diyIT/FreeBSD
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Feb 25, 2020

Browse Source
This commit is contained in:
Charlie Root
2020-02-25 11:28:31 -08:00
commit f26cf87f5a
436 changed files with 67904 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
jails/config/mail/rspamd/actions.conf Normal file
View File

@ -0,0 +1,29 @@
# Actions settings
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/actions.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/actions.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# See also https://rspamd.com/doc/faq.html#what-are-rspamd-actions for actions definition
actions {
reject = 15; # Reject when reaching this score
add_header = 6; # Add header when reaching this score
greylist = 4; # Apply greylisting when reaching this score (will emit `soft reject action`)
#unknown_weight = 1.0; # Enable if need to set score for all symbols implicitly
# Each new symbol is added multiplied by gf^N, where N is the number of spammy symbols
#grow_factor = 1.1;
# Set rewrite subject to this value (%s is replaced by the original subject)
#subject = "***SPAM*** %s"
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/actions.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/actions.conf"
}

17
jails/config/mail/rspamd/cgp.inc Normal file
View File

@ -0,0 +1,17 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# This file defines some specific settings that are applicable merely when using
# CommuniGate Pro MTA and it's specific integration
arc {
sign_networks = [127.2.4.7];
}
dkim_signing {
sign_networks = [127.2.4.7];
}
options {
local_addrs = [127.2.4.7];
}

40
jails/config/mail/rspamd/common.conf Normal file
View File

@ -0,0 +1,40 @@
# A common rspamd configuration file (should never ever be changed)
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
# parameters defined on the top level
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
# parameters defined on the top level
#
# For specific modules or configuration you can also modify
# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
#
# See https://rspamd.com/doc/tutorials/writing_rules.html for details
lua = "$RULESDIR/rspamd.lua"
.include "$CONFDIR/metrics.conf"
.include "$CONFDIR/actions.conf"
.include "$CONFDIR/groups.conf"
.include "$CONFDIR/composites.conf"
.include "$CONFDIR/statistic.conf"
.include "$CONFDIR/modules.conf"
# Include users settings
.include "$CONFDIR/settings.conf"
# User local settings
.include(try=true) "$LOCAL_CONFDIR/rspamd.conf.local"
.include(try=true,priority=10) "$LOCAL_CONFDIR/rspamd.conf.local.override"
.include(try=true,priority=10) "$LOCAL_CONFDIR/rspamd.conf.override"
modules {
path = "${PLUGINSDIR}";
fallback_path = "${SHAREDIR}/lua"; # Legacy path
try_path = "${LOCAL_CONFDIR}/plugins.d/"; # User plugins
}

160
jails/config/mail/rspamd/composites.conf Normal file
View File

@ -0,0 +1,160 @@
# Composites setup
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/composites.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/composites.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# See https://rspamd.com/doc/tutorials/writing_rules.html and
# https://rspamd.com/doc/configuration/composites.html for details
composites {
FORGED_RECIPIENTS_MAILLIST {
expression = "FORGED_RECIPIENTS & -MAILLIST";
}
FORGED_SENDER_MAILLIST {
expression = "FORGED_SENDER & -MAILLIST";
}
FORGED_SENDER_FORWARDING {
expression = "FORGED_SENDER & g:forwarding";
description = "Forged sender, but message is forwarded";
policy = "remove_weight";
}
SPF_FAIL_FORWARDING {
expression = "g:forwarding & (R_SPF_SOFTFAIL | R_SPF_FAIL)";
policy = "remove_weight";
}
DMARC_POLICY_ALLOW_WITH_FAILURES {
expression = "DMARC_POLICY_ALLOW & (R_SPF_SOFTFAIL | R_SPF_FAIL | R_DKIM_REJECT)";
policy = "remove_weight";
}
FORGED_RECIPIENTS_FORWARDING {
expression = "FORGED_RECIPIENTS & g:forwarding";
policy = "remove_weight";
}
FORGED_SENDER_VERP_SRS {
expression = "FORGED_SENDER & (ENVFROM_PRVS | ENVFROM_VERP)";
}
FORGED_MUA_MAILLIST {
expression = "g:mua & -MAILLIST";
}
RBL_SPAMHAUS_XBL_ANY {
expression = "RBL_SPAMHAUS_XBL & RECEIVED_SPAMHAUS_XBL";
description = "From and Received address are listed in Spamhaus XBL";
}
AUTH_NA {
expression = "R_DKIM_NA & R_SPF_NA & DMARC_NA & ARC_NA";
score = 1.0;
policy = "remove_weight";
description = "Authenticating message via SPF/DKIM/DMARC/ARC not possible";
}
DKIM_MIXED {
expression = "-R_DKIM_ALLOW & (R_DKIM_DNSFAIL | R_DKIM_PERMFAIL | R_DKIM_REJECT)"
policy = "remove_weight";
}
MAIL_RU_MAILER_BASE64 {
expression = "MAIL_RU_MAILER & (FROM_EXCESS_BASE64 | MIME_BASE64_TEXT | REPLYTO_EXCESS_BASE64 | SUBJ_EXCESS_BASE64 | TO_EXCESS_BASE64)";
}
YANDEX_RU_MAILER_CTYPE_MIXED_BOGUS {
expression = "YANDEX_RU_MAILER & -HAS_ATTACHMENT & CTYPE_MIXED_BOGUS";
}
MAILER_1C_8_BASE64 {
expression = "MAILER_1C_8 & (FROM_EXCESS_BASE64 | MIME_BASE64_TEXT | SUBJ_EXCESS_BASE64 | TO_EXCESS_BASE64)";
description = "Message was sent by '1C:Enterprise 8' and uses base64 encoded data";
}
HACKED_WP_PHISHING {
expression = "(HAS_X_POS | HAS_PHPMAILER_SIG) & HAS_WP_URI & (PHISHING | DBL_PHISH | PHISHED_OPENPHISH | PHISHED_PHISHTANK)";
description = "Phish message sent by hacked Wordpress instance";
policy = "leave";
}
COMPROMISED_ACCT_BULK {
expression = "(HAS_XOIP | RCVD_FROM_SMTP_AUTH) & DCC_BULK";
description = "Likely to be from a compromised account";
score = 3.0;
policy = "leave";
}
UNDISC_RCPTS_BULK {
expression = "DCC_BULK & (MISSING_TO | R_UNDISC_RCPT)";
description = "Missing or undisclosed recipients with a bulk signature";
score = 3.0;
policy = "leave";
}
RCVD_UNAUTH_PBL {
expression = "RECEIVED_PBL & !RCVD_VIA_SMTP_AUTH";
description = "Relayed through ZEN PBL IP without sufficient authentication (possible indicating an open relay)";
score = 2.0;
policy = "leave";
}
RCVD_DKIM_ARC_DNSWL_MED {
expression = "(R_DKIM_ALLOW | ARC_ALLOW) & RCVD_IN_DNSWL_MED";
description = "Sufficiently DKIM/ARC signed and received from IP with medium trust at DNSWL";
score = -0.5;
policy = "leave";
}
RCVD_DKIM_ARC_DNSWL_HI {
expression = "(R_DKIM_ALLOW | ARC_ALLOW) & RCVD_IN_DNSWL_HI";
description = "Sufficiently DKIM/ARC signed and received from IP with high trust at DNSWL";
score = -1.0;
policy = "leave";
}
AUTOGEN_PHP_SPAMMY {
expression = "(HAS_X_POS | HAS_PHPMAILER_SIG | HAS_X_PHP_SCRIPT) & (SUBJECT_ENDS_QUESTION | SUBJECT_ENDS_EXCLAIM | MANY_INVISIBLE_PARTS)";
description = "Message was generated by PHP script and contains some spam indicators";
score = 1.0;
policy = "leave";
}
PHISH_EMOTION {
expression = "(PHISHING | DBL_PHISH | PHISHED_OPENPHISH | PHISHED_PHISHTANK) & (SUBJECT_ENDS_QUESTION | SUBJECT_ENDS_EXCLAIM)";
description = "Phish message with subject trying to address users emotion";
score = 1.0;
policy = "leave";
}
HAS_ANON_DOMAIN {
expression = "HAS_GUC_PROXY_URI | URIBL_RED | DBL_ABUSE_REDIR | HAS_ONION_URI";
description = "Contains one or more domains trying to disguise owner/destination";
score = 0.1;
policy = "leave";
}
BAD_REP_POLICIES {
description = "Contains valid policies but are also marked by fuzzy/bayes/surbl/rbl";
expression = "(~g-:policies) & (-g+:fuzzy | -g+:bayes | -g+:surbl | -g+:rbl)";
score = 0.1;
}
VIOLATED_DIRECT_SPF {
description = "Has no Received (or no trusted received relays) and SPF policy fails or soft fails";
expression = "(R_SPF_FAIL | R_SPF_SOFTFAIL) & (RCVD_COUNT_ZERO | RCVD_NO_TLS_LAST)";
policy = "leave";
score = 3.5;
}
IP_SCORE_FREEMAIL {
description = "Negate IP_SCORE when message comes from FreeMail";
expression = "FREEMAIL_FROM & SENDER_REP_SPAM";
score = 0.0;
policy = "remove_weight";
}
BROKEN_HEADERS_MAILLIST {
description = "Negate BROKEN_HEADERS when message comes via some mailing list";
expression = "BROKEN_HEADERS & -MAILLIST";
score = 0.0;
policy = "remove_weight";
}
LEAKED_PASSWORD_SCAM {
description = "Contains BTC wallet address and scam patterns";
expression = "BITCOIN_ADDR & (LEAKED_PASSWORD_SCAM_RE | R_MIXED_CHARSET | R_EMPTY_IMAGE)";
policy = "leave";
score = 7.0;
group = "scams";
}
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/composites.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/composites.conf"
}

120
jails/config/mail/rspamd/groups.conf Normal file
View File

@ -0,0 +1,120 @@
# Symbols groups setup
# Each individual group lives in scores.d/<GROUPNAME>
#
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/groups.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/groups.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# See also: https://rspamd.com/doc/faq.html#how-to-change-score-for-some-symbol
group "headers" {
.include "$CONFDIR/scores.d/headers_group.conf"
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/headers_group.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/headers_group.conf"
}
group "subject" {
.include "$CONFDIR/scores.d/subject_group.conf"
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/subject_group.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/subject_group.conf"
}
group "mua" {
.include "$CONFDIR/scores.d/mua_group.conf"
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/mua_group.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/mua_group.conf"
}
group "rbl" {
.include "$CONFDIR/scores.d/rbl_group.conf"
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/rbl_group.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/rbl_group.conf"
}
group "statistics" {
.include "$CONFDIR/scores.d/statistics_group.conf"
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/statistics_group.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/statistics_group.conf"
}
group "fuzzy" {
.include "$CONFDIR/scores.d/fuzzy_group.conf"
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/fuzzy_group.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/fuzzy_group.conf"
}
# SPF + DKIM + DMARC + ARC
group "policies" {
.include "$CONFDIR/scores.d/policies_group.conf"
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/policies_group.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/policies_group.conf"
}
group "whitelist" {
.include "$CONFDIR/scores.d/whitelist_group.conf"
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/whitelist_group.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/whitelist_group.conf"
}
group "surbl" {
.include "$CONFDIR/scores.d/surbl_group.conf"
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/surbl_group.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/surbl_group.conf"
}
group "phishing" {
.include "$CONFDIR/scores.d/phishing_group.conf"
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/phishing_group.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/phishing_group.conf"
}
group "hfilter" {
.include "$CONFDIR/scores.d/hfilter_group.conf"
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/hfilter_group.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/hfilter_group.conf"
}
group "mime_types" {
.include "$CONFDIR/scores.d/mime_types_group.conf"
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/mime_types_group.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/mime_types_group.conf"
}
# Used to limit maximium score
group "excessqp" {
max_score = 2.4;
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/excessqp_group.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/excessqp_group.conf"
}
group "excessb64" {
max_score = 3.0;
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/excessb64_group.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/excessb64_group.conf"
}
# Not defined by default
group "neural" {
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/neural_group.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/neural_group.conf"
}
group "antivirus" {
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/antivirus_group.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/antivirus_group.conf"
}
group "external_services" {
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/external_services_group.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/external_services_group.conf"
}
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/groups.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/groups.conf"

2
jails/config/mail/rspamd/local.d/classifier-bayes.conf Normal file
View File

@ -0,0 +1,2 @@
autolearn = true;
backend = "redis";

3
jails/config/mail/rspamd/local.d/dcc.conf Normal file
View File

@ -0,0 +1,3 @@
# path to dcc socket
host = "/usr/local/dcc/dccifd";
timeout = 5.0;

3
jails/config/mail/rspamd/local.d/dkim_signing.conf Normal file
View File

@ -0,0 +1,3 @@
# enable dkim signing - we will set this up in the DKIM section later
path = "/var/db/rspamd/dkim/$domain.$selector.key";
selector = "dkim";

2
jails/config/mail/rspamd/local.d/mx_check.conf Normal file
View File

@ -0,0 +1,2 @@
# checks if sender's domain has at least one connectable MX record
enabled = true;

3
jails/config/mail/rspamd/local.d/phishing.conf Normal file
View File

@ -0,0 +1,3 @@
# check messages against some anti-phishing databases
openphish_enabled = true;
phishtank_enabled = true;

2
jails/config/mail/rspamd/local.d/redis.conf Normal file
View File

@ -0,0 +1,2 @@
# just specifying a server enables redis for all modules that can use it
servers = "127.0.0.1";

2
jails/config/mail/rspamd/local.d/replies.conf Normal file
View File

@ -0,0 +1,2 @@
# whitelist messages from threads that have been replied to
action = "no action";

2
jails/config/mail/rspamd/local.d/surbl.conf Normal file
View File

@ -0,0 +1,2 @@
# follow redirects when checking URLs in emails for spaminess
redirector_hosts_map = "/usr/local/etc/rspamd/redirectors.inc";

2
jails/config/mail/rspamd/local.d/url_reputation.conf Normal file
View File

@ -0,0 +1,2 @@
# check URLs within messages for spaminess
enabled = true;

2
jails/config/mail/rspamd/local.d/url_tags.conf Normal file
View File

@ -0,0 +1,2 @@
# cache some URL tags in redis
enabled = true;

10
jails/config/mail/rspamd/local.d/worker-controller.inc Normal file
View File

@ -0,0 +1,10 @@
# generate a password hash using the `rspamadm pw` command and put it here
# this one is the hash for 'hunter2'
password = "$2$or9n9ffj4qsogh7i8d9qi5u1hxt53q6o$ntp4kj...";
# dovecot will use this socket to communicate with rspamd
# note to self - tighten up these permissions
bind_socket = "/var/run/rspamd/rspamd.sock mode=0666 owner=nobody";
# you can comment this out if you don't need the web interface
bind_socket = "127.0.0.1:11334";

3
jails/config/mail/rspamd/local.d/worker-normal.inc Normal file
View File

@ -0,0 +1,3 @@
# we're not running rspamd in a distributed setup, so this can be disabled
# the proxy worker will handle all the spam filtering
enabled = false;

13
jails/config/mail/rspamd/local.d/worker-proxy.inc Normal file
View File

@ -0,0 +1,13 @@
# this worker will be used as postfix milter
milter = yes;
# note to self - tighten up these permissions
bind_socket = "/var/run/rspamd/milter.sock mode=0666 owner=nobody";
# the following specifies self-scan mode, for when rspamd is on the same
# machine as postfix
timeout = 120s;
upstream "local" {
default = yes;
self_scan = yes;
}

35
jails/config/mail/rspamd/logging.inc Normal file
View File

@ -0,0 +1,35 @@
# Logging configuration
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/logging.inc' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/logging.inc' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Relevant documentation: https://rspamd.com/doc/configuration/logging.html
level = "info";
log_format =<<EOD
id: <$mid>,$if_qid{ qid: <$>,}$if_ip{ ip: $,}$if_user{ user: $,}$if_smtp_from{ from: <$>,}
(default: $is_spam ($action): [$scores] [$symbols_scores_params]),
len: $len, time: $time_real, dns req: $dns_req,
digest: <$digest>$if_smtp_rcpts{, rcpts: <$>}$if_mime_rcpts{, mime_rcpts: <$>}$if_filename{, file: $}$if_forced_action{, forced: $}$if_settings_id{, settings_id: $}
EOD
# Show statistics for regular expressions
log_re_cache = true;
# Can be used for console logging
color = false;
# Log with microseconds resolution
log_usec = false;
# Enable debug for specific modules (e.g. `debug_modules = ["dkim", "re_cache"];`)
debug_modules = []

70
jails/config/mail/rspamd/maps.d/dmarc_whitelist.inc Normal file
View File

@ -0,0 +1,70 @@
# Domains with valid DMARC and DKIM
# These domains come from some top visited sites that have restrictive dmarc policy
4chan.org
adp.com
advice.hmrc.gov.uk
airbnb.com
airtel.in
alibaba.com
aliexpress.com
alipay.com
americanexpress.com
avg.com
avito.ru
badoo.com
battle.net
beeline.ru
booking.com
box.com
chase.com
consultant.ru
dhl.com
emarsys.com
esetnod32.ru
evernote.com
facebook.com
facebookmail.com
fedex.com
force.com
garant.ru
gosuslugi.ru
hh.ru
hmrc.gov.uk
instagram.com
linkedin.com
livejournal.com
lufthansa-group.com
mackeeper.com
megafon.ru
mercadolibre.com.ar
mercadolivre.com.br
messenger.com
mvideo.ru
neobux.com
netflix.com
newegg.com
nic.ru
paypal.com
pch.com
pinterest.com
rostelecom.ru
rt.ru
sberbank.ru
sportmaster.ru
squarespace.com
subscribe.ru
superjob.ru
twitter.com
uber.com
ulmart.ru
ups.com
usps.com
utair.ru
verizonwireless.com
vk.com
vkrugudruzei.ru
westernunion.com
whatsapp.com
zendesk.com
zomato.com

208
jails/config/mail/rspamd/maps.d/maillist.inc Normal file
View File

@ -0,0 +1,208 @@
usndr.com
subscribe.ru
smartsndr.com
hh.ru
free-lance.ru
superjob.ru
rabota.ru
job.ru
odesk.com
jobinmoscow.ru
russianpost.ru
shopotam.ru
ebay.com
alibaba.com
aliexpress.com
alipay.com
github.net
github.com
molotok.ru
facebook.com
vk.com
odnoklassniki.ru
vkrugudruzei.ru
linkedin.com
professionali.ru
mail.mtml.ru
livejournal.com
twitter.com
avito.ru
dmir.ru
mnogo.ru
paypal.com
roboxchange.com
sberbank.ru
qiwi.com
qiwi.ru
osmp.ru
mobilelement.ru
rp-system.ru
quickpay.ru
rbkmoney.ru
gosuslugi.ru
rostelecom.ru
mos.ru
gov.ru
nalog.ru
sitesoft.ru
e-moskva.ru
rosreestr.ru
roseltorg.ru
sberbank-ast.ru
etp-micex.ru
zakazrf.ru
rtstender.ru
rts-tender.ru
b2b-center.ru
yamoney.ru
fabrikant.ru
apple.com
dropbox.com
skype.com
habramail.net
mamba.ru
dating.ru
topface.com
ulmart.ru
electrozon.ru
nix.ru
ozon.ru
beeline.ru
mts.ru
megafon.ru
booking.com
tutu.ru
aeroflot.ru
vedomosti.ru
1c-bitrix.ru
moesk.ru
exist.ru
tks.ru
zzap.ru
activeby.net
babysfera.ru
baby.ru
wordpress.com
ispsystem.net
ispsystem.com
ispsystem.ru
naukanet.ru
startcomca.com
wmtransfer.com
sipnet.ru
tario.ru
mailgun.com
mailgun.net
psport.ru
returnpath.net
senderscore.net
webnames.ru
regtime.net
nic.ru
r01.ru
reg.ru
ztel.ru
youtube.com
baidu.com
yahoo.com
amazon.com
wikipedia.org
qq.com
google.co.in
live.com
taobao.com
msn.com
yahoo.co.jp
google.co.jp
weibo.com
bing.com
hao123.com
instagram.com
google.de
amazon.co.jp
360.cn
tmall.com
google.co.uk
pinterest.com
google.ru
reddit.com
google.com.br
t.co
netflix.com
google.fr
sohu.com
microsoft.com
google.it
blogspot.com
tumblr.com
ok.ru
gmw.cn
imgur.com
stackoverflow.com
xvideos.com
google.com.mx
fc2.com
imdb.com
google.com.hk
amazon.de
ask.com
google.com.tr
google.ca
office.com
pornhub.com
google.co.id
soso.com
go.com
pixnet.net
amazon.co.uk
googleusercontent.com
outbrain.com
amazon.in
blogger.com
cnn.com
google.pl
google.com.au
360.com
xhamster.com
adobe.com
flipkart.com
microsoftonline.com
whatsapp.com
nytimes.com
chase.com
wosign.com
comodo.com
comodogroup.com
comodo.net

22
jails/config/mail/rspamd/maps.d/mid.inc Normal file
View File

@ -0,0 +1,22 @@
# Known invalid or missed Message-IDs
# 'domain' 'Message-ID regexp'
alibaba.com /^[a-f0-9]{8}(?:-[a-f0-9]{4}){3}-[a-f0-9]{12}-0$/
aliexpress.com /^(?:(?:[0-9]{14,15}|[a-z]{4}UTT_[0-9]{5,6}_(?:[0-9]{8}_)?)[$])?[a-f0-9]{32}$/
beeline.ru /^<[A-z0-9+]{18}>$/
noreply.esphere.ru
noreply.etprf.ru
rkn.gov.ru
garant.ru
is-zakupki.com
mirtesen.ru
fcod.nalog.ru
otc.ru
qiwi.ru
client.rostelecom.ru
sberbank-ast.ru
crm.taxcom.ru
wildberries.ru /^[a-f0-9]{8}(?:-[a-f0-9]{4}){3}-[a-f0-9]{12}$/
promo.wildberries.ru /^[A-F0-9]{8}(?:-[A-F0-9]{4}){3}-[A-F0-9]{12}$/
taxi.yandex.ru /^[a-f0-9]{32}$/
online.zcts.ru

1533
jails/config/mail/rspamd/maps.d/mime_types.inc Normal file
View File

File diff suppressed because it is too large Load Diff

1045
jails/config/mail/rspamd/maps.d/redirectors.inc Normal file
View File

File diff suppressed because it is too large Load Diff

233
jails/config/mail/rspamd/maps.d/spf_dkim_whitelist.inc Normal file
View File

@ -0,0 +1,233 @@
# Domains with valid SPF and DKIM
4chan.org
6pm.com
about.com
addthis.com
adf.ly
adobe.com
adp.com
adschemist.com
airbnb.com
airtel.in
alibaba.com
aliexpress.com 2.0
alipay.com 2.0
allrecipes.com
amazon.ca
amazon.cn
amazon.co.jp
amazon.com
amazon.co.uk
amazon.de
amazon.es
amazon.fr
amazon.in
amazon.it
amazon.ru
americanexpress.com
ancestry.com
android.com
apple.com
asana.com
att.com
autohome.com.cn
avg.com
aweber.com
badoo.com
bankofamerica.com
basecamp.com
battle.net
bet365.com
biglobe.ne.jp
bitly.com
bleacherreport.com
blogger.com
bloomberg.com
booking.com
box.com
bt.com
capitalone.com
cdiscount.com
change.org
chase.com
cisco.com
citi.com
constantcontact.com
costco.com
craigslist.org
custhelp.com
dell.com
delta.com
diply.com
discovercard.com
disqus.com
dropbox.com
drweb.com
ebay.ca
ebay.com
ebay.com.au
ebay.co.uk
ebay.de
ebay.fr
ebay.in
ebay.it
ebay.ru
etsy.com
evernote.com
expedia.com
facebook.com
fedex.com
fidelity.com
fishki.net
flickr.com
flirchi.com
force.com
freepik.com
gap.com
gawker.com
github.com 2.0
gizmodo.com
godaddy.com
googleadservices.com
googleusercontent.com
groupon.com
hdfcbank.com
hgtv.com
hh.ru
hm.com
houzz.com
hubspot.com
icicibank.com
icloud.com
ign.com
imgur.com
immobilienscout24.de
indeed.com
indiatimes.com
infusionsoft.com
instagram.com
intel.com
irctc.co.in
kayak.com
kickstarter.com
kijiji.ca
kotaku.com
letsencrypt.org
libero.it
lifehacker.com
likes.com
linkedin.com
linux.com
list-manage.com
mackeeper.com
mailchimp.com
mashable.com
match.com
mercadolibre.com.ar
mercadolivre.com.br
messenger.com
microsoft.com
microsoftonline.com
moikrug.ru
mts.ru
neobux.com
netflix.com
newegg.com
nhk.or.jp
nifty.com
nikkeibp.co.jp
nyaa.se
nytimes.com
odnoklassniki.ru
ok.ru
olx.ua
overstock.com
ozon.ru
ozon.travel
pandora.com
paypal.ca
paypal.cn
paypal.com
paypal.com
paypal.co.uk
paypal.de
paypal.es
paypal.fr
paypal.it
paypal.ru
paytm.com
pch.com
pinterest.com
porn.com
priceline.com
qq.com
quora.com
rakuten.co.jp
reddit.com
researchgate.net
salesforce.com
sciencedirect.com
shopify.com
slack.com
slideshare.net
so-net.ne.jp
southwest.com
spotify.com
springer.com
squarespace.com
stalker.com
steampowered.com
stumbleupon.com
surveymonkey.com
swagbucks.com
taboola.com
taleo.net
taobao.com
target.com
taringa.net
taxi.yandex.ru
tele2.ru
thekitchn.com
tokopedia.com
trello.com
tribunnews.com
trulia.com
tumblr.com
twitter.com
ultimate-guitar.com
ups.com
usaa.com
usbank.com
usps.com
verizon.com
verizonwireless.com
vimeo.com
vine.co
vk.com
vmware.com
vtb24.ru
wahoofitness.com
walmart.com
wav.tv
wellsfargo.com
whatsapp.com
wikia.com
wikimedia.org
wikipedia.org
wildberries.ru
wix.com
wordpress.com
wordpress.org
wp.com
xuite.net
xvideos.com
yelp.com
youtube.com
yts.to
zappos.com
zendesk.com
zippyshare.com
zomato.com
zulily.com
zwift.com

830
jails/config/mail/rspamd/maps.d/surbl-whitelist.inc Normal file
View File

@ -0,0 +1,830 @@
126.com
163.com
1gost.info
1stnationalbank.com
2o7.net
365online.com
4at1.com
53.com
5iantlavalamp.com
abl.com.pk
about.com
accessbankplc.com
adelphia.net
adib.ae
adobe.com
agora-inc.com
agoramedia.com
aibgb.co.uk
aib.ie
airdriesavingsbank.com
akamai.net
akamaitech.net
aldermore.co.uk
alexa.com
alliancebank.com.my
alliancefg.com
alliantcreditunion.com
alliantcreditunion.org
allianz.de
allybank.com
alterna.ca
amazon.com
americanexpress.ch
americanexpress.com
anadolubank.nl
ancestry.com
anz.com
anz.co.nz
aol.com
apache.org
apple.com
arbuthnotlatham.co.uk
arcamax.com
asb.co.nz
ask.com
astrology.com
atdmt.com
att.net
authorize.net
autorambler.ru
axisbank.co.in
axisbank.com
b2bbank.com
baaderbank.de
baidu.com
baloise.ch
baml.com
banamex.com
bancanetbsc.do
bancanetsantacruz.com.do
bancapulia.it
bancarios.com
bancastato.ch
bancatransilvania.ro
bancobase.com
bancobic.ao
bancobic.pt
bancobpi.pt
banco.bradesco
bancobrasil.com.br
bancochile.cl
bancochile.com
bancoestado.cl
bancofalabella.cl
bancofalabella.com.co
bancofalabella.pe
bancomer.com
bancopopolare.it
bancopostaclick.it
bancoposta.it
bancosantander.es
bancovotorantimcartoes.com.br
bank24.ru
bankalhabib.com
bankaustria.at
bank.barclays.co.uk
bankbgzbnpparibas.pl
bankcardservices.co.uk
bankcomm.com
bankcoop.ch
bankiabancapersonal.es
bankia.com
bankia.es
bankinter.com
bankinter.es
bankmutual.com
bankofamerica.com
bankofcanada.ca
bankofchina.com
bankofcyprus.com
bankofindia.co.nz
bankofireland.com
bank-of-ireland.co.uk
bankofirelanduk.com
bankofoklahoma.com
bankofscotland.co.uk
banksinarmas.com
bankvonroll.ch
bankwest.com.au
banque-casino.fr
banquepopulaire.fr
banquescotia.com
barclaycard.co.uk
barclaycard.de
barclaycard.es
barclays.com
barclays.co.uk
barclayspartnerfinance.com
barclays.sc
barodanzltd.co.nz
basler.ch
bbandt.com
bbc.co.uk
bcentral.com
bci.cl
bcp.com.pe
bcv.ch
bcvs.ch
bekb.ch
bellevue.ch
bellsouth.net
bendigobank.com.au
berliner-bank.de
berliner-sparkasse.de
bfanet.ao
bfi0.com
bgfi.com
bgfionline.com
bgzbnpparibas.pl
billmelater.com
bing.com
bkb.ch
bk.rw
bks.at
blkb.ch
bmocm.com
bmo.com
bmogam.com
bmoharris.com
bmoharrisprivatebankingonline.com
bmoinvestorline.com
bmonesbittburns.com
bnl.it
bnpparibas.com
bnpparibas.fr
boc.cnnz
bonuscard.ch
bpe-gruposantander.com
bpi.pt
bpostbank.be
bradescardonline.com.br
bradesco.com.br
bradescoseguranca.com.br
bridgetrack.com
bridgewaterbank.ca
bsibank.com
btrl.ro
bt-trade.ro
businessonline-boi.com
bzbank.ch
ca-cib.com
ca-egypt.com
cafbank.org
cafe24.com
cafonline.org
caisse-epargne.com
caisse-epargne.fr
caixabank.com
caixa.gov.br
cajasur.es
camsonline.com
canadiandirect.com
capitalone360.com
capitalone.com
capitaloneonline.co.uk
capitecbank.co.za
cariparma.it
carrefour-banque.fr
cartabcc.it
cartabccpos.it
cartasi.it
ca-suisse.com
catalunyacaixa.com
cbg.gm
cbonline.co.uk
cembra.ch
cenbank.org
centralbank.ae
charitybank.org
charter.net
chase.com
chebanca.it
chinatrust.com.tw
cial.ch
cibc.com
cic.ch
cimbclicks.com.my
citibank.ae
citibank.co.in
citibank.com
citibank.co.uk
citibankonline.com
citibusiness.com
citicards.com
citi.com
citi.co.nz
citi.eu
citigroup.com
citizensbank.ca
citizensbank.com
civibank.com
civibank.it
cjb.net
classmates.com
clickbank.net
closebrothers.com
closebrothers.co.uk
clubsc.ch
cnet.com
cnn.com
colpatria.com
colpatria.com.co
comcast.net
com.com
commbank.com.au
commerzbank.com
commerzbank.de
com.ne.kr
coopbank.dk
co-operativebank.co.uk
cornerbanca.ch
cornercard.ch
cornercard.com
corner.ch
corporate-ir.net
cosycard.ch
coutts.com
cox.net
craigslist.org
credit-agricole.com
credit-agricole.fr
creditagricole.rs
credit-suisse.com
cs.com
css.ch
ctbcbank.com
ctfs.com
custhelp.com
cwbank.com
cwbankgroup.com
cwt.ca
cybg.com
danskebankas.lt
danskebank.com
danskebank.co.uk
danskebank.de
danskebank.dk
danskebank.ee
danskebank.fi
danskebank.ie
danskebank.no
datatrans.biz
datatrans.ch
daum.net
db.com
dbs.com
dd.se
debian.org
dell.com
demirbank.kg
denizbank.com
desjardins.ca
desjardins.com
deutschebank.be
deutschebank.co.nz
deutsche-bank.de
diamondbank.com
dibpak.com
directnic.com
directtrack.com
discovercard.com
discover.com
discovery.co.za
dnbnord.lt
domain.com
doubleclick.com
dresdner-bank.de
dsbbank.sr
dsbl.org
duncanlawrie.com
earthlink.net
easybank.at
easylnk.com
ebay.com
ebay.co.uk
ebay.de
ebayimg.com
ebaystatic.com
ecobank.com
edgesuite.net
ediets.com
edwardjones.com
egroups.com
e-gulfbank.com
emode.com
esunbank.com.tw
example.com
example.net
example.org
excite.com
facebook.com
fedex.com
fednetbank.com
fidelity.com
fidor.de
finance.com
finansbank.com.tr
finasta.lt
fineco.it
firstbankcard.com
firstmerit.com
firstnational.com
firstnationalmerchantsolutions.com
firsttrustbank.co.uk
flickr.com
fnbc.ca
fnb.co.za
fnb-online.com
freebsd.org
free.fr
friuladria.it
f-secure.com
garantibank.eu
garantibank.nl
garanti.com.tr
gazprombank.ch
gazprombank.ru
generali.es
genevoise.ch
gentoo.org
geocities.com
gkb.ch
gmail.com
gmx.net
go.com
godaddy.com
googleadservices.com
google.co.in
google.com
google.it
google.ru
granitbank.hu
grisoft.com
gtbank.com
halifax.co.uk
hallmark.com
handelsbanken.se
harrodsbank.co.uk
hbl.com
hblibank.com
hblibank.com.pk
hdfcbank.com
heartland.co.nz
hellenicbank.com
hinet.net
hkbea.com
hlb.com.kh
hlb.com.my
hoaresbank.co.uk
home.barclays
hongleongconnect.com.kh
hongleongconnect.com.vn
hongleongconnect.my
hotbar.com
hotmail.com
hotpop.com
hp.com
hsbc.com
hsbc.com.ar
hsbc.com.hk
hsbc.co.nz
hsbc.co.uk
hypovereinsbank.co.uk
hypovereinsbank.de
ibm.com
icbcnz.com
icicibank.co.in
icicibank.com
icicibankprivatebanking.com
icorner.ch
icscards.de
icscards.nl
incredimail.com
ing.be
ing.com
ing-diba.de
ingdirect.ca
ing.lu
ing.nl
ingvysyabank.com
interac.ca
investorplace.com
iobnet.co.in
isbank.com.tr
isbank.de
isbank.ge
isbank.iq
isbankkosova.com
itau.com.br
ivillage.com
joingevalia.com
jpmchase.com
jpmorgan.com
jsafrasarasin.com
julianhodgebank.com
juliusbaer.com
juno.com
jyskebank.dk
kantonalbank.ch
kernel.org
key.com
kiwibank.co.nz
kotak.com
kredytbank.pl
kreissparkasse-schwalm-eder.de
ksklb.de
kutxabank.es
laboralkutxa.com
lacaixa.cat
lacaixa.es
laurentianbank.ca
lbb.de
lcl.com
lcl.fr
li.ru
list.ru
liveinternet.ru
livejournal.com
lloydsbank.com
lloydsbankcommercial.com
lloydsbankinggroup.com
lloydstsb.ch
lloydstsb.co.uk
lombardodier.com
loydsbank.com
lycos.com
m7z.net
mac.com
macromedia.com
maerki-baumann.ch
mail.com
mail.ru
mailscanner.info
mandtbank.com
manulifebank.ca
manulifebankselect.ca
manulife.com
manulifeone.ca
marketwatch.com
mashreqbank.com
mastercard.com
maybank2u.com
maybank2u.com.my
mcafee.com
mchsi.com
mdmbank.com
mechanicsbank.com
medbank.lt
messagelabs.com
metrobankdirect.com
metrobankonline.co.uk
microsoft.com
migbank.com
migrosbank.ch
military.com
mindspring.com
mit.edu
mizuhobank.co.jp
mmwarburg.lu
monster.com
montepio.pt
morganstanley.com
mozilla.com
mps.it
ms.com
msn.com
mufg.jp
myonlineresourcecenter.com
myonlineservices.ch
myspace.com
nate.com
nationalesuisse.ch
nationwide-communications.co.uk
nationwide.co.uk
nationwide-service.co.uk
natwest.com
navyfederal.org
nbc.ca
netflix.com
netscape.com
netscape.net
netzero.net
newyorkfed.org
nibl.com.np
nod32.com
nordea.fi
nordea.lt
nordfynsbank.dk
norisbank.de
norman.com
notenstein.ch
nuvisionfederal.com
nytimes.com
oceanbank.com
onlinesbi.com
openoffice.org
openxmlformats.org
optonline.net
orchardbank.com
osdn.com
ostsaechsische-sparkasse-dresden.de
overstock.com
pacbell.net
pandasoftware.com
passport.com
paylife.at
paypal.be
paypal-brasil.com.br
paypal.ca
paypal.ch
paypal.co.il
paypal.com
paypal.com.au
paypal.com.br
paypal-communication.com
paypal-community.com
paypal.com.mx
paypal.com.pt
paypal.co.uk
paypal-customerfeedback.com
paypal.de
paypal-deutschland.de
paypal.dk
paypal.es
paypal-exchanges.com
paypal.fr
paypal.it
paypal-marketing.co.uk
paypal-marketing.pl
paypal.net
paypal.nl
paypal.no
paypal-notify.com
paypal-now.com
paypalobjects.com
paypal-opwaarderen.nl
paypal-pages.com
paypal.pt
paypal.ru
paypal.se
paypal-search.com
paypal-shopping.co.uk
paypal-techsupport.com
pbebank.com
pcfinancial.ca
peoplepc.com
permanenttsb.ie
plaxo.com
pnc.com
popolarevicenza.it
postbank.de
postepay.it
postfinancearena.ch
postfinance.ch
postfinance.info
price.ru
prodigy.net
publicislamicbank.com.my
rabobank.com
rabobank.co.nz
rabobank.nl
radaruol.com.br
rahnbodmer.ch
raiffeisenbank.rs
raiffeisen.ch
raiffeisen.hu
raiffeisen.li
raiffeisen.ru
rambler-co.ru
rambler.ru
raphaelsbank.com
rbc.com
rbcroyalbank.com
rbs.co.uk
rbssecure.co.uk
rbsworldpay.com
rcb.at rcb.at
real.com
recordbank.be
redhat.com
rediff.com
regiobank.nl
regions.com
regionsnet.com
renasantbank.com
rhbgroup.com
rogersbank.com
rogers.com
rothschildbank.com
rothschild.com
royalbank.com
rr.com
sagepay.com
sagepay.co.uk
sainsburysbank.co.uk
samba.com
santander.cl
santander.com
santander.com.br
santander.com.mx
santandercorretora.com.br
santander.co.uk
santanderesfera.com.br
santandersantiago.cl
sarasin.ch
sbcglobal.net
sberbank.ch
sbs.net.nz
sc.com
schoellerbank.at
scotiabank.ca
scotiabank.com
scotiamocatta.com
scotiaonline.com
s.de
sec.gov
securetrustbank.com
service-sparkasse.de
serviciobancomer.com
sf.net
shawbrook.co.uk
shaw.ca
shkb.ch
shockwave.com
six-group.com
six-payment-services.com
skrill.com
sls-direkt.de
smithbarney.com
snb.ch snb.ch
snsbank.nl
societegenerale.fr
sourceforge.net
spamcop.net
sparda-a.de
sparda-bank-hamburg.de
sparda-b.de
sparda-bw.de
sparda-h.de
sparda-hessen.de
sparda-m.de
sparda-ms.de
sparda-n.de
sparda-ostbayern.de
sparda-sw.de
sparda-verband.de
sparda-west.de
sparkasse.at
sparkasse-bank-malta.com
sparkasse-bielefeld.de
sparkasseblog.de
sparkasse-bochum.de
sparkasse.ch
sparkasse.de
sparkasse-gera-greiz.de
sparkasse-hamm.de
sparkasse-heidelberg.de
sparkasse-ingolstadt.de
sparkasse-mittelthueringen.de
speedera.net
sportsline.com
standardbank.com
standardbank.co.za
standardchartered.com.gh
standardchartered.com.my
subscribe.ru
sun.com
suncorpbank.com.au
suntrust.com
swedbank.com
swedbank.ee
swedbank.lt
swedbank.lu
swedbank.se
swisscanto.ch
swisscaution.ch
swissquote.ch
sydbank.dk
sympatico.ca
tails.nl
tangerine.ca
tcb-bank.com.tw
tdbank.com
tdcommercialbanking.com
telus.net
terra.com.br
tescobank.com
ticketmaster.com
tinyurl.com
tiscali.co.uk
tns-counter.ru
tom.com
tone.co.nz
t-online.de
top4top.ru
tsbbank.co.nz
tsb.co.nz
tsb.co.uk
tux.org
twitter.com
ubibanca.com
ubs.com
ulsterbankanytimebanking.co.uk
ulsterbank.co.uk
unibancoconnect.pt
unibanco.pt
unicreditbank.lt
unicredit.eu
unicreditgroup.eu
unicredit.it
unionbankcameroon.com
unionbank.com
unity.co.uk
uob.com.sg
uobgroup.com
uol.com.br
ups.com
usbank.com
valianttrust.com
vaudoise.ch
venetobanca.it
venetobanka.al
verizon.net
versabank.com
videobank.it
virginmoney.com
visa.com.ar
visa.com.br
visaeurope.ch
visaeurope.com
viseca.ch
volksbank.de
volkswagenbank.de
vpbank.com
vr.de
vwbank.de
w3.org
wachovia.com
walmart.com
wamu.com
wanadoo.fr
washingtonpost.com
weatherbug.com
weatherbys.co.uk
web.de
webshots.com
webtv.net
wegelin.ch
wellsfargo.com
wellsfargoemail.com
westernunion.ca
westernunion.com
westernunion.fr
westernunion.se
westpac.com.au
westpac.co.nz
wir.ch
wordpress.com
worldbank.org
worldpay.com
wsj.com
wvb.de
xmlsoap.org
yacht.nl
yahoo.ca
yahoo.co.jp
yahoo.co.kr
yahoo.com
yahoo.com.br
yahoo.co.uk
yahoogroups.com
yandex.net
yandex.ru
ybonline.co.uk
yimg.com
yopi.de
yorkshirebank.co.uk
yourbankcard.com
yoursite.com
youtube.com
zagbank.ca
zdnet.com
zenithbank.com
zkb.ch
zugerkb.ch
vistaprint.dk
vistaprint.com
anpdm.com
dovecot.org
exacttarget.com
github.com
isc.org
# list-manage1.com # grey
# list-manage2.com # grey
# list-manage.com # grey
lists.isc.org
lists.roundcube.net
svn.apache.org
taggedmail.com
tumblr.com

24
jails/config/mail/rspamd/metrics.conf Normal file
View File

@ -0,0 +1,24 @@
# Metrics settings
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
# parameters defined on the top level
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
# parameters defined on the top level
#
# For specific modules or configuration you can also modify
# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
#
# See https://rspamd.com/doc/tutorials/writing_rules.html for details
# DEPRECATION WARNING!!
# This file is deprecated since 1.7
# Please use actions.conf and groups.conf files instead
metric {
name = "default";
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/metrics.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/metrics.conf"
}

17
jails/config/mail/rspamd/modules.conf Normal file
View File

@ -0,0 +1,17 @@
# A common rspamd configuration file (should never ever be changed)
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
# parameters defined on the top level
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
# parameters defined on the top level
#
# For specific modules or configuration you can also modify
# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
#
# See https://rspamd.com/doc/tutorials/writing_rules.html for details
.include(glob=true) "${CONFDIR}/modules.d/*.conf"

59
jails/config/mail/rspamd/modules.d/antivirus.conf Normal file
View File

@ -0,0 +1,59 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/antivirus.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/antivirus.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/antivirus.html
antivirus {
# multiple scanners could be checked, for each we create a configuration block with an arbitrary name
clamav {
# If set force this action if any virus is found (default unset: no action is forced)
# action = "reject";
# message = '${SCANNER}: virus found: "${VIRUS}"';
# Scan mime_parts separately - otherwise the complete mail will be transferred to AV Scanner
#scan_mime_parts = true;
# Scanning Text is suitable for some av scanner databases (e.g. Sanesecurity)
#scan_text_mime = false;
#scan_image_mime = false;
# If `max_size` is set, messages > n bytes in size are not scanned
#max_size = 20000000;
# symbol to add (add it to metric if you want non-zero weight)
symbol = "CLAM_VIRUS";
# type of scanner: "clamav", "fprot", "sophos" or "savapi"
type = "clamav";
# For "savapi" you must also specify the following variable
#product_id = 12345;
# You can enable logging for clean messages
#log_clean = true;
# servers to query (if port is unspecified, scanner-specific default is used)
# can be specified multiple times to pool servers
# can be set to a path to a unix socket
# Enable this in local.d/antivirus.conf
#servers = "127.0.0.1:3310";
# if `patterns` is specified virus name will be matched against provided regexes and the related
# symbol will be yielded if a match is found. If no match is found, default symbol is yielded.
patterns {
# symbol_name = "pattern";
JUST_EICAR = '^Eicar-Test-Signature$';
}
patterns_fail {
# symbol_name = "pattern";
#CLAM_PROTOCOL_ERROR = '^unhandled response';
}
# `whitelist` points to a map of IP addresses. Mail from these addresses is not scanned.
whitelist = "/etc/rspamd/antivirus.wl";
}
.include(try=true,priority=5) "${DBDIR}/dynamic/antivirus.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/antivirus.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/antivirus.conf"
}

72
jails/config/mail/rspamd/modules.d/arc.conf Normal file
View File

@ -0,0 +1,72 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/arc.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/arc.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/arc.html
# To configure this module, please also check the following document:
# https://rspamd.com/doc/tutorials/scanning_outbound.html and
# https://rspamd.com/doc/modules/arc.html
# To enable this module define the following attributes:
# path = "${DBDIR}/arc/$domain.$selector.key";
# OR
# domain { ... }, if you use per-domain conf
# OR
# set `use_redis=true;` and define redis servers
arc {
# If false, messages with empty envelope from are not signed
allow_envfrom_empty = true;
# If true, envelope/header domain mismatch is ignored
allow_hdrfrom_mismatch = true;
# If true, multiple from headers are allowed (but only first is used)
allow_hdrfrom_multiple = false;
# If true, username does not need to contain matching domain
allow_username_mismatch = false;
# If false, messages from authenticated users are not selected for signing
auth_only = false;
# Default path to key, can include '$domain' and '$selector' variables
#path = "${DBDIR}/arc/$domain.$selector.key";
# Default selector to use
selector = "arc";
# If false, inbound messages are not selected for signing
sign_inbound = true;
# If false, messages from local networks are not selected for signing
sign_local = false;
# Symbol to add when message is signed
symbol_sign = "ARC_SIGNED";
# Whether to fallback to global config
try_fallback = true;
# Domain to use for DKIM signing: can be "header", "envelope" or "recipient"
use_domain = "recipient";
# Whether to normalise domains to eSLD
use_esld = true;
# Whether to get keys from Redis
use_redis = false;
# Hash for ARC keys in Redis
key_prefix = "ARC_KEYS";
# Domain specific settings
#domain {
# example.com {
# # Private key path
# path = "${DBDIR}/arc/example.key";
# # Selector
# selector = "ds";
# }
#}
.include(try=true,priority=5) "${DBDIR}/dynamic/arc.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/arc.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/arc.conf"
}

29
jails/config/mail/rspamd/modules.d/asn.conf Normal file
View File

@ -0,0 +1,29 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/asn.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/asn.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/asn.html
asn {
# Provider: just "rspamd" for now
provider_type = "rspamd";
# Provider-specific configuration
provider_info {
ip4 = "asn.rspamd.com";
ip6 = "asn6.rspamd.com";
}
# If defined, insert symbol with lookup results
# symbol = "ASN";
.include(try=true,priority=5) "${DBDIR}/dynamic/asn.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/asn.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/asn.conf"
}

21
jails/config/mail/rspamd/modules.d/chartable.conf Normal file
View File

@ -0,0 +1,21 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/chartable.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/chartable.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/chartable.html
chartable {
threshold = 0.300000;
symbol = "R_MIXED_CHARSET";
.include(try=true,priority=5) "${DBDIR}/dynamic/chartable.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/chartable.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/chartable.conf"
}

60
jails/config/mail/rspamd/modules.d/clickhouse.conf Normal file
View File

@ -0,0 +1,60 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/clickhouse.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/clickhouse.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/clickhouse.html
clickhouse {
# Push update when 1000 records are collected (1000 if unset)
limit = 1000;
# IP:port of Clickhouse server
# server = "localhost:8123";
# Timeout to wait for response (5 seconds if unset)
timeout = 5;
# How many bits of sending IP to mask in logs for IPv4 (19 if unset)
ipmask = 19;
# How many bits of sending IP to mask in logs for IPv6 (48 if unset)
ipmask6 = 48;
# Record URL paths? (default false)
full_urls = false;
# This parameter points to a map of domain names
# If a message has a domain in this map in From: header and DKIM signature,
# record general metadata in a table named after the domain
#from_tables = "/etc/rspamd/clickhouse_from.map";
# These are symbols of other checks in Rspamd
# Set these if you use non-default symbol names (unlikely)
#bayes_spam_symbols = ["BAYES_SPAM"];
#bayes_ham_symbols = ["BAYES_HAM"];
#fann_symbols = ["FANN_SCORE"];
#fuzzy_symbols = ["FUZZY_DENIED"];
#whitelist_symbols = ["WHITELIST_DKIM", "WHITELIST_SPF_DKIM", "WHITELIST_DMARC"];
#dkim_allow_symbols = ["R_DKIM_ALLOW"];
#dkim_reject_symbols = ["R_DKIM_REJECT"];
#dmarc_allow_symbols = ["DMARC_POLICY_ALLOW"];
#dmarc_reject_symbols = ["DMARC_POLICY_REJECT", "DMARC_POLICY_QUARANTINE"];
#retention {
# # disabled by default
# enable = true;
# # drop | detach, please refer to ClickHouse docs for details
# # http://clickhouse-docs.readthedocs.io/en/latest/query_language/queries.html#manipulations-with-partitions-and-parts
# method = "drop";
# # how many month the data should be kept in ClickHouse
# period_months = 3;
# # how often run the cleanup process
# run_every = "7d";
#}
.include(try=true,priority=5) "${DBDIR}/dynamic/clickhouse.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/clickhouse.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/clickhouse.conf"
}

28
jails/config/mail/rspamd/modules.d/dcc.conf Normal file
View File

@ -0,0 +1,28 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/dcc.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/dcc.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/dcc.html
dcc {
enabled = false;
# Define local socket or TCP servers in upstreams syntax
# When sockets and servers are definined - servers is used!
socket = "/var/dcc/dccifd"; # Unix socket
#servers = "127.0.0.1:10045" # OR TCP upstreams
timeout = 2s; # Timeout to wait for checks
.include(try=true,priority=5) "${DBDIR}/dynamic/dcc.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/dcc.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/dcc.conf"
}

25
jails/config/mail/rspamd/modules.d/dkim.conf Normal file
View File

@ -0,0 +1,25 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/dkim.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/dkim.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/dkim.html
dkim {
dkim_cache_size = 2k;
dkim_cache_expire = 1d;
time_jitter = 6h;
trusted_only = false;
skip_multi = false;
.include(try=true,priority=5) "${DBDIR}/dynamic/dkim.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/dkim.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/dkim.conf"
}

77
jails/config/mail/rspamd/modules.d/dkim_signing.conf Normal file
View File

@ -0,0 +1,77 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/dkim_signing.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/dkim_signing.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
# To configure this module, please also check the following document:
# https://rspamd.com/doc/tutorials/scanning_outbound.html and
# https://rspamd.com/doc/modules/dkim_signing.html
# To enable this module define the following attributes:
# path = "/var/lib/rspamd/dkim/$domain.$selector.key";
# OR
# domain { ... }, if you use per-domain conf
# OR
# set `use_redis=true;` and define redis servers
dkim_signing {
# If false, messages with empty envelope from are not signed
allow_envfrom_empty = true;
# If true, envelope/header domain mismatch is ignored
allow_hdrfrom_mismatch = false;
# If true, multiple from headers are allowed (but only first is used)
allow_hdrfrom_multiple = false;
# If true, username does not need to contain matching domain
allow_username_mismatch = false;
# If false, messages from authenticated users are not selected for signing
auth_only = true;
# Default path to key, can include '$domain' and '$selector' variables
#path = "/var/lib/rspamd/dkim/$domain.$selector.key";
# Default selector to use
selector = "dkim";
# If false, messages from local networks are not selected for signing
sign_local = true;
# Symbol to add when message is signed
symbol = "DKIM_SIGNED";
# Whether to fallback to global config
try_fallback = true;
# Domain to use for DKIM signing: can be "header" or "envelope"
use_domain = "header";
# Whether to normalise domains to eSLD
use_esld = true;
# Whether to get keys from Redis
use_redis = false;
# Hash for DKIM keys in Redis
key_prefix = "DKIM_KEYS";
# Domain specific settings
#domain {
# example.com {
# selectors [
# { # Private key path
# path = "/var/lib/rspamd/dkim/example.key";
# # Selector
# selector = "ds";
# },
# { # multiple dkim signature
# path = "/var/lib/rspamd/dkim/eddsa.key";
# selector = "eddsa";
# }
# ]
# }
#}
.include(try=true,priority=5) "${DBDIR}/dynamic/dkim_signing.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/dkim_signing.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/dkim_signing.conf"
}

19
jails/config/mail/rspamd/modules.d/dmarc.conf Normal file
View File

@ -0,0 +1,19 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/dmarc.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/dmarc.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/dmarc.html
dmarc {
.include(try=true,priority=5) "${DBDIR}/dynamic/dmarc.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/dmarc.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/dmarc.conf"
}

35
jails/config/mail/rspamd/modules.d/elastic.conf Normal file
View File

@ -0,0 +1,35 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/elastic.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/elastic.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/elastic.html
elastic {
# Push update when 10 records are collected (10 if unset)
limit = 10;
# IP:port of Elasticsearch server
#server = "localhost:9200";
# Timeout to wait for response (5 seconds if unset)
timeout = 5;
# Elasticsearch template file (json format)
#template_file = "${SHAREDIR}/elastic/rspamd_template.json";
# Kibana prebuild visualizations and dashboard template (json format)
#kibana_file = "${SHAREDIR}/elastic/kibana.json";
# Elasticsearch index name pattern
index_pattern = "rspamd-%Y.%m.%d";
# Dump debug information
debug = false;
# Import kibana template
import_kibana = false;
.include(try=true,priority=5) "${DBDIR}/dynamic/elastic.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/elastic.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/elastic.conf"
}

8
jails/config/mail/rspamd/modules.d/emails.conf Normal file
View File

@ -0,0 +1,8 @@
# Deprecated, preserved for compatibility purposes! Use rbl module
# Module documentation https://rspamd.com/doc/modules/rbl.html
emails {
.include(try=true,priority=5) "${DBDIR}/dynamic/emails.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/emails.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/emails.conf"
}

92
jails/config/mail/rspamd/modules.d/external_services.conf Normal file
View File

@ -0,0 +1,92 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/external_services.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/external_services.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/external_services.html
external_services {
oletools {
# If set force this action if any virus is found (default unset: no action is forced)
# action = "reject";
# If set, then rejection message is set to this value (mention single quotes)
# If `max_size` is set, messages > n bytes in size are not scanned
# max_size = 20000000;
# log_clean = true;
# servers = "127.0.0.1:10050";
# cache_expire = 86400;
# scan_mime_parts = true;
# extended = false;
# if `patterns` is specified virus name will be matched against provided regexes and the related
# symbol will be yielded if a match is found. If no match is found, default symbol is yielded.
patterns {
# symbol_name = "pattern";
}
# mime-part regex matching in content-type or filename
mime_parts_filter_regex {
#GEN1 = "application\/octet-stream";
DOC2 = "application\/msword";
DOC3 = "application\/vnd\.ms-word.*";
XLS = "application\/vnd\.ms-excel.*";
PPT = "application\/vnd\.ms-powerpoint.*";
GEN2 = "application\/vnd\.openxmlformats-officedocument.*";
}
# Mime-Part filename extension matching (no regex)
mime_parts_filter_ext {
doc = "doc";
dot = "dot";
docx = "docx";
dotx = "dotx";
docm = "docm";
dotm = "dotm";
xls = "xls";
xlt = "xlt";
xla = "xla";
xlsx = "xlsx";
xltx = "xltx";
xlsm = "xlsm";
xltm = "xltm";
xlam = "xlam";
xlsb = "xlsb";
ppt = "ppt";
pot = "pot";
pps = "pps";
ppa = "ppa";
pptx = "pptx";
potx = "potx";
ppsx = "ppsx";
ppam = "ppam";
pptm = "pptm";
potm = "potm";
ppsm = "ppsm";
}
# `whitelist` points to a map of IP addresses. Mail from these addresses is not scanned.
whitelist = "/etc/rspamd/antivirus.wl";
}
dcc {
# If set force this action if any virus is found (default unset: no action is forced)
# action = "reject";
# If set, then rejection message is set to this value (mention single quotes)
# If `max_size` is set, messages > n bytes in size are not scanned
max_size = 20000000;
#servers = "127.0.0.1:10045";
# if `patterns` is specified virus name will be matched against provided regexes and the related
# symbol will be yielded if a match is found. If no match is found, default symbol is yielded.
patterns {
# symbol_name = "pattern";
}
# `whitelist` points to a map of IP addresses. Mail from these addresses is not scanned.
whitelist = "/etc/rspamd/antivirus.wl";
}
.include(try=true,priority=5) "${DBDIR}/dynamic/external_services.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/external_services.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/external_services.conf"
}

22
jails/config/mail/rspamd/modules.d/force_actions.conf Normal file
View File

@ -0,0 +1,22 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/force_actions.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/force_actions.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/force_actions.html
force_actions {
# Refer to https://rspamd.com/doc/modules/force_actions.html for information on configuration
.include(try=true,priority=5) "${DBDIR}/dynamic/force_actions.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/force_actions.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/force_actions.conf"
}

22
jails/config/mail/rspamd/modules.d/forged_recipients.conf Normal file
View File

@ -0,0 +1,22 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/forged_recipients.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/forged_recipients.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/forged_recipients.html
forged_recipients {
symbol_sender = "FORGED_SENDER";
symbol_rcpt = "FORGED_RECIPIENTS";
.include(try=true,priority=5) "${DBDIR}/dynamic/forged_recipients.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/forged_recipients.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/forged_recipients.conf"
}

48
jails/config/mail/rspamd/modules.d/fuzzy_check.conf Normal file
View File

@ -0,0 +1,48 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/fuzzy_check.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/fuzzy_check.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/fuzzy_check.html
fuzzy_check {
min_bytes = 1k; # Since small parts and small attachments causes too many FP
timeout = 2s;
retransmits = 1;
rule "rspamd.com" {
algorithm = "mumhash";
servers = "round-robin:fuzzy1.rspamd.com:11335,fuzzy2.rspamd.com:11335";
encryption_key = "icy63itbhhni8bq15ntp5n5symuixf73s1kpjh6skaq4e7nx5fiy";
symbol = "FUZZY_UNKNOWN";
mime_types = ["*"];
max_score = 20.0;
read_only = yes;
skip_unknown = yes;
short_text_direct_hash = true;
fuzzy_map = {
FUZZY_DENIED {
max_score = 20.0;
flag = 1;
}
FUZZY_PROB {
max_score = 10.0;
flag = 2;
}
FUZZY_WHITE {
max_score = 2.0;
flag = 3;
}
}
}
# Include dynamic conf for the rule
.include(try=true,priority=5) "${DBDIR}/dynamic/fuzzy_check.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/fuzzy_check.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/fuzzy_check.conf"
}

35
jails/config/mail/rspamd/modules.d/greylist.conf Normal file
View File

@ -0,0 +1,35 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/greylist.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/greylist.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/greylisting.html
greylist {
# Search "example.com" and "mail.example.com" for "mx.out.mail.example.com":
whitelist_domains_url = [
"$LOCAL_CONFDIR/local.d/greylist-whitelist-domains.inc",
"$LOCAL_CONFDIR/local.d/maps.d/greylist-whitelist-domains.inc",
];
expire = 1d; # 1 day by default
timeout = 5min; # 5 minutes by default
key_prefix = "rg"; # default hash name
max_data_len = 10k; # default data limit to hash
message = "Try again later"; # default greylisted message
#symbol = "GREYLIST"; # Symbol to insert
action = "soft reject"; # default greylisted action
ipv4_mask = 19; # Mask bits for ipv4
ipv6_mask = 64; # Mask bits for ipv6
.include(try=true,priority=5) "${DBDIR}/dynamic/greylist.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/greylist.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/greylist.conf"
}

26
jails/config/mail/rspamd/modules.d/hfilter.conf Normal file
View File

@ -0,0 +1,26 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/hfilter.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/hfilter.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/hfilter.html
hfilter {
helo_enabled = true;
hostname_enabled = true;
url_enabled = true;
from_enabled = true;
rcpt_enabled = true;
mid_enabled = false;
.include(try=true,priority=5) "${DBDIR}/dynamic/hfilter.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/hfilter.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/hfilter.conf"
}

25
jails/config/mail/rspamd/modules.d/history_redis.conf Normal file
View File

@ -0,0 +1,25 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/history_redis.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/history_redis.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/history_redis.html
history_redis {
#servers = 127.0.0.1:6379; # Redis server to store history
key_prefix = "rs_history"; # Default key name
nrows = 200; # Default rows limit
compress = true; # Use zstd compression when storing data in redis
subject_privacy = false; # subject privacy is off
.include(try=true,priority=5) "${DBDIR}/dynamic/history_redis.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/history_redis.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/history_redis.conf"
}

20
jails/config/mail/rspamd/modules.d/maillist.conf Normal file
View File

@ -0,0 +1,20 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/maillist.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/maillist.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/maillist.html
maillist {
symbol = "MAILLIST";
.include(try=true,priority=5) "${DBDIR}/dynamic/maillist.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/maillist.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/maillist.conf"
}

24
jails/config/mail/rspamd/modules.d/metadata_exporter.conf Normal file
View File

@ -0,0 +1,24 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/metadata_exporter.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/metadata_exporter.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/metadata_exporter.html
metadata_exporter {
# Refer to https://rspamd.com/doc/modules/metadata_exporter.html for information on configuration
rules {
}
.include(try=true,priority=5) "${DBDIR}/dynamic/metadata_exporter.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/metadata_exporter.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/metadata_exporter.conf"
}

21
jails/config/mail/rspamd/modules.d/metric_exporter.conf Normal file
View File

@ -0,0 +1,21 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/metric_exporter.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/metric_exporter.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/metric_exporter.html
metric_exporter {
# Refer to https://rspamd.com/doc/modules/metric_exporter.html for information on configuration
.include(try=true,priority=5) "${DBDIR}/dynamic/metric_exporter.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/metric_exporter.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/metric_exporter.conf"
}

28
jails/config/mail/rspamd/modules.d/mid.conf Normal file
View File

@ -0,0 +1,28 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/mid.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/mid.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/mid.html
mid = {
source = {
url = [
"https://maps.rspamd.com/rspamd/mid.inc.zst",
"$LOCAL_CONFDIR/local.d/maps.d/mid.inc",
"$LOCAL_CONFDIR/local.d/mid.inc",
"fallback+file://${CONFDIR}/maps.d/mid.inc"
];
}
.include(try=true,priority=5) "${DBDIR}/dynamic/mid.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/mid.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/mid.conf"
}

29
jails/config/mail/rspamd/modules.d/milter_headers.conf Normal file
View File

@ -0,0 +1,29 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/milter_headers.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/milter_headers.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/milter_headers.html
milter_headers {
# Refer to https://rspamd.com/doc/modules/milter_headers.html for information on configuration
use = [];
# Compatibility
.include(try=true,priority=5) "${DBDIR}/dynamic/rmilter_headers.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/rmilter_headers.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/rmilter_headers.conf"
.include(try=true,priority=5) "${DBDIR}/dynamic/milter_headers.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/milter_headers.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/milter_headers.conf"
}

40
jails/config/mail/rspamd/modules.d/mime_types.conf Normal file
View File

@ -0,0 +1,40 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/mime_types.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/mime_types.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/mime_types.html
mime_types {
file = [
"https://maps.rspamd.com/rspamd/mime_types.inc.zst",
"$LOCAL_CONFDIR/local.d/maps.d/mime_types.inc.local",
"${DBDIR}/mime_types.inc.local",
"fallback+file://${CONFDIR}/maps.d/mime_types.inc"
]
# Match specific extensions to specific content types
extension_map = {
html = "text/html";
txt = [
"message/disposition-notification",
"text/plain",
"text/rfc822-headers"
];
pdf = [
"application/octet-stream",
"application/pdf"
];
}
.include(try=true,priority=5) "${DBDIR}/dynamic/mime_types.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/mime_types.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/mime_types.conf"
}

167
jails/config/mail/rspamd/modules.d/multimap.conf Normal file
View File

@ -0,0 +1,167 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/multimap.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/multimap.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/multimap.html
multimap {
# Freemail Addresses
freemail_envfrom {
type = "from";
filter = "email:domain";
map = "https://maps.rspamd.com/freemail/free.txt.zst";
symbol = "FREEMAIL_ENVFROM";
description = "Envelope From is a Freemail address";
score = 0.0;
}
freemail_envrcpt {
type = "rcpt";
filter = "email:domain";
map = "https://maps.rspamd.com/freemail/free.txt.zst";
symbol = "FREEMAIL_ENVRCPT";
description = "Envelope Recipient is a Freemail address";
score = 0.0;
}
freemail_from {
type = "header";
header = "from";
filter = "email:domain";
map = "https://maps.rspamd.com/freemail/free.txt.zst";
symbol = "FREEMAIL_FROM";
description = "From is a Freemail address";
score = 0.0;
}
freemail_to {
type = "header";
header = "To";
filter = "email:domain";
map = "https://maps.rspamd.com/freemail/free.txt.zst";
symbol = "FREEMAIL_TO";
description = "To is a Freemail address";
score = 0.0;
}
freemail_cc {
type = "header";
header = "Cc";
filter = "email:domain";
map = "https://maps.rspamd.com/freemail/free.txt.zst";
symbol = "FREEMAIL_CC";
description = "To is a Freemail address";
score = 0.0;
}
freemail_replyto {
type = "header";
header = "Reply-To";
filter = "email:domain";
map = "https://maps.rspamd.com/freemail/free.txt.zst";
symbol = "FREEMAIL_REPLYTO";
description = "Reply-To is a Freemail address";
score = 0.0;
}
# Disposable Addresses
disposable_envfrom {
type = "from";
filter = "email:domain";
map = "https://maps.rspamd.com/freemail/disposable.txt.zst";
symbol = "DISPOSABLE_ENVFROM";
description = "Envelope From is a Disposable e-mail address";
score = 0.0;
}
disposable_envrcpt {
type = "rcpt";
filter = "email:domain";
map = "https://maps.rspamd.com/freemail/disposable.txt.zst";
symbol = "DISPOSABLE_ENVRCPT";
description = "Envelope Recipient is a Disposable e-mail address";
score = 0.0;
}
disposable_from {
type = "header";
header = "from";
filter = "email:domain";
map = "https://maps.rspamd.com/freemail/disposable.txt.zst";
symbol = "DISPOSABLE_FROM";
description = "From a Disposable e-mail address";
score = 0.0;
}
disposable_to {
type = "header";
header = "To";
filter = "email:domain";
map = "https://maps.rspamd.com/freemail/disposable.txt.zst";
symbol = "DISPOSABLE_TO";
description = "To a disposable e-mail address";
score = 0.0;
}
disposable_cc {
type = "header";
header = "Cc";
filter = "email:domain";
map = "https://maps.rspamd.com/freemail/disposable.txt.zst";
symbol = "DISPOSABLE_CC";
description = "To a disposable e-mail address";
score = 0.0;
}
disposable_replyto {
type = "header";
header = "Reply-To";
filter = "email:domain";
map = "https://maps.rspamd.com/freemail/disposable.txt.zst";
symbol = "DISPOSABLE_REPLYTO";
description = "Reply-To a disposable e-mail address";
score = 0.0;
}
.include(try=true,priority=5) "${DBDIR}/dynamic/multimap.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/multimap.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/multimap.conf"
}
/* Example setup
sender_from_whitelist_user {
type = "from";
filter = "email:user";
map = "file:///tmp/from.map";
symbol = "SENDER_FROM_WHITELIST_USER";
action = "accept"; # Prefilter mode
}
sender_from_regexp {
type = "header";
header = "from";
filter = 'regexp:/.*@/';
map = "file:///tmp/from_re.map";
symbol = "SENDER_FROM_REGEXP";
}
url_map {
type = "url";
filter = "tld";
map = "file:///tmp/url.map";
symbol = "URL_MAP";
}
url_tld_re {
type = "url";
filter = 'tld:regexp:/\.[^.]+$/'; # Extracts the last component of URL
map = "file:///tmp/url.map";
symbol = "URL_MAP_RE";
}
*/

43
jails/config/mail/rspamd/modules.d/mx_check.conf Normal file
View File

@ -0,0 +1,43 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/mx_check.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/mx_check.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/mx_check.html
# This module is *DISABLED* by default
# If you need to enable it, then define the following line in
# local.d/mx_check.conf:
#
# enabled = true;
#
# You also need to define redis servers for this module
mx_check {
# connection timeout in seconds
timeout = 1.0;
# symbol yielded if no MX is connectable
symbol_bad_mx = "MX_INVALID";
# symbol yielded if no MX is found
symbol_no_mx = "MX_MISSING";
# symbol yielded if MX is connectable
symbol_good_mx = "MX_GOOD";
# lifetime of redis cache - 1 day by default
expire = 86400;
# prefix used for redis key
key_prefix = "rmx";
# !!! Disabled by default !!!
enabled = false;
.include(try=true,priority=5) "${DBDIR}/dynamic/mx_check.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/mx_check.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/mx_check.conf"
}

37
jails/config/mail/rspamd/modules.d/neural.conf Normal file
View File

@ -0,0 +1,37 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/neural.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/neural.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/neural.html
neural {
#servers = 127.0.0.1:6379; # Redis server to store learning data and ANN
train {
max_train = 1k; # Number of trains per epoch
max_usages = 20; # Number of learn iterations while ANN data is valid
spam_score = 8; # Score to learn spam
ham_score = -2; # Score to learn ham
learning_rate = 0.01; # Rate of learning (Torch only)
max_iterations = 25; # Maximum iterations of learning (Torch only)
}
timeout = 20; # Increase redis timeout
# Legacy support
.include(try=true,priority=5) "${DBDIR}/dynamic/fann_redis.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/fann_redis.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/fann_redis.conf"
.include(try=true,priority=5) "${DBDIR}/dynamic/neural.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/neural.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/neural.conf"
}

26
jails/config/mail/rspamd/modules.d/once_received.conf Normal file
View File

@ -0,0 +1,26 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/once_received.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/once_received.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/once_received.html
once_received {
good_host = "mail";
bad_host = "static";
bad_host = "dynamic";
symbol_strict = "ONCE_RECEIVED_STRICT";
symbol = "ONCE_RECEIVED";
symbol_mx = "DIRECT_TO_MX";
.include(try=true,priority=5) "${DBDIR}/dynamic/once_received.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/once_received.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/once_received.conf"
}

45
jails/config/mail/rspamd/modules.d/p0f.conf Normal file
View File

@ -0,0 +1,45 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/p0f.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/p0f.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/p0f.html
p0f {
# Disable module by default
enabled = false;
# Path to the unix socket that p0f listens on
socket = '/var/run/p0f.sock';
# Connection timeout
timeout = 5s;
# If defined, insert symbol with lookup results
symbol = 'P0F';
# Patterns to match against results returned by p0f
# Symbol will be yielded on OS string, link type or distance matches
patterns = {
WINDOWS = '^Windows.*';
#DSL = '^DSL$';
#DISTANCE10 = '^distance:10$';
}
# Cache lifetime in seconds (default - 2 hours)
expire = 7200;
# Cache key prefix
prefix = 'p0f';
.include(try=true,priority=5) "${DBDIR}/dynamic/p0f.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/p0f.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/p0f.conf"
}

35
jails/config/mail/rspamd/modules.d/phishing.conf Normal file
View File

@ -0,0 +1,35 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/phishing.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/phishing.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/phishing.html
phishing {
symbol = "PHISHING";
# Disabled by default
openphish_enabled = false;
openphish_premium = false;
openphish_map = "https://www.openphish.com/feed.txt";
# Disabled by default
phishtank_enabled = true;
# Make exclusions for known redirectors
redirector_domains = [
"https://maps.rspamd.com/rspamd/redirectors.inc.zst:REDIRECTOR_FALSE",
"$LOCAL_CONFDIR/local.d/maps.d/redirectors.inc:LOCAL_REDIRECTOR_FALSE",
"$LOCAL_CONFDIR/local.d/redirectors.inc:LOCAL_REDIRECTOR_FALSE",
"fallback+file://${CONFDIR}/maps.d/redirectors.inc:REDIRECTOR_FALSE"
];
.include(try=true,priority=5) "${DBDIR}/dynamic/phishing.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/phishing.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/phishing.conf"
}

45
jails/config/mail/rspamd/modules.d/ratelimit.conf Normal file
View File

@ -0,0 +1,45 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/ratelimit.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/ratelimit.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/ratelimit.html
ratelimit {
#rates {
# Predefined ratelimit
#to = {
# bucket = {
# burst = 100;
# rate = 0.01666666666666666666; # leak 1 message per minute
# }
#}
# or define it with selector
#other_limit_alt = {
# selector = 'rcpts:addr.take_n(5)';
# bucket = {
# burst = 100;
# rate = "1 / 1m"; # leak 1 message per minute
# }
#}
#}
# If symbol is specified, then it is inserted *instead* of setting result to soft reject
#symbol = "R_RATELIMIT";
# If info_symbol is specified, then it is inserted next to set the result
#info_symbol = "R_RATELIMIT_INFO";
whitelisted_rcpts = "postmaster,mailer-daemon";
max_rcpt = 5;
.include(try=true,priority=5) "${DBDIR}/dynamic/ratelimit.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/ratelimit.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/ratelimit.conf"
}

325
jails/config/mail/rspamd/modules.d/rbl.conf Normal file
View File

@ -0,0 +1,325 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/rbl.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/rbl.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/rbl.html
rbl {
default_from = true;
default_received = false;
default_exclude_users = true;
default_unknown = true;
url_whitelist = [
"https://maps.rspamd.com/rspamd/surbl-whitelist.inc.zst",
"$LOCAL_CONFDIR/local.d/maps.d/surbl-whitelist.inc.local",
"${DBDIR}/surbl-whitelist.inc.local",
"fallback+file://${CONFDIR}/maps.d/surbl-whitelist.inc"
];
rbls {
spamhaus {
symbol = "SPAMHAUS"; # Augmented by prefixes
rbl = "zen.spamhaus.org";
ipv6 = true;
received = true;
from = true;
symbols_prefixes = {
received = 'RECEIVED',
from = 'RBL',
}
returncodes {
SPAMHAUS_SBL = "127.0.0.2";
SPAMHAUS_CSS = "127.0.0.3";
SPAMHAUS_XBL = ["127.0.0.4", "127.0.0.5",
"127.0.0.6", "127.0.0.7"];
SPAMHAUS_PBL = ["127.0.0.10", "127.0.0.11"];
SPAMHAUS_DROP = "127.0.0.9";
SPAMHAUS_BLOCKED_OPENRESOLVER = "127.255.255.254";
SPAMHAUS_BLOCKED= "127.255.255.255";
}
}
mailspike {
symbol = "MAILSPIKE";
rbl = "rep.mailspike.net";
is_whitelist = true;
whitelist_exception = "MAILSPIKE";
whitelist_exception = "RWL_MAILSPIKE_GOOD";
whitelist_exception = "RWL_MAILSPIKE_NEUTRAL";
whitelist_exception = "RWL_MAILSPIKE_POSSIBLE";
whitelist_exception = "RBL_MAILSPIKE_WORST";
whitelist_exception = "RBL_MAILSPIKE_VERYBAD";
whitelist_exception = "RBL_MAILSPIKE_BAD";
returncodes {
RBL_MAILSPIKE_WORST = "127.0.0.10";
RBL_MAILSPIKE_VERYBAD = "127.0.0.11";
RBL_MAILSPIKE_BAD = "127.0.0.12";
RWL_MAILSPIKE_NEUTRAL = ["127.0.0.16", "127.0.0.15", "127.0.0.14", "127.0.0.13"];
RWL_MAILSPIKE_POSSIBLE = "127.0.0.17";
RWL_MAILSPIKE_GOOD = "127.0.0.18";
RWL_MAILSPIKE_VERYGOOD = "127.0.0.19";
RWL_MAILSPIKE_EXCELLENT = "127.0.0.20";
}
}
senderscore {
symbol = "RBL_SENDERSCORE";
rbl = "bl.score.senderscore.com";
}
sem {
symbol = "RBL_SEM";
rbl = "bl.spameatingmonkey.net";
ipv6 = false;
}
semIPv6 {
symbol = "RBL_SEM_IPV6";
rbl = "bl.ipv6.spameatingmonkey.net";
ipv4 = false;
ipv6 = true;
}
dnswl {
symbol = "RCVD_IN_DNSWL";
rbl = "list.dnswl.org";
ipv6 = true;
is_whitelist = true;
whitelist_exception = "RCVD_IN_DNSWL";
whitelist_exception = "RCVD_IN_DNSWL_NONE";
whitelist_exception = "RCVD_IN_DNSWL_LOW";
whitelist_exception = "DNSWL_BLOCKED";
returncodes {
RCVD_IN_DNSWL_NONE = "127.0.%d+.0";
RCVD_IN_DNSWL_LOW = "127.0.%d+.1";
RCVD_IN_DNSWL_MED = "127.0.%d+.2";
RCVD_IN_DNSWL_HI = "127.0.%d+.3";
DNSWL_BLOCKED = "127.0.0.255";
}
}
# Provided by https://virusfree.cz
virusfree {
symbol = "RBL_VIRUSFREE_UNKNOWN";
rbl = "bip.virusfree.cz";
ipv6 = true;
returncodes {
RBL_VIRUSFREE_BOTNET = "127.0.0.2";
}
}
nixspam {
symbol = "RBL_NIXSPAM";
rbl = "ix.dnsbl.manitu.net";
ipv6 = true;
}
blocklistde {
symbols_prefixes = {
received = 'RECEIVED',
from = 'RBL',
}
symbol = "BLOCKLISTDE";
rbl = "bl.blocklist.de";
ipv6 = true;
received = true;
from = true;
}
dnswl_dwl {
symbol = "DWL_DNSWL";
rbl = "dwl.dnswl.org";
dkim = true;
dkim_domainonly = false;
dkim_match_from = true;
ignore_whitelist = true;
unknown = false;
returncodes {
DWL_DNSWL_NONE = "127.0.%d+.0";
DWL_DNSWL_LOW = "127.0.%d+.1";
DWL_DNSWL_MED = "127.0.%d+.2";
DWL_DNSWL_HI = "127.0.%d+.3";
DWL_DNSWL_BLOCKED = "127.0.0.255";
}
}
# Old emails module
RSPAMD_EMAILBL {
ignore_defaults = true;
emails_delimiter = ".";
hash_format = "base32";
hash_len = 32;
rbl = "email.rspamd.com";
replyto = true;
hash = "blake2";
returncodes = {
RSPAMD_EMAILBL = "127.0.0.2";
}
}
MSBL_EBL {
ignore_defaults = true;
rbl = "ebl.msbl.org";
emails_domainonly = false;
replyto = true;
hash = "sha1";
returncodes = {
MSBL_EBL = [
"127.0.0.2",
"127.0.0.3"
];
MSBL_EBL_GREY = [
"127.0.1.2",
"127.0.1.3"
];
}
}
# Old SURBL module
"SURBL_MULTI" {
ignore_defaults = true;
rbl = "multi.surbl.org";
dkim = true;
emails = true;
emails_domainonly = true;
urls = true;
returnbits = {
CRACKED_SURBL = 128; # From February 2016
ABUSE_SURBL = 64;
MW_SURBL_MULTI = 16;
PH_SURBL_MULTI = 8;
SURBL_BLOCKED = 1;
}
}
"URIBL_MULTI" {
ignore_defaults = true;
rbl = "multi.uribl.com";
dkim = true;
emails = true;
emails_domainonly = true;
urls = true;
returnbits {
URIBL_BLOCKED = 1;
URIBL_BLACK = 2;
URIBL_GREY = 4;
URIBL_RED = 8;
}
}
"RSPAMD_URIBL" {
ignore_defaults = true;
rbl = "uribl.rspamd.com";
dkim = true;
emails = true;
emails_domainonly = true;
urls = true;
hash = 'blake2';
hash_len = 32;
hash_format = 'base32';
returncodes = {
RSPAMD_URIBL = [
"127.0.0.2",
];
}
}
"DBL" {
ignore_defaults = true;
rbl = "dbl.spamhaus.org";
no_ip = true;
dkim = true;
emails = true;
emails_domainonly = true;
urls = true;
returncodes = {
# spam domain
DBL_SPAM = "127.0.1.2";
# phish domain
DBL_PHISH = "127.0.1.4";
# malware domain
DBL_MALWARE = "127.0.1.5";
# botnet C&C domain
DBL_BOTNET = "127.0.1.6";
# abused legit spam
DBL_ABUSE = "127.0.1.102";
# abused spammed redirector domain
DBL_ABUSE_REDIR = "127.0.1.103";
# abused legit phish
DBL_ABUSE_PHISH = "127.0.1.104";
# abused legit malware
DBL_ABUSE_MALWARE = "127.0.1.105";
# abused legit botnet C&C
DBL_ABUSE_BOTNET = "127.0.1.106";
# error - IP queries prohibited!
DBL_PROHIBIT = "127.0.1.255";
# issue #3074
DBL_BLOCKED_OPENRESOLVER = "127.255.255.254";
DBL_BLOCKED = "127.255.255.255";
}
}
# Not enabled by default due to privacy concerns! (see also groups.d/surbl_group.conf)
#"SPAMHAUS_ZEN_URIBL" {
# suffix = "zen.spamhaus.org";
# resolve_ip = true;
# check_emails = true;
# ips {
# URIBL_SBL = "127.0.0.2";
# URIBL_SBL_CSS = "127.0.0.3";
# URIBL_XBL = ["127.0.0.4", "127.0.0.5", "127.0.0.6", "127.0.0.7"];
# URIBL_PBL = ["127.0.0.10", "127.0.0.11"];
# URIBL_DROP = "127.0.0.9";
# }
#}
"SEM_URIBL_UNKNOWN" {
ignore_defaults = true;
rbl = "uribl.spameatingmonkey.net";
no_ip = true;
dkim = true;
emails = true;
emails_domainonly = true;
urls = true;
returnbits {
SEM_URIBL = 2;
}
}
"SEM_URIBL_FRESH15_UNKNOWN" {
ignore_defaults = true;
rbl = "fresh15.spameatingmonkey.net";
no_ip = true;
dkim = true;
emails = true;
emails_domainonly = true;
urls = true;
returnbits {
SEM_URIBL_FRESH15 = 2;
}
}
# Proved to be broken
#"RBL_SARBL_BAD" {
# suffix = "public.sarbl.org";
# noip = true;
# images = true;
#}
}
.include(try=true,priority=5) "${DBDIR}/dynamic/rbl.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/rbl.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/rbl.conf"
}

26
jails/config/mail/rspamd/modules.d/redis.conf Normal file
View File

@ -0,0 +1,26 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/redis.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/redis.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# See https://rspamd.com/doc/configuration/redis.html
redis {
#servers = "127.0.0.1"; # Read servers (unless write_servers are unspecified)
#servers = "master-slave:127.0.0.1,10.0.1.1";
#write_servers = "127.0.0.1"; # Servers to write data
#disabled_modules = ["ratelimit"]; # List of modules that should not use redis from this section
#timeout = 1s;
#db = "0";
#password = "some_password";
.include(try=true,priority=5) "${DBDIR}/dynamic/redis.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/redis.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/redis.conf"
}

21
jails/config/mail/rspamd/modules.d/regexp.conf Normal file
View File

@ -0,0 +1,21 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/regexp.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/regexp.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/regexp.html
regexp {
max_size = 1M;
.include(try=true,priority=5) "${DBDIR}/dynamic/regexp.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/regexp.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/regexp.conf"
}

30
jails/config/mail/rspamd/modules.d/replies.conf Normal file
View File

@ -0,0 +1,30 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/replies.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/replies.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/replies.html
replies {
# This setting is non-default & is required to be set
# Redis servers to use
#servers = "localhost";
# This setting is non-default & may be desirable
#action = "no action";
# These are default settings you may want to change
expire = 86400;
key_prefix = "rr";
message = "Message is reply to one we originated";
symbol = "REPLY";
.include(try=true,priority=5) "${DBDIR}/dynamic/replies.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/replies.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/replies.conf"
}

30
jails/config/mail/rspamd/modules.d/reputation.conf Normal file
View File

@ -0,0 +1,30 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/reputation.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/reputation.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/reputation.html
reputation {
# rules {
# SPF_REPUTATION = {
# selector {
# type = "spf";
# }
# backend {
# type = "redis";
# }
# symbol = "SPF_REPUTATION";
# }
# }
.include(try=true,priority=5) "${DBDIR}/dynamic/reputation.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/reputation.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/reputation.conf"
}

26
jails/config/mail/rspamd/modules.d/rspamd_update.conf Normal file
View File

@ -0,0 +1,26 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/rspamd_update.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/rspamd_update.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/rspamd_update.html
# This module is disabled by default, please don't enable it unless you know
# what are you doing!
rspamd_update {
rules = "sign+https://updates.rspamd.com/rspamd-${BRANCH_VERSION}.ucl";
key = "qxuogdh5eghytji1utkkte1dn3n81c3y5twe61uzoddzwqzuxxyb";
enabled = false; # Disable this module by default
.include(try=true,priority=5) "${DBDIR}/dynamic/rspamd_update.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/rspamd_update.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/rspamd_update.conf"
}

26
jails/config/mail/rspamd/modules.d/spamassassin.conf Normal file
View File

@ -0,0 +1,26 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/spamassassin.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/spamassassin.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/spamassassin.html
spamassassin {
# This config defines no SA files leaving this module efficiently disabled by default
#ruleset = "/path/to/file";
# Limit search size to 100 kilobytes for all regular expressions
#match_limit = 100k;
# Those regexp atoms will not be passed through hyperscan:
#pcre_only = ["RULE1", "__RULE2"];
.include(try=true,priority=5) "${DBDIR}/dynamic/spamassassin.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/spamassassin.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/spamassassin.conf"
}

53
jails/config/mail/rspamd/modules.d/spamtrap.conf Normal file
View File

@ -0,0 +1,53 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/spamtrap.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/spamtrap.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/spamtrap.html
# This module is *DISABLED* by default
# If you need to enable it, then define the following line in
# local.d/spamtrap.conf:
#
# enabled = true;
#
# You also need to define redis servers for this module
spamtrap {
# Optionally set an action
#action = "no action";
# A map file containing regexp entries for spamtrap emails and domains
#map = file://$LOCAL_CONFDIR/maps.d/spamtrap.map
# Name of the symbol
#symbol = "SPAMTRAP";
# A score for this module
#score = 0.0;
# Flag to enable fuzzy learning
learn_fuzzy = false;
# Flag to enable bayes spam learning
learn_spam = false;
# Fuzzy flag
#fuzzy_flag = 1;
# Fuzzy weight
#fuzzy_weight = 10.0;
# Redis key prefix
#key_prefix = 'sptr_';
# Skip spamtrap checks for authorized users
#check_authed = false;
# Skip spamtrap checks for local networks
#check_local = false;
# !!! Disabled by default !!!
enabled = false;
.include(try=true,priority=5) "${DBDIR}/dynamic/spamtrap.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/spamtrap.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/spamtrap.conf"
}

21
jails/config/mail/rspamd/modules.d/spf.conf Normal file
View File

@ -0,0 +1,21 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/spf.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/spf.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/spf.html
spf {
spf_cache_size = 2k;
spf_cache_expire = 1d;
.include(try=true,priority=5) "${DBDIR}/dynamic/spf.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/spf.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/spf.conf"
}

9
jails/config/mail/rspamd/modules.d/surbl.conf Normal file
View File

@ -0,0 +1,9 @@
# Deprecated, use RBL module!
surbl {
rules {
}
.include(try=true,priority=5) "${DBDIR}/dynamic/surbl.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/surbl.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/surbl.conf"
}

37
jails/config/mail/rspamd/modules.d/trie.conf Normal file
View File

@ -0,0 +1,37 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/trie.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/trie.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/trie.html
trie {
# Each subsection defines a single rule with associated symbol
# This config defines no tries leaving this module efficiently disabled by default
# SYMBOL1 {
# # Define rules in the file (it is *NOT* a map)
# file = "/some/path";
# # Raw rules search within the whole undecoded messages
# raw = true;
# # If we have multiple occurrences of strings from this rule
# # then we insert a symbol multiple times
# multi = true;
# }
# SYMBOL2 {
# patterns = [
# "pattern1",
# "pattern2",
# "pattern3"
# ]
# }
.include(try=true,priority=5) "${DBDIR}/dynamic/trie.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/trie.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/trie.conf"
}

27
jails/config/mail/rspamd/modules.d/url_redirector.conf Normal file
View File

@ -0,0 +1,27 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/url_redirector.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/url_redirector.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/url_redirector.html
url_redirector {
expire = 1d; # 1 day by default
timeout = 10; # 10 seconds by default
nested_limit = 1; # How many redirects to follow
#proxy = "http://example.com:3128"; # Send request through proxy
key_prefix = "rdr:"; # default hash name
check_ssl = false; # check ssl certificates
max_size = 10k; # maximum body to process
.include(try=true,priority=5) "${DBDIR}/dynamic/url_redirector.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/url_redirector.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/url_redirector.conf"
}

66
jails/config/mail/rspamd/modules.d/whitelist.conf Normal file
View File

@ -0,0 +1,66 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/whitelist.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/whitelist.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/whitelist.html
whitelist {
rules {
"WHITELIST_SPF" = {
valid_spf = true;
domains = [
"$LOCAL_CONFDIR/local.d/maps.d/spf_whitelist.inc.local",
"${DBDIR}/spf_whitelist.inc.local",
"fallback+file://${CONFDIR}/maps.d/spf_whitelist.inc"
];
score = -1.0
inverse_symbol = "BLACKLIST_SPF";
}
"WHITELIST_DKIM" = {
valid_dkim = true;
domains = [
"$LOCAL_CONFDIR/local.d/maps.d/dkim_whitelist.inc.local",
"${DBDIR}/dkim_whitelist.inc.local",
"fallback+file://${CONFDIR}/maps.d/dkim_whitelist.inc"
];
score = -1.0;
inverse_symbol = "BLACKLIST_DKIM";
}
"WHITELIST_SPF_DKIM" = {
valid_spf = true;
valid_dkim = true;
domains = [
"https://maps.rspamd.com/rspamd/spf_dkim_whitelist.inc.zst",
"$LOCAL_CONFDIR/local.d/maps.d/spf_dkim_whitelist.inc.local",
"${DBDIR}/spf_dkim_whitelist.inc.local",
"fallback+file://${CONFDIR}/maps.d/spf_dkim_whitelist.inc"
];
score = -3.0;
inverse_symbol = "BLACKLIST_SPF_DKIM";
}
"WHITELIST_DMARC" = {
valid_dmarc = true;
domains = [
"https://maps.rspamd.com/rspamd/dmarc_whitelist_new.inc.zst",
"$LOCAL_CONFDIR/local.d/maps.d/dmarc_whitelist.inc.local",
"${DBDIR}/dmarc_whitelist.inc.local",
"fallback+file://${CONFDIR}/maps.d/dmarc_whitelist.inc"
];
score = -7.0;
inverse_symbol = "BLACKLIST_DMARC";
}
}
.include(try=true,priority=5) "${DBDIR}/dynamic/whitelist.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/whitelist.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/whitelist.conf"
}

68
jails/config/mail/rspamd/options.inc Normal file
View File

@ -0,0 +1,68 @@
# Logging configuration
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/options.inc' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/options.inc' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Relevant documentation: https://rspamd.com/doc/configuration/options.html
filters = "chartable,dkim,spf,regexp,fuzzy_check";
raw_mode = false;
one_shot = false;
cache_file = "$DBDIR/symbols.cache";
# How often maps are checked (
map_watch_interval = 5min;
# Multiplier for watch interval for files
map_file_watch_multiplier = 0.1;
dynamic_conf = "$DBDIR/rspamd_dynamic";
history_file = "$DBDIR/rspamd.history";
check_all_filters = false;
# Default settings
dns_max_requests = 64;
max_lua_urls = 1024;
dns {
timeout = 1s;
sockets = 16;
retransmits = 5;
}
tempdir = "/tmp";
url_tld = "${SHAREDIR}/effective_tld_names.dat";
classify_headers = [
"User-Agent",
"X-Mailer",
"Content-Type",
"X-MimeOLE",
];
control_socket = "$DBDIR/rspamd.sock mode=0600";
history_rows = 200;
explicit_modules = ["settings", "bayes_expiry"];
# Scan messages even if they are not MIME
allow_raw_input = true;
# Start ignore words when reaching the following limit, so the total
# amount of words processed will not be *LIKELY more than the twice of that limit
words_decay = 600;
# Write statistics about rspamd usage to the round-robin database
rrd = "${DBDIR}/rspamd.rrd";
# Local networks
local_addrs = [192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12, fd00::/8, 169.254.0.0/16, fe80::/10];
hs_cache_dir = "${DBDIR}/";
# Timeout for messages processing (must be larger than any internal timeout used)
task_timeout = 8s;
# Emit soft reject when timeout takes place
soft_reject_on_timeout = false;

67
jails/config/mail/rspamd/rspamd.conf Normal file
View File

@ -0,0 +1,67 @@
# System V init adopted top level configuration
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
# parameters defined on the top level
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
# parameters defined on the top level
#
# For specific modules or configuration you can also modify
# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
#
# See https://rspamd.com/doc/tutorials/writing_rules.html for details
.include "$CONFDIR/common.conf"
options {
pidfile = "$RUNDIR/rspamd.pid";
.include "$CONFDIR/options.inc"
.include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/options.inc"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/options.inc"
}
.include(try=true; duplicate=merge) "$CONFDIR/cgp.inc"
.include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/cgp.inc"
logging {
type = "file";
filename = "$LOGDIR/rspamd.log";
.include "$CONFDIR/logging.inc"
.include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/logging.inc"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/logging.inc"
}
worker "normal" {
bind_socket = "localhost:11333";
.include "$CONFDIR/worker-normal.inc"
.include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/worker-normal.inc"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/worker-normal.inc"
}
worker "controller" {
bind_socket = "localhost:11334";
.include "$CONFDIR/worker-controller.inc"
.include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/worker-controller.inc"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/worker-controller.inc"
}
worker "rspamd_proxy" {
bind_socket = "localhost:11332";
.include "$CONFDIR/worker-proxy.inc"
.include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/worker-proxy.inc"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/worker-proxy.inc"
}
# Local fuzzy storage is disabled by default
worker "fuzzy" {
bind_socket = "localhost:11335";
count = -1; # Disable by default
.include "$CONFDIR/worker-fuzzy.inc"
.include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/worker-fuzzy.inc"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/worker-fuzzy.inc"
}

11
jails/config/mail/rspamd/rspamd.newsyslog.conf Normal file
View File

@ -0,0 +1,11 @@
# newsyslog configuration file for rspamd(8)
#
# Link (or copy) rspamd.newsyslog.conf to /usr/local/etc/newsyslog.conf.d/
# to take care of log rotation.
#
# ln -s /usr/local/etc/rspamd/rspamd.newsyslog.conf /usr/local/etc/newsyslog.conf.d
#
# See newsyslog.conf(5) for details.
#
# logfilename [owner:group] mode count size when flags [/pid_file] [sig_num]
/var/log/rspamd/rspamd.log rspamd:rspamd 644 7 * @T00 JC /var/run/rspamd/rspamd.pid 30

11
jails/config/mail/rspamd/rspamd.newsyslog.conf.sample Normal file
View File

@ -0,0 +1,11 @@
# newsyslog configuration file for rspamd(8)
#
# Link (or copy) rspamd.newsyslog.conf to /usr/local/etc/newsyslog.conf.d/
# to take care of log rotation.
#
# ln -s /usr/local/etc/rspamd/rspamd.newsyslog.conf /usr/local/etc/newsyslog.conf.d
#
# See newsyslog.conf(5) for details.
#
# logfilename [owner:group] mode count size when flags [/pid_file] [sig_num]
/var/log/rspamd/rspamd.log rspamd:rspamd 644 7 * @T00 JC /var/run/rspamd/rspamd.pid 30

37
jails/config/mail/rspamd/scores.d/fuzzy_group.conf Normal file
View File

@ -0,0 +1,37 @@
# Fuzzy rules scores
#
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
# parameters defined on the top level
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
# parameters defined on the top level
#
# For specific modules or configuration you can also modify
# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
#
# See https://rspamd.com/doc/tutorials/writing_rules.html for details
description = "Fuzzy hashes group";
symbols = {
"FUZZY_UNKNOWN" {
weight = 5.0;
description = "Generic fuzzy hash match, bl.rspamd.com";
}
"FUZZY_DENIED" {
weight = 12.0;
description = "Denied fuzzy hash, bl.rspamd.com";
}
"FUZZY_PROB" {
weight = 5.0;
description = "Probable fuzzy hash, bl.rspamd.com";
}
"FUZZY_WHITE" {
weight = -2.1;
description = "Whitelisted fuzzy hash, bl.rspamd.com";
}
}

67
jails/config/mail/rspamd/scores.d/headers_group.conf Normal file
View File

@ -0,0 +1,67 @@
# Headers rules scores
#
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
# parameters defined on the top level
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
# parameters defined on the top level
#
# For specific modules or configuration you can also modify
# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
#
# See https://rspamd.com/doc/tutorials/writing_rules.html for details
description = "Various headers checks";
symbols = {
"FORGED_SENDER" {
weight = 0.3;
description = "Sender is forged (different From: header and smtp MAIL FROM: addresses)";
}
"R_MIXED_CHARSET" {
weight = 5.0;
description = "Mixed characters in a message";
one_shot = true;
}
"R_MIXED_CHARSET_URL" {
weight = 7.0;
description = "Mixed characters in a URL inside message";
one_shot = true;
}
"FORGED_RECIPIENTS" {
weight = 2.0;
description = "Recipients are not the same as RCPT TO: mail command";
}
"FORGED_RECIPIENTS_MAILLIST" {
weight = 0.0;
description = "Recipients are not the same as RCPT TO: mail command, but a message from a maillist";
}
"FORGED_SENDER_MAILLIST" {
weight = 0.0;
description = "Sender is not the same as MAIL FROM: envelope, but a message is from a maillist";
}
"ONCE_RECEIVED" {
weight = 0.1;
description = "One received header in a message";
}
"RDNS_NONE" {
weight = 1.0;
description = "Cannot resolve reverse DNS for sender's IP";
}
"RDNS_DNSFAIL" {
weight = 0.0;
description = "PTR verification DNS error";
}
"ONCE_RECEIVED_STRICT" {
weight = 4.0;
description = "One received header with 'bad' patterns inside";
}
"MAILLIST" {
weight = -0.2;
description = "Message seems to be from maillist";
}
}

133
jails/config/mail/rspamd/scores.d/hfilter_group.conf Normal file
View File

@ -0,0 +1,133 @@
# Host and connection rules scores
#
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
# parameters defined on the top level
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
# parameters defined on the top level
#
# For specific modules or configuration you can also modify
# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
#
# See https://rspamd.com/doc/tutorials/writing_rules.html for details
description = "SMTP envelope filter";
symbols = {
"HFILTER_HELO_BAREIP" {
weight = 3.0;
description = "Helo host is bare ip";
}
"HFILTER_HELO_BADIP" {
weight = 4.5;
description = "Helo host is very bad ip";
}
"HFILTER_HELO_1" {
weight = 0.5;
description = "Helo host checks (very low)";
}
"HFILTER_HELO_2" {
weight = 1.0;
description = "Helo host checks (low)";
}
"HFILTER_HELO_3" {
weight = 2.0;
description = "Helo host checks (medium)";
}
"HFILTER_HELO_4" {
weight = 2.5;
description = "Helo host checks (hard)";
}
"HFILTER_HELO_5" {
weight = 3.0;
description = "Helo host checks (very hard)";
}
"HFILTER_HOSTNAME_1" {
weight = 0.5;
description = "Hostname checks (very low)";
}
"HFILTER_HOSTNAME_2" {
weight = 1.0;
description = "Hostname checks (low)";
}
"HFILTER_HOSTNAME_3" {
weight = 2.0;
description = "Hostname checks (medium)";
}
"HFILTER_HOSTNAME_4" {
weight = 2.5;
description = "Hostname checks (hard)";
}
"HFILTER_HOSTNAME_5" {
weight = 3.0;
description = "Hostname checks (very hard)";
}
"HFILTER_HELO_NORESOLVE_MX" {
weight = 0.2;
description = "MX found in Helo and no resolve";
}
"HFILTER_HELO_NORES_A_OR_MX" {
weight = 0.3;
description = "Helo no resolve to A or MX";
}
"HFILTER_HELO_IP_A" {
weight = 1.0;
description = "Helo A IP != hostname IP";
}
"HFILTER_HELO_NOT_FQDN" {
weight = 2.0;
description = "Helo not FQDN";
}
"HFILTER_FROMHOST_NORESOLVE_MX" {
weight = 0.5;
description = "MX found in FROM host and no resolve";
}
"HFILTER_FROMHOST_NORES_A_OR_MX" {
weight = 1.5;
description = "FROM host no resolve to A or MX";
}
"HFILTER_FROMHOST_NOT_FQDN" {
weight = 3.0;
description = "FROM host not FQDN";
}
"HFILTER_FROM_BOUNCE" {
weight = 0.0;
description = "Bounce message";
}
/*
# Disabled by default
"HFILTER_MID_NORESOLVE_MX" {
weight = 0.5;
description = "MX found in Message-id host and no resolve";
}
"HFILTER_MID_NORES_A_OR_MX" {
weight = 0.5;
name = ;
description = "Message-id host no resolve to A or MX";
}
"HFILTER_MID_NOT_FQDN" {
weight = 0.5;
description = "Message-id host not FQDN";
}
*/
"HFILTER_HOSTNAME_UNKNOWN" {
weight = 2.5;
description = "Unknown client hostname (PTR or FCrDNS verification failed)";
}
"HFILTER_RCPT_BOUNCEMOREONE" {
weight = 1.5;
description = "Message from bounce and over 1 recipient";
}
"HFILTER_URL_ONLY" {
weight = 2.2;
description = "URL only in body";
}
"HFILTER_URL_ONELINE" {
weight = 2.5;
description = "One line URL and text in body";
}
}

66
jails/config/mail/rspamd/scores.d/mime_types_group.conf Normal file
View File

@ -0,0 +1,66 @@
# Mime types rules scores
#
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
# parameters defined on the top level
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
# parameters defined on the top level
#
# For specific modules or configuration you can also modify
# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
#
# See https://rspamd.com/doc/tutorials/writing_rules.html for details
description = "Mime attachments rules";
symbols = {
"MIME_GOOD" {
weight = -0.1;
description = "Known content-type";
one_shot = true;
}
"MIME_BAD" {
weight = 1.0;
description = "Known bad content-type";
one_shot = true;
}
"MIME_UNKNOWN" {
weight = 0.1;
description = "Missing or unknown content-type";
one_shot = true;
}
"MIME_BAD_ATTACHMENT" {
weight = 4.0;
description = "Invalid attachment mime type";
one_shot = true;
}
"MIME_ENCRYPTED_ARCHIVE" {
weight = 2.0;
description = "Encrypted archive in a message";
one_shot = true;
}
"MIME_ARCHIVE_IN_ARCHIVE" {
weight = 5.0;
description = "Archive within another archive";
one_shot = true;
}
"MIME_DOUBLE_BAD_EXTENSION" {
weight = 3.0; # This rule has dynamic weight up to 4.0
description = "Bad extension cloaking";
one_shot = true;
}
"MIME_BAD_EXTENSION" {
weight = 2.0; # This rule has dynamic weight up to 4.0
description = "Bad extension";
one_shot = true;
}
"MIME_BAD_UNICODE" {
weight = 8.0;
description = "Filename with known obscured unicode characters";
one_shot = true;
}
}

25
jails/config/mail/rspamd/scores.d/mua_group.conf Normal file
View File

@ -0,0 +1,25 @@
# MUA rules scores
#
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
# parameters defined on the top level
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
# parameters defined on the top level
#
# For specific modules or configuration you can also modify
# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
#
# See https://rspamd.com/doc/tutorials/writing_rules.html for details
description = "MUA forgeries";
symbols = {
"FORGED_MUA_MAILLIST" {
weight = 0.0;
description = "Avoid false positives for FORGED_MUA_* in maillist";
}
}

40
jails/config/mail/rspamd/scores.d/phishing_group.conf Normal file
View File

@ -0,0 +1,40 @@
# Phishing rules scores
#
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
# parameters defined on the top level
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
# parameters defined on the top level
#
# For specific modules or configuration you can also modify
# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
#
# See https://rspamd.com/doc/tutorials/writing_rules.html for details
description = "Phishing in emails";
max_score = 10.0;
symbols = {
"PHISHING" {
weight = 4.0;
description = "Phished URL";
one_shot = true;
}
"PHISHED_OPENPHISH" {
weight = 7.0;
description = "Phished URL found in openphish.com";
}
"PHISHED_PHISHTANK" {
weight = 7.0;
description = "Phished URL found in phishtank.com";
}
HACKED_WP_PHISHING {
weight = 4.5;
description = "Phishing message from hacked wordpress";
}
}

124
jails/config/mail/rspamd/scores.d/policies_group.conf Normal file
View File

@ -0,0 +1,124 @@
# Policies rules scores, includes SPF, DKIM, DMARC and ARC symbols
#
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
# parameters defined on the top level
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
# parameters defined on the top level
#
# For specific modules or configuration you can also modify
# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
#
# See https://rspamd.com/doc/tutorials/writing_rules.html for details
description = "SPF, DKIM, DMARC, ARC";
symbols = {
# SPF
"R_SPF_FAIL" {
weight = 1.0;
description = "SPF verification failed";
groups = ["spf"];
}
"R_SPF_SOFTFAIL" {
weight = 0.0;
description = "SPF verification soft-failed";
groups = ["spf"];
}
"R_SPF_NEUTRAL" {
weight = 0.0;
description = "SPF policy is neutral";
groups = ["spf"];
}
"R_SPF_ALLOW" {
weight = -0.2;
description = "SPF verification allows sending";
groups = ["spf"];
}
"R_SPF_DNSFAIL" {
weight = 0.0;
description = "SPF DNS failure";
groups = ["spf"];
}
# DKIM
"R_DKIM_REJECT" {
weight = 1.0;
description = "DKIM verification failed";
one_shot = true;
groups = ["dkim"];
}
"R_DKIM_TEMPFAIL" {
weight = 0.0;
description = "DKIM verification soft-failed";
groups = ["dkim"];
}
"R_DKIM_ALLOW" {
weight = -0.2;
description = "DKIM verification succeed";
one_shot = true;
groups = ["dkim"];
}
# DMARC
"DMARC_POLICY_ALLOW" {
weight = -0.5;
description = "DMARC permit policy";
groups = ["dmarc"];
}
"DMARC_POLICY_ALLOW_WITH_FAILURES" {
weight = -0.5;
description = "DMARC permit policy with DKIM/SPF failure";
groups = ["dmarc"];
}
"DMARC_POLICY_REJECT" {
weight = 2.0;
description = "DMARC reject policy";
groups = ["dmarc"];
}
"DMARC_POLICY_QUARANTINE" {
weight = 1.5;
description = "DMARC quarantine policy";
groups = ["dmarc"];
}
"DMARC_POLICY_SOFTFAIL" {
weight = 0.1;
description = "DMARC failed";
groups = ["dmarc"];
}
# ARC
"ARC_ALLOW" {
weight = -1.0;
description = "ARC checks success";
groups = ["arc"];
}
"ARC_REJECT" {
weight = 2.0;
description = "ARC checks failed";
groups = ["arc"];
}
"ARC_INVALID" {
weight = 1.0;
description = "ARC structure invalid";
groups = ["arc"];
}
"ARC_DNSFAIL" {
weight = 0.0;
description = "ARC DNS error";
groups = ["arc"];
}
"ARC_NA" {
weight = 0.0;
description = "ARC signature absent";
groups = ["arc"];
}
}

254
jails/config/mail/rspamd/scores.d/rbl_group.conf Normal file
View File

@ -0,0 +1,254 @@
# RBL rules scores
#
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
# parameters defined on the top level
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
# parameters defined on the top level
#
# For specific modules or configuration you can also modify
# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
#
# See https://rspamd.com/doc/tutorials/writing_rules.html for details
description = "IP DNS lists";
symbols = {
"DNSWL_BLOCKED" {
weight = 0.0;
description = "Resolver blocked due to excessive queries";
groups = ["dnswl", "blocked"];
}
"RCVD_IN_DNSWL" {
weight = 0.0;
description = "Unrecognised result from https://www.dnswl.org";
groups = ["dnswl"];
}
"RCVD_IN_DNSWL_NONE" {
weight = 0.0;
description = "Sender listed at https://www.dnswl.org, no trust";
groups = ["dnswl"];
}
"RCVD_IN_DNSWL_LOW" {
weight = -0.1;
description = "Sender listed at https://www.dnswl.org, low trust";
groups = ["dnswl"];
}
"RCVD_IN_DNSWL_MED" {
weight = -0.2;
description = "Sender listed at https://www.dnswl.org, medium trust";
groups = ["dnswl"];
}
"RCVD_IN_DNSWL_HI" {
weight = -0.5;
description = "Sender listed at https://www.dnswl.org, high trust";
groups = ["dnswl"];
}
"DWL_DNSWL_BLOCKED" {
weight = 0.0;
description = "Resolver blocked due to excessive queries (dwl)";
groups = ["dnswl", "blocked"];
}
"DWL_DNSWL" {
weight = 0.0;
description = "Unrecognised result from https://www.dnswl.org (dwl)";
groups = ["dnswl"];
}
"DWL_DNSWL_NONE" {
weight = 0.0;
description = "Message has a valid dkim signature originated from domain listed at https://www.dnswl.org, no trust";
groups = ["dnswl"];
}
"DWL_DNSWL_LOW" {
weight = -1.0;
description = "Message has a valid dkim signature originated from domain listed at https://www.dnswl.org, low trust";
groups = ["dnswl"];
}
"DWL_DNSWL_MED" {
weight = -2.0;
description = "Message has a valid dkim signature originated from domain listed at https://www.dnswl.org, medium trust";
groups = ["dnswl"];
}
"DWL_DNSWL_HI" {
weight = -3.5;
description = "Message has a valid dkim signature originated from domain listed at https://www.dnswl.org, high trust";
groups = ["dnswl"];
}
"RBL_SPAMHAUS" {
weight = 0.0;
description = "Unrecognised result from Spamhaus ZEN";
groups = ["spamhaus"];
}
"RBL_SPAMHAUS_SBL" {
weight = 2.0;
description = "From address is listed in ZEN SBL";
groups = ["spamhaus"];
}
"RBL_SPAMHAUS_CSS" {
weight = 2.0;
description = "From address is listed in ZEN CSS";
groups = ["spamhaus"];
}
"RBL_SPAMHAUS_XBL" {
weight = 4.0;
description = "From address is listed in ZEN XBL";
groups = ["spamhaus"];
}
"RBL_SPAMHAUS_XBL_ANY" {
weight = 4.0;
description = "From or received address is listed in ZEN XBL (any list)";
groups = ["spamhaus"];
}
"RBL_SPAMHAUS_PBL" {
weight = 2.0;
description = "From address is listed in ZEN PBL (ISP list)";
groups = ["spamhaus"];
}
"RBL_SPAMHAUS_DROP" {
weight = 7.0;
description = "From address is listed in ZEN DROP BL";
groups = ["spamhaus"];
}
"RBL_SPAMHAUS_BLOCKED_OPENRESOLVER" {
weight = 0.0;
description = "You are querying Spamhaus from an open resolver, please see https://www.spamhaus.org/returnc/pub/";
groups = ["spamhaus"];
}
"RBL_SPAMHAUS_BLOCKED" {
weight = 0.0;
description = "You are exceeding the query limit, please see https://www.spamhaus.org/returnc/vol/";
groups = ["spamhaus"];
}
"RECEIVED_SPAMHAUS_SBL" {
weight = 1.0;
description = "Received address is listed in ZEN SBL";
groups = ["spamhaus"];
one_shot = true;
}
"RECEIVED_SPAMHAUS_CSS" {
weight = 1.0;
description = "Received address is listed in ZEN CSS";
groups = ["spamhaus"];
one_shot = true;
}
"RECEIVED_SPAMHAUS_XBL" {
weight = 3.0;
description = "Received address is listed in ZEN XBL";
groups = ["spamhaus"];
one_shot = true;
}
"RECEIVED_SPAMHAUS_PBL" {
weight = 0.0;
description = "Received address is listed in ZEN PBL (ISP list)";
groups = ["spamhaus"];
one_shot = true;
}
"RECEIVED_SPAMHAUS_DROP" {
weight = 6.0;
description = "Received address is listed in ZEN DROP BL";
groups = ["spamhaus"];
one_shot = true;
}
"RECEIVED_SPAMHAUS_BLOCKED_OPENRESOLVER" {
weight = 0.0;
description = "You are querying Spamhaus from an open resolver, please see https://www.spamhaus.org/returnc/pub/";
groups = ["spamhaus"];
}
"RECEIVED_SPAMHAUS_BLOCKED" {
weight = 0.0;
description = "You are exceeding the query limit, please see https://www.spamhaus.org/returnc/vol/";
groups = ["spamhaus"];
}
"RBL_SENDERSCORE" {
weight = 2.0;
description = "From address is listed in senderscore.com BL";
}
"MAILSPIKE" {
weight = 0.0;
description = "Unrecognised result from Mailspike";
groups = ["mailspike"];
}
"RWL_MAILSPIKE_NEUTRAL" {
weight = 0.0;
description = "Neutral result from Mailspike";
groups = ["mailspike"];
}
"RBL_MAILSPIKE_WORST" {
weight = 2.0;
description = "From address is listed in RBL - worst possible reputation";
groups = ["mailspike"];
}
"RBL_MAILSPIKE_VERYBAD" {
weight = 1.5;
description = "From address is listed in RBL - very bad reputation";
groups = ["mailspike"];
}
"RBL_MAILSPIKE_BAD" {
weight = 1.0;
description = "From address is listed in RBL - bad reputation";
groups = ["mailspike"];
}
"RWL_MAILSPIKE_POSSIBLE" {
weight = 0.0;
description = "From address is listed in RWL - possibly legit";
groups = ["mailspike"];
}
"RWL_MAILSPIKE_GOOD" {
weight = 0.0;
description = "From address is listed in RWL - good reputation";
groups = ["mailspike"];
}
"RWL_MAILSPIKE_VERYGOOD" {
weight = 0.0;
description = "From address is listed in RWL - very good reputation";
groups = ["mailspike"];
}
"RWL_MAILSPIKE_EXCELLENT" {
weight = 0.0;
description = "From address is listed in RWL - excellent reputation";
groups = ["mailspike"];
}
"RBL_SEM" {
weight = 1.0;
description = "From address is listed in Spameatingmonkey RBL";
groups = ["sem"];
}
"RBL_SEM_IPV6" {
weight = 1.0;
description = "From address is listed in Spameatingmonkey RBL (IPv6)";
groups = ["sem"];
}
"RBL_VIRUSFREE_BOTNET" {
weight = 2.0;
description = "From address is listed in virusfree.cz BL";
}
"RBL_NIXSPAM" {
weight = 4.0;
description = "From address is listed in NiX Spam (http://www.dnsbl.manitu.net/)";
}
"RBL_BLOCKLISTDE" {
weight = 4.0;
description = "From address is listed in Blocklist (https://www.blocklist.de/)";
groups = ["blocklistde"];
}
"RECEIVED_BLOCKLISTDE" {
weight = 3.0;
description = "Received address is listed in Blocklist (https://www.blocklist.de/)";
groups = ["blocklistde"];
one_shot = true;
}
}

29
jails/config/mail/rspamd/scores.d/statistics_group.conf Normal file
View File

@ -0,0 +1,29 @@
# Bayes and statistics rules scores
#
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
# parameters defined on the top level
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
# parameters defined on the top level
#
# For specific modules or configuration you can also modify
# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
#
# See https://rspamd.com/doc/tutorials/writing_rules.html for details
description = "Statistical symbols";
symbols = {
"BAYES_SPAM" {
weight = 5.1;
description = "Message probably spam, probability: ";
}
"BAYES_HAM" {
weight = -3.0;
description = "Message probably ham, probability: ";
}
}

23
jails/config/mail/rspamd/scores.d/subject_group.conf Normal file
View File

@ -0,0 +1,23 @@
# Subject rules scores
#
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
# parameters defined on the top level
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
# parameters defined on the top level
#
# For specific modules or configuration you can also modify
# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
#
# See https://rspamd.com/doc/tutorials/writing_rules.html for details
description = "Subject filters";
symbols = {
}
max_score = 6.0;

228
jails/config/mail/rspamd/scores.d/surbl_group.conf Normal file
View File

@ -0,0 +1,228 @@
# URIBL rules scores
#
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
# parameters defined on the top level
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
# parameters defined on the top level
#
# For specific modules or configuration you can also modify
# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
#
# See https://rspamd.com/doc/tutorials/writing_rules.html for details
description = "URL DNS lists";
max_score = 12.5;
symbols = {
"SURBL_BLOCKED" {
weight = 0.0;
description = "SURBL: blocked by policy/overusage";
groups = ["surblorg", "blocked"];
}
"PH_SURBL_MULTI" {
weight = 5.5;
description = "SURBL: Phishing sites";
groups = ["surblorg", "phishing"];
}
"MW_SURBL_MULTI" {
weight = 5.5;
description = "SURBL: Malware sites";
groups = ["surblorg"];
}
"ABUSE_SURBL" {
weight = 5.5;
description = "SURBL: ABUSE";
groups = ["surblorg"];
}
"CRACKED_SURBL" {
weight = 4.0;
description = "SURBL: cracked site";
groups = ["surblorg"];
}
"RSPAMD_URIBL" {
weight = 4.5;
description = "Rspamd uribl, bl.rspamd.com";
one_shot = true;
groups = ["rspamdbl"];
}
"RSPAMD_EMAILBL" {
weight = 2.5;
description = "Rspamd emailbl, bl.rspamd.com";
one_shot = true;
groups = ["rspamdbl"];
}
"MSBL_EBL" {
weight = 7.5;
description = "MSBL emailbl";
one_shot = true;
groups = ["ebl"];
}
"MSBL_EBL_GREY" {
weight = 0.5; # TODO: test it
description = "MSBL emailbl grey list";
one_shot = true;
groups = ["ebl"];
}
"SEM_URIBL_UNKNOWN" {
weight = 0.0;
description = "Spameatingmonkey uribl: unknown result";
groups = ["sem"];
}
"SEM_URIBL" {
weight = 3.5;
description = "Spameatingmonkey uribl";
groups = ["sem"];
}
"SEM_URIBL_FRESH15_UNKNOWN" {
weight = 0.0;
description = "Spameatingmonkey Fresh15 uribl: unknown result";
groups = ["sem"];
}
"SEM_URIBL_FRESH15" {
weight = 3.0;
description = "Spameatingmonkey uribl. Domains registered in the last 15 days (.AERO,.BIZ,.COM,.INFO,.NAME,.NET,.PRO,.SK,.TEL,.US)";
groups = ["sem"];
}
"DBL" {
weight = 0.0;
description = "DBL unknown result";
groups = ["spamhaus"];
}
"DBL_SPAM" {
weight = 6.5;
description = "DBL uribl spam";
groups = ["spamhaus"];
}
"DBL_PHISH" {
weight = 6.5;
description = "DBL uribl phishing";
groups = ["spamhaus"];
}
"DBL_MALWARE" {
weight = 6.5;
description = "DBL uribl malware";
groups = ["spamhaus"];
}
"DBL_BOTNET" {
weight = 5.5;
description = "DBL uribl botnet C&C domain";
groups = ["spamhaus"];
}
"DBL_ABUSE" {
weight = 6.5;
description = "DBL uribl abused legit spam";
groups = ["spamhaus"];
}
"DBL_ABUSE_REDIR" {
weight = 1.5;
description = "DBL uribl abused spammed redirector domain";
groups = ["spamhaus"];
}
"DBL_ABUSE_PHISH" {
weight = 7.5;
description = "DBL uribl abused legit phish";
groups = ["spamhaus"];
}
"DBL_ABUSE_MALWARE" {
weight = 7.5;
description = "DBL uribl abused legit malware";
groups = ["spamhaus"];
}
"DBL_ABUSE_BOTNET" {
weight = 5.5;
description = "DBL uribl abused legit botnet C&C";
groups = ["spamhaus"];
}
"DBL_PROHIBIT" {
weight = 0.0;
description = "DBL uribl IP queries prohibited!";
groups = ["spamhaus"];
}
"DBL_BLOCKED_OPENRESOLVER" {
weight = 0.0;
description = "You are querying Spamhaus from an open resolver, please see https://www.spamhaus.org/returnc/pub/";
groups = ["spamhaus"];
}
"DBL_BLOCKED" {
weight = 0.0;
description = "You are exceeding the query limit, please see https://www.spamhaus.org/returnc/vol/";
groups = ["spamhaus"];
}
"URIBL_MULTI" {
weight = 0.0;
description = "uribl.com: unrecognised result";
groups = ["uribl"];
}
"URIBL_BLOCKED" {
weight = 0.0;
description = "uribl.com: query refused";
groups = ["uribl", "blocked"];
}
"URIBL_BLACK" {
weight = 7.5;
description = "uribl.com black url";
groups = ["uribl"];
}
"URIBL_RED" {
weight = 3.5;
description = "uribl.com red url";
groups = ["uribl"];
}
"URIBL_GREY" {
weight = 1.5;
description = "uribl.com grey url";
one_shot = true;
groups = ["uribl"];
}
#"SPAMHAUS_ZEN_URIBL" {
# weight = 0.0;
# description = "Spamhaus ZEN URIBL: Filtered result";
# groups = ["spamhaus"];
#}
#"URIBL_SBL" {
# weight = 6.5;
# description = "A domain in the message body resolves to an IP listed in Spamhaus SBL";
# one_shot = true;
# groups = ["v"];
#}
#"URIBL_SBL_CSS" {
# weight = 6.5;
# description = "A domain in the message body resolves to an IP listed in Spamhaus SBL CSS";
# one_shot = true;
# groups = ["spamhaus"];
#}
#"URIBL_XBL" {
# weight = 1.5;
# description = "A domain in the message body resolves to an IP listed in Spamhaus XBL";
# one_shot = true;
# groups = ["spamhaus"];
#}
#"URIBL_PBL" {
# weight = 0.01;
# description = "A domain in the message body resolves to an IP listed in Spamhaus PBL";
# groups = ["spamhaus"];
#}
#"URIBL_DROP" {
# weight = 5.0;
# description = "A domain in the message body resolves to an IP listed in Spamhaus DROP";
# one_shot = true;
# groups = ["spamhaus"];
#}
#"RBL_SARBL_BAD" {
# weight = 2.5;
# description = "A domain in the message body is blacklisted in SARBL";
# one_shot = true;
#}
}

55
jails/config/mail/rspamd/scores.d/whitelist_group.conf Normal file
View File

@ -0,0 +1,55 @@
# Whitelist rules scores
#
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
# parameters defined on the top level
#
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
# parameters defined on the top level
#
# For specific modules or configuration you can also modify
# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
#
# See https://rspamd.com/doc/tutorials/writing_rules.html for details
description = "White lists group";
max_score = 10.0;
symbols = {
"WHITELIST_SPF" {
weight = -1.0;
description = "Mail comes from the whitelisted domain and has a valid SPF policy";
}
"BLACKLIST_SPF" {
weight = 1.0;
description = "Mail comes from the whitelisted domain and has no valid SPF policy";
}
"WHITELIST_DKIM" {
weight = -1.0;
description = "Mail comes from the whitelisted domain and has a valid DKIM signature";
}
"BLACKLIST_DKIM" {
weight = 2.0;
description = "Mail comes from the whitelisted domain and has non-valid DKIM signature";
}
"WHITELIST_SPF_DKIM" {
weight = -3.0;
description = "Mail comes from the whitelisted domain and has valid SPF and DKIM policies";
}
"BLACKLIST_SPF_DKIM" {
weight = 3.0;
description = "Mail comes from the whitelisted domain and has no valid SPF policy or a bad DKIM signature";
}
"WHITELIST_DMARC" {
weight = -7.0;
description = "Mail comes from the whitelisted domain and has valid DMARC and DKIM policies";
}
"BLACKLIST_DMARC" {
weight = 6.0;
description = "Mail comes from the whitelisted domain and has valid failed DMARC and DKIM policies";
}
}

66
jails/config/mail/rspamd/settings.conf Normal file
View File

@ -0,0 +1,66 @@
# Settings setup
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/settings.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/settings.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation: https://rspamd.com/doc/configuration/settings.html
# If you want to use settings map, then please define something like:
#
# settings = "http://example.com/settings.json"
#
# in rspamd.conf.override
settings {
# Some examples below (define in local.d/settings.conf without `settings {}`!)
#some_users {
# id = "some_users";
# priority = high;
# from = "@example.com";
# rcpt = "admin";
# rcpt = "/user.*/";
# ip = "172.16.0.0/16";
# user = "@example.net";
# request_header = {
# "MTA-Tag" = "\.example\.net$";
# }
# apply {
# symbol1 = 10.0;
# symbol2 = 0.0;
# actions {
# reject = 100.0;
# greylist = 10.0;
# "add header" = 5.0; # Please note the space, NOT an underscore
# }
# }
# Always add these symbols when settings rule has matched
# symbols [
# "symbol2", "symbol4"
# ]
#}
#whitelist {
# priority = low;
# rcpt = "postmaster@example.com";
# want_spam = yes;
#}
# Disable some checks for authenticated users
#authenticated {
# priority = high;
# authenticated = yes;
# apply {
# groups_disabled = ["rbl", "spf"];
# }
#}
# End of examples
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/settings.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/settings.conf"
}

58
jails/config/mail/rspamd/statistic.conf Normal file
View File

@ -0,0 +1,58 @@
# Statistics setup
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/statistics.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/statistics.conf' to strictly override all
# parameters defined inside this section
#
# If you just need to change the default bayes classifier, you can also use
# 'local.d/classifier-bayes.conf' or 'override.d/classifier-bayes.conf'. But
# never ever use both `statistics.conf` and `classifier-bayes.conf` locals files
# together!
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation: https://rspamd.com/doc/configuration/statistic.html
classifier "bayes" {
tokenizer {
name = "osb";
}
cache {
}
new_schema = true; # Always use new schema
store_tokens = false; # Redefine if storing of tokens is desired
signatures = false; # Store learn signatures
#per_user = true; # Enable per user classifier
min_tokens = 11;
backend = "redis";
min_learns = 200;
statfile {
symbol = "BAYES_HAM";
spam = false;
}
statfile {
symbol = "BAYES_SPAM";
spam = true;
}
learn_condition = 'return require("lua_bayes_learn").can_learn';
# Autolearn sample
# autolearn {
# spam_threshold = 6.0; # When to learn spam (score >= threshold)
# ham_threshold = -0.5; # When to learn ham (score <= threshold)
# check_balance = true; # Check spam and ham balance
# min_balance = 0.9; # Keep diff for spam/ham learns for at least this value
#}
.include(try=true; priority=1) "$LOCAL_CONFDIR/local.d/classifier-bayes.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/classifier-bayes.conf"
}
.include(try=true; priority=1) "$LOCAL_CONFDIR/local.d/statistic.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/statistic.conf"

19
jails/config/mail/rspamd/worker-controller.inc Normal file
View File

@ -0,0 +1,19 @@
# Controller worker setup
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/worker-controller.inc' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/worker-controller.inc' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
# Module documentation: https://rspamd.com/doc/workers/controller.html
count = 1;
password = "q1";
secure_ip = "127.0.0.1";
secure_ip = "::1";
static_dir = "${WWWDIR}";

22
jails/config/mail/rspamd/worker-fuzzy.inc Normal file
View File

@ -0,0 +1,22 @@
# Fuzzy storage worker setup
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/worker-fuzzy.inc' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/worker-fuzzy.inc' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
# Module documentation: https://rspamd.com/doc/workers/fuzzy_storage.html
backend = "redis";
# For sqlite stuff
#backend = "sqlite";
#hash_file = "${DBDIR}/fuzzy.db";
expire = 90d;
allow_update = ["localhost"];

15
jails/config/mail/rspamd/worker-normal.inc Normal file
View File

@ -0,0 +1,15 @@
# Normal scanner worker setup
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/worker-normal.inc' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/worker-normal.inc' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
# Module documentation: https://rspamd.com/doc/workers/normal.html
mime = true;

28
jails/config/mail/rspamd/worker-proxy.inc Normal file
View File

@ -0,0 +1,28 @@
# Proxy worker setup
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/worker-proxy.inc' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/worker-proxy.inc' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
# Module documentation: https://rspamd.com/doc/workers/rspamd_proxy.html
milter = yes; # Enable milter mode
timeout = 120s; # Needed for Milter usually
upstream "local" {
default = yes;
hosts = "localhost";
}
count = 1; # Do not spawn too many processes of this type
max_retries = 5; # How many times master is queried in case of failure
discard_on_reject = false; # Discard message instead of rejection
quarantine_on_reject = false; # Tell MTA to quarantine rejected messages
spam_header = "X-Spam"; # Use the specific spam header
reject_message = "Spam message rejected"; # Use custom rejection message