return findings
end
- -- Check if private IP using rspamd_ip
- local ip = rspamd_util.parse_addr(host)
- local is_private = ip and ip:is_local()
+ -- Parse IP address using rspamd_ip for proper checks
+ local rspamd_ip = require "rspamd_ip"
+ local ip = rspamd_ip.from_string(host)
+
+ if not ip or not ip:is_valid() then
+ return findings
+ end
+
+ -- Check if private IP using rspamd_ip API
+ local is_private = ip:is_local()
if is_private and cfg.allow_private_ranges then
table.insert(findings, {
end
end
- -- Optional: check IP range map if configured (works with rspamd_ip objects)
- if maps.suspicious_ips and ip then
+ -- Optional: check IP range map if configured (radix maps work with rspamd_ip)
+ if maps.suspicious_ips then
if maps.suspicious_ips:get_key(ip) then
lua_util.debugm(N, task, "IP is in suspicious range")
-- Could add additional penalty
URL Suspect - Issue 5731 - Long User Field
# Test that URLs with oversized user fields are parsed and scored
Scan File ${RSPAMD_TESTDIR}/messages/url_suspect_long_user.eml
+ ... Settings={symbols_enabled = [URL_SUSPECT_CHECK, URL_USER_LONG, URL_USER_VERY_LONG, URL_USER_PASSWORD]}
Expect Symbol With Exact Options URL_USER_LONG 129
Do Not Expect Symbol URL_USER_VERY_LONG
URL Suspect - Very Long User Field
# Test that very long user fields get appropriate symbol
Scan File ${RSPAMD_TESTDIR}/messages/url_suspect_very_long_user.eml
+ ... Settings={symbols_enabled = [URL_SUSPECT_CHECK, URL_USER_LONG, URL_USER_VERY_LONG, URL_USER_PASSWORD]}
Expect Symbol With Exact Options URL_USER_VERY_LONG 300
URL Suspect - Numeric IP
# Test numeric IP detection
Scan File ${RSPAMD_TESTDIR}/messages/url_suspect_numeric_ip.eml
+ ... Settings={symbols_enabled = [URL_SUSPECT_CHECK, URL_NUMERIC_IP, URL_NUMERIC_IP_USER, URL_NUMERIC_PRIVATE_IP]}
Expect Symbol URL_NUMERIC_IP
Do Not Expect Symbol URL_NUMERIC_IP_USER
URL Suspect - Numeric IP with User
# Test numeric IP with user field (more suspicious)
Scan File ${RSPAMD_TESTDIR}/messages/url_suspect_numeric_ip_user.eml
+ ... Settings={symbols_enabled = [URL_SUSPECT_CHECK, URL_NUMERIC_IP, URL_NUMERIC_IP_USER, URL_NUMERIC_PRIVATE_IP]}
Expect Symbol URL_NUMERIC_IP_USER
URL Suspect - Suspicious TLD
# Test suspicious TLD detection
Scan File ${RSPAMD_TESTDIR}/messages/url_suspect_bad_tld.eml
+ ... Settings={symbols_enabled = [URL_SUSPECT_CHECK, URL_SUSPICIOUS_TLD, URL_NO_TLD]}
Expect Symbol URL_SUSPICIOUS_TLD
URL Suspect - Multiple At Signs
# Test multiple @ sign detection
Scan File ${RSPAMD_TESTDIR}/messages/url_suspect_multiple_at.eml
+ ... Settings={symbols_enabled = [URL_SUSPECT_CHECK, URL_MULTIPLE_AT_SIGNS]}
Expect Symbol URL_MULTIPLE_AT_SIGNS
URL Suspect - Normal URL
# Test that normal URLs don't trigger symbols
Scan File ${RSPAMD_TESTDIR}/messages/url_suspect_normal.eml
+ ... Settings={symbols_enabled = [URL_SUSPECT_CHECK, URL_USER_PASSWORD, URL_NUMERIC_IP, URL_SUSPICIOUS_TLD]}
Do Not Expect Symbol URL_USER_PASSWORD
Do Not Expect Symbol URL_NUMERIC_IP
Do Not Expect Symbol URL_SUSPICIOUS_TLD
projects / thirdparty / rspamd.git / commitdiff
