From b6c036496d03634c48cd953d09aeba67bf19a29d Mon Sep 17 00:00:00 2001 From: DerLinkman Date: Thu, 1 Aug 2024 12:37:49 +0200 Subject: [PATCH] rspamd: fixed dqs rbl insertion handling --- data/Dockerfiles/rspamd/docker-entrypoint.sh | 46 ++++++++++---------- data/conf/rspamd/local.d/rbl.conf | 2 +- 2 files changed, 23 insertions(+), 25 deletions(-) diff --git a/data/Dockerfiles/rspamd/docker-entrypoint.sh b/data/Dockerfiles/rspamd/docker-entrypoint.sh index a6141c57f..cf09ee48f 100755 --- a/data/Dockerfiles/rspamd/docker-entrypoint.sh +++ b/data/Dockerfiles/rspamd/docker-entrypoint.sh @@ -128,7 +128,6 @@ done if [[ ! -z ${SPAMHAUS_DQS_KEY} ]]; then cat < /etc/rspamd/custom/dqs-rbl.conf # Autogenerated by mailcow. DO NOT TOUCH! - rbls { spamhaus { rbl = "${SPAMHAUS_DQS_KEY}.zen.dq.spamhaus.net"; from = false; @@ -221,7 +220,7 @@ if [[ ! -z ${SPAMHAUS_DQS_KEY} ]]; then replyto = true; emails_domainonly = true; disable_monitoring = true; - rbl = "${SPAMHAUS_DQS_KEY}.dbl.dq.spamhaus.net" + rbl = "${SPAMHAUS_DQS_KEY}.dbl.dq.spamhaus.net"; returncodes = { SH_EMAIL_DBL = [ "127.0.1.2", @@ -243,7 +242,7 @@ if [[ ! -z ${SPAMHAUS_DQS_KEY} ]]; then replyto = true; emails_domainonly = true; disable_monitoring = true; - rbl = "${SPAMHAUS_DQS_KEY}.zrd.dq.spamhaus.net" + rbl = "${SPAMHAUS_DQS_KEY}.zrd.dq.spamhaus.net"; returncodes = { SH_EMAIL_ZRD_VERY_FRESH_DOMAIN = ["127.0.2.2", "127.0.2.3", "127.0.2.4"]; SH_EMAIL_ZRD_FRESH_DOMAIN = [ @@ -251,26 +250,26 @@ if [[ ! -z ${SPAMHAUS_DQS_KEY} ]]; then ]; SH_EMAIL_ZRD_DONT_QUERY_IPS = [ "127.0.2.255" ]; } - } - "DBL" { - # override the defaults for DBL defined in modules.d/rbl.conf - rbl = "${SPAMHAUS_DQS_KEY}.dbl.dq.spamhaus.net"; - disable_monitoring = true; - } - "ZRD" { - ignore_defaults = true; - rbl = "${SPAMHAUS_DQS_KEY}.zrd.dq.spamhaus.net"; - no_ip = true; - dkim = true; - emails = true; - emails_domainonly = true; - urls = true; - returncodes = { - ZRD_VERY_FRESH_DOMAIN = ["127.0.2.2", "127.0.2.3", "127.0.2.4"]; - ZRD_FRESH_DOMAIN = ["127.0.2.5", "127.0.2.6", "127.0.2.7", "127.0.2.8", "127.0.2.9", "127.0.2.10", "127.0.2.11", "127.0.2.12", "127.0.2.13", "127.0.2.14", "127.0.2.15", "127.0.2.16", "127.0.2.17", "127.0.2.18", "127.0.2.19", "127.0.2.20", "127.0.2.21", "127.0.2.22", "127.0.2.23", "127.0.2.24"]; - } - } - spamhaus_sbl_url { + } + "DBL" { + # override the defaults for DBL defined in modules.d/rbl.conf + rbl = "${SPAMHAUS_DQS_KEY}.dbl.dq.spamhaus.net"; + disable_monitoring = true; + } + "ZRD" { + ignore_defaults = true; + rbl = "${SPAMHAUS_DQS_KEY}.zrd.dq.spamhaus.net"; + no_ip = true; + dkim = true; + emails = true; + emails_domainonly = true; + urls = true; + returncodes = { + ZRD_VERY_FRESH_DOMAIN = ["127.0.2.2", "127.0.2.3", "127.0.2.4"]; + ZRD_FRESH_DOMAIN = ["127.0.2.5", "127.0.2.6", "127.0.2.7", "127.0.2.8", "127.0.2.9", "127.0.2.10", "127.0.2.11", "127.0.2.12", "127.0.2.13", "127.0.2.14", "127.0.2.15", "127.0.2.16", "127.0.2.17", "127.0.2.18", "127.0.2.19", "127.0.2.20", "127.0.2.21", "127.0.2.22", "127.0.2.23", "127.0.2.24"]; + } + } + spamhaus_sbl_url { ignore_defaults = true rbl = "${SPAMHAUS_DQS_KEY}.sbl.dq.spamhaus.net"; checks = ['urls']; @@ -306,7 +305,6 @@ if [[ ! -z ${SPAMHAUS_DQS_KEY} ]]; then SH_HBL_FILE_SUSPICIOUS = "127.0.3.15"; } } - } EOF else rm -rf /etc/rspamd/custom/dqs-rbl.conf diff --git a/data/conf/rspamd/local.d/rbl.conf b/data/conf/rspamd/local.d/rbl.conf index 509435d5d..7f2976a08 100644 --- a/data/conf/rspamd/local.d/rbl.conf +++ b/data/conf/rspamd/local.d/rbl.conf @@ -21,6 +21,6 @@ rbls { } } -.include(try=true,priority=5) "$LOCAL_CONFDIR/custom/dqs-rbl.conf" +.include(try=true,override=true,priority=5) "$LOCAL_CONFDIR/custom/dqs-rbl.conf" } \ No newline at end of file