From 5f73629493a59e933569fe6948534a346d583c8d Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Fri, 10 Jan 2020 20:39:52 +0100
Subject: [PATCH] [Rspamd] Set rspamd as trusted host, rspamd is not spoofing

---
 data/conf/rspamd/local.d/composites.conf | 2 +-
 data/conf/rspamd/local.d/multimap.conf   | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/data/conf/rspamd/local.d/composites.conf b/data/conf/rspamd/local.d/composites.conf
index d0b9c4d5..f4412086 100644
--- a/data/conf/rspamd/local.d/composites.conf
+++ b/data/conf/rspamd/local.d/composites.conf
@@ -17,7 +17,7 @@ SOGO_CONTACT_SPOOFED {
   expression = "(R_SPF_PERMFAIL | R_SPF_SOFTFAIL | R_SPF_FAIL) & ~SOGO_CONTACT";
 }
 SPOOFED_UNAUTH {
-  expression = "!MAILCOW_AUTH & !MAILCOW_WHITE & !R_SPF_ALLOW & !DMARC_POLICY_ALLOW & !ARC_ALLOW & !SIEVE_HOST & MAILCOW_DOMAIN_HEADER_FROM";
+  expression = "!MAILCOW_AUTH & !MAILCOW_WHITE & !R_SPF_ALLOW & !DMARC_POLICY_ALLOW & !ARC_ALLOW & !RSPAMD_HOST & !SIEVE_HOST & MAILCOW_DOMAIN_HEADER_FROM";
   score = 5.0;
 }
 # Only apply to inbound unauthed and not whitelisted
diff --git a/data/conf/rspamd/local.d/multimap.conf b/data/conf/rspamd/local.d/multimap.conf
index ca8e9ead..edc6386e 100644
--- a/data/conf/rspamd/local.d/multimap.conf
+++ b/data/conf/rspamd/local.d/multimap.conf
@@ -90,6 +90,12 @@ SIEVE_HOST {
   symbols_set = ["SIEVE_HOST"];
 }
 
+RSPAMD_HOST {
+  type = "ip";
+  map = "$LOCAL_CONFDIR/custom/rspamd_trusted.map";
+  symbols_set = ["RSPAMD_HOST"];
+}
+
 MAILCOW_DOMAIN_HEADER_FROM { 
   type = "header";  
   header = "from";