committing changes in /etc made by "-bash"

Package changes:

.etckeeper

@@ -4469,6 +4469,7 @@ maybe chmod 0755 'rspamd/modules.d'
 maybe chmod 0644 'rspamd/modules.d/antivirus.conf'
 maybe chmod 0644 'rspamd/modules.d/arc.conf'
 maybe chmod 0644 'rspamd/modules.d/asn.conf'
+maybe chmod 0644 'rspamd/modules.d/aws_s3.conf'
 maybe chmod 0644 'rspamd/modules.d/chartable.conf'
 maybe chmod 0644 'rspamd/modules.d/clickhouse.conf'
 maybe chmod 0644 'rspamd/modules.d/dcc.conf'
@@ -4477,6 +4478,7 @@ maybe chmod 0644 'rspamd/modules.d/dkim_signing.conf'
 maybe chmod 0644 'rspamd/modules.d/dmarc.conf'
 maybe chmod 0644 'rspamd/modules.d/elastic.conf'
 maybe chmod 0644 'rspamd/modules.d/emails.conf'
+maybe chmod 0644 'rspamd/modules.d/external_relay.conf'
 maybe chmod 0644 'rspamd/modules.d/external_services.conf'
 maybe chmod 0644 'rspamd/modules.d/force_actions.conf'
 maybe chmod 0644 'rspamd/modules.d/forged_recipients.conf'

rspamd/maps.d/mime_types.inc

@@ -1341,6 +1341,8 @@ image/vnd.tencent.tap 0
 image/vnd.valve.source.texture 0
 image/vnd.xiff 0
 image/vnd.zbrush.pcx 0
+image/wmf 0
+image/x-wmf 0
 message/CPIM 0
 message/delivery-status 0
 message/disposition-notification 0

rspamd/modules.d/aws_s3.conf

@@ -0,0 +1,26 @@
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/asn.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/asn.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at  https://rspamd.com/doc/modules/asn.html
+
+aws_s3 {
+  # Required attributes
+  #s3_bucket = 'xxx';
+  s3_region = 'us-east-1';
+  #s3_secret_key = 'xxx';
+  #s3_key_id = 'xxx';
+  # Enable in local.d/aws_s3.conf
+  enabled = false;
+  .include(try=true,priority=5) "${DBDIR}/dynamic/aws_s3.conf"
+  .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/aws_s3.conf"
+  .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/aws_s3.conf"
+}

rspamd/modules.d/external_relay.conf

@@ -0,0 +1,22 @@
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/external_relay.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/external_relay.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at  https://rspamd.com/doc/modules/external_relay.html
+
+external_relay {
+  # This module is default-disabled
+  enabled = false;
+
+  .include(try=true,priority=5) "${DBDIR}/dynamic/external_relay.conf"
+  .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/external_relay.conf"
+  .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/external_relay.conf"
+}

rspamd/modules.d/phishing.conf

@@ -21,13 +21,20 @@ phishing {
   # Phishtank is disabled by default in the module, so let's enable it here explicitly
   phishtank_enabled = true;
 
-  # Make exclusions for known redirectors
+  # Make exclusions for known redirectors and domains
-  redirector_domains = [
+  exceptions = {
-    "https://maps.rspamd.com/rspamd/redirectors.inc.zst:REDIRECTOR_FALSE",
+    REDIRECTOR_FALSE = [
-    "$LOCAL_CONFDIR/local.d/maps.d/redirectors.inc:LOCAL_REDIRECTOR_FALSE",
+      "https://maps.rspamd.com/rspamd/redirectors.inc.zst",
-    "$LOCAL_CONFDIR/local.d/redirectors.inc:LOCAL_REDIRECTOR_FALSE",
+      "$LOCAL_CONFDIR/local.d/maps.d/redirectors.inc",
-    "fallback+file://${CONFDIR}/maps.d/redirectors.inc:REDIRECTOR_FALSE"
+      "$LOCAL_CONFDIR/local.d/redirectors.inc",
-  ];
+      "fallback+file://${CONFDIR}/maps.d/redirectors.inc"
+    ];
+    PHISHED_WHITELISTED = [
+      "glob;https://maps.rspamd.com/rspamd/phishing_whitelist.inc.zst",
+      "glob;$LOCAL_CONFDIR/local.d/maps.d/phishing_whitelist.inc",
+      "glob;$LOCAL_CONFDIR/local.d/phishing_whitelist.inc",
+    ];
+  };
 
   .include(try=true,priority=5) "${DBDIR}/dynamic/phishing.conf"
   .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/phishing.conf"

rspamd/scores.d/phishing_group.conf

@@ -41,4 +41,8 @@ symbols = {
         weight = 0.0;
         description = "Phishing exclusion symbol for known redirectors";
     }
+    PHISHED_WHITELISTED {
+        weight = 0.0;
+        description = "Phishing exclusion symbol for known exceptions";
+    }
 }

rspamd/scores.d/policies_group.conf

@@ -126,13 +126,13 @@ symbols = {
     }
 
     "ARC_REJECT" {
-        weight = 2.0;
+        weight = 1.0;
         description = "ARC checks failed";
         groups = ["arc"];
     }
 
     "ARC_INVALID" {
-        weight = 1.0;
+        weight = 0.5;
         description = "ARC structure invalid";
         groups = ["arc"];
     }