mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2024-09-20 11:54:39 +02:00
spamasassin: Merge my own config
Mostly score adjustments and 5.0 is a safer cutoff now because my own config also uses that. 2.5 would most likely reject too much with the stricter scores. Signed-off-by: Florian Pritz <bluewind@xinu.at>
This commit is contained in:
parent
124e537f2c
commit
fa84916503
@ -33,7 +33,7 @@ dns_server 127.0.0.1
|
||||
|
||||
# Set the threshold at which a message is considered spam (default: 5.0)
|
||||
#
|
||||
required_score 2.5
|
||||
required_score 5.0
|
||||
|
||||
|
||||
# Use Bayesian classifier (default: 1)
|
||||
@ -54,6 +54,10 @@ required_score 2.5
|
||||
# bayes_ignore_header X-Spam-Status
|
||||
|
||||
#whitelist_to postmaster@*
|
||||
# Whether to decode non- UTF-8 and non-ASCII textual parts and recode
|
||||
# them to UTF-8 before the text is given over to rules processing.
|
||||
#
|
||||
# normalize_charset 1
|
||||
|
||||
# Some shortcircuiting, if the plugin is enabled
|
||||
#
|
||||
@ -89,23 +93,201 @@ endif # Mail::SpamAssassin::Plugin::Shortcircuit
|
||||
|
||||
loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody
|
||||
|
||||
add_header all Status _YESNO_, score=_SCORE_ required=_REQD_ tests=_TESTSSCORES_ autolearn=_AUTOLEARN_ version=_VERSION_
|
||||
|
||||
header LOCAL_XEROX_1 Subject =~ /Scanned Image from a Xerox WorkCentre/
|
||||
score LOCAL_XEROX_1 5
|
||||
# enable SPF plugin
|
||||
loadplugin Mail::SpamAssassin::Plugin::SPF
|
||||
|
||||
# disable suspicious IADB stuff (they whitelisted some spam mails)
|
||||
score __RCVD_IN_IADB 0
|
||||
|
||||
# reduce the positive weight of returnpath CERTIFIED/SAFE results
|
||||
score RCVD_IN_RP_CERTIFIED -0.01 # default -3
|
||||
score RCVD_IN_RP_SAFE -0.001 # default -2
|
||||
|
||||
# increase scores of some rules
|
||||
score RCVD_IN_BL_SPAMCOP_NET 3.5
|
||||
score RCVD_IN_SBL 3.5
|
||||
score RCVD_IN_XBL 3.5
|
||||
score URIBL_SBL 3.5
|
||||
score RCVD_IN_SORBS_SPAM 3.5
|
||||
score RCVD_IN_BRBL_LASTEXT 2.0
|
||||
|
||||
score RDNS_NONE 3.5
|
||||
score RDNS_DYNAMIC 1.6
|
||||
score HELO_MISC_IP 0.2
|
||||
score UNPARSEABLE_RELAY 1.0
|
||||
score FREEMAIL_FORGED_REPLYTO 2.0
|
||||
|
||||
score BAYES_00 -1.0
|
||||
score BAYES_05 -0.5
|
||||
score BAYES_20 0
|
||||
score BAYES_40 1.0
|
||||
|
||||
score BAYES_50 1.25
|
||||
#score BAYES_60 3.0
|
||||
#score BAYES_80 3.5
|
||||
#score BAYES_90 4.0
|
||||
#score BAYES_95 4.9
|
||||
#score BAYES_99 5.0
|
||||
|
||||
score MISSING_HEADERS 1.3
|
||||
score LOTS_OF_MONEY 0.5
|
||||
score FREEMAIL_FROM 0.5
|
||||
score T_DKIM_INVALID 1.0
|
||||
|
||||
score MONEY_FRAUD_3 0.5
|
||||
score MONEY_FRAUD_5 0.8
|
||||
score MONEY_FRAUD_8 1.0
|
||||
|
||||
score UPPERCASE_50_75 2.0
|
||||
score UPPERCASE_75_100 2.5
|
||||
|
||||
# NIX
|
||||
header RCVD_IN_NIX_SPAM eval:check_rbl('nix-spam-lastexternal','ix.dnsbl.manitu.net.')
|
||||
describe RCVD_IN_NIX_SPAM Listed in NIX-SPAM DNSBL (www.dnsbl.manitu.net)
|
||||
tflags RCVD_IN_NIX_SPAM net
|
||||
score RCVD_IN_NIX_SPAM 3.5
|
||||
|
||||
# YANDEX
|
||||
# also matches valid amazon emails
|
||||
# TODO: need to fix!
|
||||
#header LOCAL_YANDEX X-Mailer-RecptId =~ /[0-9]+/
|
||||
#score LOCAL_YANDEX 5
|
||||
|
||||
|
||||
# recent spam with weird URLs in List-Unsubscribe header
|
||||
header LOCAL_WEIRD_UNSUBSCRIBE List-Unsubscribe =~ /(tarif|sicher|sieger|wechseln|stepstone|angebot|versicherung)/i
|
||||
describe LOCAL_WEIRD_UNSUBSCRIBE Contains weird HTTP URLs in List-Unsubscribe header
|
||||
score LOCAL_WEIRD_UNSUBSCRIBE 5.0
|
||||
|
||||
# cancer stuff
|
||||
header __LOCAL_DISEASE_SUBJ Subject =~ /\b(cancer|ill|doctor|survive|disease|illness|admitted|hospital)\b/i
|
||||
body __LOCAL_DISEASE_BODY /\b(cancer|ill|doctor|survive|disease|illness|admitted|hospital)\b/i
|
||||
meta LOCAL_DISEASE ((__LOCAL_DISEASE_SUBJ + __LOCAL_DISEASE_BODY) > 0)
|
||||
describe LOCAL_DISEASE Contains disease keywords in body and/or subject
|
||||
score LOCAL_DISEASE 1.5
|
||||
|
||||
# charity stuff
|
||||
header __LOCAL_CHARITY_SUBJ Subject =~ /\b(charity|donation|donate|humanity|orphan|orphanage|widow)\b/i
|
||||
body __LOCAL_CHARITY_BODY /\b(charity|donation|donate|humanity|orphan|orphanage|widow)\b/i
|
||||
meta LOCAL_CHARITY ((__LOCAL_CHARITY_SUBJ + __LOCAL_CHARITY_BODY) > 0)
|
||||
describe LOCAL_CHARITY Contains charity or donate keywords in body and/or subject
|
||||
score LOCAL_CHARITY 1.5
|
||||
|
||||
# credit stuff
|
||||
header __LOCAL_CREDIT_SUBJ Subject =~ /\b(darlehen|kredit|schufa)\b/i
|
||||
body __LOCAL_CREDIT_BODY /\b(darlehen|kredit|schufa)\b/i
|
||||
meta LOCAL_CREDIT ((__LOCAL_CREDIT_SUBJ + __LOCAL_CREDIT_BODY) > 0)
|
||||
describe LOCAL_CREDIT Contains credit keywords in body and/or subject
|
||||
score LOCAL_CREDIT 1.5
|
||||
|
||||
header LOCAL_CREDITOFFER Subject =~ /\bDarlehensangebot\b/i
|
||||
score LOCAL_CREDITOFFER 1
|
||||
|
||||
# extremely long subjects
|
||||
header LOCAL_LONG_SUBJECT_250 Subject =~ /^.{250,}/
|
||||
describe LOCAL_LONG_SUBJECT_250 Subject field is extremely large (>250)
|
||||
score LOCAL_LONG_SUBJECT_250 5
|
||||
|
||||
header LOCAL_LONG_SUBJECT_500 Subject =~ /^.{500,}/
|
||||
describe LOCAL_LONG_SUBJECT_500 Subject field is extremely large (>500)
|
||||
score LOCAL_LONG_SUBJECT_500 2.1
|
||||
|
||||
# delivery notifications
|
||||
header LOCAL_ITEM_DELIVERY Subject =~ /Item Delivery Notification/
|
||||
score LOCAL_ITEM_DELIVERY 2.5
|
||||
score LOCAL_ITEM_DELIVERY 2.5
|
||||
|
||||
header __LOCAL_PARCEL Subject =~ /\b[Pp]arcel\b/
|
||||
header __LOCAL_DELIVERY Subject =~ /\bdelivery?\b/
|
||||
meta LOCAL_PARCEL_DELIVERY ((__LOCAL_PARCEL + __LOCAL_DELIVERY) > 0)
|
||||
describe LOCAL_PARCEL_DELIVERY Subject contains words delivery? and parcel
|
||||
score LOCAL_PARCEL_DELIVERY 2.5
|
||||
|
||||
header LOCAL_PACKAGE_DELIVERY Subject =~ /Package Delivery Notification/
|
||||
score LOCAL_PACKAGE_DELIVERY 2.5
|
||||
|
||||
# company documents
|
||||
header LOCAL_COMPANY_DOC Subject =~ /Company Documents/
|
||||
score LOCAL_COMPANY_DOC 2.5
|
||||
score LOCAL_COMPANY_DOC 2.5
|
||||
|
||||
header LOCAL_XEROX_1 Subject =~ /Scanned Image from a Xerox WorkCentre/
|
||||
score LOCAL_XEROX_1 5
|
||||
|
||||
header LOCAL_PARCEL_DELIVERY Subject =~ /Parcel Delivery Notification/
|
||||
score LOCAL_PARCEL_DELIVERY 2.5
|
||||
|
||||
header LOCAL_SPAM1 Subject =~ /Reclame sus facturas impagadas/
|
||||
score LOCAL_SPAM1 2.5
|
||||
|
||||
body __LOCAL_VERTRIEB /\bvertrieb/i
|
||||
body __LOCAL_VERKAUF /\b(ab)?verkauf\b/i
|
||||
body __LOCAL_ANGEBOT /\bAngebot\b/i
|
||||
body __LOCAL_REGAL_BODY /\b(lager|schwer(last)?|stahl)regale?\b/i
|
||||
meta LOCAL_REGAL ((__LOCAL_VERKAUF || __LOCAL_ANGEBOT || __LOCAL_VERTRIEB) && __LOCAL_REGAL_BODY)
|
||||
describe LOCAL_REGAL Body contains sales pitch for some type of shelf
|
||||
score LOCAL_REGAL 1
|
||||
|
||||
body LOCAL_ZION_GALIANO /\bZion-Galiano-Vertrieb\b/i
|
||||
score LOCAL_ZION_GALIANO 3
|
||||
|
||||
header LOCAL_LOTTERY Subject =~ /\bLottery\b/i
|
||||
score LOCAL_LOTTERY 0.2
|
||||
|
||||
header LOCAL_WINNER Subject =~ /\bWinner\b/i
|
||||
score LOCAL_WINNER 0.2
|
||||
|
||||
meta LOCAL_LOTTERY_WINNER (LOCAL_LOTTERY && LOCAL_WINNER)
|
||||
score LOCAL_LOTTERY_WINNER 1.2
|
||||
|
||||
header LOCAL_CREDIT Subject =~ /\bKredit\b/i
|
||||
score LOCAL_CREDIT 0.1
|
||||
|
||||
header LOCAL_OFFER Subject =~ /\bAngebot\b/i
|
||||
score LOCAL_OFFER 0.1
|
||||
|
||||
meta LOCAL_CREDIT_OFFER (LOCAL_OFFER && LOCAL_CREDIT)
|
||||
score LOCAL_CREDIT_OFFER 0.8
|
||||
|
||||
# Attachments
|
||||
loadplugin Mail::SpamAssassin::Plugin::MIMEHeader
|
||||
|
||||
mimeheader ZIP_ATTACHED Content-Type =~ /zip/i
|
||||
describe ZIP_ATTACHED email contains a zip attachment
|
||||
score ZIP_ATTACHED 1.0
|
||||
|
||||
mimeheader MSWORD_ATTACHED Content-Type =~ /ms-?word/i
|
||||
describe MSWORD_ATTACHED email contains a msword attachment
|
||||
score MSWORD_ATTACHED 1.0
|
||||
|
||||
##################################################
|
||||
# from: https://forum.hetzner.de/thread/24022-spamassassin-filterregel/?postID=243392#post243392
|
||||
add_header all BL-Results "_RBL_"
|
||||
### Senderbase Reputation checks (rf.senderbase.org)
|
||||
header __R_SB_FR eval:check_rbl_txt('rf.senderbase.org-lastexternal','rf.senderbase.org')
|
||||
describe __R_SB_FR IP reputation of the sender at SenderBase
|
||||
tflags __R_SB_FR net
|
||||
reuse __R_SB_FR
|
||||
|
||||
|
||||
header R_SB_R_NEG3 eval:check_rbl_sub('rf.senderbase.org-lastexternal', '^-[3-9]\.')
|
||||
describe R_SB_R_NEG3 SenderBase Reputation is -3 to -10
|
||||
score R_SB_R_NEG3 5
|
||||
reuse R_SB_R_NEG3
|
||||
|
||||
|
||||
header R_SB_R_NEU0 eval:check_rbl_sub('rf.senderbase.org-lastexternal', '^-[0-2]\.')
|
||||
describe R_SB_R_NEU0 SenderBase Reputation is 0 to -2.9
|
||||
score R_SB_R_NEU0 2
|
||||
reuse R_SB_R_NEU0
|
||||
|
||||
|
||||
header R_SB_R_POS1 eval:check_rbl_sub('rf.senderbase.org-lastexternal', '^[0-3]\.')
|
||||
describe R_SB_R_POS1 SenderBase Reputation is 0 - 2.9
|
||||
score R_SB_R_POS1 0.1
|
||||
reuse R_SB_R_POS1
|
||||
|
||||
|
||||
header R_SB_FR_POS3 eval:check_rbl_sub('rf.senderbase.org-lastexternal', '^[3-9]\.')
|
||||
describe R_SB_FR_POS3 SenderBase Reputation is 3.0 - 9.9
|
||||
score R_SB_FR_POS3 -0.5
|
||||
reuse R_SB_FR_POS3
|
||||
###################################################
|
||||
|
Loading…
Reference in New Issue
Block a user