bogdan/zira-etc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Initial commit.

Browse Source
This commit is contained in:
Bogdan Stoica
2021-05-24 22:18:33 +03:00
commit e2954d55f4
3701 changed files with 330017 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

323
rspamd/modules.d/rbl.conf Normal file
View File

@@ -0,0 +1,323 @@
# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/rbl.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/rbl.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at https://rspamd.com/doc/modules/rbl.html
rbl {
default_exclude_users = true;
default_exclude_local = true;
default_unknown = true;
default_dkim_domainonly = true;
default_dkim_match_from = false;
default_ipv4 = true;
default_ipv6 = true;
url_whitelist = [
"https://maps.rspamd.com/rspamd/surbl-whitelist.inc.zst",
"$LOCAL_CONFDIR/local.d/maps.d/surbl-whitelist.inc.local",
"${DBDIR}/surbl-whitelist.inc.local",
"fallback+file://${CONFDIR}/maps.d/surbl-whitelist.inc"
];
rbls {
spamhaus {
symbol = "SPAMHAUS"; # Augmented by prefixes
rbl = "zen.spamhaus.org";
# Check types
checks = ['received', 'from'];
symbols_prefixes = {
received = 'RECEIVED',
from = 'RBL',
}
returncodes {
SPAMHAUS_SBL = "127.0.0.2";
SPAMHAUS_CSS = "127.0.0.3";
SPAMHAUS_XBL = ["127.0.0.4", "127.0.0.5",
"127.0.0.6", "127.0.0.7"];
SPAMHAUS_PBL = ["127.0.0.10", "127.0.0.11"];
SPAMHAUS_DROP = "127.0.0.9";
SPAMHAUS_BLOCKED_OPENRESOLVER = "127.255.255.254";
SPAMHAUS_BLOCKED= "127.255.255.255";
}
}
mailspike {
symbol = "MAILSPIKE";
rbl = "rep.mailspike.net";
is_whitelist = true;
checks = ['from'];
whitelist_exception = "MAILSPIKE";
whitelist_exception = "RWL_MAILSPIKE_GOOD";
whitelist_exception = "RWL_MAILSPIKE_NEUTRAL";
whitelist_exception = "RWL_MAILSPIKE_POSSIBLE";
whitelist_exception = "RBL_MAILSPIKE_WORST";
whitelist_exception = "RBL_MAILSPIKE_VERYBAD";
whitelist_exception = "RBL_MAILSPIKE_BAD";
returncodes {
RBL_MAILSPIKE_WORST = "127.0.0.10";
RBL_MAILSPIKE_VERYBAD = "127.0.0.11";
RBL_MAILSPIKE_BAD = "127.0.0.12";
RWL_MAILSPIKE_NEUTRAL = ["127.0.0.16", "127.0.0.15", "127.0.0.14", "127.0.0.13"];
RWL_MAILSPIKE_POSSIBLE = "127.0.0.17";
RWL_MAILSPIKE_GOOD = "127.0.0.18";
RWL_MAILSPIKE_VERYGOOD = "127.0.0.19";
RWL_MAILSPIKE_EXCELLENT = "127.0.0.20";
}
}
senderscore {
symbol = "RBL_SENDERSCORE";
checks = ['from'];
rbl = "bl.score.senderscore.com";
}
sem {
symbol = "RBL_SEM";
rbl = "bl.spameatingmonkey.net";
ipv6 = false;
checks = ['from'];
}
semIPv6 {
symbol = "RBL_SEM_IPV6";
rbl = "bl.ipv6.spameatingmonkey.net";
ipv4 = false;
ipv6 = true;
checks = ['from'];
}
dnswl {
symbol = "RCVD_IN_DNSWL";
rbl = "list.dnswl.org";
ipv6 = true;
checks = ['from', 'received'];
is_whitelist = true;
whitelist_exception = "RCVD_IN_DNSWL";
whitelist_exception = "RCVD_IN_DNSWL_NONE";
whitelist_exception = "RCVD_IN_DNSWL_LOW";
whitelist_exception = "DNSWL_BLOCKED";
returncodes {
RCVD_IN_DNSWL_NONE = "127.0.%d+.0";
RCVD_IN_DNSWL_LOW = "127.0.%d+.1";
RCVD_IN_DNSWL_MED = "127.0.%d+.2";
RCVD_IN_DNSWL_HI = "127.0.%d+.3";
DNSWL_BLOCKED = "127.0.0.255";
}
}
# Provided by https://virusfree.cz
virusfree {
symbol = "RBL_VIRUSFREE_UNKNOWN";
rbl = "bip.virusfree.cz";
ipv6 = true;
checks = ['from'];
returncodes {
RBL_VIRUSFREE_BOTNET = "127.0.0.2";
}
}
nixspam {
symbol = "RBL_NIXSPAM";
rbl = "ix.dnsbl.manitu.net";
ipv6 = true;
checks = ['from'];
}
blocklistde {
symbols_prefixes = {
received = 'RECEIVED',
from = 'RBL',
}
symbol = "BLOCKLISTDE";
rbl = "bl.blocklist.de";
ipv6 = true;
checks = ['from', 'received'];
}
# Dkim whitelist
dnswl_dwl {
symbol = "DWL_DNSWL";
rbl = "dwl.dnswl.org";
checks = ['dkim'];
ignore_whitelist = true;
unknown = false;
returncodes {
DWL_DNSWL_NONE = "127.0.%d+.0";
DWL_DNSWL_LOW = "127.0.%d+.1";
DWL_DNSWL_MED = "127.0.%d+.2";
DWL_DNSWL_HI = "127.0.%d+.3";
DWL_DNSWL_BLOCKED = "127.0.0.255";
}
}
RSPAMD_EMAILBL {
ignore_whitelist = true;
ignore_defaults = true;
emails_delimiter = ".";
hash_format = "base32";
hash_len = 32;
rbl = "email.rspamd.com";
checks = ['emails', 'replyto'];
hash = "blake2";
returncodes = {
RSPAMD_EMAILBL = "127.0.0.2";
}
}
MSBL_EBL {
ignore_whitelist = true;
ignore_defaults = true;
rbl = "ebl.msbl.org";
checks = ['emails', 'replyto'];
emails_domainonly = false;
hash = "sha1";
returncodes = {
MSBL_EBL = [
"127.0.0.2",
"127.0.0.3"
];
MSBL_EBL_GREY = [
"127.0.1.2",
"127.0.1.3"
];
}
}
# Old SURBL module
"SURBL_MULTI" {
ignore_defaults = true;
rbl = "multi.surbl.org";
checks = ['emails', 'dkim', 'urls'];
emails_domainonly = true;
returnbits = {
CRACKED_SURBL = 128; # From February 2016
ABUSE_SURBL = 64;
MW_SURBL_MULTI = 16;
PH_SURBL_MULTI = 8;
SURBL_BLOCKED = 1;
}
}
"URIBL_MULTI" {
ignore_defaults = true;
rbl = "multi.uribl.com";
checks = ['emails', 'dkim', 'urls'];
emails_domainonly = true;
returnbits {
URIBL_BLOCKED = 1;
URIBL_BLACK = 2;
URIBL_GREY = 4;
URIBL_RED = 8;
}
}
"RSPAMD_URIBL" {
ignore_defaults = true;
rbl = "uribl.rspamd.com";
checks = ['emails', 'dkim', 'urls'];
emails_domainonly = true;
hash = 'blake2';
hash_len = 32;
hash_format = 'base32';
returncodes = {
RSPAMD_URIBL = [
"127.0.0.2",
];
}
}
"DBL" {
ignore_defaults = true;
rbl = "dbl.spamhaus.org";
no_ip = true;
checks = ['emails', 'dkim', 'urls'];
emails_domainonly = true;
returncodes = {
# spam domain
DBL_SPAM = "127.0.1.2";
# phish domain
DBL_PHISH = "127.0.1.4";
# malware domain
DBL_MALWARE = "127.0.1.5";
# botnet C&C domain
DBL_BOTNET = "127.0.1.6";
# abused legit spam
DBL_ABUSE = "127.0.1.102";
# abused spammed redirector domain
DBL_ABUSE_REDIR = "127.0.1.103";
# abused legit phish
DBL_ABUSE_PHISH = "127.0.1.104";
# abused legit malware
DBL_ABUSE_MALWARE = "127.0.1.105";
# abused legit botnet C&C
DBL_ABUSE_BOTNET = "127.0.1.106";
# error - IP queries prohibited!
DBL_PROHIBIT = "127.0.1.255";
# issue #3074
DBL_BLOCKED_OPENRESOLVER = "127.255.255.254";
DBL_BLOCKED = "127.255.255.255";
}
}
# Not enabled by default due to privacy concerns! (see also groups.d/surbl_group.conf)
#"SPAMHAUS_ZEN_URIBL" {
# suffix = "zen.spamhaus.org";
# resolve_ip = true;
# check_emails = true;
# ips {
# URIBL_SBL = "127.0.0.2";
# URIBL_SBL_CSS = "127.0.0.3";
# URIBL_XBL = ["127.0.0.4", "127.0.0.5", "127.0.0.6", "127.0.0.7"];
# URIBL_PBL = ["127.0.0.10", "127.0.0.11"];
# URIBL_DROP = "127.0.0.9";
# }
#}
"SEM_URIBL_UNKNOWN" {
ignore_defaults = true;
rbl = "uribl.spameatingmonkey.net";
no_ip = true;
checks = ['emails', 'dkim', 'urls'];
emails_domainonly = true;
returnbits {
SEM_URIBL = 2;
}
}
"SEM_URIBL_FRESH15_UNKNOWN" {
ignore_defaults = true;
rbl = "fresh15.spameatingmonkey.net";
no_ip = true;
checks = ['emails', 'dkim', 'urls'];
emails_domainonly = true;
returnbits {
SEM_URIBL_FRESH15 = 2;
}
}
# Proved to be broken
#"RBL_SARBL_BAD" {
# suffix = "public.sarbl.org";
# noip = true;
# images = true;
#}
}
.include(try=true,priority=5) "${DBDIR}/dynamic/rbl.conf"
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/rbl.conf"
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/rbl.conf"
}