From d0ccef3dc7e61bb7d24a7bce7b2bb991a505822e Mon Sep 17 00:00:00 2001 From: Dmitriy Alekseev <1865999+dragoangel@users.noreply.github.com> Date: Thu, 6 Nov 2025 11:12:03 +0100 Subject: [PATCH] Refactor RBL configuration entries Refactor RBL configuration for clarity and consistency. --- conf/modules.d/rbl.conf | 118 ++++++++++++++++++++-------------------- 1 file changed, 58 insertions(+), 60 deletions(-) diff --git a/conf/modules.d/rbl.conf b/conf/modules.d/rbl.conf index 310b21d202..a3cacb8570 100644 --- a/conf/modules.d/rbl.conf +++ b/conf/modules.d/rbl.conf @@ -34,16 +34,13 @@ rbl { ] rbls { - spamhaus { - symbol = "SPAMHAUS"; # Augmented by prefixes + symbol = "SPAMHAUS"; rbl = "zen.spamhaus.org"; - # Check types checks = ['received', 'from']; - symbols_prefixes = { - received = 'RECEIVED', - from = 'RBL', + received = "RECEIVED", + from = "RBL", } returncodes { SPAMHAUS_SBL = "127.0.0.2"; @@ -116,7 +113,6 @@ rbl { checks = ['from']; rbl = "score.senderscore.com"; returncodes_matcher = "luapattern"; - returncodes { RBL_SENDERSCORE_REPUT_0 = "127%.0%.4%.%d"; RBL_SENDERSCORE_REPUT_1 = "127%.0%.4%.1%d"; @@ -135,23 +131,23 @@ rbl { sem { symbol = "RBL_SEM"; rbl = "bl.spameatingmonkey.net"; - ipv6 = false; checks = ['from']; + ipv6 = false; } semIPv6 { symbol = "RBL_SEM_IPV6"; rbl = "bl.ipv6.spameatingmonkey.net"; + checks = ['from']; ipv4 = false; ipv6 = true; - checks = ['from']; } dnswl { symbol = "RCVD_IN_DNSWL"; rbl = "list.dnswl.org"; - ipv6 = true; checks = ['from', 'received']; + ipv6 = true; is_whitelist = true; returncodes_matcher = "luapattern"; whitelist_exception = "RCVD_IN_DNSWL"; @@ -171,32 +167,31 @@ rbl { virusfree { symbol = "RBL_VIRUSFREE_UNKNOWN"; rbl = "bip.virusfree.cz"; - ipv6 = true; checks = ['from']; + ipv6 = true; returncodes { RBL_VIRUSFREE_BOTNET = "127.0.0.2"; } } blocklistde { - symbols_prefixes = { - received = 'RECEIVED', - from = 'RBL', - } symbol = "BLOCKLISTDE"; rbl = "bl.blocklist.de"; checks = ['from', 'received']; + symbols_prefixes = { + received = "RECEIVED", + from = "RBL", + } } - # Dkim whitelist + # DKIM whitelist dnswl_dwl { symbol = "DWL_DNSWL"; rbl = "dwl.dnswl.org"; checks = ['dkim']; ignore_whitelist = true; - returncodes_matcher = "luapattern"; unknown = false; - + returncodes_matcher = "luapattern"; returncodes { DWL_DNSWL_NONE = ["127%.0%.%d%.0", "127%.0%.[02-9]%d%.0", "127%.0%.1[1-9]%.0", "127%.0%.[12]%d%d%.0"]; DWL_DNSWL_LOW = ["127%.0%.%d%.1", "127%.0%.[02-9]%d%.1", "127%.0%.1[1-9]%.1", "127%.0%.[12]%d%d%.1"]; @@ -207,16 +202,17 @@ rbl { } RSPAMD_EMAILBL { + rbl = "email.rspamd.com"; + checks = ['emails', 'replyto']; + hash = "blake2"; + hash_len = 32; + hash_format = "base32"; ignore_whitelist = true; ignore_url_whitelist = true; ignore_defaults = true; exclude_users = false; emails_delimiter = "."; - hash_format = "base32"; - hash_len = 32; - hash = "blake2"; - rbl = "email.rspamd.com"; - checks = ['emails', 'replyto']; + emails_domainonly = false; selector = { from_smtp = "from('smtp'):addr.lower_utf8"; from_mime = "from('mime'):addr.lower_utf8"; @@ -227,18 +223,18 @@ rbl { } MSBL_EBL { + rbl = "ebl.msbl.org"; + checks = ['emails', 'replyto']; + hash = "sha1"; ignore_whitelist = true; ignore_url_whitelist = true; ignore_defaults = true; exclude_users = false; - rbl = "ebl.msbl.org"; - checks = ['emails', 'replyto']; + emails_domainonly = false; selector = { from_smtp = "from('smtp'):addr.lower_utf8"; from_mime = "from('mime'):addr.lower_utf8"; } - emails_domainonly = false; - hash = "sha1"; returncodes = { MSBL_EBL = [ "127.0.0.2", @@ -251,18 +247,18 @@ rbl { } } - "SURBL_MULTI" { - ignore_defaults = true; + SURBL_MULTI { rbl = "multi.surbl.org"; checks = ['emails', 'dkim', 'helo', 'rdns', 'replyto', 'urls']; - emails_domainonly = true; + ignore_defaults = true; exclude_users = false; url_full_hostname = true; # According to SURBL rules + emails_domainonly = true; selector = { from_smtp = "from('smtp'):domain"; from_mime = "from('mime'):domain"; + mid = "header(Message-Id).regexp('@([^\.]+\.[^>]+)').last"; } - returnbits = { CRACKED_SURBL = 128; ABUSE_SURBL = 64; @@ -276,12 +272,12 @@ rbl { SURBL_HASHBL { rbl = "hashbl.surbl.org"; - ignore_defaults = true; - random_monitored = true, # TODO: make limit more configurable maybe? selector = "specific_urls_filter_map('surbl_hashbl_map', {limit = 10}).apply_methods('get_host', 'get_path').join_tables('/')", - hash = 'md5'; + hash = "md5"; hash_len = 32; + random_monitored = true; + ignore_defaults = true; returncodes_matcher = "luapattern"; returncodes = { SURBL_HASHBL_PHISH = "127.0.0.8"; @@ -292,17 +288,17 @@ rbl { } } - "URIBL_MULTI" { - ignore_defaults = true; + URIBL_MULTI { rbl = "multi.uribl.com"; checks = ['emails', 'dkim', 'helo', 'rdns', 'replyto', 'urls']; - emails_domainonly = true; + ignore_defaults = true; exclude_users = false; + emails_domainonly = true; selector = { from_smtp = "from('smtp'):domain"; from_mime = "from('mime'):domain"; + mid = "header(Message-Id).regexp('@([^\.]+\.[^>]+)').last"; } - returnbits { URIBL_BLOCKED = 1; URIBL_BLACK = 2; @@ -311,20 +307,20 @@ rbl { } } - "RSPAMD_URIBL" { - ignore_defaults = true; + RSPAMD_URIBL { rbl = "uribl.rspamd.com"; checks = ['emails', 'dkim', 'urls']; + hash = "blake2"; + hash_len = 32; + hash_format = "base32"; + ignore_defaults = true; + exclude_users = false; + emails_domainonly = true; selector = { from_smtp = "from('smtp'):domain"; from_mime = "from('mime'):domain"; + mid = "header(Message-Id).regexp('@([^\.]+\.[^>]+)').last"; } - emails_domainonly = true; - hash = 'blake2'; - hash_len = 32; - hash_format = 'base32'; - exclude_users = false; - returncodes = { RSPAMD_URIBL = [ "127.0.0.2", @@ -332,18 +328,18 @@ rbl { } } - "DBL" { - ignore_defaults = true; + DBL { rbl = "dbl.spamhaus.org"; - no_ip = true; checks = ['emails', 'dkim', 'helo', 'rdns', 'replyto', 'urls']; - emails_domainonly = true; + no_ip = true; + ignore_defaults = true; exclude_users = false; + emails_domainonly = true; selector = { from_smtp = "from('smtp'):domain"; from_mime = "from('mime'):domain"; + mid = "header(Message-Id).regexp('@([^\.]+\.[^>]+)').last"; } - returncodes = { # spam domain DBL_SPAM = "127.0.1.2"; @@ -372,7 +368,7 @@ rbl { } # Not enabled by default due to privacy concerns! (see also groups.d/surbl_group.conf) - "SPAMHAUS_ZEN_URIBL" { + SPAMHAUS_ZEN_URIBL { enabled = false; rbl = "zen.spamhaus.org"; checks = ['emails']; @@ -386,31 +382,33 @@ rbl { } } - "SEM_URIBL_UNKNOWN" { - ignore_defaults = true; + SEM_URIBL_UNKNOWN { rbl = "uribl.spameatingmonkey.net"; - no_ip = true; checks = ['emails', 'dkim', 'urls']; + no_ip = true; + ignore_defaults = true; + emails_domainonly = true; selector = { from_smtp = "from('smtp'):domain"; from_mime = "from('mime'):domain"; + mid = "header(Message-Id).regexp('@([^\.]+\.[^>]+)').last"; } - emails_domainonly = true; returnbits { SEM_URIBL = 2; } } - "SEM_URIBL_FRESH15_UNKNOWN" { - ignore_defaults = true; + SEM_URIBL_FRESH15_UNKNOWN { rbl = "fresh15.spameatingmonkey.net"; - no_ip = true; checks = ['emails', 'dkim', 'urls']; + no_ip = true; + ignore_defaults = true; + emails_domainonly = true; selector = { from_smtp = "from('smtp'):domain"; from_mime = "from('mime'):domain"; + mid = "header(Message-Id).regexp('@([^\.]+\.[^>]+)').last"; } - emails_domainonly = true; returnbits { SEM_URIBL_FRESH15 = 2; } -- 2.47.3