Archive-Team
/
docker-mailserver
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

move symbols to better places and add comments 

The order was chosen because it will reflect an ascending symbol weight with upcoming commits. I also added comments to explain when a symbol is applied.
This commit is contained in:
georglauterbach 2024-02-29 16:13:17 +01:00
parent aa9465773c
commit 32b9bd8cfd
No known key found for this signature in database
GPG Key ID: F367F7C43C118578
1 changed files with 38 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
target/rspamd/scores.d/policies_group.conf
View File

@ -4,69 +4,68 @@
symbols = { symbols = {
# SPF # SPF
"R_SPF_ALLOW" { "R_SPF_ALLOW" { # SPF check succeeded
weight = -1; weight = -1;
description = "SPF verification allows sending"; description = "SPF verification allows sending";
groups = ["spf"]; groups = ["spf"];
} }
"R_SPF_NA" { "R_SPF_NA" { # SPF is not available for this domain
weight = 1.5; weight = 1.5;
description = "Missing SPF record"; description = "Missing SPF record";
one_shot = true; one_shot = true;
groups = ["spf"]; groups = ["spf"];
} }
"R_SPF_SOFTFAIL" { "R_SPF_NEUTRAL" { # same as R_SPF_NA
weight = 2.5;
description = "SPF verification soft-failed";
groups = ["spf"];
}
"R_SPF_FAIL" {
weight = 4.5;
description = "SPF verification failed";
groups = ["spf"];
}
"R_SPF_NEUTRAL" { # == R_SPF_NA
weight = 1.5; weight = 1.5;
description = "SPF policy is neutral"; description = "SPF policy is neutral";
groups = ["spf"]; groups = ["spf"];
} }
"R_SPF_DNSFAIL" { # == R_SPF_SOFTFAIL "R_SPF_SOFTFAIL" { # there was a temporary DNS issue and SPF could not be checked
weight = 2.5;
description = "SPF verification soft-failed";
groups = ["spf"];
}
"R_SPF_DNSFAIL" { # same as R_SPF_SOFTFAIL
weight = 2.5; weight = 2.5;
description = "SPF DNS failure"; description = "SPF DNS failure";
groups = ["spf"]; groups = ["spf"];
} }
"R_SPF_PERMFAIL" { # == R_SPF_FAIL "R_SPF_FAIL" { # SPF check failed
weight = 4.5;
description = "SPF verification failed";
groups = ["spf"];
}
"R_SPF_PERMFAIL" { # same as R_SPF_FAIL
weight = 4.5; weight = 4.5;
description = "SPF record is malformed or persistent DNS error"; description = "SPF record is malformed or persistent DNS error";
groups = ["spf"]; groups = ["spf"];
} }
# DKIM # DKIM
"R_DKIM_ALLOW" { "R_DKIM_ALLOW" { # DKIM check succeeded
weight = -1; weight = -1;
description = "DKIM verification succeed"; description = "DKIM verification succeed";
one_shot = true; one_shot = true;
groups = ["dkim"]; groups = ["dkim"];
} }
"R_DKIM_NA" { "R_DKIM_NA" { # DKIM is not available for this domain
weight = 0; weight = 0;
description = "Missing DKIM signature"; description = "Missing DKIM signature";
one_shot = true; one_shot = true;
groups = ["dkim"]; groups = ["dkim"];
} }
"R_DKIM_TEMPFAIL" { "R_DKIM_TEMPFAIL" { # there was a temporary DNS issue and DKIM could not be checked
weight = 1.5; weight = 1.5;
description = "DKIM verification soft-failed"; description = "DKIM verification soft-failed";
groups = ["dkim"]; groups = ["dkim"];
} }
"R_DKIM_PERMFAIL" { "R_DKIM_PERMFAIL" { # DKIM check failed
weight = 4.5; weight = 4.5;
description = "DKIM verification hard-failed (invalid)"; description = "DKIM verification hard-failed (invalid)";
groups = ["dkim"]; groups = ["dkim"];
} }
"R_DKIM_REJECT" { # == R_DKIM_PERMFAIL "R_DKIM_REJECT" { # same as R_DKIM_PERMFAIL
weight = 4.5; weight = 4.5;
description = "DKIM verification failed"; description = "DKIM verification failed";
one_shot = true; one_shot = true;
@ -74,35 +73,34 @@ symbols = {
} }
# DMARC # DMARC
"DMARC_NA" { "DMARC_POLICY_ALLOW" { # DMARC check succeeded
weight = 1;
description = "No DMARC record";
groups = ["dmarc"];
}
"DMARC_POLICY_QUARANTINE" {
weight = 1.5;
description = "DMARC quarantine policy";
groups = ["dmarc"];
}
"DMARC_POLICY_REJECT" {
weight = 2;
description = "DMARC reject policy";
groups = ["dmarc"];
}
"DMARC_POLICY_ALLOW" { # no equivalent
weight = -1; weight = -1;
description = "DMARC permit policy"; description = "DMARC permit policy";
groups = ["dmarc"]; groups = ["dmarc"];
} }
"DMARC_POLICY_ALLOW_WITH_FAILURES" { # no equivalent "DMARC_POLICY_ALLOW_WITH_FAILURES" { # DMARC check succeeded but either SPF or DKIM was not successful
weight = -0.5; weight = -0.5;
description = "DMARC permit policy with DKIM/SPF failure"; description = "DMARC permit policy with DKIM/SPF failure";
groups = ["dmarc"]; groups = ["dmarc"];
} }
"DMARC_POLICY_SOFTFAIL" { # == DMARC_POLICY_QUARANTINE "DMARC_NA" { # DMARC is not available for this domain
weight = 1;
description = "No DMARC record";
groups = ["dmarc"];
}
"DMARC_POLICY_SOFTFAIL" { # there was a temporary DNS issue and DMARC could not be checked
weight = 1.5; weight = 1.5;
description = "DMARC soft-failed"; description = "DMARC soft-failed";
groups = ["dmarc"]; groups = ["dmarc"];
} }
"DMARC_POLICY_QUARANTINE" { # DMARC check failed and the policy is to quarantine
weight = 1.5;
description = "DMARC quarantine policy";
groups = ["dmarc"];
}
"DMARC_POLICY_REJECT" { # DMARC check failed and the policy is to reject
weight = 2;
description = "DMARC reject policy";
groups = ["dmarc"];
}
} }