } - symbol { - weight = 2.00; - name = "HFILTER_HELO_NOT_FQDN"; - description = "Helo not FQDN"; - } - symbol { - weight = 0.5; - name = "HFILTER_FROMHOST_NORESOLVE_MX"; - description = "MX found in FROM host and no resolve"; - } - symbol { - weight = 1.50; - name = "HFILTER_FROMHOST_NORES_A_OR_MX"; - description = "FROM host no resolve to A or MX"; - } - symbol { - weight = 3.00; - name = "HFILTER_FROMHOST_NOT_FQDN"; - description = "FROM host not FQDN"; - } - symbol { - weight = 0.00; - name = "HFILTER_FROM_BOUNCE"; - description = "Bounce message"; - } - symbol { - weight = 0.50; - name = "HFILTER_MID_NORESOLVE_MX"; - description = "MX found in Message-id host and no resolve"; - } - symbol { - weight = 0.50; - name = "HFILTER_MID_NORES_A_OR_MX"; - description = "Message-id host no resolve to A or MX"; - } - symbol { - weight = 0.50; - name = "HFILTER_MID_NOT_FQDN"; - description = "Message-id host not FQDN"; - } - symbol { - weight = 4.00; - name = "HFILTER_HOSTNAME_UNKNOWN"; - description = "Unknown hostname (no PTR or no resolve PTR to hostname)"; - } - symbol { - weight = 1.50; - name = "HFILTER_RCPT_BOUNCEMOREONE"; - description = "Message from bounce and over 1 recepient"; - } - symbol { - weight = 3.50; - name = "HFILTER_URL_ONLY"; - description = "URL only in body"; - } - symbol { - weight = 2.20; - name = "HFILTER_URL_ONELINE"; - description = "One line URL and text in body"; - } - } - - group { - name = "dmarc"; - - symbol { - weight = -1.0; - name = "DMARC_POLICY_ALLOW"; - description = "DMARC permit policy"; - } - symbol { - weight = 2.0; - name = "DMARC_POLICY_REJECT"; - description = "DMARC reject policy"; - } - symbol { - weight = 1.5; - name = "DMARC_POLICY_QUARANTINE"; - description = "DMARC quarantine policy"; - } - symbol { - weight = 0.1; - name = "DMARC_POLICY_SOFTFAIL"; - description = "DMARC failed"; - } - } -} diff --git a/data/templates/rspamd/metrics.conf.override b/data/templates/rspamd/metrics.conf.override new file mode 100644 index 000000000..583280e70 --- /dev/null +++ b/data/templates/rspamd/metrics.conf.override @@ -0,0 +1,8 @@ +# Metrics settings +# This define overridden options. + +actions { + reject = 21; + add_header = 8; + greylist = 4; +} diff --git a/debian/control b/debian/control index 4c6279114..2053e9d60 100644 --- a/debian/control +++ b/debian/control @@ -24,7 +24,7 @@ Depends: ${python:Depends}, ${misc:Depends} , nginx-extras (>=1.6.2), php5-fpm, php5-ldap, php5-intl , dnsmasq, openssl, avahi-daemon , ssowat, metronome - , rspamd, rmilter (>=1.7.0), redis-server, opendkim-tools + , rspamd (>= 1.2.0), rmilter (>=1.7.0), redis-server, opendkim-tools Recommends: yunohost-admin , openssh-server, ntp, inetutils-ping | iputils-ping , bash-completion, rsyslog