self-hosted/Mailu
1
0
Fork 0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-14 10:53:30 +02:00
Code Issues Releases Activity

name collision

Browse Source
This commit is contained in:
Florent Daigniere 2022-11-24 13:51:54 +01:00
parent b08d940d09
commit 02f2679dc4
3 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/rspamd/conf/composites.conf
View File

@ -5,7 +5,7 @@ OLETOOLS_MACRO_MRAPTOR {
score = 20.0; score = 20.0;
} }
OLETOOLS_MACRO_SUSPICIOUS { OLETOOLS_MACRO_SUSPICIOUS {
expression = "OLETOOLS_SUSPICIOUS | OLETOOLS_VBASTOMP | OLETOOLS_A"; expression = "OLETOOLS_FLAG | OLETOOLS_VBASTOMP | OLETOOLS_A";
message = "Rejected (malicious macro)"; message = "Rejected (malicious macro)";
policy = "leave"; policy = "leave";
score = 20.0; score = 20.0;

2
core/rspamd/conf/external_services.conf
View File

@ -12,7 +12,7 @@ oletools {
patterns { patterns {
OLETOOLS_MACRO_FOUND= '^.....M..$'; OLETOOLS_MACRO_FOUND= '^.....M..$';
OLETOOLS_AUTOEXEC = '^A....M..$'; OLETOOLS_AUTOEXEC = '^A....M..$';
OLETOOLS_SUSPICIOUS = '^.....MS.$'; OLETOOLS_FLAG = '^.....MS.$';
OLETOOLS_VBASTOMP = '^VBA Stomping$'; OLETOOLS_VBASTOMP = '^VBA Stomping$';
# see https://github.com/decalage2/oletools/blob/master/oletools/mraptor.py # see https://github.com/decalage2/oletools/blob/master/oletools/mraptor.py
OLETOOLS_A = '(?i)\b(?:Auto(?:Exec|_?Open|_?Close|Exit|New)|Document(?:_?Open|_Close|_?BeforeClose|Change|_New)|NewDocument|Workbook(?:_Open|_Activate|_Close|_BeforeClose)|\w+_(?:Painted|Painting|GotFocus|LostFocus|MouseHover|Layout|Click|Change|Resize|BeforeNavigate2|BeforeScriptExecute|DocumentComplete|DownloadBegin|DownloadComplete|FileDownload|NavigateComplete2|NavigateError|ProgressChange|PropertyChange|SetSecureLockIcon|StatusTextChange|TitleChange|MouseMove|MouseEnter|MouseLeave|OnConnecting))\b|Auto_Ope\b'; OLETOOLS_A = '(?i)\b(?:Auto(?:Exec|_?Open|_?Close|Exit|New)|Document(?:_?Open|_Close|_?BeforeClose|Change|_New)|NewDocument|Workbook(?:_Open|_Activate|_Close|_BeforeClose)|\w+_(?:Painted|Painting|GotFocus|LostFocus|MouseHover|Layout|Click|Change|Resize|BeforeNavigate2|BeforeScriptExecute|DocumentComplete|DownloadBegin|DownloadComplete|FileDownload|NavigateComplete2|NavigateError|ProgressChange|PropertyChange|SetSecureLockIcon|StatusTextChange|TitleChange|MouseMove|MouseEnter|MouseLeave|OnConnecting))\b|Auto_Ope\b';

2
core/rspamd/conf/external_services_group.conf
View File

@ -15,7 +15,7 @@ symbols = {
weight = 0.0; weight = 0.0;
one_shot = true; one_shot = true;
}, },
"OLETOOLS_SUSPICIOUS" { "OLETOOLS_FLAG" {
weight = 0.0; weight = 0.0;
one_shot = true; one_shot = true;
}, },