saving uncommitted changes in /etc prior to dnf run

2023-10-23 15:56:04 +03:00
parent 04237a62d6
commit 7817b40ae2
84 changed files with 6999 additions and 3629 deletions
--- a/rspamd/modules.d/aws_s3.conf
+++ b/rspamd/modules.d/aws_s3.conf
@@ -1,16 +1,16 @@
 # Please don't modify this file as your changes might be overwritten with
 # the next update.
 #
-# You can modify 'local.d/asn.conf' to add and merge
+# You can modify 'local.d/aws_s3.conf' to add and merge
 # parameters defined inside this section
 #
-# You can modify 'override.d/asn.conf' to strictly override all
+# You can modify 'override.d/aws_s3.conf' to strictly override all
 # parameters defined inside this section
 #
 # See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
 # for details
 #
-# Module documentation can be found at  https://rspamd.com/doc/modules/asn.html
+# Module documentation can be found at  https://rspamd.com/doc/modules/aws_s3.html

 aws_s3 {
  # Required attributes
--- a/rspamd/modules.d/known_senders.conf
+++ b/rspamd/modules.d/known_senders.conf
@@ -0,0 +1,31 @@
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/known_senders.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/known_senders.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at  https://rspamd.com/doc/modules/known_senders.html
+
+known_senders {
+  # This module is default-disabled
+  enabled = false;
+
+  # Domains to track senders
+  domains = "https://maps.rspamd.com/freemail/free.txt.zst";
+  # Maximum number of elements
+  max_senders = 100000;
+  # Maximum time to live (when not using bloom filters)
+  max_ttl = 30d;
+  # Use bloom filters (must be enabled in Redis as a plugin)
+  use_bloom = false;
+
+  .include(try=true,priority=5) "${DBDIR}/dynamic/known_senders.conf"
+  .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/known_senders.conf"
+  .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/known_senders.conf"
+}
--- a/rspamd/modules.d/phishing.conf
+++ b/rspamd/modules.d/phishing.conf
@@ -21,6 +21,12 @@ phishing {
  # Phishtank is disabled by default in the module, so let's enable it here explicitly
  phishtank_enabled = true;

+  # List of excluded hosts from checks over openphish, phishtank and generic_service
+  phishing_feed_exclusion_symbol = "PHISHED_EXCLUDED";
+  # Disabled by default
+  phishing_feed_exclusion_enabled = false;
+  phishing_feed_exclusion_map = "$LOCAL_CONFDIR/local.d/maps.d/phishing_feed_exclusion.inc";
+
  # Make exclusions for known redirectors and domains
  exceptions = {
    REDIRECTOR_FALSE = [
--- a/rspamd/modules.d/rbl.conf
+++ b/rspamd/modules.d/rbl.conf
@@ -110,11 +110,11 @@ rbl {
      whitelist_exception = "RCVD_IN_DNSWL_LOW";
      whitelist_exception = "DNSWL_BLOCKED";
      returncodes {
-        RCVD_IN_DNSWL_NONE = "127.0.%d+.0";
-        RCVD_IN_DNSWL_LOW = "127.0.%d+.1";
-        RCVD_IN_DNSWL_MED = "127.0.%d+.2";
-        RCVD_IN_DNSWL_HI = "127.0.%d+.3";
-        DNSWL_BLOCKED = "127.0.0.255";
+        RCVD_IN_DNSWL_NONE = ["127%.0%.%d%.0", "127%.0%.[02-9]%d%.0", "127%.0%.1[1-9]%.0", "127%.0%.[12]%d%d%.0"];
+        RCVD_IN_DNSWL_LOW = ["127%.0%.%d%.1", "127%.0%.[02-9]%d%.1", "127%.0%.1[1-9]%.1", "127%.0%.[12]%d%d%.1"];
+        RCVD_IN_DNSWL_MED = ["127%.0%.%d%.2", "127%.0%.[02-9]%d%.2", "127%.0%.1[1-9]%.2", "127%.0%.[12]%d%d%.2"];
+        RCVD_IN_DNSWL_HI = ["127%.0%.%d%.3", "127%.0%.[02-9]%d%.3", "127%.0%.1[1-9]%.3", "127%.0%.[12]%d%d%.3"];
+        DNSWL_BLOCKED = ["127%.0%.0%.255", "127%.0%.10%.%d+"];
      }
    }

@@ -155,11 +155,11 @@ rbl {
      unknown = false;

      returncodes {
-        DWL_DNSWL_NONE = "127.0.%d+.0";
-        DWL_DNSWL_LOW = "127.0.%d+.1";
-        DWL_DNSWL_MED = "127.0.%d+.2";
-        DWL_DNSWL_HI = "127.0.%d+.3";
-        DWL_DNSWL_BLOCKED = "127.0.0.255";
+        DWL_DNSWL_NONE = ["127%.0%.%d%.0", "127%.0%.[02-9]%d%.0", "127%.0%.1[1-9]%.0", "127%.0%.[12]%d%d%.0"];
+        DWL_DNSWL_LOW = ["127%.0%.%d%.1", "127%.0%.[02-9]%d%.1", "127%.0%.1[1-9]%.1", "127%.0%.[12]%d%d%.1"];
+        DWL_DNSWL_MED = ["127%.0%.%d%.2", "127%.0%.[02-9]%d%.2", "127%.0%.1[1-9]%.2", "127%.0%.[12]%d%d%.2"];
+        DWL_DNSWL_HI = ["127%.0%.%d%.3", "127%.0%.[02-9]%d%.3", "127%.0%.1[1-9]%.3", "127%.0%.[12]%d%d%.3"];
+        DWL_DNSWL_BLOCKED = ["127%.0%.0%.255", "127%.0%.10%.%d+"];
      }
    }

--- a/rspamd/modules.d/redis.conf
+++ b/rspamd/modules.d/redis.conf
@@ -19,6 +19,7 @@ redis {
  #disabled_modules = ["ratelimit"]; # List of modules that should not use redis from this section
  #timeout = 1s;
  #db = "0";
+  #username = "some_username";
  #password = "some_password";
  .include(try=true,priority=5) "${DBDIR}/dynamic/redis.conf"
  .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/redis.conf"