policy = "leave";
description = "Message contains redirector, anonymous or IPFS gateway URL and is marked by fuzzy/bayes/SURBL/RBL";
}
+ MIME_BAD_EXT_IN_OBFUSCATED_ARCHIVE {
+ expression = "MIME_BAD_EXTENSION and MIME_OBFUSCATED_ARCHIVE";
+ score = 8.0;
+ policy = leave;
+ description = "Attachment with bad extension and archive that has filename with clear obfuscation signs";
+ }
+ MIME_BAD_EXT_WITH_BAD_UNICODE {
+ expression = "MIME_BAD_EXTENSION and MIME_BAD_UNICODE";
+ score = 8.0;
+ policy = leave;
+ description = "Attachment with bad extension and filename that has known obscured unicode characters";
+ }
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/composites.conf"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/composites.conf"
one_shot = true;
}
"MIME_OBFUSCATED_ARCHIVE" {
- weight = 8.0;
+ weight = 2.0;
description = "Archive has files with clear obfuscation signs";
one_shot = true;
}
one_shot = true;
}
"MIME_BAD_UNICODE" {
- weight = 8.0;
+ weight = 2.0;
description = "Filename with known obscured unicode characters";
one_shot = true;
}
projects / thirdparty / rspamd.git / commitdiff
