mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2024-05-26 20:06:13 +02:00
Replace SpamAssassin with Rspamd
Switching to Rspamd has some advantages: * It is probably faster than SA[1] (C + Lua vs Perl) * We can reduce the number of moving parts. Rspamd has built-in DKIM signing, greylisting, DMARC checking to name a few * It doesn't just mark the mail as spam/not-spam, it gives every mail a score and depending on the score it does either: nothing, greylist it, mark it as spam or reject it[2] (more actions is available and it can be tweaked) * Replies whitelisting[3] * It supports ARC signing, which can be useful * A cool looking WebUi :) * ... and more[4]... [1] https://rspamd.com/doc/tutorials/migrate_sa.html#why-migrate-to-rspamd [2] https://rspamd.com/doc/faq.html#what-are-rspamd-actions [3] https://rspamd.com/doc/modules/replies.html [4] https://rspamd.com/comparison.html
This commit is contained in:
parent
f853a2923a
commit
bcf1c981bb
|
@ -27,7 +27,7 @@
|
|||
- { role: borg_client, tags: ["borg"] }
|
||||
- { role: certbot }
|
||||
- { role: nginx }
|
||||
- { role: spampd, tags: ["mail"] }
|
||||
- { role: rspamd, tags: ["mail"] }
|
||||
- { role: unbound, tags: ["mail"] }
|
||||
- { role: postfix, postfix_relayhost: "mail.archlinux.org", postfix_smtpd_public: true, postfix_patchwork_enabled: true, tags: ["mail"] }
|
||||
- { role: opendkim, dkim_selector: apollo, tags: ['mail'] }
|
||||
|
|
|
@ -26,7 +26,7 @@
|
|||
- firewall
|
||||
roles:
|
||||
- nginx
|
||||
- spampd
|
||||
- rspamd
|
||||
- { role: mariadb, mariadb_query_cache_type: '0', mariadb_innodb_file_per_table: True }
|
||||
# luna is hosting mailman lists; this postfix role does not cater to this yet
|
||||
# TODO: make postfix role handle mailman config?
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
- { role: certbot }
|
||||
- { role: postfix, postfix_server: true, postfix_smtpd_public: true, tags: ['mail'] }
|
||||
- { role: dovecot }
|
||||
- { role: spampd, tags: ["mail"] }
|
||||
- { role: rspamd, tags: ["mail"] }
|
||||
- { role: unbound, tags: ["mail"] }
|
||||
- { role: postfwd, tags: ['mail'] }
|
||||
- { role: archusers }
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
- { role: borg_client, tags: ['borg'] }
|
||||
- { role: opendkim, dkim_selector: orion, tags: ['mail'] }
|
||||
- { role: dovecot }
|
||||
- { role: spampd, tags: ["mail"] }
|
||||
- { role: rspamd, tags: ["mail"] }
|
||||
- { role: unbound, tags: ["mail"] }
|
||||
- { role: postfwd, tags: ['mail'] }
|
||||
- { role: postfix, postfix_server: true, postfix_smtpd_public: true, tags: ['mail'] }
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
require ["mailbox", "fileinto"];
|
||||
if header "X-Spam" "Yes"{
|
||||
fileinto :create "Junk";
|
||||
stop;
|
||||
}
|
|
@ -3,3 +3,7 @@
|
|||
- name: reload dovecot
|
||||
service: name=dovecot state=restarted
|
||||
|
||||
- name: run sievec
|
||||
command: /usr/bin/sievec /etc/dovecot/sieve/{{ item }}
|
||||
loop:
|
||||
- spam-to-folder.sieve
|
||||
|
|
|
@ -18,6 +18,14 @@
|
|||
- name: install PAM config
|
||||
copy: src=pam.d.dovecot dest=/etc/pam.d/dovecot mode=0644 owner=root group=root
|
||||
|
||||
- name: create dovecot sieve dir
|
||||
file: path=/etc/dovecot/sieve state=directory owner=root group=root mode=0755
|
||||
|
||||
- name: install spam-to-folder.sieve
|
||||
copy: src=spam-to-folder.sieve dest=/etc/dovecot/sieve/ mode=0644 owner=root group=root
|
||||
notify:
|
||||
- run sievec
|
||||
|
||||
- name: install dovecot cert renewal hook
|
||||
template: src=letsencrypt.hook.d.j2 dest=/etc/letsencrypt/hook.d/dovecot owner=root group=root mode=0755
|
||||
|
||||
|
|
|
@ -44,6 +44,7 @@ plugin {
|
|||
sieve_dir = ~/.sieve
|
||||
sieve_global_dir = /etc/dovecot/sieve/global/
|
||||
sieve_global_path = /etc/dovecot/sieve/default.sieve
|
||||
sieve_before = /etc/dovecot/sieve/spam-to-folder.sieve
|
||||
|
||||
mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
|
||||
mail_log_fields = uid box msgid size
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
/X-Spam-Status: Yes,/ REJECT Your message has been rejected by Spamassassin
|
|
@ -165,8 +165,8 @@ submission_recipient_restrictions=
|
|||
permit_sasl_authenticated,
|
||||
reject
|
||||
|
||||
smtpd_milters=unix:/var/spool/opendkim/opendkim
|
||||
non_smtpd_milters=unix:/var/spool/opendkim/opendkim
|
||||
smtpd_milters=unix:/var/spool/opendkim/opendkim inet:localhost:11332
|
||||
non_smtpd_milters=unix:/var/spool/opendkim/opendkim inet:localhost:11332
|
||||
|
||||
# Pass internal mails through filters so they get signed by opendkim
|
||||
# XXX: Be careful not to have filters that may reject mails!
|
||||
|
|
|
@ -14,7 +14,6 @@
|
|||
# ==========================================================================
|
||||
{% if postfix_smtpd_public %}
|
||||
smtp inet n - n - - smtpd
|
||||
-o smtpd_proxy_filter=[127.0.0.1]:10025
|
||||
-o smtpd_client_connection_count_limit=20
|
||||
-o smtpd_proxy_options=speed_adjust
|
||||
{% else %}
|
||||
|
@ -30,7 +29,6 @@ submission inet n - n - - smtpd
|
|||
-o smtpd_tls_security_level=encrypt
|
||||
-o smtpd_sasl_auth_enable=yes
|
||||
-o smtpd_recipient_restrictions=$submission_recipient_restrictions
|
||||
-o content_filter=smtp:[127.0.0.1]:10025
|
||||
-o smtpd_client_connection_count_limit=10
|
||||
#-o smtpd_milters=unix:/var/spool/opendkim/opendkim
|
||||
{% endif %}
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
- name: install redis
|
||||
pacman: name=redis state=present
|
||||
|
||||
- name: start and enable redis
|
||||
service: name=redis enabled=yes state=started
|
|
@ -0,0 +1,2 @@
|
|||
systemd = true;
|
||||
type = "console";
|
|
@ -0,0 +1,3 @@
|
|||
extended_spam_headers = true;
|
||||
use = ["authentication-results"];
|
||||
authenticated_headers = ["authentication-results"];
|
|
@ -0,0 +1,2 @@
|
|||
write_servers = "127.0.0.1";
|
||||
read_servers = "127.0.0.1";
|
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
- name: reload rspamd
|
||||
service: name=rspamd state=reloaded
|
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: redis
|
|
@ -0,0 +1,11 @@
|
|||
---
|
||||
- name: install rspamd
|
||||
pacman: name=rspamd state=present
|
||||
|
||||
- name: install config
|
||||
copy: src=local.d/ dest=/etc/rspamd/local.d/ owner=root group=root mode=0644
|
||||
notify:
|
||||
- reload rspamd
|
||||
|
||||
- name: start and enable rspamd
|
||||
service: name=rspamd enabled=yes state=started
|
|
@ -1,9 +0,0 @@
|
|||
[Trigger]
|
||||
Operation = Install
|
||||
Operation = Upgrade
|
||||
Type = Package
|
||||
Target = spamassassin
|
||||
|
||||
[Action]
|
||||
When = PostTransaction
|
||||
Exec = /usr/bin/systemctl start sa-update.service
|
|
@ -1,6 +0,0 @@
|
|||
[Unit]
|
||||
Description=sa-update
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/usr/local/bin/sa-update.sh
|
|
@ -1,15 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
/usr/bin/vendor_perl/sa-update --channelfile /etc/mail/spamassassin/update-channels --gpgkeyfile /etc/mail/spamassassin/update-gpgkeys || {
|
||||
exitcode=$?
|
||||
if ((exitcode == 1)); then
|
||||
exit 0
|
||||
else
|
||||
echo "sa-update failed"
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
/usr/bin/vendor_perl/sa-compile --quiet
|
||||
systemctl restart spampd
|
|
@ -1,8 +0,0 @@
|
|||
[Unit]
|
||||
Description=sa-update
|
||||
|
||||
[Timer]
|
||||
OnCalendar=*-*-* 00:05:00
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
|
@ -1,5 +0,0 @@
|
|||
updates.spamassassin.org
|
||||
|
||||
# temporarily disabled due to missing compatability with SA 3.4.2 (missing sha256/512 checksum files)
|
||||
#sought.rules.yerp.org
|
||||
#sa.zmi.at
|
|
@ -1,5 +0,0 @@
|
|||
# sa.zmi.at
|
||||
40F74481
|
||||
|
||||
# sought.rules.yerp.org
|
||||
6C6191E3
|
|
@ -1,41 +0,0 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v1.4.1 (GNU/Linux)
|
||||
|
||||
mQGiBEa/l+YRBACC+uJfIThEoEWrNxdDD/1tAwb5L8v7H3gGt+LtuOwwn5ZU7XsT
|
||||
s1DOok1oZVRnTQJYdlth7QlU9wqijwLEVzW1LDWnxXXKwPmlTlkcdGoBcb+cBbYI
|
||||
miJ/TlAetvbprcZdROS4Ey31GjPRmWPPnVE2Xcwy+e4+RmnhqfZBmOaE7wCgo1GG
|
||||
pkik2OPD1le4LGGOGHL5HiED/0TyvTiSS3NnUtoDFQAPrnezOCjxv8zMjYEnJs/I
|
||||
h7uyIgHRsbB75cD2O1LWyO8Vz8r/snVuG35zcZagPf/7Tc9AJoaxVmCIk9DEmWZp
|
||||
iuvqpMhwHAbNvY3jY2oKsDl1rNx0IIctoJwjXia99kvNTHK/Yz/HqhIyLModhiMB
|
||||
aYYZA/wIdPOHGHaP5vjlbWBwGlRR9m0Rf4ob5sul8MjCyehOYcRVLwfOEfzX308v
|
||||
0enOGnbbBKXU2QvA0Z068aBmJkJaaPhlIjZApQJDsb7pt6k8jMPj/Xpr779wAFQ8
|
||||
IZC7Tw21OtqkjrUb3dZlEljrTwWNc6FVxuIidBBg7HCdP24WKLRESnVzdGluIE1h
|
||||
c29uIFNpZ25pbmcgS2V5IChDb2RlIFNpZ25pbmcgT25seSkgPHNpZ25pbmdrZXlA
|
||||
am1hc29uLm9yZz6IZAQTEQIAJAUCRr+X5gIbAwUJEswDAAYLCQgHAwIDFQIDAxYC
|
||||
AQIeAQIXgAAKCRDchTQfbGGR4/GJAKCC6X6AF8nM+H00b/XeZl9vYihXBgCcDYuU
|
||||
AtXjWWxndkneakmbnD0O4Z25BA0ERr+YdxAQAIYYUQHMzVsRAzpIRLfni0aeczrr
|
||||
armwXMJ8y5p74lVLbJyQOjkQyIJWP80twrN8SjNyUFBr/52SlOPOuAbGZY1ZKpux
|
||||
vkbsug2wWvkoj8xGjnexrSDahRgpNhf/otLRNTyUFZTM6mjZt0ItnYDl6xszY4kd
|
||||
O5rVzjQuivNB4BsHcd8qQ7zVo9+VZ5R77iM4dtk6t5ycpXlAom5pD8qLb7ZzTVe0
|
||||
SuhzOeynF51rwjS+wa3hzZisvJqZA5uJcAyYslgP1UTW+2e5wutSktSZmL/XnlEF
|
||||
p86GPjAgDPL2Q0TgzVL6sPt0blNCyzOJrcBqBHrgZfraYgqtmGepLpk72q4VD23c
|
||||
aV2wTqjnfJAsNR3y8jgVNwF8LpXtlbxrBByFRwEqsc/gzdMEnJ728XBDqT2IhZLY
|
||||
maL/WxiDKNWD/Mae69HTyInIYgrfT7nJKDeKQA81+e5+UmqBVoi5/AICMlDm1DgR
|
||||
gG6bbOXGhLVPh+gHjGG4Jdd/ZLedncUsjW9KyK261sqM3tSDSfgnF99w2/32ToFu
|
||||
ChN8JOfQ6VZ7QbL1BWRtQWZ3tyauUUXmsrYDv1w1nx51MqxQdlitnmTRWaRW0GmD
|
||||
b5XapJfSK+FiGXaynl3HHxHHpcUauX9zBa/LRp8oXiGPLfJEWmjWcGCyGZawASj3
|
||||
pTTJUnbkYs0fUyUXAAQND/42mh8f3mTA+24I3lY4K8mxH9GSFgOkLoYwok8xL5Md
|
||||
OUJAyvs34ixqvM2u560YJkegEO/xzg2abddfoqL8eNnjfvG3bI7KOCT+m+mM/5Cg
|
||||
ul8XFSnHIEivuOXNtc/x/dwYSidKM8atkdpKtv++psd6hVbJQMfLlzf0S2QyiaGk
|
||||
yXur/pM3A97lvkjAgvIKQt8NbJ/sITFlrN2TFxcbE8OED7LC4nBo54TJ1AxVsHlT
|
||||
LB5XPKU8pBv0fABZrNKxf6a2iXx9jT9sSYdnb0y+hBjnoWZUNbhxo6jpAqt1quUy
|
||||
buGWugvG8J75JvT6X+lwEEkg1lplmm+HuaFtegOqTUTKmffKduY+E00le+3Kh8gW
|
||||
bLR8P1qp/xnxQxZJYcQ+mT4QsYpj6Pkcj0ON3NQO5wP6dr2UGhGcSzS2Cxv8TERN
|
||||
7HSdFbFXQWPCekx+i7OjeRSY/XTUf2zYquPNP2oU0MjgnXhnkHq+6EaQPpM59fMd
|
||||
MyLeOiUMOxpPOkeaAC8Ku0Oj2aZU/eyizuBDnhq1PAxBprSW5SSkxP4kz9BnA42x
|
||||
tkMKMzzPohdfMIRI6zSu0chr76w2UeoViSsMtmWnR6qAXbQvzR+HHxhhB/Rzp6Gc
|
||||
u9gybrv58IBkybn5ztST6NqgIgcQ/E7XIsB0Eooohfw+QiPlCdoghSxspbzwqcEZ
|
||||
B4hPBBgRAgAPBQJGv5h3AhsMBQkSzAMAAAoJENyFNB9sYZHjUh0AnA3u5TNYHGLQ
|
||||
DXLPP0qWHkTeOz8dAJ4wkrLBTaXz3CPCjoTdoBiQsNt3fw==
|
||||
=nK43
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
|
@ -1,52 +0,0 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v2.0.12 (GNU/Linux)
|
||||
|
||||
mQINBE9CEIwBEACb16mHs381gLlwiAMP1YpGpjZ82U9cJfjX3okCvhFCSnlvDzad
|
||||
fj3J3sVX96aDKkeqg6CLFuNtw0FjzxG3UUCI5IqPplJqGlmpzrznUYpNP4t9cXaN
|
||||
5lUdhzlZzbICM3E3o9BjdhGajfbmd2zrNJJOjFXblN/gWatOo9NPTP0L3s6wx/EF
|
||||
AEtWJUI9Ohn+jl53p9Kog/GIITD7UPT7mRkd3iwXHVj3yl9hgK0cXX5iP5rIkK+v
|
||||
FXHXMyaL0/ZwEe7cpC9wvPGK4LNrG/HiI9bIJJqqmXbIUB6Z0OJ9Gas3LcI/O3/i
|
||||
jMLs2cAw2PlY60bG9QLrgI68SpksMZQfAg6FGCdu6Oj3rvcXMXrxO8xOwv3roQjh
|
||||
QZVYEik6xxepjtLf37ua5+rXgq0B/nhzKgwByR2UTpaYhTRJwOgNruaE+ViE+21N
|
||||
nNLngtKkFuna8kS+AQtVvgmiXhVn8fcHGOsfFqc+e/RFLS+iZAaxg1sPy7sDn+ab
|
||||
vmXHyep7lAyezmFn98cCkjK13Gmi5CZELCFlT2yewtjUVfToG9R+yLNFLoCLLGFK
|
||||
cVwNRn6PGzEeTNjP82w+wIi2zT7YLV42SJDrVfARPsyKU2Xpbo2KDcdbd1cXTPRd
|
||||
rnWQxPGPajA3ovRaVlhNhwzUY34SwB9JIcCiEsOpCUky1als/8LGh/2jtQARAQAB
|
||||
tC5zYS56bWkuYXQgKHNhLXVwZGF0ZSBrZXkpIDxzcGFtLWdlcm1hbkB6bWkuYXQ+
|
||||
iQI8BBMBAgAmBQJPQhCMAhsDBQkSzAMABgsJCAcDAgQVAggDBBYCAwECHgECF4AA
|
||||
CgkQrsKK2UD3RIErLw/+JXbmcPRbEIefVtPh6Um7/MFEMd5TLy70OmjrBaTnEx6Z
|
||||
LAsvj0qBT/V3VAQw8TT1XaiLSlNyxY1bp9pVQdO4RhMV1g4VGWiV1SA/W2beqJGo
|
||||
oRWQuvyRqQkJAC0x1MVjnCWo0d0FGO9fE9xlifX6pSGcjEwTPjktilGwF3VihFJ1
|
||||
OevMhH73L+a8GytxdgZMVFpAL8JNdGE3d/mpuNV4igzriP8lNiAXz3SoA4pE76Bm
|
||||
lRj1AXgp/ITDSNiVpBCtQijMI701EwFpvdtd1hnVxqqDvs7Tlti8Ulqda0MP82xQ
|
||||
hkoPzQxxww7drqmvmHsEqt5noJiCtsgS1Xjuzwk2UDVL5AL5d0Af2uMkRFPUFsRy
|
||||
ZwtqYPZ8mTwjeykuXDnGmpiMuQEFj+efRd3Fs3IGrZBYb/bAuH4ciwuCde45V6Q5
|
||||
LkZkzxb73qrDuBn32Szr9KrQ8oW4mVtfqek/QiU6ODnNw5ED1fQ7Q0rFqB46IFNK
|
||||
8OE7qE0fSA2679uiPMJDPw6S3QtCTaRwhfmrG/fYXWwNlr/k3IoWW5kHEuSzbXdq
|
||||
U0Vm96HBxfFnHK75zC5QBxRHxYoO314+NeS+aJqDjLoZ7Jmcr9vs1e7asKndwEWI
|
||||
fJoTP+RHfoNKvu/t5mKzCuK/1Dl1nrsfSgQzLoOF48r4BQelg2xgzvhPHsd9eIm5
|
||||
Ag0ET0IQjAEQAMv0ZQ5qdUjZzb8R1GwnvuQxmltsZr/ArZMNs6XxP8JaVmT9877p
|
||||
7j80P34+RI45o8ITsJiphurlSh15hWqA8BamaYu2gvmOAGAaAvUTsZDzHaIfcpzi
|
||||
3kFeMqpoUFs9A3m2Dv5kbI23ALe4pZbG29ZtqgLXBIQc7JqVlxTO6mvL4/ME9JRz
|
||||
3cBHbd31ZGdavUHCR2pN8Pu/GbDacoEITkQwZBbJgfzY9/1p7w5xKQ9GcZfycHZ5
|
||||
GhtvepsDDFU10JWK+Ey4amvzt3jfjrmTFmh9YH/rk3aWMfayIjtSg/mxWGk4OegC
|
||||
+BdEf7VAX0T9UXQDenbdGEpi6C9KI/wzDS1hUUNpud8kp/HVlPXD6kcbdJ6acu70
|
||||
Xw98rAkh3dnep4NzP5YjZVRCg+rd31BbmjHEuJ10KoFDnv8L3vve6PmvvRzKE9LM
|
||||
aMSB+YRxYvgbnxExA84w7wtJjY3LGNZS9xyD+WM1SzEuMEmALImnIXG/N7MXvGSc
|
||||
gM1dJo5fArKOUc0GGejKJY0vcZ8UcofucxJADR/zflPj3/oOtTVdz/+f2DZLbClv
|
||||
wAHg/h2ehK/jk4sW5JXIcIoYRCVKznPEZdouoav4Mxf9xk4ol6foY/Ppy+cu28zR
|
||||
Wikv2bpPKXjp9qqFCAts0HLDDlIRkNLI6Be7IsZxUdlrAzJoNY9LkgMJABEBAAGJ
|
||||
AiUEGAECAA8FAk9CEIwCGwwFCRLMAwAACgkQrsKK2UD3RIG3gA//VGJ151ovYmqz
|
||||
AVLdgxl7n1oSMpShJ5I6N88tANE2oMum9OvRDcUWh3hA0I460j6fxXf2JvddPR0c
|
||||
zU5dj5N8VlOtgItLCA0PkfrH3hdKhkDjtAnUbw5BloprfmoE2xfTJvRFsVh/dvkD
|
||||
aKVrV4iMmY0q/r6+NGynRqkObelii0lhwQnbXxayP0/3i4d65SumtUqX6tfswkih
|
||||
TvK97aO5YCGiJzYJGVWqBx6hGql6bng/bNfEAcAB+5zai2/uLRt9gk/IMz8Rjpy0
|
||||
rdn/IlpZMA4N+pGWqJf/VC2xLAlMH5T6GVPHUbPMm9R/BM4BJwfAFZwRphfkCVPs
|
||||
IhWHIbJlMQely+t3PEW9IgmyoD6GDXAUZyV3lGA3F8maQHltHl5GB8H9wXF4ptQs
|
||||
LXjWTTOmnsVN5l1N1FXFpg1LMcqQoicQWe6CJTDdLgrGlcPCQa0oUloO5SKmmXGB
|
||||
j1Ig8enxET7v60fQ75KReZewsrn3Ni7DKw4W3o5clFBO17UZcY559U5EfWnvwlCl
|
||||
oht87m+PqpRLod2mFSh8JJg6Z0QCThGOMGjS85E9v8OtaQCnowqKic5k9UKy7jTB
|
||||
hn2BBVMy9dqnVyh6O0RZ8lvt2bGbfgOYrBoP50A4tbJ33jpnfov282h937Vq3ayi
|
||||
cbXphKHfpKOu3R5vADTEhpF06HS7dfg=
|
||||
=bBTm
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
|
@ -1,7 +0,0 @@
|
|||
---
|
||||
|
||||
- name: restart spampd
|
||||
service: name=spampd state=restarted
|
||||
|
||||
- name: restart sa-update
|
||||
service: name=sa-update state=restarted
|
|
@ -1,72 +0,0 @@
|
|||
---
|
||||
|
||||
# make and gcc are required for sa-compile
|
||||
- name: install spampd and dependencies
|
||||
pacman: name=spampd,make,gcc,razor state=present
|
||||
|
||||
- name: install sa-update.sh
|
||||
copy: src=sa-update.sh dest=/usr/local/bin/sa-update.sh owner=root group=root mode=0755
|
||||
notify:
|
||||
- restart sa-update
|
||||
|
||||
- name: install support files
|
||||
copy: src={{ item }} dest=/etc/mail/spamassassin/{{ item }} owner=root group=root mode=0644
|
||||
with_items:
|
||||
- update-gpgkeys
|
||||
- update-channels
|
||||
- yerp.gpg.key
|
||||
- zmi.gpg.key
|
||||
|
||||
- name: install systemd timers
|
||||
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
|
||||
with_items:
|
||||
- sa-update.timer
|
||||
- sa-update.service
|
||||
notify:
|
||||
- systemd daemon reload
|
||||
|
||||
- name: create pacman.d hooks dir
|
||||
file: state=directory path="/etc/pacman.d/hooks" owner=root group=root mode=0755
|
||||
|
||||
- name: install pacman sa-update hook
|
||||
copy: src=sa-update.hook dest=/etc/pacman.d/hooks/sa-update.hook owner=root group=root mode=0644
|
||||
|
||||
- name: create sa-update keyring directory
|
||||
file: path=/etc/mail/spamassassin/sa-update-keys mode=700 owner=root group=root state=directory
|
||||
|
||||
- name: add gpg keys to SA keyring
|
||||
command: /usr/bin/vendor_perl/sa-update --import "/etc/mail/spamassassin/{{ item }}"
|
||||
with_items:
|
||||
- yerp.gpg.key
|
||||
- zmi.gpg.key
|
||||
register: sa-update
|
||||
changed_when: "sa-update.rc == 0"
|
||||
|
||||
- name: install SA configs
|
||||
template: src={{ item }}.j2 dest=/etc/mail/spamassassin/{{ item }} owner=root group=root mode=0644
|
||||
notify:
|
||||
restart spampd
|
||||
loop:
|
||||
- local.cf
|
||||
- rules-en.cf
|
||||
|
||||
- name: check SA config validity
|
||||
command: /usr/bin/vendor_perl/spamassassin --lint
|
||||
changed_when: false
|
||||
|
||||
- name: activate systemd timers
|
||||
service: name={{ item }} enabled=yes state=started
|
||||
with_items:
|
||||
- sa-update.timer
|
||||
|
||||
- name: remove override directory
|
||||
file: path=/etc/systemd/system/spampd.service.d/ state=absent
|
||||
notify:
|
||||
- restart spampd
|
||||
|
||||
- name: start spampd
|
||||
systemd:
|
||||
name: spampd
|
||||
enabled: yes
|
||||
state: started
|
||||
daemon_reload: yes
|
|
@ -1,325 +0,0 @@
|
|||
# This is the right place to customize your installation of SpamAssassin.
|
||||
#
|
||||
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
|
||||
# tweaked.
|
||||
#
|
||||
# Only a small subset of options are listed below
|
||||
#
|
||||
###########################################################################
|
||||
|
||||
dns_server 127.0.0.1
|
||||
|
||||
# Add *****SPAM***** to the Subject header of spam e-mails
|
||||
#
|
||||
# rewrite_header Subject *****SPAM*****
|
||||
|
||||
|
||||
# Save spam messages as a message/rfc822 MIME attachment instead of
|
||||
# modifying the original message (0: off, 2: use text/plain instead)
|
||||
#
|
||||
# report_safe 1
|
||||
|
||||
|
||||
# Set which networks or hosts are considered 'trusted' by your mail
|
||||
# server (i.e. not spammers)
|
||||
#
|
||||
# trusted_networks 212.17.35.
|
||||
|
||||
|
||||
# Set file-locking method (flock is not safe over NFS, but is faster)
|
||||
#
|
||||
# lock_method flock
|
||||
|
||||
|
||||
# Set the threshold at which a message is considered spam (default: 5.0)
|
||||
#
|
||||
required_score 5.0
|
||||
|
||||
|
||||
# Use Bayesian classifier (default: 1)
|
||||
#
|
||||
# use_bayes 1
|
||||
|
||||
|
||||
# Bayesian classifier auto-learning (default: 1)
|
||||
#
|
||||
# bayes_auto_learn 1
|
||||
|
||||
|
||||
# Set headers which may provide inappropriate cues to the Bayesian
|
||||
# classifier
|
||||
#
|
||||
# bayes_ignore_header X-Bogosity
|
||||
# bayes_ignore_header X-Spam-Flag
|
||||
# bayes_ignore_header X-Spam-Status
|
||||
|
||||
#whitelist_to postmaster@*
|
||||
# Whether to decode non- UTF-8 and non-ASCII textual parts and recode
|
||||
# them to UTF-8 before the text is given over to rules processing.
|
||||
#
|
||||
# normalize_charset 1
|
||||
|
||||
# Some shortcircuiting, if the plugin is enabled
|
||||
#
|
||||
ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
|
||||
#
|
||||
# default: strongly-whitelisted mails are *really* whitelisted now, if the
|
||||
# shortcircuiting plugin is active, causing early exit to save CPU load.
|
||||
# Uncomment to turn this on
|
||||
#
|
||||
#shortcircuit USER_IN_WHITELIST ham
|
||||
#shortcircuit USER_IN_WHITELIST_TO ham
|
||||
# shortcircuit USER_IN_DEF_WHITELIST on
|
||||
# shortcircuit USER_IN_ALL_SPAM_TO on
|
||||
# shortcircuit SUBJECT_IN_WHITELIST on
|
||||
|
||||
# the opposite; blacklisted mails can also save CPU
|
||||
#
|
||||
#shortcircuit USER_IN_BLACKLIST on
|
||||
#shortcircuit USER_IN_BLACKLIST_TO on
|
||||
# shortcircuit SUBJECT_IN_BLACKLIST on
|
||||
|
||||
# if you have taken the time to correctly specify your "trusted_networks",
|
||||
# this is another good way to save CPU
|
||||
#
|
||||
# shortcircuit ALL_TRUSTED on
|
||||
|
||||
# and a well-trained bayes DB can save running rules, too
|
||||
#
|
||||
# shortcircuit BAYES_99 spam
|
||||
# shortcircuit BAYES_00 ham
|
||||
|
||||
endif # Mail::SpamAssassin::Plugin::Shortcircuit
|
||||
|
||||
loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody
|
||||
|
||||
add_header all Status _YESNO_, score=_SCORE_ required=_REQD_ tests=_TESTSSCORES_ autolearn=_AUTOLEARN_ version=_VERSION_
|
||||
|
||||
# enable SPF plugin
|
||||
loadplugin Mail::SpamAssassin::Plugin::SPF
|
||||
|
||||
# disable suspicious IADB stuff (they whitelisted some spam mails)
|
||||
score __RCVD_IN_IADB 0
|
||||
|
||||
# reduce the positive weight of returnpath CERTIFIED/SAFE results
|
||||
score RCVD_IN_RP_CERTIFIED -0.01 # default -3
|
||||
score RCVD_IN_RP_SAFE -0.001 # default -2
|
||||
|
||||
# increase scores of some rules
|
||||
score RCVD_IN_BL_SPAMCOP_NET 3.5
|
||||
score RCVD_IN_SBL 3.5
|
||||
score RCVD_IN_XBL 3.5
|
||||
score URIBL_DBL_SPAM 3.5
|
||||
score URIBL_SBL 3.5
|
||||
score URIBL_BLACK 3.0
|
||||
score URIBL_SBL_A 1.0
|
||||
score RCVD_IN_SORBS_SPAM 3.5
|
||||
score RCVD_IN_BRBL_LASTEXT 2.0
|
||||
score URIBL_ABUSE_SURBL 2.0
|
||||
score SPF_HELO_SOFTFAIL 0.25
|
||||
score SPF_HELO_FAIL 0.5
|
||||
score SPF_SOFTFAIL 0.25
|
||||
score SPF_FAIL 0.5
|
||||
|
||||
score RDNS_NONE 3.5
|
||||
score RDNS_DYNAMIC 1.6
|
||||
score HELO_MISC_IP 0.25
|
||||
score UNPARSEABLE_RELAY 1.0
|
||||
score FREEMAIL_FORGED_REPLYTO 2.0
|
||||
|
||||
score BAYES_00 -1.0
|
||||
score BAYES_05 -0.5
|
||||
score BAYES_20 0
|
||||
score BAYES_40 1.0
|
||||
score BAYES_50 1.25
|
||||
#score BAYES_60 3.0
|
||||
#score BAYES_80 3.5
|
||||
#score BAYES_90 4.0
|
||||
#score BAYES_95 4.9
|
||||
#score BAYES_99 5.0
|
||||
|
||||
score MISSING_HEADERS 1.3
|
||||
score LOTS_OF_MONEY 0.5
|
||||
score FREEMAIL_FROM 0.5
|
||||
score DKIM_INVALID 1.0
|
||||
|
||||
score MONEY_FRAUD_3 0.75
|
||||
score MONEY_FRAUD_5 1.0
|
||||
score MONEY_FRAUD_8 1.25
|
||||
|
||||
score UPPERCASE_50_75 2.5
|
||||
score UPPERCASE_75_100 3.0
|
||||
|
||||
# NIX
|
||||
header RCVD_IN_NIX_SPAM eval:check_rbl('nix-spam-lastexternal','ix.dnsbl.manitu.net.')
|
||||
describe RCVD_IN_NIX_SPAM Listed in NIX-SPAM DNSBL (www.dnsbl.manitu.net)
|
||||
tflags RCVD_IN_NIX_SPAM net
|
||||
score RCVD_IN_NIX_SPAM 3.5
|
||||
|
||||
# extremely long subjects
|
||||
header LOCAL_LONG_SUBJECT_250 Subject =~ /^.{250,}/
|
||||
describe LOCAL_LONG_SUBJECT_250 Subject field is extremely large (>250)
|
||||
score LOCAL_LONG_SUBJECT_250 3.5
|
||||
|
||||
header LOCAL_LONG_SUBJECT_500 Subject =~ /^.{500,}/
|
||||
describe LOCAL_LONG_SUBJECT_500 Subject field is extremely large (>500)
|
||||
score LOCAL_LONG_SUBJECT_500 2.1
|
||||
|
||||
header LOCAL_SUBJECT_EXCLAMATION Subject =~ /!!!$/
|
||||
score LOCAL_SUBJECT_EXCLAMATION 2
|
||||
|
||||
header LOCAL_EMPTY_SUBJECT Subject =~ /^\s*$/
|
||||
score LOCAL_EMPTY_SUBJECT 1
|
||||
|
||||
body LOCAL_FAKE_OFFICE /180 Sansome Street/
|
||||
score LOCAL_FAKE_OFFICE 1
|
||||
|
||||
# date tld
|
||||
header LOCAL_DATE_TLD From =~ /\@.*?\.date/i
|
||||
describe LOCAL_DATE_TLD Sender address is from a .date TLD
|
||||
score LOCAL_DATE_TLD 1.0
|
||||
|
||||
# bitcoin
|
||||
header __LOCAL_BITCOIN_SUBJ Subject =~ /\b(bitcoin)\b/i
|
||||
body __LOCAL_BITCOIN_BODY /\b(bitcoin|BTC)\b/i
|
||||
meta LOCAL_BITCOIN ((__LOCAL_BITCOIN_SUBJ + __LOCAL_BITCOIN_BODY) > 0)
|
||||
describe LOCAL_BITCOIN Contains bitcoin keywords in body and/or subject
|
||||
score LOCAL_BITCOIN 1.5
|
||||
|
||||
header LOCAL_VIDEO_SUBJECT Subject =~ /\.mp4\b/
|
||||
score LOCAL_VIDEO_SUBJECT 0.75
|
||||
|
||||
meta LOCAL_VIDEO_EXTORTION ((LOCAL_VIDEO_SUBJECT && LOCAL_BITCOIN))
|
||||
score LOCAL_VIDEO_EXTORTION 1.5
|
||||
|
||||
header __LOCAL_ARABIC_STUDENT From =~ /student.*1\./
|
||||
header __LOCAL_ARABIC_STUDENT_MAILER X-Mailer =~ /^MBM 7\.9-US$/
|
||||
meta LOCAL_ARABIC_STUDENT (__LOCAL_ARABIC_STUDENT && __LOCAL_ARABIC_STUDENT_MAILER)
|
||||
score LOCAL_ARABIC_STUDENT 2
|
||||
|
||||
header LOCAL_SPAM1 Subject =~ /Reclame sus facturas impagadas/
|
||||
score LOCAL_SPAM1 2.5
|
||||
|
||||
header LOCAL_ANON_HACKER From =~ /(anoniemehacker.club|hackeranonim.top)/
|
||||
score LOCAL_ANON_HACKER 2.5
|
||||
|
||||
# Attachments
|
||||
loadplugin Mail::SpamAssassin::Plugin::MIMEHeader
|
||||
|
||||
mimeheader ZIP_ATTACHED Content-Type =~ /zip/i
|
||||
describe ZIP_ATTACHED email contains a zip attachment
|
||||
score ZIP_ATTACHED 1.0
|
||||
|
||||
mimeheader MSWORD_ATTACHED Content-Type =~ /ms-?word/i
|
||||
describe MSWORD_ATTACHED email contains a msword attachment
|
||||
score MSWORD_ATTACHED 1.0
|
||||
|
||||
### whitelist / negative rules for some senders ###
|
||||
|
||||
# whitelist abuse reports
|
||||
header LOCAL_ABUSE_FROM From =~ /abuse@.*/
|
||||
score LOCAL_ABUSE_FROM -2
|
||||
|
||||
header LOCAL_ABUSE_REPLY_TO Reply-To =~ /abuse@.*/
|
||||
score LOCAL_ABUSE_REPLY_TO -2
|
||||
|
||||
header LOCAL_ABUSE_TO To =~ /abuse@.*/
|
||||
score LOCAL_ABUSE_TO -2
|
||||
|
||||
##################################################
|
||||
# from: https://forum.hetzner.de/thread/24022-spamassassin-filterregel/?postID=243392#post243392
|
||||
add_header all BL-Results "_RBL_"
|
||||
### Senderbase Reputation checks (rf.senderbase.org)
|
||||
header __R_SB_FR eval:check_rbl_txt('rf.senderbase.org-lastexternal','rf.senderbase.org')
|
||||
describe __R_SB_FR IP reputation of the sender at SenderBase
|
||||
tflags __R_SB_FR net
|
||||
reuse __R_SB_FR
|
||||
|
||||
|
||||
header R_SB_R_NEG3 eval:check_rbl_sub('rf.senderbase.org-lastexternal', '^-[3-9]\.')
|
||||
describe R_SB_R_NEG3 SenderBase Reputation is -3 to -10
|
||||
score R_SB_R_NEG3 5
|
||||
reuse R_SB_R_NEG3
|
||||
|
||||
|
||||
header R_SB_R_NEU0 eval:check_rbl_sub('rf.senderbase.org-lastexternal', '^-[0-2]\.')
|
||||
describe R_SB_R_NEU0 SenderBase Reputation is 0 to -2.9
|
||||
score R_SB_R_NEU0 2
|
||||
reuse R_SB_R_NEU0
|
||||
|
||||
|
||||
header R_SB_R_POS1 eval:check_rbl_sub('rf.senderbase.org-lastexternal', '^[0-3]\.')
|
||||
describe R_SB_R_POS1 SenderBase Reputation is 0 - 2.9
|
||||
score R_SB_R_POS1 0.1
|
||||
reuse R_SB_R_POS1
|
||||
|
||||
|
||||
header R_SB_FR_POS3 eval:check_rbl_sub('rf.senderbase.org-lastexternal', '^[3-9]\.')
|
||||
describe R_SB_FR_POS3 SenderBase Reputation is 3.0 - 9.9
|
||||
score R_SB_FR_POS3 -0.5
|
||||
reuse R_SB_FR_POS3
|
||||
###################################################
|
||||
|
||||
ifplugin Mail::SpamAssassin::Plugin::AskDNS
|
||||
|
||||
askdns __DMARC_POLICY_NONE _dmarc._AUTHORDOMAIN_ TXT /^v\s*=DMARC1 (?=\s*;) .* ;\s* p\s*=\s*none \s*(?:;|\z)/x
|
||||
askdns __DMARC_POLICY_QUAR _dmarc._AUTHORDOMAIN_ TXT /^v\s*=DMARC1 (?=\s*;) .* ;\s* p\s*=\s*quarantine \s*(?:;|\z)/x
|
||||
askdns __DMARC_POLICY_REJECT _dmarc._AUTHORDOMAIN_ TXT /^v\s*=DMARC1 (?=\s*;) .* ;\s* p\s*=\s*reject \s*(?:;|\z)/x
|
||||
askdns __DMARC_ADKIM_STRICT _dmarc._AUTHORDOMAIN_ TXT /^v\s*=DMARC1 (?=\s*;) .* ;\s* adkim\s*=\s*s \s*(?:;|\z)/x
|
||||
|
||||
# some common email domains that sign with the author domain
|
||||
header __DMARC_SIMPLE_DKIM From:addr =~ /\@(?:gmail\.com|yahoo\.(?:com|\w\w|co\.\w\w))$/i
|
||||
meta __DMARC_TESTS_FAIL !( DKIM_VALID_AU || DKIM_VALID && !__DMARC_ADKIM_S && !__DMARC_SIMPLE_DKIM || __HAS_LIST_ID && DKIM_SIGNED || SPF_PASS)
|
||||
meta __DMARC_TESTS_PASS DKIM_VALID_AU && SPF_PASS
|
||||
|
||||
# TODO: increase scores if testing period is over and was successful
|
||||
|
||||
|
||||
meta DMARC_FAIL_REJECT __DMARC_TESTS_FAIL && __DMARC_POLICY_REJECT
|
||||
describe DMARC_FAIL_REJECT DMARC validation failed and policy is to reject
|
||||
score DMARC_FAIL_REJECT 1.5
|
||||
|
||||
meta DMARC_FAIL_QUAR __DMARC_TESTS_FAIL && __DMARC_POLICY_QUAR
|
||||
describe DMARC_FAIL_QUAR DMARC validation failed and policy is quarantine
|
||||
#score DMARC_FAIL_QUAR 1.0
|
||||
score DMARC_FAIL_QUAR 0.5
|
||||
|
||||
meta DMARC_FAIL_NONE __DMARC_TESTS_FAIL && __DMARC_POLICY_NONE
|
||||
describe DMARC_FAIL_NONE DMARC validation failed and policy is none
|
||||
score DMARC_FAIL_NONE 0.25
|
||||
|
||||
|
||||
meta DMARC_PASS_REJECT __DMARC_TESTS_PASS && __DMARC_POLICY_REJECT
|
||||
describe DMARC_PASS_REJECT DMARC validation passed and policy is to reject
|
||||
tflags DMARC_PASS_REJECT nice
|
||||
score DMARC_PASS_REJECT -1.0
|
||||
|
||||
meta DMARC_PASS_QUAR __DMARC_TESTS_PASS && __DMARC_POLICY_QUAR
|
||||
describe DMARC_PASS_QUAR DMARC validation passed and policy is quarantine
|
||||
tflags DMARC_PASS_QUAR nice
|
||||
score DMARC_PASS_QUAR -0.5
|
||||
|
||||
meta DMARC_PASS_NONE __DMARC_TESTS_PASS && __DMARC_POLICY_NONE
|
||||
describe DMARC_PASS_NONE DMARC validation passed and policy is none
|
||||
tflags DMARC_PASS_NONE nice
|
||||
score DMARC_PASS_NONE -0.1
|
||||
|
||||
|
||||
meta DMARC_REJ_NO_DKIM __DMARC_POLICY_REJECT && !DKIM_SIGNED
|
||||
describe DMARC_REJ_NO_DKIM DMARC policy is reject without any DKIM signatures
|
||||
score DMARC_REJ_NO_DKIM 1.0
|
||||
|
||||
meta DMARC_QUAR_NO_DKIM __DMARC_POLICY_QUAR && !DKIM_SIGNED
|
||||
describe DMARC_QUAR_NO_DKIM DMARC policy is quarantine without any DKIM signatures
|
||||
score DMARC_QUAR_NO_DKIM 1.0
|
||||
|
||||
# some temporary informational rules
|
||||
meta T_DMARC_TESTS_FAIL __DMARC_TESTS_FAIL
|
||||
meta T_DMARC_TESTS_PASS __DMARC_TESTS_PASS
|
||||
meta T_DMARC_POLICY_NONE __DMARC_POLICY_NONE
|
||||
meta T_DMARC_POLICY_QUAR __DMARC_POLICY_QUAR
|
||||
meta T_DMARC_POLICY_REJECT __DMARC_POLICY_REJECT
|
||||
meta T_DMARC_ADKIM_STRICT __DMARC_ADKIM_STRICT
|
||||
meta T_DMARC_SIMPLE_DKIM __DMARC_SIMPLE_DKIM
|
||||
|
||||
endif
|
|
@ -1,135 +0,0 @@
|
|||
## English language spam rules
|
||||
|
||||
# cancer stuff
|
||||
header __LOCAL_DISEASE_SUBJ Subject =~ /\b(cancer|ill|doctor|survive|disease|illness|admitted|hospital)\b/i
|
||||
body __LOCAL_DISEASE_BODY /\b(cancer|ill|doctor|survive|disease|illness|admitted|hospital)\b/i
|
||||
meta LOCAL_DISEASE ((__LOCAL_DISEASE_SUBJ + __LOCAL_DISEASE_BODY) > 0)
|
||||
describe LOCAL_DISEASE Contains disease keywords in body and/or subject
|
||||
score LOCAL_DISEASE 1.5
|
||||
|
||||
# charity stuff
|
||||
header __LOCAL_CHARITY_SUBJ Subject =~ /\b(charity|donation|donate|humanity|orphan|orphanage|widow)\b/i
|
||||
body __LOCAL_CHARITY_BODY /\b(charity|donation|donate|humanity|orphan|orphanage|widow)\b/i
|
||||
meta LOCAL_CHARITY ((__LOCAL_CHARITY_SUBJ + __LOCAL_CHARITY_BODY) > 0)
|
||||
describe LOCAL_CHARITY Contains charity or donate keywords in body and/or subject
|
||||
score LOCAL_CHARITY 1.5
|
||||
|
||||
# fake business inquiries/agreements
|
||||
header __LOCAL_FAKEBUSINESS_SUBJ Subject =~ /\b(mutual|business|agreement|offer|special|proposal|brand|affordable|marketing|services|development)\b/i
|
||||
body __LOCAL_FAKEBUSINESS_BODY /\b(mutual|business|agreement|offer|special|proposal|brand|affordable|marketing|services|development)\b/i
|
||||
meta LOCAL_FAKEBUSINESS ((__LOCAL_FAKEBUSINESS_SUBJ + __LOCAL_FAKEBUSINESS_BODY) > 0)
|
||||
describe LOCAL_FAKEBUSINESS Contains fake business keywords in body and/or subject
|
||||
score LOCAL_FAKEBUSINESS 0.5
|
||||
|
||||
# delivery notifications
|
||||
header LOCAL_ITEM_DELIVERY Subject =~ /Item Delivery Notification/
|
||||
score LOCAL_ITEM_DELIVERY 2.5
|
||||
|
||||
header __LOCAL_PARCEL Subject =~ /\bparcel\b/i
|
||||
header __LOCAL_PACKAGE Subject =~ /\bpackage\b/i
|
||||
header __LOCAL_DELIVERY Subject =~ /\bdelivery?\b/i
|
||||
meta LOCAL_PARCEL_DELIVERY ((__LOCAL_PARCEL || __LOCAL_PACKAGE) && __LOCAL_DELIVERY)
|
||||
describe LOCAL_PARCEL_DELIVERY Subject contains words delivery? and parcel or package
|
||||
score LOCAL_PARCEL_DELIVERY 1.0
|
||||
|
||||
header LOCAL_PACKAGE_DELIVERY Subject =~ /Package Delivery( Notification|!!!)/
|
||||
score LOCAL_PACKAGE_DELIVERY 2.5
|
||||
|
||||
# company documents
|
||||
header LOCAL_COMPANY_DOC Subject =~ /Company Documents/
|
||||
score LOCAL_COMPANY_DOC 2.5
|
||||
|
||||
header LOCAL_XEROX_1 Subject =~ /Scanned Image from a Xerox WorkCentre/
|
||||
score LOCAL_XEROX_1 5
|
||||
|
||||
header LOCAL_AUDIO_TRANSCRIP Subject =~ /Audio Transcription Service Provider/
|
||||
score LOCAL_AUDIO_TRANSCRIP 3
|
||||
|
||||
body LOCAL_SECURE_PAYMENT /Secure Online Payment/
|
||||
score LOCAL_SECURE_PAYMENT 1
|
||||
|
||||
body LOCAL_SEO /This domain seo registration for .* search engine service optimization notification will expire/
|
||||
score LOCAL_SEO 1.5
|
||||
|
||||
body LOCAL_MYNAME /My name is .*, please reply me\./
|
||||
score LOCAL_MYNAME 2.5
|
||||
|
||||
header LOCAL_LOTTERY Subject =~ /\bLottery\b/i
|
||||
score LOCAL_LOTTERY 0.2
|
||||
|
||||
header LOCAL_WINNER Subject =~ /\bWinner\b/i
|
||||
score LOCAL_WINNER 0.2
|
||||
|
||||
meta LOCAL_LOTTERY_WINNER (LOCAL_LOTTERY && LOCAL_WINNER)
|
||||
score LOCAL_LOTTERY_WINNER 1.2
|
||||
|
||||
body LOCAL_BANK_ALERT /\bbank(ing)? alert\b/i
|
||||
score LOCAL_BANK_ALERT 2
|
||||
|
||||
header LOCAL_URGENT_SUBJECT Subject =~ /\burgent\b/i
|
||||
score LOCAL_URGENT_SUBJECT 1
|
||||
|
||||
body __LOCAL_FUNDS_1 /\bfunds?\b/i
|
||||
body __LOCAL_FUNDS_2 /\bconfirm(ation)?\b/i
|
||||
body __LOCAL_FUNDS_3 /\bserious loan\b/i
|
||||
meta LOCAL_FUNDS (__LOCAL_FUNDS_1 && (__LOCAL_FUNDS_2 || __LOCAL_FUNDS_3))
|
||||
score LOCAL_FUNDS 1.5
|
||||
|
||||
body LOCAL_INVESTMENT_1 /,regarding my investment proposal\.\?/i
|
||||
score LOCAL_INVESTMENT_1 4
|
||||
|
||||
header LOCAL_LOAN Subject =~ /\bloan\b/i
|
||||
score LOCAL_LOAN 0.5
|
||||
|
||||
header LOCAL_APPLY_NOW Subject =~ /\bapply now\b/i
|
||||
score LOCAL_APPLY_NOW 1
|
||||
|
||||
header LOCAL_APPROVED Subject =~ /^APPROVED!$/
|
||||
score LOCAL_APPROVED 5
|
||||
|
||||
body LOCAL_BINARY_OPTIONS /Binary Options Success Network/
|
||||
score LOCAL_BINARY_OPTIONS 3
|
||||
|
||||
body LOCAL_RIVER /Try River Team for FREE for 3 days/
|
||||
score LOCAL_RIVER 3
|
||||
|
||||
header LOCAL_DEAR_BELOVED Subject =~ /Dear Beloved One,/
|
||||
score LOCAL_DEAR_BELOVED 1.8
|
||||
|
||||
body LOCAL_BUSINESS_JOURNAL /got your email from a business web journal/
|
||||
score LOCAL_BUSINESS_JOURNAL 3
|
||||
|
||||
body LOCAL_BOGUS_OFFER /We are currently expanding our global presence and portfolio by/
|
||||
score LOCAL_BOGUS_OFFER 3.5
|
||||
|
||||
|
||||
body LOCAL_MASTRUBATION /\bmasturbation\b/i
|
||||
score LOCAL_MASTRUBATION 2
|
||||
|
||||
body LOCAL_VISIT_POLICE /You саn visit police but nobody will help you/i
|
||||
score LOCAL_VISIT_POLICE 2
|
||||
|
||||
body LOCAL_BITCOINT_PAYMENT /waiting for your Bitcoin payment/i
|
||||
score LOCAL_BITCOINT_PAYMENT 1
|
||||
|
||||
body LOCAL_TRY_TO_CHEAT /Do not try to cheat me/i
|
||||
score LOCAL_TRY_TO_CHEAT 1.5
|
||||
|
||||
body LOCAL_HI_PERV /Hi perv,/
|
||||
score LOCAL_HI_PERV 2
|
||||
|
||||
body LOCAL_CONTACT_INFO /We provide Business executive contact information/
|
||||
score LOCAL_CONTACT_INFO 2
|
||||
|
||||
body LOCAL_CONTACT_INFO_LIST_TECH /Technology specific Lists/i
|
||||
score LOCAL_CONTACT_INFO_LIST_TECH 0.5
|
||||
|
||||
body LOCAL_CONTACT_INFO_LIST_IND /Industry Specific Lists/i
|
||||
score LOCAL_CONTACT_INFO_LIST_IND 0.5
|
||||
|
||||
body LOCAL_CONTACT_INFO_LIST_TITLE /Title Specific Lists/i
|
||||
score LOCAL_CONTACT_INFO_LIST_TITLE 0.5
|
||||
|
||||
body LOCAL_CONTACT_INFO_DB_ORGA /We are a database organization/i
|
||||
score LOCAL_CONTACT_INFO_DB_ORGA 0.5
|
||||
|
|
@ -27,7 +27,7 @@ unit_whitelist_regexes = [
|
|||
r'quassel.service',
|
||||
r'security-tracker-update.service',
|
||||
r'syslog-ng@.*.service',
|
||||
r'spampd.service',
|
||||
r'rspamd.service',
|
||||
r'sshd.service',
|
||||
r'svnserve.service',
|
||||
r'synapse.service',
|
||||
|
|
Loading…
Reference in New Issue