In the last months and years, the default `mime_types.conf` of rspamd has changed and it might be also useful to make some adjustments to the weight of certain file extensions.
This PR is removing all file extensions from `mime_types.conf` which are already in rspamd's default configuration at [rspamd/src/plugins/lua/mime_types.lua](https://github.com/rspamd/rspamd/blob/master/src/plugins/lua/mime_types.lua). If file extension is not present or has a different score compared to rspamd default, it is still in the list.
There are also a few major differences to certain file extensions, which might be useful to discuss and carefully adjust. For example, `.exe` files are rated very 'badly' due to high chance of being malicious, so are other extensions like `bat`, `cmd`, etc.
Current suggestion:
```lua
# Extensions that are treated as 'bad'
# Number is score multiply factor
bad_extensions = {
apk = 4,
appx = 4,
appxbundle = 4,
bat = 8,
cab = 20,
cmd = 8,
com = 20,
diagcfg = 4,
diagpack = 4,
dmg = 8,
ex = 20,
ex_ = 20,
exe = 20,
img = 4,
jar = 8,
jnlp = 8,
js = 8,
jse = 8,
lnk = 20,
mjs = 8,
msi = 4,
msix = 4,
msixbundle = 4,
ps1 = 8,
scr = 20,
sct = 20,
vb = 20,
vbe = 20,
vbs = 20,
vhd = 4,
py = 4,
reg = 8,
scf = 8,
vhdx = 4,
};
# Extensions that are particularly penalized for archives
bad_archive_extensions = {
pptx = 0.5,
docx = 0.5,
xlsx = 0.5,
pdf = 1.0,
jar = 12,
jnlp = 12,
bat = 12,
cmd = 12,
};
# Used to detect another archive in archive
archive_extensions = {
tar = 1,
['tar.gz'] = 1,
};
```
**As a important reminder**: For all remaining and additional file extensions and score weights, please check above default rspamd configuration!
Excluding FREEMAIL_ENVFROM from the FREEMAIL_POLICY_FAILURE expression will allow forwarding mail via freemail services when the initial sender did not have a DKIM signature.
As we have seen issues in DNS processing actually stops rspamd from
processing a message, which leads to missing tag insertion for example,
we turn on soft reject on task timeout. Behavior is the same as with
greylisting for example, so the mail will be delayed/soft rejected, but
as DNS issues usually are most likely temporarily, it should get delivered
on the second try.
