diff --git a/crates/smtp/src/scripts/exec.rs b/crates/smtp/src/scripts/exec.rs index f21bd2cd..b51f6899 100644 --- a/crates/smtp/src/scripts/exec.rs +++ b/crates/smtp/src/scripts/exec.rs @@ -77,7 +77,10 @@ impl Session { if let Some(ip_rev) = &self.data.iprev { params = params.set_variable("iprev.result", ip_rev.result().as_str()); if let Some(ptr) = ip_rev.ptr.as_ref().and_then(|addrs| addrs.first()) { - params = params.set_variable("iprev.ptr", ptr.to_lowercase()); + params = params.set_variable( + "iprev.ptr", + ptr.strip_suffix('.').unwrap_or(ptr).to_lowercase(), + ); } } diff --git a/resources/config/spamfilter/maps/scores.map b/resources/config/spamfilter/maps/scores.map index a4a2020c..5a2826dd 100644 --- a/resources/config/spamfilter/maps/scores.map +++ b/resources/config/spamfilter/maps/scores.map @@ -127,15 +127,15 @@ HAS_X_SOURCE 0.0 HEADER_EMPTY_DELIMITER 1.0 HEADER_FORGED_MDN 2.0 HEADER_RCONFIRM_MISMATCH 2.0 -HFILTER_FROMHOST_NORES_A_OR_MX 1.5 -HFILTER_FROM_BOUNCE 0.0 -HFILTER_HELO_BAREIP 3.0 -HFILTER_HELO_IP_A 1.0 -HFILTER_HELO_NORES_A_OR_MX 0.3 -HFILTER_HELO_NOT_FQDN 2.0 -HFILTER_HOSTNAME_UNKNOWN 2.5 -HFILTER_RCPT_BOUNCEMOREONE 1.5 -HFILTER_URL_ONLY 2.2 +FROMHOST_NORES_A_OR_MX 1.5 +FROM_BOUNCE 0.0 +HELO_BAREIP 3.0 +HELO_IP_A 1.0 +HELO_NORES_A_OR_MX 0.3 +HELO_NOT_FQDN 2.0 +HELO_IPREV_MISMATCH 1.0 +RCPT_BOUNCEMOREONE 1.5 +URL_ONLY 2.2 HIDDEN_SOURCE_OBJ 2.0 HTML_META_REFRESH_URL 5.0 HTML_SHORT_LINK_IMG_1 2.0 diff --git a/resources/config/spamfilter/scripts/composites.sieve b/resources/config/spamfilter/scripts/composites.sieve index 77fcb5aa..e008b0f7 100644 --- a/resources/config/spamfilter/scripts/composites.sieve +++ b/resources/config/spamfilter/scripts/composites.sieve @@ -66,7 +66,7 @@ if eval "(t.FREEMAIL_FROM || t.FREEMAIL_ENVFROM || t.FREEMAIL_REPLYTO) && (t.TO_ let "t.FREEMAIL_AFF" "1"; } -if eval "t.HFILTER_URL_ONLY && t.REDIRECTOR_URL" { +if eval "t.URL_ONLY && t.REDIRECTOR_URL" { let "t.REDIRECTOR_URL_ONLY" "1"; } diff --git a/resources/config/spamfilter/scripts/from.sieve b/resources/config/spamfilter/scripts/from.sieve index 918fda29..f22f9e43 100644 --- a/resources/config/spamfilter/scripts/from.sieve +++ b/resources/config/spamfilter/scripts/from.sieve @@ -57,12 +57,12 @@ if eval "from_count > 0" { (from_local == 'postmaster' || from_local == 'mailer-daemon' || from_local == 'root')" { - let "t.HFILTER_FROM_BOUNCE" "1"; + let "t.FROM_BOUNCE" "1"; } if eval "(!is_empty(envelope.from) && eq_ignore_case(from_addr, envelope.from)) || - (t.HFILTER_FROM_BOUNCE && + (t.FROM_BOUNCE && !is_empty(from_domain) && from_domain_sld == helo_domain_sld)" { let "t.FROM_EQ_ENVFROM" "1"; @@ -133,7 +133,7 @@ if eval "!is_empty(envelope.from)" { # Mail from no resolve to A or MX if eval "!dns_exists(envfrom_domain, 'mx') && !dns_exists(envfrom_domain, 'ip')" { - let "t.HFILTER_FROMHOST_NORES_A_OR_MX" "1"; + let "t.FROMHOST_NORES_A_OR_MX" "1"; } } diff --git a/resources/config/spamfilter/scripts/helo.sieve b/resources/config/spamfilter/scripts/helo.sieve index 870197b1..ac72dacc 100644 --- a/resources/config/spamfilter/scripts/helo.sieve +++ b/resources/config/spamfilter/scripts/helo.sieve @@ -3,12 +3,12 @@ if eval "!is_ip_addr(env.helo_domain)" { if eval "contains(helo, '.')" { if eval "!is_empty(env.iprev.ptr) && !eq_ignore_case(helo, env.iprev.ptr)" { - # Unknown client hostname (PTR or FCrDNS verification failed) - let "t.HFILTER_HOSTNAME_UNKNOWN" "1"; + # Helo does not match reverse IP + let "t.HELO_IPREV_MISMATCH" "1"; } if eval "!dns_exists(helo, 'ip') && !dns_exists(helo, 'mx')" { # Helo no resolve to A or MX - let "t.HFILTER_HELO_NORES_A_OR_MX" "1"; + let "t.HELO_NORES_A_OR_MX" "1"; } } else { if eval "contains(helo, 'user')" { @@ -17,14 +17,14 @@ if eval "!is_ip_addr(env.helo_domain)" { } # Helo not FQDN - let "t.HFILTER_HELO_NOT_FQDN" "1"; + let "t.HELO_NOT_FQDN" "1"; } } else { # Helo host is bare ip - let "t.HFILTER_HELO_BAREIP" "1"; + let "t.HELO_BAREIP" "1"; if eval "env.helo_domain != env.remote_ip" { # Helo A IP != hostname IP - let "t.HFILTER_HELO_IP_A" "1"; + let "t.HELO_IP_A" "1"; } } diff --git a/resources/config/spamfilter/scripts/mime.sieve b/resources/config/spamfilter/scripts/mime.sieve index b1287604..acc9e697 100644 --- a/resources/config/spamfilter/scripts/mime.sieve +++ b/resources/config/spamfilter/scripts/mime.sieve @@ -105,11 +105,12 @@ foreverypart { } } else { if eval "cte == 'base64'" { - # Has text part encoded in base64 - let "t.MIME_BASE64_TEXT" "1"; if eval "is_ascii(part.text)" { # Has text part encoded in base64 that does not contain any 8bit characters let "t.MIME_BASE64_TEXT_BOGUS" "1"; + } else { + # Has text part encoded in base64 + let "t.MIME_BASE64_TEXT" "1"; } } diff --git a/resources/config/spamfilter/scripts/recipient.sieve b/resources/config/spamfilter/scripts/recipient.sieve index ad4d2640..60d0dce0 100644 --- a/resources/config/spamfilter/scripts/recipient.sieve +++ b/resources/config/spamfilter/scripts/recipient.sieve @@ -146,7 +146,7 @@ if eval "rcpt_count > 0" { (is_empty(envelope.from) || envfrom_local == 'postmaster' || envfrom_local == 'mailer-daemon')" { - let "t.HFILTER_RCPT_BOUNCEMOREONE" "1"; + let "t.RCPT_BOUNCEMOREONE" "1"; } # Check for sorted recipients diff --git a/resources/config/spamfilter/scripts/url.sieve b/resources/config/spamfilter/scripts/url.sieve index 99426fdc..7e731574 100644 --- a/resources/config/spamfilter/scripts/url.sieve +++ b/resources/config/spamfilter/scripts/url.sieve @@ -1,5 +1,5 @@ if eval "(count(body_urls) == 1 || count(html_body_urls) == 1) && count(tokenize(text_body, 'words')) == 0" { - let "t.HFILTER_URL_ONLY" "1"; + let "t.URL_ONLY" "1"; } if eval "has_zwsp(urls)" { diff --git a/tests/resources/smtp/antispam/combined.test b/tests/resources/smtp/antispam/combined.test index 1b3af141..b4b51844 100644 --- a/tests/resources/smtp/antispam/combined.test +++ b/tests/resources/smtp/antispam/combined.test @@ -8,7 +8,7 @@ dmarc.result none remote_ip 195.210.29.48 expect_header X-Spam-Status Yes, score=7. expect_header X-Spam-Result -expect auth_na dmarc_na hfilter_helo_nores_a_or_mx once_received mid_rhs_match_from r_spf_na has_data_uri arc_na subject_has_exclaim subject_ends_exclaim rdns_dnsfail mime_html_only html_short_link_img_1 to_dn_none rcpt_count_one to_match_envrcpt_all hfilter_fromhost_nores_a_or_mx rcvd_count_zero from_eq_envfrom r_dkim_na rcvd_no_tls_last from_has_dn date_in_past +expect auth_na dmarc_na helo_nores_a_or_mx once_received mid_rhs_match_from r_spf_na has_data_uri arc_na subject_has_exclaim subject_ends_exclaim rdns_dnsfail mime_html_only html_short_link_img_1 to_dn_none rcpt_count_one to_match_envrcpt_all fromhost_nores_a_or_mx rcvd_count_zero from_eq_envfrom r_dkim_na rcvd_no_tls_last from_has_dn date_in_past From: Client Services To: licensing@stalw.art @@ -52,7 +52,7 @@ remote_ip 185.58.86.181 tls.version TLSv1.3 expect_header X-Spam-Status No, score=4. expect_header X-Spam-Result -expect from_eq_envfrom from_has_dn hfilter_helo_nores_a_or_mx forged_rcvd_trail date_in_past arc_na uri_count_odd dkim_signed has_attachment r_spf_allow rcvd_tls_last rcpt_count_one mime_good subject_ends_spaces hfilter_fromhost_nores_a_or_mx to_dn_eq_addr_all r_dkim_allow dmarc_policy_allow rcvd_count_three to_match_envrcpt_all +expect from_eq_envfrom from_has_dn helo_nores_a_or_mx forged_rcvd_trail date_in_past arc_na uri_count_odd dkim_signed has_attachment r_spf_allow rcvd_tls_last rcpt_count_one mime_good subject_ends_spaces fromhost_nores_a_or_mx to_dn_eq_addr_all r_dkim_allow dmarc_policy_allow rcvd_count_three to_match_envrcpt_all DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tenthrevolution.com; s=mimecast20200102; t=1669138703; @@ -627,7 +627,7 @@ remote_ip 51.89.165.39 tls.version TLS1_2 expect_header X-Spam-Status Yes, score=13. expect_header X-Spam-Result -expect has_replyto violated_direct_spf replyto_addr_eq_from once_received r_parts_differ mid_rhs_match_from hfilter_fromhost_nores_a_or_mx from_has_dn r_dkim_allow date_in_past to_match_envrcpt_all html_short_link_img_1 rcpt_count_one arc_na hfilter_helo_nores_a_or_mx r_spf_softfail rcvd_tls_last rcvd_count_zero replyto_dom_eq_from_dom to_dn_none has_list_unsub dkim_signed rdns_none from_eq_envfrom dmarc_policy_reject +expect has_replyto violated_direct_spf replyto_addr_eq_from once_received r_parts_differ mid_rhs_match_from fromhost_nores_a_or_mx from_has_dn r_dkim_allow date_in_past to_match_envrcpt_all html_short_link_img_1 rcpt_count_one arc_na helo_nores_a_or_mx r_spf_softfail rcvd_tls_last rcvd_count_zero replyto_dom_eq_from_dom to_dn_none has_list_unsub dkim_signed rdns_none from_eq_envfrom dmarc_policy_reject DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=sectionalism; d=grupokonecta.net; h=To:Subject:Message-ID:Date:From:Reply-To:MIME-Version:List-Unsubscribe: diff --git a/tests/resources/smtp/antispam/from.test b/tests/resources/smtp/antispam/from.test index 6f115c6f..d8b54be5 100644 --- a/tests/resources/smtp/antispam/from.test +++ b/tests/resources/smtp/antispam/from.test @@ -48,14 +48,14 @@ From: "hello@other.domain.co.uk" Test helo_domain mx.domain.co.uk -expect FROM_EQ_ENVFROM FROM_NEQ_DISPLAY_NAME FROM_HAS_DN HFILTER_FROM_BOUNCE +expect FROM_EQ_ENVFROM FROM_NEQ_DISPLAY_NAME FROM_HAS_DN FROM_BOUNCE From: "postmaster@mx.domain.co.uk" Test helo_domain mx.domain.co.uk -expect FROM_EQ_ENVFROM FROM_HAS_DN HFILTER_FROM_BOUNCE +expect FROM_EQ_ENVFROM FROM_HAS_DN FROM_BOUNCE From: "Mailer Daemon" @@ -174,7 +174,7 @@ From: hello@custom.disposable.org Test envelope_from hello@nomx.org -expect HFILTER_FROMHOST_NORES_A_OR_MX FROM_EQ_ENVFROM FROM_NO_DN +expect FROMHOST_NORES_A_OR_MX FROM_EQ_ENVFROM FROM_NO_DN From: hello@nomx.org diff --git a/tests/resources/smtp/antispam/helo.test b/tests/resources/smtp/antispam/helo.test index 046d00fb..9ed17f86 100644 --- a/tests/resources/smtp/antispam/helo.test +++ b/tests/resources/smtp/antispam/helo.test @@ -1,12 +1,12 @@ helo_domain localhost -expect HFILTER_HELO_NOT_FQDN +expect HELO_NOT_FQDN Subject: test test helo_domain user -expect RCVD_HELO_USER HFILTER_HELO_NOT_FQDN +expect RCVD_HELO_USER HELO_NOT_FQDN Subject: test @@ -14,7 +14,7 @@ test helo_domain 8.8.8.8 remote_ip 8.8.8.8 -expect HFILTER_HELO_BAREIP +expect HELO_BAREIP Subject: test @@ -22,7 +22,7 @@ test helo_domain 8.8.8.8 remote_ip 1.1.1.1 -expect HFILTER_HELO_IP_A HFILTER_HELO_BAREIP +expect HELO_IP_A HELO_BAREIP Subject: test @@ -40,7 +40,7 @@ test helo_domain domain.org iprev.ptr otherdomain.org remote_ip 1.1.1.1 -expect HFILTER_HOSTNAME_UNKNOWN +expect HELO_IPREV_MISMATCH Subject: test @@ -49,7 +49,7 @@ test helo_domain otherdomain.org iprev.ptr otherdomain.org remote_ip 1.1.1.1 -expect HFILTER_HELO_NORES_A_OR_MX +expect HELO_NORES_A_OR_MX Subject: test @@ -58,7 +58,7 @@ test helo_domain otherdomain.org iprev.ptr otherdomain.net remote_ip 1.1.1.1 -expect HFILTER_HELO_NORES_A_OR_MX HFILTER_HOSTNAME_UNKNOWN +expect HELO_NORES_A_OR_MX HELO_IPREV_MISMATCH Subject: test diff --git a/tests/resources/smtp/antispam/mime.test b/tests/resources/smtp/antispam/mime.test index 07c925ba..c141cbe8 100644 --- a/tests/resources/smtp/antispam/mime.test +++ b/tests/resources/smtp/antispam/mime.test @@ -49,7 +49,7 @@ MIME-Version: 1.0 Test -expect MIME_BASE64_TEXT_BOGUS MIME_BASE64_TEXT +expect MIME_BASE64_TEXT_BOGUS Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 diff --git a/tests/resources/smtp/antispam/recipient.test b/tests/resources/smtp/antispam/recipient.test index c610e251..434e4b4e 100644 --- a/tests/resources/smtp/antispam/recipient.test +++ b/tests/resources/smtp/antispam/recipient.test @@ -41,7 +41,7 @@ Test envelope_from envelope_to hello@world.com envelope_to goodbye@world.com -expect HFILTER_RCPT_BOUNCEMOREONE TO_MATCH_ENVRCPT_ALL TO_DN_NONE RCPT_COUNT_TWO +expect RCPT_BOUNCEMOREONE TO_MATCH_ENVRCPT_ALL TO_DN_NONE RCPT_COUNT_TWO To: hello@world.com Cc: goodbye@world.com @@ -51,7 +51,7 @@ Test envelope_from postmaster@domain.org envelope_to hello@world.com envelope_to goodbye@world.com -expect HFILTER_RCPT_BOUNCEMOREONE TO_MATCH_ENVRCPT_SOME TO_DN_NONE RCPT_COUNT_THREE +expect RCPT_BOUNCEMOREONE TO_MATCH_ENVRCPT_SOME TO_DN_NONE RCPT_COUNT_THREE To: hello@world.com, test@domain.com Cc: goodbye@world.com diff --git a/tests/resources/smtp/antispam/url.test b/tests/resources/smtp/antispam/url.test index a8489afb..aa4d4218 100644 --- a/tests/resources/smtp/antispam/url.test +++ b/tests/resources/smtp/antispam/url.test @@ -1,4 +1,4 @@ -expect HFILTER_URL_ONLY +expect URL_ONLY Subject: test