From: heraklit256 <37872459+heraklit256@users.noreply.github.com#>
Date: Thu, 4 Oct 2018 16:03:24 +0000 (+0200)
Subject: Composite rules: Minor cleanups
X-Git-Tag: 1.8.2~191^2~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a15bd65a86b860d2b7d5dc84791339c95610dbb8;p=thirdparty%2Frspamd.git

Composite rules: Minor cleanups

Added descriptions to some rules and unified AND operator.
---

diff --git a/conf/composites.conf b/conf/composites.conf
index bf772be07a..9f3276fb36 100644
--- a/conf/composites.conf
+++ b/conf/composites.conf
@@ -24,6 +24,7 @@ composites {
     }
     FORGED_SENDER_FORWARDING {
         expression = "FORGED_SENDER & g:forwarding";
+        description = "Forged sender, but message is forwarded";
         policy = "remove_weight";
     }
     SPF_FAIL_FORWARDING {
@@ -42,7 +43,7 @@ composites {
         expression = "FORGED_SENDER & (ENVFROM_PRVS | ENVFROM_VERP)";
     }
     FORGED_MUA_MAILLIST {
-        expression = "g:mua and -MAILLIST";
+        expression = "g:mua & -MAILLIST";
     }
     RBL_SPAMHAUS_XBL_ANY {
         expression = "RBL_SPAMHAUS_XBL & RECEIVED_SPAMHAUS_XBL";
@@ -66,6 +67,7 @@ composites {
     }
     MAILER_1C_8_BASE64 {
         expression = "MAILER_1C_8 & (FROM_EXCESS_BASE64 | MIME_BASE64_TEXT | SUBJ_EXCESS_BASE64 | TO_EXCESS_BASE64)";
+        description = "Message was sent by '1C:Enterprise 8' and uses base64 encoded data";
     }
     HACKED_WP_PHISHING {
         expression = "(HAS_X_POS | HAS_PHPMAILER_SIG) & HAS_WP_URI & (PHISHING | DBL_PHISH | PHISHED_OPENPHISH | PHISHED_PHISHTANK)";