[Rspamd] More explicit Sendgrid ID checking

2020-11-30 07:45:30 +01:00 · 2020-11-30 07:45:30 +01:00 · 9670d0c4f1
parent dd1b25fa61
commit 9670d0c4f1
3 changed files with 68 additions and 7 deletions
--- a/data/conf/rspamd/local.d/multimap.conf
+++ b/data/conf/rspamd/local.d/multimap.conf
@ -155,10 +155,3 @@ SMTP_LIMITED_ACCESS {
  map = "redis://SMTP_LIMITED_ACCESS";
  symbols_set = ["SMTP_LIMITED_ACCESS"];
 }
-
-SENDGRID_INVALUEMENT_BAD_SENDER {
-  type = "selector";
-  map = "https://www.invaluement.com/spdata/sendgrid-id-dnsbl.txt";
-  selector = 'from("smtp","orig").regexp("/^<?bounces\+(\d+)\-[^@]+@sendgrid.net>?$/i").last';
-  score = 8.0;
-}
--- a/data/conf/rspamd/lua/ivm-sg.lua
+++ b/data/conf/rspamd/lua/ivm-sg.lua
@ -0,0 +1,61 @@
+-- Thanks to https://raw.githubusercontent.com/fatalbanana
+
+local lua_maps = require 'lua_maps'
+local rspamd_regexp = require 'rspamd_regexp'
+local rspamd_util = require 'rspamd_util'
+
+local ivm_sendgrid_ids = lua_maps.map_add_from_ucl(
+  'https://www.invaluement.com/spdata/sendgrid-id-dnsbl.txt',
+  'set',
+  'Invaluement Service Provider DNSBL: Sendgrid IDs'
+)
+
+local ivm_sendgrid_envfromdomains = lua_maps.map_add_from_ucl(
+  'https://www.invaluement.com/spdata/sendgrid-envelopefromdomain-dnsbl.txt',
+  'set',
+  'Invaluement Service Provider DNSBL: Sendgrid envelope domains'
+)
+
+local cb_id = rspamd_config:register_symbol({
+  name = 'IVM_SENDGRID',
+  callback = function(task)
+    -- Is it Sendgrid?
+    local sg_hdr = task:get_header('X-SG-EID')
+    if not sg_hdr then return end
+
+    -- Get original envelope from
+    local env_from = task:get_from{'smtp', 'orig'}
+    if not env_from then return end
+
+    -- Check normalised domain in domains list
+    if ivm_sendgrid_envfromdomains and ivm_sendgrid_envfromdomains:get_key(rspamd_util.get_tld(env_from[1].domain)) then
+      task:insert_result('IVM_SENDGRID_DOMAIN', 1.0)
+    end
+
+    -- Check ID in ID list
+    local lp_re = rspamd_regexp.create_cached([[^bounces\+(\d+)-]])
+    local res = lp_re:search(env_from[1].user, true, true)
+    if not res then return end
+    if ivm_sendgrid_ids and ivm_sendgrid_ids:get_key(res[1][2]) then
+      task:insert_result('IVM_SENDGRID_ID', 1.0)
+    end
+  end,
+  description = 'Invaluement Service Provider DNSBL: Sendgrid',
+  type = 'callback',
+})
+
+rspamd_config:register_symbol({
+  name = 'IVM_SENDGRID_DOMAIN',
+  parent = cb_id,
+  group = 'ivmspdnsbl',
+  score = 8.0,
+  type = 'virtual',
+})
+
+rspamd_config:register_symbol({
+  name = 'IVM_SENDGRID_ID',
+  parent = cb_id,
+  group = 'ivmspdnsbl',
+  score = 8.0,
+  type = 'virtual',
+})
--- a/data/conf/rspamd/lua/rspamd.local.lua
+++ b/data/conf/rspamd/lua/rspamd.local.lua
@ -1,3 +1,10 @@
+-- Load sendgrid ID validator, thanks to https://github.com/fatalbanana
+local rspamd_util = require 'rspamd_util'
+local f = '/etc/rspamd/lua/ivm-sg.lua'
+if rspamd_util.file_exists(f) then
+  dofile(f)
+end
+
 rspamd_config.MAILCOW_AUTH = {
 	callback = function(task)
 		local uname = task:get_user()