paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Rspamd] More explicit Sendgrid ID checking

master
andryyy 2020-11-30 07:45:30 +01:00
parent dd1b25fa61
commit 9670d0c4f1
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF
3 changed files with 68 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
data/conf/rspamd/local.d/multimap.conf
View File

@ -155,10 +155,3 @@ SMTP_LIMITED_ACCESS {
map = "redis://SMTP_LIMITED_ACCESS"; map = "redis://SMTP_LIMITED_ACCESS";
symbols_set = ["SMTP_LIMITED_ACCESS"]; symbols_set = ["SMTP_LIMITED_ACCESS"];
} }
SENDGRID_INVALUEMENT_BAD_SENDER {
type = "selector";
map = "https://www.invaluement.com/spdata/sendgrid-id-dnsbl.txt";
selector = 'from("smtp","orig").regexp("/^<?bounces\+(\d+)\-[^@]+@sendgrid.net>?$/i").last';
score = 8.0;
}

61
data/conf/rspamd/lua/ivm-sg.lua 100644
View File

@ -0,0 +1,61 @@
-- Thanks to https://raw.githubusercontent.com/fatalbanana
local lua_maps = require 'lua_maps'
local rspamd_regexp = require 'rspamd_regexp'
local rspamd_util = require 'rspamd_util'
local ivm_sendgrid_ids = lua_maps.map_add_from_ucl(
'https://www.invaluement.com/spdata/sendgrid-id-dnsbl.txt',
'set',
'Invaluement Service Provider DNSBL: Sendgrid IDs'
)
local ivm_sendgrid_envfromdomains = lua_maps.map_add_from_ucl(
'https://www.invaluement.com/spdata/sendgrid-envelopefromdomain-dnsbl.txt',
'set',
'Invaluement Service Provider DNSBL: Sendgrid envelope domains'
)
local cb_id = rspamd_config:register_symbol({
name = 'IVM_SENDGRID',
callback = function(task)
-- Is it Sendgrid?
local sg_hdr = task:get_header('X-SG-EID')
if not sg_hdr then return end
-- Get original envelope from
local env_from = task:get_from{'smtp', 'orig'}
if not env_from then return end
-- Check normalised domain in domains list
if ivm_sendgrid_envfromdomains and ivm_sendgrid_envfromdomains:get_key(rspamd_util.get_tld(env_from[1].domain)) then
task:insert_result('IVM_SENDGRID_DOMAIN', 1.0)
end
-- Check ID in ID list
local lp_re = rspamd_regexp.create_cached([[^bounces\+(\d+)-]])
local res = lp_re:search(env_from[1].user, true, true)
if not res then return end
if ivm_sendgrid_ids and ivm_sendgrid_ids:get_key(res[1][2]) then
task:insert_result('IVM_SENDGRID_ID', 1.0)
end
end,
description = 'Invaluement Service Provider DNSBL: Sendgrid',
type = 'callback',
})
rspamd_config:register_symbol({
name = 'IVM_SENDGRID_DOMAIN',
parent = cb_id,
group = 'ivmspdnsbl',
score = 8.0,
type = 'virtual',
})
rspamd_config:register_symbol({
name = 'IVM_SENDGRID_ID',
parent = cb_id,
group = 'ivmspdnsbl',
score = 8.0,
type = 'virtual',
})

7
data/conf/rspamd/lua/rspamd.local.lua
View File

@ -1,3 +1,10 @@
-- Load sendgrid ID validator, thanks to https://github.com/fatalbanana
local rspamd_util = require 'rspamd_util'
local f = '/etc/rspamd/lua/ivm-sg.lua'
if rspamd_util.file_exists(f) then
dofile(f)
end
rspamd_config.MAILCOW_AUTH = { rspamd_config.MAILCOW_AUTH = {
callback = function(task) callback = function(task)
local uname = task:get_user() local uname = task:get_user()