From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Fri, 9 Apr 2021 16:35:55 +0000 (+0100)
Subject: [Minor] Phishing: Disable phishing checks when a domain is dmarc authorized domain
X-Git-Tag: 3.0~511
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=39c120b0375e4ed07f91df717c1cd72935e5fc2f;p=thirdparty%2Frspamd.git

[Minor] Phishing: Disable phishing checks when a domain is dmarc authorized domain
---

diff --git a/src/plugins/lua/phishing.lua b/src/plugins/lua/phishing.lua
index 805a65e209..ed6ffe3bd9 100644
--- a/src/plugins/lua/phishing.lua
+++ b/src/plugins/lua/phishing.lua
@@ -182,6 +182,12 @@ local function phishing_cb(task)
   end
 
   -- Process all urls
+  local dmarc_dom
+  if task:has_symbol('DMARC_POLICY_ALLOW') then
+    local dsym = task:get_symbol('DMARC_POLICY_ALLOW')[1]
+    dmarc_dom = dsym.options[1]
+  end
+
   local urls = task:get_urls() or {}
   for _,url in ipairs(urls) do
     local function do_loop_iter() -- to emulate continue
@@ -211,6 +217,12 @@ local function phishing_cb(task)
           return
         end
 
+        if dmarc_dom and tld == dmarc_dom then
+          lua_util.debugm(N, 'exclude phishing from %s -> %s by dmarc domain', tld,
+                  ptld)
+          return
+        end
+
         -- Now we can safely remove the last dot component if it is the same
         local b,_ = string.find(tld, '%.[^%.]+$')
         local b1,_ = string.find(ptld, '%.[^%.]+$')
@@ -440,6 +452,9 @@ if opts then
       callback = phishing_cb
     })
 
+    -- To exclude from domains for dmarc verified messages
+    rspamd_config:register_dependency(symbol, 'DMARC_CHECK')
+
     if opts['generic_service_symbol'] then
       generic_service_symbol = opts['generic_service_symbol']
     end