paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Rspamd] Global blacklists are not prefilters anymore to not prevent them from being learned

master
andryyy 2020-10-21 19:00:53 +02:00
parent 4ddeb317fa
commit c7e17c7fd1
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF
4 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
data/Dockerfiles/olefy/Dockerfile
View File

@ -7,9 +7,10 @@ WORKDIR /app
RUN apk add --virtual .build-deps gcc python3-dev musl-dev libffi-dev openssl-dev \ RUN apk add --virtual .build-deps gcc python3-dev musl-dev libffi-dev openssl-dev \
&& apk add --update --no-cache python3 openssl tzdata libmagic \ && apk add --update --no-cache python3 openssl tzdata libmagic \
&& pip3 install --upgrade pip \ && pip3 install --upgrade pip \
&& pip3 install --upgrade oletools asyncio python-magic \ && pip3 install --upgrade asyncio python-magic \
&& apk del .build-deps \ && pip3 install --upgrade https://github.com/HeinleinSupport/oletools/archive/master.zip \
&& sed -i 's/decompress_stream(bytearray(compressed_code))/bytes2str(decompress_stream(bytearray(compressed_code)))/g' /usr/lib/python3.8/site-packages/oletools/olevba.py && apk del .build-deps
# && sed -i 's/decompress_stream(bytearray(compressed_code))/bytes2str(decompress_stream(bytearray(compressed_code)))/g' /usr/lib/python3.8/site-packages/oletools/olevba.py
ADD https://raw.githubusercontent.com/HeinleinSupport/olefy/master/olefy.py /app/ ADD https://raw.githubusercontent.com/HeinleinSupport/olefy/master/olefy.py /app/

5
data/assets/nextcloud/nextcloud.conf
View File

@ -12,9 +12,10 @@ server {
ssl_certificate /etc/ssl/mail/cert.pem; ssl_certificate /etc/ssl/mail/cert.pem;
ssl_certificate_key /etc/ssl/mail/key.pem; ssl_certificate_key /etc/ssl/mail/key.pem;
ssl_protocols TLSv1.2; ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_prefer_server_ciphers on; ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305;
ssl_ecdh_curve X25519:X448:secp384r1:secp256k1;
ssl_session_cache shared:SSL:50m; ssl_session_cache shared:SSL:50m;
ssl_session_timeout 1d; ssl_session_timeout 1d;
ssl_session_tickets off; ssl_session_tickets off;

6
data/conf/rspamd/local.d/multimap.conf
View File

@ -53,8 +53,7 @@ GLOBAL_SMTP_FROM_BL {
type = "from"; type = "from";
map = "${LOCAL_CONFDIR}/custom/global_smtp_from_blacklist.map"; map = "${LOCAL_CONFDIR}/custom/global_smtp_from_blacklist.map";
regexp = true; regexp = true;
prefilter = true; score = 2050;
action = "reject";
} }
GLOBAL_MIME_FROM_WL { GLOBAL_MIME_FROM_WL {
@ -72,8 +71,7 @@ GLOBAL_MIME_FROM_BL {
filter = "email:addr"; filter = "email:addr";
map = "${LOCAL_CONFDIR}/custom/global_mime_from_blacklist.map"; map = "${LOCAL_CONFDIR}/custom/global_mime_from_blacklist.map";
regexp = true; regexp = true;
prefilter = true; score = 2050;
action = "reject";
} }
GLOBAL_RCPT_WL { GLOBAL_RCPT_WL {

2
docker-compose.yml
View File

@ -498,7 +498,7 @@ services:
- solr - solr
olefy-mailcow: olefy-mailcow:
image: mailcow/olefy:1.4 image: mailcow/olefy:1.5
restart: always restart: always
environment: environment:
- TZ=${TZ} - TZ=${TZ}