git.ipfire.org Git - thirdparty/rspamd.git/commit

]> git.ipfire.org Git - thirdparty/rspamd.git/commit

projects / thirdparty / rspamd.git / commit

author	Vsevolod Stakhov <vsevolod@rspamd.com>
	Fri, 15 May 2026 10:55:02 +0000 (11:55 +0100)
committer	Vsevolod Stakhov <vsevolod@rspamd.com>
	Fri, 15 May 2026 10:55:02 +0000 (11:55 +0100)
commit	5c5b2985c3a87fa8bca613bb545fc4ff94bdd542
tree	552cf20ae10c7f77c58242a141399370b47127d9	tree \| snapshot
parent	f0f11e051c4039a98b646d002b189018d6cc59d2	commit \| diff

[Fix] url_suspect: require TLD >= 3 chars for word_dot naked domain matches

Two-char country TLDs (.so, .to, .me, .in, .us, etc.) overlap with common
English words, causing false positives when normal prose like "pale blue dot
so insignificant" is matched by the word_dot pattern and normalized to a
valid-looking naked domain (blue.so).

Explicit-protocol patterns (hxxp, spaced_protocol) are unaffected and still
match 2-char TLDs.

src/plugins/lua/url_suspect.lua

diff | blob | blame | history

Mirror of https://github.com/rspamd/rspamd.git

RSS Atom