mkdir -p './opt'
mkdir -p './postfix/dynamicmaps.cf.d'
mkdir -p './postfix/sasl'
+mkdir -p './rspamd/local.d'
+mkdir -p './rspamd/override.d'
mkdir -p './security/limits.d'
mkdir -p './security/namespace.d'
mkdir -p './ssh/ssh_config.d'
maybe chmod 0755 'init.d/postfix'
maybe chmod 0755 'init.d/procps'
maybe chmod 0755 'init.d/redis-server'
+maybe chmod 0755 'init.d/rspamd'
maybe chmod 0755 'init.d/rsync'
maybe chmod 0755 'init.d/screen-cleanup'
maybe chmod 0755 'init.d/ssh'
maybe chmod 0644 'logrotate.d/dpkg'
maybe chmod 0644 'logrotate.d/mariadb'
maybe chmod 0644 'logrotate.d/redis-server'
+maybe chmod 0644 'logrotate.d/rspamd'
maybe chmod 0644 'logrotate.d/rsyslog'
maybe chmod 0644 'logrotate.d/wtmp'
maybe chmod 0755 'lvm'
maybe chmod 0755 'resolvconf/update-libc.d'
maybe chmod 0755 'resolvconf/update-libc.d/postfix'
maybe chmod 0644 'rpc'
+maybe chmod 0755 'rspamd'
+maybe chmod 0644 'rspamd/actions.conf'
+maybe chmod 0644 'rspamd/cgp.inc'
+maybe chmod 0644 'rspamd/common.conf'
+maybe chmod 0644 'rspamd/composites.conf'
+maybe chmod 0644 'rspamd/groups.conf'
+maybe chmod 0755 'rspamd/local.d'
+maybe chmod 0644 'rspamd/logging.inc'
+maybe chmod 0755 'rspamd/maps.d'
+maybe chmod 0644 'rspamd/maps.d/dmarc_whitelist.inc'
+maybe chmod 0644 'rspamd/maps.d/maillist.inc'
+maybe chmod 0644 'rspamd/maps.d/mid.inc'
+maybe chmod 0644 'rspamd/maps.d/mime_types.inc'
+maybe chmod 0644 'rspamd/maps.d/redirectors.inc'
+maybe chmod 0644 'rspamd/maps.d/spf_dkim_whitelist.inc'
+maybe chmod 0644 'rspamd/maps.d/surbl-whitelist.inc'
+maybe chmod 0644 'rspamd/metrics.conf'
+maybe chmod 0644 'rspamd/modules.conf'
+maybe chmod 0755 'rspamd/modules.d'
+maybe chmod 0644 'rspamd/modules.d/antivirus.conf'
+maybe chmod 0644 'rspamd/modules.d/arc.conf'
+maybe chmod 0644 'rspamd/modules.d/asn.conf'
+maybe chmod 0644 'rspamd/modules.d/aws_s3.conf'
+maybe chmod 0644 'rspamd/modules.d/bimi.conf'
+maybe chmod 0644 'rspamd/modules.d/chartable.conf'
+maybe chmod 0644 'rspamd/modules.d/clickhouse.conf'
+maybe chmod 0644 'rspamd/modules.d/dcc.conf'
+maybe chmod 0644 'rspamd/modules.d/dkim.conf'
+maybe chmod 0644 'rspamd/modules.d/dkim_signing.conf'
+maybe chmod 0644 'rspamd/modules.d/dmarc.conf'
+maybe chmod 0644 'rspamd/modules.d/elastic.conf'
+maybe chmod 0644 'rspamd/modules.d/emails.conf'
+maybe chmod 0644 'rspamd/modules.d/external_relay.conf'
+maybe chmod 0644 'rspamd/modules.d/external_services.conf'
+maybe chmod 0644 'rspamd/modules.d/force_actions.conf'
+maybe chmod 0644 'rspamd/modules.d/forged_recipients.conf'
+maybe chmod 0644 'rspamd/modules.d/fuzzy_check.conf'
+maybe chmod 0644 'rspamd/modules.d/greylist.conf'
+maybe chmod 0644 'rspamd/modules.d/hfilter.conf'
+maybe chmod 0644 'rspamd/modules.d/history_redis.conf'
+maybe chmod 0644 'rspamd/modules.d/http_headers.conf'
+maybe chmod 0644 'rspamd/modules.d/maillist.conf'
+maybe chmod 0644 'rspamd/modules.d/metadata_exporter.conf'
+maybe chmod 0644 'rspamd/modules.d/metric_exporter.conf'
+maybe chmod 0644 'rspamd/modules.d/mid.conf'
+maybe chmod 0644 'rspamd/modules.d/milter_headers.conf'
+maybe chmod 0644 'rspamd/modules.d/mime_types.conf'
+maybe chmod 0644 'rspamd/modules.d/multimap.conf'
+maybe chmod 0644 'rspamd/modules.d/mx_check.conf'
+maybe chmod 0644 'rspamd/modules.d/neural.conf'
+maybe chmod 0644 'rspamd/modules.d/once_received.conf'
+maybe chmod 0644 'rspamd/modules.d/p0f.conf'
+maybe chmod 0644 'rspamd/modules.d/phishing.conf'
+maybe chmod 0644 'rspamd/modules.d/ratelimit.conf'
+maybe chmod 0644 'rspamd/modules.d/rbl.conf'
+maybe chmod 0644 'rspamd/modules.d/redis.conf'
+maybe chmod 0644 'rspamd/modules.d/regexp.conf'
+maybe chmod 0644 'rspamd/modules.d/replies.conf'
+maybe chmod 0644 'rspamd/modules.d/reputation.conf'
+maybe chmod 0644 'rspamd/modules.d/rspamd_update.conf'
+maybe chmod 0644 'rspamd/modules.d/spamassassin.conf'
+maybe chmod 0644 'rspamd/modules.d/spamtrap.conf'
+maybe chmod 0644 'rspamd/modules.d/spf.conf'
+maybe chmod 0644 'rspamd/modules.d/surbl.conf'
+maybe chmod 0644 'rspamd/modules.d/trie.conf'
+maybe chmod 0644 'rspamd/modules.d/url_redirector.conf'
+maybe chmod 0644 'rspamd/modules.d/whitelist.conf'
+maybe chmod 0644 'rspamd/options.inc'
+maybe chmod 0755 'rspamd/override.d'
+maybe chmod 0644 'rspamd/rspamd.conf'
+maybe chmod 0755 'rspamd/scores.d'
+maybe chmod 0644 'rspamd/scores.d/content_group.conf'
+maybe chmod 0644 'rspamd/scores.d/fuzzy_group.conf'
+maybe chmod 0644 'rspamd/scores.d/headers_group.conf'
+maybe chmod 0644 'rspamd/scores.d/hfilter_group.conf'
+maybe chmod 0644 'rspamd/scores.d/mime_types_group.conf'
+maybe chmod 0644 'rspamd/scores.d/mua_group.conf'
+maybe chmod 0644 'rspamd/scores.d/phishing_group.conf'
+maybe chmod 0644 'rspamd/scores.d/policies_group.conf'
+maybe chmod 0644 'rspamd/scores.d/rbl_group.conf'
+maybe chmod 0644 'rspamd/scores.d/statistics_group.conf'
+maybe chmod 0644 'rspamd/scores.d/subject_group.conf'
+maybe chmod 0644 'rspamd/scores.d/surbl_group.conf'
+maybe chmod 0644 'rspamd/scores.d/whitelist_group.conf'
+maybe chmod 0644 'rspamd/settings.conf'
+maybe chmod 0644 'rspamd/statistic.conf'
+maybe chmod 0644 'rspamd/worker-controller.inc'
+maybe chmod 0644 'rspamd/worker-fuzzy.inc'
+maybe chmod 0644 'rspamd/worker-normal.inc'
+maybe chmod 0644 'rspamd/worker-proxy.inc'
maybe chmod 0644 'rsyslog.conf'
maybe chmod 0644 'rsyslog.conf.orig'
maybe chmod 0755 'rsyslog.d'
dovecot:x:118:
dovenull:x:119:
redis:x:120:
+_rspamd:x:115:
_chrony:x:112:
postfix:x:113:
postdrop:x:114:
-valkey:x:115:
mysql:x:116:
tcpdump:x:117:
dovecot:x:118:
dovecot:!::
dovenull:!::
redis:!::
+_rspamd:!::
_chrony:!::
postfix:!::
postdrop:!::
-valkey:!::
mysql:!::
tcpdump:!::
dovecot:!::
--- /dev/null
+#! /bin/bash
+### BEGIN INIT INFO
+# Provides: rspamd
+# Required-Start: $syslog $remote_fs
+# Required-Stop: $syslog $remote_fs
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Rspamd spam filtering system
+# Description: Rspamd is fast and modular spam filtering system
+### END INIT INFO
+
+# Author: Vsevolod Stakhov <vsevolod@highsecure.ru>
+
+# PATH should only include /usr/* if it runs after the mountnfs.sh script
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="Rspamd"
+NAME=rspamd
+DAEMON=/usr/bin/$NAME
+RSPAMADM=/usr/bin/rspamadm
+DAEMON_ARGS="-c /etc/rspamd/rspamd.conf"
+DESC="rapid spam filtering system"
+PIDFILE=/run/rspamd/$NAME.pid
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
+. /lib/lsb/init-functions
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ mkdir -m 755 -p /run/rspamd
+ chown _rspamd:_rspamd /run/rspamd
+ $RSPAMADM configtest $DAEMON_ARGS > /dev/null \
+ || return 1
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+ $DAEMON_ARGS -u _rspamd -g _rspamd \
+ || return 2
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ # Many daemons don't delete their pidfiles when they exit.
+ rm -f $PIDFILE
+ return "$RETVAL"
+}
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+ start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE
+ return 0
+}
+
+#
+# Function that sends a SIGUSR1 to the daemon/service
+#
+do_reopenlog() {
+ start-stop-daemon --stop --signal 10 --quiet --pidfile $PIDFILE
+ return 0
+}
+
+case "$1" in
+ start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
+ do_start
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ status)
+ status_of_proc -p $PIDFILE "$DAEMON" "$NAME" || exit $?
+ ;;
+ reload|force-reload)
+ log_daemon_msg "Reloading $DESC" "$NAME"
+ do_reload
+ log_end_msg $?
+ ;;
+ reopenlog)
+ log_daemon_msg "Reopen logs for $DESC" "$NAME"
+ do_reopenlog
+ log_end_msg $?
+ ;;
+ restart)
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload|reopenlog}" >&2
+ exit 3
+ ;;
+esac
+
+exit 0
--- /dev/null
+/var/log/rspamd/rspamd.log {
+ daily
+ rotate 4
+ delaycompress
+ compress
+ notifempty
+ missingok
+ postrotate
+ systemctl kill --signal=SIGUSR1 rspamd >/dev/null 2>&1 \
+ || service rspamd reopenlog >/dev/null 2>&1 || true
+ endscript
+}
dovecot:x:108:118:Dovecot mail server,,,:/usr/lib/dovecot:/usr/sbin/nologin
dovenull:x:109:119:Dovecot login user,,,:/nonexistent:/usr/sbin/nologin
redis:x:110:120::/var/lib/redis:/usr/sbin/nologin
+_rspamd:x:105:115:rspamd spam filtering system,,,:/var/lib/rspamd:/usr/sbin/nologin
frank:x:1017:100:Frank Brehm:/home/frank:/bin/bash
_chrony:x:103:112:Chrony daemon,,,:/var/lib/chrony:/usr/sbin/nologin
postfix:x:104:113::/var/spool/postfix:/usr/sbin/nologin
-valkey:x:105:115::/var/lib/valkey:/usr/sbin/nologin
mysql:x:106:116:MySQL Server,,,:/nonexistent:/bin/false
tcpdump:x:107:117::/nonexistent:/usr/sbin/nologin
dovecot:x:108:118:Dovecot mail server,,,:/usr/lib/dovecot:/usr/sbin/nologin
dovenull:x:109:119:Dovecot login user,,,:/nonexistent:/usr/sbin/nologin
redis:x:110:120::/var/lib/redis:/usr/sbin/nologin
+_rspamd:x:105:115::/var/lib/rspamd:/usr/sbin/nologin
--- /dev/null
+../init.d/rspamd
\ No newline at end of file
--- /dev/null
+../init.d/rspamd
\ No newline at end of file
--- /dev/null
+../init.d/rspamd
\ No newline at end of file
--- /dev/null
+../init.d/rspamd
\ No newline at end of file
--- /dev/null
+../init.d/rspamd
\ No newline at end of file
--- /dev/null
+../init.d/rspamd
\ No newline at end of file
--- /dev/null
+../init.d/rspamd
\ No newline at end of file
--- /dev/null
+# Actions settings
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/actions.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/actions.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# See also https://rspamd.com/doc/faq.html#what-are-rspamd-actions for actions definition
+
+actions {
+ reject = 15; # Reject when reaching this score
+ add_header = 6; # Add header when reaching this score
+ greylist = 4; # Apply greylisting when reaching this score (will emit `soft reject action`)
+
+ #unknown_weight = 1.0; # Enable if need to set score for all symbols implicitly
+ # Each new symbol is added multiplied by gf^N, where N is the number of spammy symbols
+ #grow_factor = 1.1;
+ # Set rewrite subject to this value (%s is replaced by the original subject)
+ #subject = "***SPAM*** %s"
+
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/actions.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/actions.conf"
+}
\ No newline at end of file
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# This file defines some specific settings that are applicable merely when using
+# CommuniGate Pro MTA and it's specific integration
+
+arc {
+ sign_networks = [127.2.4.7];
+}
+
+dkim_signing {
+ sign_networks = [127.2.4.7];
+}
+
+options {
+ local_addrs = [127.2.4.7];
+}
--- /dev/null
+# A common rspamd configuration file (should never ever be changed)
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
+# parameters defined on the top level
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
+# parameters defined on the top level
+#
+# For specific modules or configuration you can also modify
+# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
+# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
+#
+# See https://rspamd.com/doc/tutorials/writing_rules.html for details
+
+lua = "$RULESDIR/rspamd.lua"
+
+.include "$CONFDIR/metrics.conf"
+.include "$CONFDIR/actions.conf"
+.include "$CONFDIR/groups.conf"
+.include "$CONFDIR/composites.conf"
+
+.include "$CONFDIR/statistic.conf"
+
+.include "$CONFDIR/modules.conf"
+
+# Include users settings
+.include "$CONFDIR/settings.conf"
+
+# User local settings
+.include(try=true) "$LOCAL_CONFDIR/rspamd.conf.local"
+.include(try=true,priority=10) "$LOCAL_CONFDIR/rspamd.conf.local.override"
+.include(try=true,priority=10) "$LOCAL_CONFDIR/rspamd.conf.override"
+
+modules {
+ path = "${PLUGINSDIR}";
+ fallback_path = "${SHAREDIR}/lua"; # Legacy path
+ try_path = "${LOCAL_CONFDIR}/plugins.d/"; # User plugins
+}
--- /dev/null
+# Composites setup
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/composites.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/composites.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# See https://rspamd.com/doc/tutorials/writing_rules.html and
+# https://rspamd.com/doc/configuration/composites.html for details
+
+composites {
+
+ FORGED_RECIPIENTS_MAILLIST {
+ expression = "FORGED_RECIPIENTS & -MAILLIST";
+ }
+ FORGED_SENDER_MAILLIST {
+ expression = "FORGED_SENDER & -MAILLIST";
+ }
+ FORGED_SENDER_FORWARDING {
+ expression = "FORGED_SENDER & g:forwarding";
+ description = "Forged sender, but message is forwarded";
+ policy = "remove_weight";
+ }
+ SPF_FAIL_FORWARDING {
+ expression = "g:forwarding & (R_SPF_SOFTFAIL | R_SPF_FAIL)";
+ policy = "remove_weight";
+ }
+ DMARC_POLICY_ALLOW_WITH_FAILURES {
+ expression = "DMARC_POLICY_ALLOW & (R_SPF_SOFTFAIL | R_SPF_FAIL | R_DKIM_REJECT)";
+ policy = "remove_weight";
+ }
+ FORGED_RECIPIENTS_FORWARDING {
+ expression = "FORGED_RECIPIENTS & g:forwarding";
+ policy = "remove_weight";
+ }
+ FORGED_SENDER_VERP_SRS {
+ expression = "FORGED_SENDER & (ENVFROM_PRVS | ENVFROM_VERP)";
+ }
+ FORGED_MUA_MAILLIST {
+ expression = "g:mua & -MAILLIST";
+ }
+ RBL_SPAMHAUS_XBL_ANY {
+ expression = "RBL_SPAMHAUS_XBL & RECEIVED_SPAMHAUS_XBL";
+ description = "From and Received address are listed in Spamhaus XBL";
+ }
+ AUTH_NA {
+ expression = "R_DKIM_NA & R_SPF_NA & DMARC_NA & ARC_NA";
+ score = 1.0;
+ policy = "remove_weight";
+ description = "Authenticating message via SPF/DKIM/DMARC/ARC not available";
+ }
+ AUTH_NA_OR_FAIL {
+ expression = "!(R_DKIM_NA & R_SPF_NA & DMARC_NA & ARC_NA) & (R_DKIM_NA | R_DKIM_TEMPFAIL | R_DKIM_PERMFAIL) & (R_SPF_NA | R_SPF_DNSFAIL) & DMARC_NA & (ARC_NA | ARC_DNSFAIL)";
+ score = 1.0;
+ policy = "remove_weight";
+ description = "No authenticating method SPF/DKIM/DMARC/ARC was successful";
+ }
+ BOUNCE_NO_AUTH {
+ expression = "(AUTH_NA | AUTH_NA_OR_FAIL) & (BOUNCE | SUBJ_BOUNCE_WORDS)";
+ score = 1.0;
+ }
+ DKIM_MIXED {
+ expression = "-R_DKIM_ALLOW & (R_DKIM_TEMPFAIL | R_DKIM_PERMFAIL | R_DKIM_REJECT)"
+ policy = "remove_weight";
+ }
+ MAIL_RU_MAILER_BASE64 {
+ expression = "MAIL_RU_MAILER & (FROM_EXCESS_BASE64 | MIME_BASE64_TEXT | REPLYTO_EXCESS_BASE64 | SUBJ_EXCESS_BASE64 | TO_EXCESS_BASE64)";
+ }
+ YANDEX_RU_MAILER_CTYPE_MIXED_BOGUS {
+ expression = "YANDEX_RU_MAILER & -HAS_ATTACHMENT & CTYPE_MIXED_BOGUS";
+ }
+ MAILER_1C_8_BASE64 {
+ expression = "MAILER_1C_8 & (FROM_EXCESS_BASE64 | MIME_BASE64_TEXT | SUBJ_EXCESS_BASE64 | TO_EXCESS_BASE64)";
+ description = "Message was sent by '1C:Enterprise 8' and uses base64 encoded data";
+ }
+ HACKED_WP_PHISHING {
+ expression = "(HAS_X_POS | HAS_PHPMAILER_SIG) & HAS_WP_URI & (PHISHING | DBL_PHISH | PHISHED_OPENPHISH | PHISHED_PHISHTANK)";
+ description = "Phish message sent by hacked Wordpress instance";
+ policy = "leave";
+ }
+ COMPROMISED_ACCT_BULK {
+ expression = "(HAS_XOIP | RCVD_FROM_SMTP_AUTH) & DCC_BULK";
+ description = "Likely to be from a compromised account";
+ score = 3.0;
+ policy = "leave";
+ }
+ UNDISC_RCPTS_BULK {
+ expression = "DCC_BULK & (MISSING_TO | R_UNDISC_RCPT)";
+ description = "Missing or undisclosed recipients with a bulk signature";
+ score = 3.0;
+ policy = "leave";
+ }
+ RCVD_UNAUTH_PBL {
+ expression = "RECEIVED_PBL & !RCVD_VIA_SMTP_AUTH";
+ description = "Relayed through ZEN PBL IP without sufficient authentication (possible indicating an open relay)";
+ score = 2.0;
+ policy = "leave";
+ }
+ RCVD_DKIM_ARC_DNSWL_MED {
+ expression = "(R_DKIM_ALLOW | ARC_ALLOW) & RCVD_IN_DNSWL_MED";
+ description = "Sufficiently DKIM/ARC signed and received from IP with medium trust at DNSWL";
+ score = -0.5;
+ policy = "leave";
+ }
+ RCVD_DKIM_ARC_DNSWL_HI {
+ expression = "(R_DKIM_ALLOW | ARC_ALLOW) & RCVD_IN_DNSWL_HI";
+ description = "Sufficiently DKIM/ARC signed and received from IP with high trust at DNSWL";
+ score = -1.0;
+ policy = "leave";
+ }
+ AUTOGEN_PHP_SPAMMY {
+ expression = "(HAS_X_POS | HAS_PHPMAILER_SIG | HAS_X_PHP_SCRIPT) & (SUBJECT_ENDS_QUESTION | SUBJECT_ENDS_EXCLAIM | MANY_INVISIBLE_PARTS)";
+ description = "Message was generated by PHP script and contains some spam indicators";
+ score = 1.0;
+ policy = "leave";
+ }
+ PHISH_EMOTION {
+ expression = "(PHISHING | DBL_PHISH | PHISHED_OPENPHISH | PHISHED_PHISHTANK) & (SUBJECT_ENDS_QUESTION | SUBJECT_ENDS_EXCLAIM)";
+ description = "Phish message with subject trying to address users emotion";
+ score = 1.0;
+ policy = "leave";
+ }
+ HAS_ANON_DOMAIN {
+ expression = "HAS_GUC_PROXY_URI | URIBL_RED | DBL_ABUSE_REDIR | HAS_ONION_URI";
+ description = "Contains one or more domains trying to disguise owner/destination";
+ score = 0.1;
+ policy = "leave";
+ }
+ BAD_REP_POLICIES {
+ description = "Contains valid policies but are also marked by fuzzy/bayes/surbl/rbl";
+ expression = "(~g-:policies) & (-g+:fuzzy | -g+:statistics | -g+:surbl | -g+:rbl)";
+ score = 0.1;
+ }
+
+ VIOLATED_DIRECT_SPF {
+ description = "Has no Received (or no trusted received relays) and SPF policy fails or soft fails";
+ expression = "(R_SPF_FAIL | R_SPF_SOFTFAIL) & (RCVD_COUNT_ZERO | RCVD_NO_TLS_LAST)";
+ policy = "leave";
+ score = 3.5;
+ }
+
+ IP_SCORE_FREEMAIL {
+ description = "Negate IP_SCORE when message comes from FreeMail";
+ expression = "FREEMAIL_FROM & SENDER_REP_SPAM";
+ score = 0.0;
+ policy = "remove_weight";
+ }
+ BROKEN_HEADERS_MAILLIST {
+ description = "Negate BROKEN_HEADERS when message comes via some mailing list";
+ expression = "BROKEN_HEADERS & -MAILLIST";
+ score = 0.0;
+ policy = "remove_weight";
+ }
+ LEAKED_PASSWORD_SCAM {
+ description = "Contains BTC wallet address and scam patterns";
+ expression = "BITCOIN_ADDR & (LEAKED_PASSWORD_SCAM_RE | R_MIXED_CHARSET | R_EMPTY_IMAGE)";
+ policy = "leave";
+ score = 7.0;
+ group = "scams";
+ }
+
+ FREEMAIL_AFF {
+ expression = "(FREEMAIL_FROM | FREEMAIL_ENVFROM | FREEMAIL_REPLYTO) & R_UNDISC_RCPT & (INTRODUCTION | FROM_NAME_HAS_TITLE | FREEMAIL_REPLYTO_NEQ_FROM_DOM)";
+ score = 4.0;
+ policy = "leave";
+ description = "Message exhibits strong characteristics of advance fee fraud (AFF a/k/a '419' spam) involving freemail addresses";
+ }
+
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/composites.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/composites.conf"
+}
--- /dev/null
+# Symbols groups setup
+# Each individual group lives in scores.d/<GROUPNAME>
+#
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/groups.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/groups.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# See also: https://rspamd.com/doc/faq.html#how-to-change-score-for-some-symbol
+
+group "headers" {
+ .include "$CONFDIR/scores.d/headers_group.conf"
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/headers_group.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/headers_group.conf"
+}
+
+group "subject" {
+ .include "$CONFDIR/scores.d/subject_group.conf"
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/subject_group.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/subject_group.conf"
+}
+
+group "mua" {
+ .include "$CONFDIR/scores.d/mua_group.conf"
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/mua_group.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/mua_group.conf"
+}
+
+group "rbl" {
+ .include "$CONFDIR/scores.d/rbl_group.conf"
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/rbl_group.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/rbl_group.conf"
+}
+
+group "statistics" {
+ .include "$CONFDIR/scores.d/statistics_group.conf"
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/statistics_group.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/statistics_group.conf"
+}
+
+group "fuzzy" {
+ .include "$CONFDIR/scores.d/fuzzy_group.conf"
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/fuzzy_group.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/fuzzy_group.conf"
+}
+
+# SPF + DKIM + DMARC + ARC
+group "policies" {
+ .include "$CONFDIR/scores.d/policies_group.conf"
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/policies_group.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/policies_group.conf"
+}
+
+group "whitelist" {
+ .include "$CONFDIR/scores.d/whitelist_group.conf"
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/whitelist_group.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/whitelist_group.conf"
+}
+
+group "surbl" {
+ .include "$CONFDIR/scores.d/surbl_group.conf"
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/surbl_group.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/surbl_group.conf"
+}
+
+group "phishing" {
+ .include "$CONFDIR/scores.d/phishing_group.conf"
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/phishing_group.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/phishing_group.conf"
+}
+
+group "hfilter" {
+ .include "$CONFDIR/scores.d/hfilter_group.conf"
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/hfilter_group.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/hfilter_group.conf"
+}
+
+group "mime_types" {
+ .include "$CONFDIR/scores.d/mime_types_group.conf"
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/mime_types_group.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/mime_types_group.conf"
+}
+
+# Used to limit maximum score
+group "excessqp" {
+ max_score = 2.4;
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/excessqp_group.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/excessqp_group.conf"
+}
+group "excessb64" {
+ max_score = 3.0;
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/excessb64_group.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/excessb64_group.conf"
+}
+
+# Not defined by default
+group "neural" {
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/neural_group.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/neural_group.conf"
+}
+
+group "antivirus" {
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/antivirus_group.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/antivirus_group.conf"
+}
+
+group "external_services" {
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/external_services_group.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/external_services_group.conf"
+}
+
+group "content" {
+ .include "$CONFDIR/scores.d/content_group.conf"
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/content_group.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/content_group.conf"
+}
+
+.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/groups.conf"
+.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/groups.conf"
--- /dev/null
+# Logging configuration
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/logging.inc' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/logging.inc' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Relevant documentation: https://rspamd.com/doc/configuration/logging.html
+
+level = "info";
+log_format =<<EOD
+id: <$mid>,$if_qid{ qid: <$>,}$if_ip{ ip: $,}$if_user{ user: $,}$if_smtp_from{ from: <$>,}
+(default: $is_spam ($action): [$scores] [$symbols_scores_params]),
+len: $len, time: $time_real, dns req: $dns_req,
+digest: <$digest>$if_smtp_rcpts{, rcpts: <$>}$if_mime_rcpts{, mime_rcpts: <$>}$if_filename{, file: $}$if_forced_action{, forced: $}$if_settings_id{, settings_id: $}
+EOD
+
+
+# Show statistics for regular expressions
+log_re_cache = true;
+
+# Can be used for console logging
+color = false;
+
+# Log with microseconds resolution
+log_usec = false;
+
+# Enable debug for specific modules (e.g. `debug_modules = ["dkim", "re_cache"];`)
+debug_modules = []
--- /dev/null
+# Domains with valid DMARC and DKIM
+# These domains come from some top visited sites that have restrictive dmarc policy
+
+4chan.org
+adp.com
+advice.hmrc.gov.uk
+airbnb.com
+airtel.in
+alibaba.com
+aliexpress.com
+alipay.com
+americanexpress.com
+avg.com
+avito.ru
+badoo.com
+battle.net
+beeline.ru
+booking.com
+box.com
+chase.com
+consultant.ru
+dhl.com
+emarsys.com
+esetnod32.ru
+evernote.com
+facebook.com
+facebookmail.com
+fedex.com
+force.com
+garant.ru
+gosuslugi.ru
+hh.ru
+hmrc.gov.uk
+instagram.com
+linkedin.com
+livejournal.com
+lufthansa-group.com
+mackeeper.com
+megafon.ru
+mercadolibre.com.ar
+mercadolivre.com.br
+messenger.com
+mvideo.ru
+neobux.com
+netflix.com
+newegg.com
+nic.ru
+paypal.com
+pch.com
+pinterest.com
+rostelecom.ru
+rt.ru
+sberbank.ru
+sportmaster.ru
+squarespace.com
+subscribe.ru
+superjob.ru
+twitter.com
+uber.com
+ulmart.ru
+ups.com
+usps.com
+utair.ru
+verizonwireless.com
+vk.com
+vkrugudruzei.ru
+westernunion.com
+whatsapp.com
+zendesk.com
+zomato.com
--- /dev/null
+usndr.com
+subscribe.ru
+smartsndr.com
+
+hh.ru
+free-lance.ru
+superjob.ru
+rabota.ru
+job.ru
+odesk.com
+jobinmoscow.ru
+
+russianpost.ru
+shopotam.ru
+
+ebay.com
+alibaba.com
+aliexpress.com
+alipay.com
+
+github.net
+github.com
+molotok.ru
+
+facebook.com
+vk.com
+odnoklassniki.ru
+vkrugudruzei.ru
+linkedin.com
+professionali.ru
+mail.mtml.ru
+livejournal.com
+twitter.com
+
+avito.ru
+dmir.ru
+mnogo.ru
+paypal.com
+roboxchange.com
+sberbank.ru
+
+qiwi.com
+qiwi.ru
+osmp.ru
+mobilelement.ru
+rp-system.ru
+quickpay.ru
+rbkmoney.ru
+
+gosuslugi.ru
+rostelecom.ru
+mos.ru
+gov.ru
+nalog.ru
+sitesoft.ru
+e-moskva.ru
+rosreestr.ru
+roseltorg.ru
+sberbank-ast.ru
+etp-micex.ru
+zakazrf.ru
+rtstender.ru
+rts-tender.ru
+b2b-center.ru
+yamoney.ru
+
+fabrikant.ru
+
+apple.com
+dropbox.com
+skype.com
+
+habramail.net
+mamba.ru
+dating.ru
+topface.com
+
+ulmart.ru
+electrozon.ru
+nix.ru
+ozon.ru
+
+beeline.ru
+mts.ru
+megafon.ru
+
+booking.com
+tutu.ru
+aeroflot.ru
+
+vedomosti.ru
+
+1c-bitrix.ru
+
+moesk.ru
+
+exist.ru
+tks.ru
+zzap.ru
+
+activeby.net
+babysfera.ru
+baby.ru
+
+wordpress.com
+
+ispsystem.net
+ispsystem.com
+ispsystem.ru
+
+naukanet.ru
+
+startcomca.com
+
+wmtransfer.com
+
+sipnet.ru
+tario.ru
+
+mailgun.com
+mailgun.net
+
+psport.ru
+
+returnpath.net
+senderscore.net
+
+webnames.ru
+regtime.net
+
+nic.ru
+r01.ru
+reg.ru
+
+ztel.ru
+
+youtube.com
+baidu.com
+yahoo.com
+amazon.com
+wikipedia.org
+qq.com
+google.co.in
+live.com
+taobao.com
+msn.com
+yahoo.co.jp
+google.co.jp
+weibo.com
+bing.com
+hao123.com
+instagram.com
+google.de
+amazon.co.jp
+360.cn
+tmall.com
+google.co.uk
+pinterest.com
+google.ru
+reddit.com
+google.com.br
+t.co
+netflix.com
+google.fr
+sohu.com
+microsoft.com
+google.it
+blogspot.com
+tumblr.com
+ok.ru
+gmw.cn
+imgur.com
+stackoverflow.com
+xvideos.com
+google.com.mx
+fc2.com
+imdb.com
+google.com.hk
+amazon.de
+ask.com
+google.com.tr
+google.ca
+office.com
+pornhub.com
+google.co.id
+soso.com
+go.com
+pixnet.net
+amazon.co.uk
+googleusercontent.com
+outbrain.com
+amazon.in
+blogger.com
+cnn.com
+google.pl
+google.com.au
+360.com
+xhamster.com
+adobe.com
+flipkart.com
+microsoftonline.com
+whatsapp.com
+nytimes.com
+chase.com
+wosign.com
+comodo.com
+comodogroup.com
+comodo.net
--- /dev/null
+# Known invalid or missed Message-IDs
+# 'domain' 'Message-ID regexp'
+
+alibaba.com /^[a-f0-9]{8}(?:-[a-f0-9]{4}){3}-[a-f0-9]{12}-0$/
+aliexpress.com /^(?:(?:[0-9]{14,15}|[a-z]{4}UTT_[0-9]{5,6}_(?:[0-9]{8}_)?)[$])?[a-f0-9]{32}$/
+beeline.ru /^<[A-z0-9+]{18}>$/
+noreply.esphere.ru
+noreply.etprf.ru
+rkn.gov.ru
+garant.ru
+is-zakupki.com
+mirtesen.ru
+fcod.nalog.ru
+otc.ru
+qiwi.ru
+client.rostelecom.ru
+sberbank-ast.ru
+crm.taxcom.ru
+wildberries.ru /^[a-f0-9]{8}(?:-[a-f0-9]{4}){3}-[a-f0-9]{12}$/
+promo.wildberries.ru /^[A-F0-9]{8}(?:-[A-F0-9]{4}){3}-[A-F0-9]{12}$/
+taxi.yandex.ru /^[a-f0-9]{32}$/
+online.zcts.ru
--- /dev/null
+# perl -ne 'if(/([^\d.\s\[o][^\d.\[\]\s\/A-Z]{3,}\/[^\s\/]+)/) { print "$1 0\n"; }'
+application/1d-interleaved-parityfec 0
+application/3gpdash-qoe-report+xml 0
+application/3gpp-ims+xml 0
+application/A2L 0
+application/AML 0
+application/ATF 0
+application/ATFX 0
+application/ATXML 0
+application/CALS-1840 0
+application/CDFX+XML 0
+application/CEA 0
+application/CSTAdata+xml 0
+application/DCD 0
+application/DII 0
+application/DIT 0
+application/EDI-X12 0
+application/EDI-consent 0
+application/EDIFACT 0
+application/EmergencyCallData.Comment+xml 0
+application/EmergencyCallData.DeviceInfo+xml 0
+application/EmergencyCallData.ProviderInfo+xml 0
+application/EmergencyCallData.ServiceInfo+xml 0
+application/EmergencyCallData.SubscriberInfo+xml 0
+application/H224 0
+application/IOTP 0
+application/ISUP 0
+application/LXF 0
+application/MF4 0
+application/ODA 0
+application/ODX 0
+application/PDX 0
+application/QSIG 0
+application/SGML 0
+application/activemessage 0
+application/alto-costmap+json 0
+application/alto-costmapfilter+json 0
+application/alto-directory+json 0
+application/alto-endpointcost+json 0
+application/alto-endpointcostparams+json 0
+application/alto-endpointprop+json 0
+application/alto-endpointpropparams+json 0
+application/alto-error+json 0
+application/alto-networkmap+json 0
+application/alto-networkmapfilter+json 0
+application/andrew-inset 0
+application/applefile 0
+application/atom+xml 0
+application/atomcat+xml 0
+application/atomdeleted+xml 0
+application/atomicmail 0
+application/atomsvc+xml 0
+application/auth-policy+xml 0
+application/bacnet-xdd+zip 0
+application/batch-SMTP 0
+application/beep+xml 0
+application/calendar+json 0
+application/calendar+xml 0
+application/call-completion 0
+application/cbor 0
+application/ccmp+xml 0
+application/ccxml+xml 0
+application/cdmi-capability 0
+application/cdmi-container 0
+application/cdmi-domain 0
+application/cdmi-object 0
+application/cdmi-queue 0
+application/cdni 0
+application/cea-2018+xml 0
+application/cellml+xml 0
+application/cfw 0
+application/cms 0
+application/cnrp+xml 0
+application/coap-group+json 0
+application/commonground 0
+application/conference-info+xml 0
+application/cpl+xml 0
+application/csrattrs 0
+application/csta+xml 0
+application/csvm+json 0
+application/cybercash 0
+application/dash+xml 0
+application/dashdelta 0
+application/davmount+xml 0
+application/dca-rft 0
+application/dec-dx 0
+application/dialog-info+xml 0
+application/dicom 0
+application/dns 0
+application/dskpp+xml 0
+application/dssc+der 0
+application/dssc+xml 0
+application/dvcs 0
+application/ecmascript 0
+application/emotionml+xml 0
+application/encaprtp 0
+application/epp+xml 0
+application/epub+zip 0
+application/eshop 0
+application/example 0
+application/fastinfoset 0
+application/fastsoap 0
+application/fdt+xml 0
+application/fits 0
+application/font-sfnt 0
+application/font-tdpfr 0
+application/font-woff 0
+application/framework-attributes+xml 0
+application/gzip 0
+application/held+xml 0
+application/http 0
+application/hyperstudio 0
+application/ibe-key-request+xml 0
+application/ibe-pkg-reply+xml 0
+application/ibe-pp-data 0
+application/ics 0
+application/iges 0
+application/im-iscomposing+xml 0
+application/index 0
+application/index-obj 0
+application/index.cmd 0
+application/index.response 0
+application/index.vnd 0
+application/inkml+xml 0
+application/ipfix 0
+application/ipp 0
+application/its+xml 0
+application/javascript 0
+application/jose 0
+application/jose+json 0
+application/jrd+json 0
+application/json 0
+application/json-patch+json 0
+application/json-seq 0
+application/jwk+json 0
+application/jwk-set+json 0
+application/jwt 0
+application/kpml-request+xml 0
+application/kpml-response+xml 0
+application/ld+json 0
+application/link-format 0
+application/load-control+xml 0
+application/lost+xml 0
+application/lostsync+xml 0
+application/mac-binhex40 0
+application/macwriteii 0
+application/mads+xml 0
+application/marc 0
+application/marcxml+xml 0
+application/mathematica 0
+application/mbms-associated-procedure-description+xml 0
+application/mbms-deregister+xml 0
+application/mbms-envelope+xml 0
+application/mbms-msk+xml 0
+application/mbms-msk-response+xml 0
+application/mbms-protection-description+xml 0
+application/mbms-reception-report+xml 0
+application/mbms-register+xml 0
+application/mbms-register-response+xml 0
+application/mbms-schedule+xml 0
+application/mbms-user-service-description+xml 0
+application/mbox 0
+application/media-policy-dataset+xml 0
+application/media_control+xml 0
+application/mediaservercontrol+xml 0
+application/merge-patch+json 0
+application/metalink4+xml 0
+application/mets+xml 0
+application/mikey 0
+application/mods+xml 0
+application/moss-keys 0
+application/moss-signature 0
+application/mosskey-data 0
+application/mosskey-request 0
+application/mp21 0
+application/mp4 0
+application/mpeg4-generic 0
+application/mpeg4-iod 0
+application/mpeg4-iod-xmt 0
+application/mrb-consumer+xml 0
+application/mrb-publish+xml 0
+application/msc-ivr+xml 0
+application/msc-mixer+xml 0
+application/msword 0
+application/mxf 0
+application/nasdata 0
+application/news-checkgroups 0
+application/news-groupinfo 0
+application/news-transmission 0
+application/nlsml+xml 0
+application/nss 0
+application/ocsp-request 0
+application/ocsp-response 0
+application/octet-stream 0
+application/oebps-package+xml 0
+application/ogg 0
+application/oxps 0
+application/p2p-overlay+xml 0
+application/patch-ops-error+xml 0
+application/pdf 0
+application/pgp-encrypted 0
+application/pgp-keys 0
+application/pgp-signature 0
+application/pidf+xml 0
+application/pidf-diff+xml 0
+application/pkcs10 0
+application/pkcs12 0
+application/pkcs7-mime -1
+application/pkcs7-signature -1
+application/pkcs8 0
+application/pkix-attr-cert 0
+application/pkix-cert 0
+application/pkix-crl 0
+application/pkix-pkipath 0
+application/pkixcmp 0
+application/pls+xml 0
+application/poc-settings+xml 0
+application/postscript 0
+application/ppsp-tracker+json 0
+application/provenance+xml 0
+application/prs.alvestrand.titrax-sheet 0
+application/prs.cww 0
+application/prs.hpub+zip 0
+application/prs.nprend 0
+application/prs.plucker 0
+application/prs.rdf-xml-crypt 0
+application/prs.xsf+xml 0
+application/pskc+xml 0
+application/raptorfec 0
+application/rdap+json 0
+application/rdf+xml 0
+application/reginfo+xml 0
+application/relax-ng-compact-syntax 0
+application/remote-printing 0
+application/reputon+json 0
+application/resource-lists+xml 0
+application/resource-lists-diff+xml 0
+application/rfc+xml 0
+application/riscos 0
+application/rlmi+xml 0
+application/rls-services+xml 0
+application/rpki-ghostbusters 0
+application/rpki-manifest 0
+application/rpki-roa 0
+application/rpki-updown 0
+application/rtf 0
+application/rtploopback 0
+application/rtx 0
+application/samlassertion+xml 0
+application/samlmetadata+xml 0
+application/sbml+xml 0
+application/scaip+xml 0
+application/scim+json 0
+application/scvp-cv-request 0
+application/scvp-cv-response 0
+application/scvp-vp-request 0
+application/scvp-vp-response 0
+application/sdp 0
+application/sep+xml 0
+application/sep-exi 0
+application/session-info 0
+application/set-payment 0
+application/set-payment-initiation 0
+application/set-registration 0
+application/set-registration-initiation 0
+application/sgml-open-catalog 0
+application/shf+xml 0
+application/sieve 0
+application/simple-filter+xml 0
+application/simple-message-summary 0
+application/simpleSymbolContainer 0
+application/slate 0
+application/smil+xml 0
+application/smpte336m 0
+application/soap+fastinfoset 0
+application/soap+xml 0
+application/spirits-event+xml 0
+application/sql 0
+application/srgs 0
+application/srgs+xml 0
+application/sru+xml 0
+application/ssml+xml 0
+application/tamp-apex-update 0
+application/tamp-apex-update-confirm 0
+application/tamp-community-update 0
+application/tamp-community-update-confirm 0
+application/tamp-error 0
+application/tamp-sequence-adjust 0
+application/tamp-sequence-adjust-confirm 0
+application/tamp-status-query 0
+application/tamp-status-response 0
+application/tamp-update 0
+application/tamp-update-confirm 0
+application/tei+xml 0
+application/thraud+xml 0
+application/timestamp-query 0
+application/timestamp-reply 0
+application/timestamped-data 0
+application/ttml+xml 0
+application/tve-trigger 0
+application/ulpfec 0
+application/urc-grpsheet+xml 0
+application/urc-ressheet+xml 0
+application/urc-targetdesc+xml 0
+application/urc-uisocketdesc+xml 0
+application/vcard+json 0
+application/vcard+xml 0
+application/vemmi 0
+application/vnd-acucobol 0
+application/vnd-curl 0
+application/vnd-dart 0
+application/vnd-dxr 0
+application/vnd-fdf 0
+application/vnd-mif 0
+application/vnd-sema 0
+application/vnd-wap-wmlc 0
+application/vnd.3M.Post-it-Notes 0
+application/vnd.3gpp-prose+xml 0
+application/vnd.3gpp-prose-pc3ch+xml 0
+application/vnd.3gpp.SRVCC-info+xml 0
+application/vnd.3gpp.access-transfer-events+xml 0
+application/vnd.3gpp.bsf+xml 0
+application/vnd.3gpp.mid-call+xml 0
+application/vnd.3gpp.pic-bw-large 0
+application/vnd.3gpp.pic-bw-small 0
+application/vnd.3gpp.pic-bw-var 0
+application/vnd.3gpp.sms 0
+application/vnd.3gpp.srvcc-ext+xml 0
+application/vnd.3gpp.state-and-event-info+xml 0
+application/vnd.3gpp.ussd+xml 0
+application/vnd.3gpp2.bcmcsinfo+xml 0
+application/vnd.3gpp2.sms 0
+application/vnd.3gpp2.tcap 0
+application/vnd.FloGraphIt 0
+application/vnd.HandHeld-Entertainment+xml 0
+application/vnd.Kinar 0
+application/vnd.MFER 0
+application/vnd.Mobius.DAF 0
+application/vnd.Mobius.DIS 0
+application/vnd.Mobius.MBK 0
+application/vnd.Mobius.MQY 0
+application/vnd.Mobius.MSL 0
+application/vnd.Mobius.PLC 0
+application/vnd.Mobius.TXF 0
+application/vnd.Quark.QuarkXPress 0
+application/vnd.SimTech-MindMapper 0
+application/vnd.accpac.simply.aso 0
+application/vnd.accpac.simply.imp 0
+application/vnd.acucorp 0
+application/vnd.adobe.flash-movie 0
+application/vnd.adobe.formscentral.fcdt 0
+application/vnd.adobe.fxp 0
+application/vnd.adobe.partial-upload 0
+application/vnd.adobe.xdp+xml 0
+application/vnd.adobe.xfdf 0
+application/vnd.aether.imp 0
+application/vnd.ah-barcode 0
+application/vnd.ahead.space 0
+application/vnd.airzip.filesecure.azf 0
+application/vnd.airzip.filesecure.azs 0
+application/vnd.americandynamics.acc 0
+application/vnd.amiga.ami 0
+application/vnd.amundsen.maze+xml 0
+application/vnd.anki 0
+application/vnd.anser-web-certificate-issue-initiation 0
+application/vnd.antix.game-component 0
+application/vnd.apache.thrift.binary 0
+application/vnd.apache.thrift.compact 0
+application/vnd.apache.thrift.json 0
+application/vnd.api+json 0
+application/vnd.apple.installer+xml 0
+application/vnd.apple.mpegurl 0
+application/vnd.arastra.swi 0
+application/vnd.aristanetworks.swi 0
+application/vnd.artsquare 0
+application/vnd.astraea-software.iota 0
+application/vnd.audiograph 0
+application/vnd.autopackage 0
+application/vnd.avistar+xml 0
+application/vnd.balsamiq.bmml+xml 0
+application/vnd.balsamiq.bmpr 0
+application/vnd.bekitzur-stech+json 0
+application/vnd.biopax.rdf+xml 0
+application/vnd.blueice.multipass 0
+application/vnd.bluetooth.ep.oob 0
+application/vnd.bluetooth.le.oob 0
+application/vnd.bmi 0
+application/vnd.businessobjects 0
+application/vnd.cab-jscript 0
+application/vnd.canon-cpdl 0
+application/vnd.canon-lips 0
+application/vnd.cendio.thinlinc.clientconf 0
+application/vnd.century-systems.tcp_stream 0
+application/vnd.chemdraw+xml 0
+application/vnd.chipnuts.karaoke-mmd 0
+application/vnd.cinderella 0
+application/vnd.cirpack.isdn-ext 0
+application/vnd.citationstyles.style+xml 0
+application/vnd.claymore 0
+application/vnd.cloanto.rp9 0
+application/vnd.clonk.c4group 0
+application/vnd.cluetrust.cartomobile-config 0
+application/vnd.cluetrust.cartomobile-config-pkg 0
+application/vnd.coffeescript 0
+application/vnd.collection+json 0
+application/vnd.collection.doc+json 0
+application/vnd.collection.next+json 0
+application/vnd.commerce-battelle 0
+application/vnd.commonspace 0
+application/vnd.contact.cmsg 0
+application/vnd.cosmocaller 0
+application/vnd.crick.clicker 0
+application/vnd.crick.clicker.keyboard 0
+application/vnd.crick.clicker.palette 0
+application/vnd.crick.clicker.template 0
+application/vnd.crick.clicker.wordbank 0
+application/vnd.criticaltools.wbs+xml 0
+application/vnd.ctc-posml 0
+application/vnd.ctct.ws+xml 0
+application/vnd.cups-pdf 0
+application/vnd.cups-postscript 0
+application/vnd.cups-ppd 0
+application/vnd.cups-raster 0
+application/vnd.cups-raw 0
+application/vnd.cyan.dean.root+xml 0
+application/vnd.cybank 0
+application/vnd.data-vision.rdz 0
+application/vnd.debian.binary-package 0
+application/vnd.dece-zip 0
+application/vnd.dece.data 0
+application/vnd.dece.ttml+xml 0
+application/vnd.dece.unspecified 0
+application/vnd.denovo.fcselayout-link 0
+application/vnd.desmume-movie 0
+application/vnd.dir-bi.plate-dl-nosuffix 0
+application/vnd.dm.delegation+xml 0
+application/vnd.dna 0
+application/vnd.document+json 0
+application/vnd.dolby.mobile.1 0
+application/vnd.dolby.mobile.2 0
+application/vnd.doremir.scorecloud-binary-document 0
+application/vnd.dpgraph 0
+application/vnd.dreamfactory 0
+application/vnd.drive+json 0
+application/vnd.dtg.local 0
+application/vnd.dtg.local-html 0
+application/vnd.dtg.local.flash 0
+application/vnd.dvb.ait 0
+application/vnd.dvb.dvbj 0
+application/vnd.dvb.esgcontainer 0
+application/vnd.dvb.ipdcdftnotifaccess 0
+application/vnd.dvb.ipdcesgaccess 0
+application/vnd.dvb.ipdcesgaccess2 0
+application/vnd.dvb.ipdcesgpdd 0
+application/vnd.dvb.ipdcroaming 0
+application/vnd.dvb.iptv.alfec-base 0
+application/vnd.dvb.iptv.alfec-enhancement 0
+application/vnd.dvb.notif-aggregate-root+xml 0
+application/vnd.dvb.notif-container+xml 0
+application/vnd.dvb.notif-generic+xml 0
+application/vnd.dvb.notif-ia-msglist+xml 0
+application/vnd.dvb.notif-ia-registration-request+xml 0
+application/vnd.dvb.notif-ia-registration-response+xml 0
+application/vnd.dvb.notif-init+xml 0
+application/vnd.dvb.pfr 0
+application/vnd.dvb_service 0
+application/vnd.dynageo 0
+application/vnd.dzr 0
+application/vnd.easykaraoke.cdgdownload 0
+application/vnd.ecdis-update 0
+application/vnd.ecowin.chart 0
+application/vnd.ecowin.filerequest 0
+application/vnd.ecowin.fileupdate 0
+application/vnd.ecowin.series 0
+application/vnd.ecowin.seriesrequest 0
+application/vnd.ecowin.seriesupdate 0
+application/vnd.emclient.accessrequest+xml 0
+application/vnd.enliven 0
+application/vnd.enphase.envoy 0
+application/vnd.eprints.data+xml 0
+application/vnd.epson.esf 0
+application/vnd.epson.msf 0
+application/vnd.epson.quickanime 0
+application/vnd.epson.salt 0
+application/vnd.epson.ssf 0
+application/vnd.ericsson.quickcall 0
+application/vnd.eszigno3+xml 0
+application/vnd.etsi.aoc+xml 0
+application/vnd.etsi.asic-e+zip 0
+application/vnd.etsi.asic-s+zip 0
+application/vnd.etsi.cug+xml 0
+application/vnd.etsi.iptvcommand+xml 0
+application/vnd.etsi.iptvdiscovery+xml 0
+application/vnd.etsi.iptvprofile+xml 0
+application/vnd.etsi.iptvsad-bc+xml 0
+application/vnd.etsi.iptvsad-cod+xml 0
+application/vnd.etsi.iptvsad-npvr+xml 0
+application/vnd.etsi.iptvservice+xml 0
+application/vnd.etsi.iptvsync+xml 0
+application/vnd.etsi.iptvueprofile+xml 0
+application/vnd.etsi.mcid+xml 0
+application/vnd.etsi.mheg5 0
+application/vnd.etsi.overload-control-policy-dataset+xml 0
+application/vnd.etsi.pstn+xml 0
+application/vnd.etsi.sci+xml 0
+application/vnd.etsi.simservs+xml 0
+application/vnd.etsi.timestamp-token 0
+application/vnd.etsi.tsl+xml 0
+application/vnd.etsi.tsl.der 0
+application/vnd.eudora.data 0
+application/vnd.ezpix-album 0
+application/vnd.ezpix-package 0
+application/vnd.f-secure.mobile 0
+application/vnd.fastcopy-disk-image 0
+application/vnd.fdsn.mseed 0
+application/vnd.fdsn.seed 0
+application/vnd.ffsns 0
+application/vnd.filmit.zfc 0
+application/vnd.fints 0
+application/vnd.firemonkeys.cloudcell 0
+application/vnd.fluxtime.clip 0
+application/vnd.font-fontforge-sfd 0
+application/vnd.framemaker 0
+application/vnd.frogans.fnc 0
+application/vnd.frogans.ltf 0
+application/vnd.fsc.weblaunch 0
+application/vnd.fujitsu.oasys 0
+application/vnd.fujitsu.oasys2 0
+application/vnd.fujitsu.oasys3 0
+application/vnd.fujitsu.oasysgp 0
+application/vnd.fujitsu.oasysprs 0
+application/vnd.fujixerox.ART-EX 0
+application/vnd.fujixerox.ART4 0
+application/vnd.fujixerox.HBPL 0
+application/vnd.fujixerox.ddd 0
+application/vnd.fujixerox.docuworks 0
+application/vnd.fujixerox.docuworks.binder 0
+application/vnd.fujixerox.docuworks.container 0
+application/vnd.fut-misnet 0
+application/vnd.fuzzysheet 0
+application/vnd.genomatix.tuxedo 0
+application/vnd.geo+json 0
+application/vnd.geocube+xml 0
+application/vnd.geogebra.file 0
+application/vnd.geogebra.tool 0
+application/vnd.geometry-explorer 0
+application/vnd.geonext 0
+application/vnd.geoplan 0
+application/vnd.geospace 0
+application/vnd.gerber 0
+application/vnd.globalplatform.card-content-mgt 0
+application/vnd.globalplatform.card-content-mgt-response 0
+application/vnd.gmx 0
+application/vnd.google-earth.kml+xml 0
+application/vnd.google-earth.kmz 0
+application/vnd.gov.sk.e-form+xml 0
+application/vnd.gov.sk.e-form+zip 0
+application/vnd.gov.sk.xmldatacontainer+xml 0
+application/vnd.grafeq 0
+application/vnd.gridmp 0
+application/vnd.groove-account 0
+application/vnd.groove-help 0
+application/vnd.groove-identity-message 0
+application/vnd.groove-injector 0
+application/vnd.groove-tool-message 0
+application/vnd.groove-tool-template 0
+application/vnd.groove-vcard 0
+application/vnd.hal+json 0
+application/vnd.hal+xml 0
+application/vnd.hbci 0
+application/vnd.hcl-bireports 0
+application/vnd.hdt 0
+application/vnd.heroku+json 0
+application/vnd.hhe.lesson-player 0
+application/vnd.hp-HPGL 0
+application/vnd.hp-PCL 0
+application/vnd.hp-PCLXL 0
+application/vnd.hp-hpid 0
+application/vnd.hp-hps 0
+application/vnd.hp-jlyt 0
+application/vnd.httphone 0
+application/vnd.hydrostatix.sof-data 0
+application/vnd.hyperdrive+json 0
+application/vnd.hzn-3d-crossword 0
+application/vnd.ibm.MiniPay 0
+application/vnd.ibm.afplinedata 0
+application/vnd.ibm.electronic-media 0
+application/vnd.ibm.modcap 0
+application/vnd.ibm.rights-management 0
+application/vnd.ibm.secure-container 0
+application/vnd.iccprofile 0
+application/vnd.ieee.1905 0
+application/vnd.igloader 0
+application/vnd.immervision-ivp 0
+application/vnd.immervision-ivu 0
+application/vnd.ims.imsccv1p1 0
+application/vnd.ims.imsccv1p2 0
+application/vnd.ims.imsccv1p3 0
+application/vnd.ims.lis.v2.result+json 0
+application/vnd.ims.lti.v2.toolconsumerprofile+json 0
+application/vnd.ims.lti.v2.toolproxy+json 0
+application/vnd.ims.lti.v2.toolproxy.id+json 0
+application/vnd.ims.lti.v2.toolsettings+json 0
+application/vnd.ims.lti.v2.toolsettings.simple+json 0
+application/vnd.informedcontrol.rms+xml 0
+application/vnd.infotech.project 0
+application/vnd.infotech.project+xml 0
+application/vnd.innopath.wamp.notification 0
+application/vnd.insors.igm 0
+application/vnd.intercon.formnet 0
+application/vnd.intergeo 0
+application/vnd.intertrust.digibox 0
+application/vnd.intertrust.nncp 0
+application/vnd.intu.qbo 0
+application/vnd.intu.qfx 0
+application/vnd.iptc.g2.catalogitem+xml 0
+application/vnd.iptc.g2.conceptitem+xml 0
+application/vnd.iptc.g2.knowledgeitem+xml 0
+application/vnd.iptc.g2.newsitem+xml 0
+application/vnd.iptc.g2.newsmessage+xml 0
+application/vnd.iptc.g2.packageitem+xml 0
+application/vnd.iptc.g2.planningitem+xml 0
+application/vnd.ipunplugged.rcprofile 0
+application/vnd.irepository.package+xml 0
+application/vnd.is-xpr 0
+application/vnd.isac.fcs 0
+application/vnd.jam 0
+application/vnd.japannet-directory-service 0
+application/vnd.japannet-jpnstore-wakeup 0
+application/vnd.japannet-payment-wakeup 0
+application/vnd.japannet-registration 0
+application/vnd.japannet-registration-wakeup 0
+application/vnd.japannet-setstore-wakeup 0
+application/vnd.japannet-verification 0
+application/vnd.japannet-verification-wakeup 0
+application/vnd.jcp.javame.midlet-rms 0
+application/vnd.jisp 0
+application/vnd.joost.joda-archive 0
+application/vnd.jsk.isdn-ngn 0
+application/vnd.kahootz 0
+application/vnd.kde.karbon 0
+application/vnd.kde.kchart 0
+application/vnd.kde.kformula 0
+application/vnd.kde.kivio 0
+application/vnd.kde.kontour 0
+application/vnd.kde.kpresenter 0
+application/vnd.kde.kspread 0
+application/vnd.kde.kword 0
+application/vnd.kenameaapp 0
+application/vnd.kidspiration 0
+application/vnd.koan 0
+application/vnd.kodak-descriptor 0
+application/vnd.las.las+xml 0
+application/vnd.liberty-request+xml 0
+application/vnd.llamagraphics.life-balance.desktop 0
+application/vnd.llamagraphics.life-balance.exchange+xml 0
+application/vnd.lotus-1-2-3 0
+application/vnd.lotus-approach 0
+application/vnd.lotus-freelance 0
+application/vnd.lotus-notes 0
+application/vnd.lotus-organizer 0
+application/vnd.lotus-screencam 0
+application/vnd.lotus-wordpro 0
+application/vnd.macports.portpkg 0
+application/vnd.mapbox-vector-tile 0
+application/vnd.marlin.drm.actiontoken+xml 0
+application/vnd.marlin.drm.conftoken+xml 0
+application/vnd.marlin.drm.license+xml 0
+application/vnd.marlin.drm.mdcf 0
+application/vnd.mason+json 0
+application/vnd.maxmind.maxmind-db 0
+application/vnd.mcd 0
+application/vnd.medcalcdata 0
+application/vnd.mediastation.cdkey 0
+application/vnd.meridian-slingshot 0
+application/vnd.mfmp 0
+application/vnd.micro+json 0
+application/vnd.micrografx-igx 0
+application/vnd.micrografx.flo 0
+application/vnd.microsoft.portable-executable 0
+application/vnd.miele+json 0
+application/vnd.minisoft-hp3000-save 0
+application/vnd.mitsubishi.misty-guard.trustweb 0
+application/vnd.mophun.application 0
+application/vnd.mophun.certificate 0
+application/vnd.motorola.flexsuite 0
+application/vnd.motorola.flexsuite.adsi 0
+application/vnd.motorola.flexsuite.fis 0
+application/vnd.motorola.flexsuite.gotap 0
+application/vnd.motorola.flexsuite.kmr 0
+application/vnd.motorola.flexsuite.ttc 0
+application/vnd.motorola.flexsuite.wem 0
+application/vnd.motorola.iprm 0
+application/vnd.mozilla.xul+xml 0
+application/vnd.ms-3mfdocument 0
+application/vnd.ms-PrintDeviceCapabilities+xml 0
+application/vnd.ms-artgalry 0
+application/vnd.ms-asf 0
+application/vnd.ms-cab-compressed 0
+application/vnd.ms-excel 0
+application/vnd.ms-excel.addin.macroEnabled.12 0
+application/vnd.ms-excel.sheet.binary.macroEnabled.12 0
+application/vnd.ms-excel.sheet.macroEnabled.12 0
+application/vnd.ms-excel.template.macroEnabled.12 0
+application/vnd.ms-fontobject 0
+application/vnd.ms-htmlhelp 0
+application/vnd.ms-ims 0
+application/vnd.ms-lrm 0
+application/vnd.ms-office.activeX+xml 0
+application/vnd.ms-officetheme 0
+application/vnd.ms-playready.initiator+xml 0
+application/vnd.ms-powerpoint 0
+application/vnd.ms-powerpoint.addin.macroEnabled.12 0
+application/vnd.ms-powerpoint.presentation.macroEnabled.12 0
+application/vnd.ms-powerpoint.slide.macroEnabled.12 0
+application/vnd.ms-powerpoint.slideshow.macroEnabled.12 0
+application/vnd.ms-powerpoint.template.macroEnabled.12 0
+application/vnd.ms-project 0
+application/vnd.ms-tnef 0
+application/vnd.ms-windows.devicepairing 0
+application/vnd.ms-windows.nwprinting.oob 0
+application/vnd.ms-windows.printerpairing 0
+application/vnd.ms-windows.wsd.oob 0
+application/vnd.ms-wmdrm.lic-chlg-req 0
+application/vnd.ms-wmdrm.lic-resp 0
+application/vnd.ms-wmdrm.meter-chlg-req 0
+application/vnd.ms-wmdrm.meter-resp 0
+application/vnd.ms-word.document.macroEnabled.12 0
+application/vnd.ms-word.template.macroEnabled.12 0
+application/vnd.ms-works 0
+application/vnd.ms-wpl 0
+application/vnd.ms-xpsdocument 0
+application/vnd.msa-disk-image 0
+application/vnd.mseq 0
+application/vnd.msign 0
+application/vnd.multiad.creator 0
+application/vnd.multiad.creator.cif 0
+application/vnd.music-niff 0
+application/vnd.musician 0
+application/vnd.muvee.style 0
+application/vnd.mynfc 0
+application/vnd.ncd.control 0
+application/vnd.ncd.reference 0
+application/vnd.nervana 0
+application/vnd.netfpx 0
+application/vnd.neurolanguage.nlu 0
+application/vnd.nintendo.nitro.rom 0
+application/vnd.nintendo.snes.rom 0
+application/vnd.nitf 0
+application/vnd.noblenet-directory 0
+application/vnd.noblenet-sealer 0
+application/vnd.noblenet-web 0
+application/vnd.nokia.catalogs 0
+application/vnd.nokia.conml+wbxml 0
+application/vnd.nokia.conml+xml 0
+application/vnd.nokia.iSDS-radio-presets 0
+application/vnd.nokia.iptv.config+xml 0
+application/vnd.nokia.landmark+wbxml 0
+application/vnd.nokia.landmark+xml 0
+application/vnd.nokia.landmarkcollection+xml 0
+application/vnd.nokia.n-gage.ac+xml 0
+application/vnd.nokia.n-gage.data 0
+application/vnd.nokia.n-gage.symbian.install 0
+application/vnd.nokia.ncd 0
+application/vnd.nokia.pcd+wbxml 0
+application/vnd.nokia.pcd+xml 0
+application/vnd.nokia.radio-preset 0
+application/vnd.nokia.radio-presets 0
+application/vnd.novadigm.EDM 0
+application/vnd.novadigm.EDX 0
+application/vnd.novadigm.EXT 0
+application/vnd.ntt-local.content-share 0
+application/vnd.ntt-local.file-transfer 0
+application/vnd.ntt-local.ogw_remote-access 0
+application/vnd.ntt-local.sip-ta_remote 0
+application/vnd.ntt-local.sip-ta_tcp_stream 0
+application/vnd.oasis.opendocument.chart 0
+application/vnd.oasis.opendocument.chart-template 0
+application/vnd.oasis.opendocument.database 0
+application/vnd.oasis.opendocument.formula 0
+application/vnd.oasis.opendocument.formula-template 0
+application/vnd.oasis.opendocument.graphics 0
+application/vnd.oasis.opendocument.graphics-template 0
+application/vnd.oasis.opendocument.image 0
+application/vnd.oasis.opendocument.image-template 0
+application/vnd.oasis.opendocument.presentation 0
+application/vnd.oasis.opendocument.presentation-template 0
+application/vnd.oasis.opendocument.spreadsheet 0
+application/vnd.oasis.opendocument.spreadsheet-template 0
+application/vnd.oasis.opendocument.text 0
+application/vnd.oasis.opendocument.text-master 0
+application/vnd.oasis.opendocument.text-template 0
+application/vnd.oasis.opendocument.text-web 0
+application/vnd.obn 0
+application/vnd.oftn.l10n+json 0
+application/vnd.oipf.contentaccessdownload+xml 0
+application/vnd.oipf.contentaccessstreaming+xml 0
+application/vnd.oipf.cspg-hexbinary 0
+application/vnd.oipf.dae.svg+xml 0
+application/vnd.oipf.dae.xhtml+xml 0
+application/vnd.oipf.mippvcontrolmessage+xml 0
+application/vnd.oipf.pae.gem 0
+application/vnd.oipf.spdiscovery+xml 0
+application/vnd.oipf.spdlist+xml 0
+application/vnd.oipf.ueprofile+xml 0
+application/vnd.oipf.userprofile+xml 0
+application/vnd.olpc-sugar 0
+application/vnd.oma-scws-config 0
+application/vnd.oma-scws-http-request 0
+application/vnd.oma-scws-http-response 0
+application/vnd.oma.bcast.associated-procedure-parameter+xml 0
+application/vnd.oma.bcast.drm-trigger+xml 0
+application/vnd.oma.bcast.imd+xml 0
+application/vnd.oma.bcast.ltkm 0
+application/vnd.oma.bcast.notification+xml 0
+application/vnd.oma.bcast.provisioningtrigger 0
+application/vnd.oma.bcast.sgboot 0
+application/vnd.oma.bcast.sgdd+xml 0
+application/vnd.oma.bcast.sgdu 0
+application/vnd.oma.bcast.simple-symbol-container 0
+application/vnd.oma.bcast.smartcard-trigger+xml 0
+application/vnd.oma.bcast.sprov+xml 0
+application/vnd.oma.bcast.stkm 0
+application/vnd.oma.cab-address-book+xml 0
+application/vnd.oma.cab-feature-handler+xml 0
+application/vnd.oma.cab-pcc+xml 0
+application/vnd.oma.cab-subs-invite+xml 0
+application/vnd.oma.cab-user-prefs+xml 0
+application/vnd.oma.dcd 0
+application/vnd.oma.dcdc 0
+application/vnd.oma.dd2+xml 0
+application/vnd.oma.drm.risd+xml 0
+application/vnd.oma.group-usage-list+xml 0
+application/vnd.oma.pal+xml 0
+application/vnd.oma.poc.detailed-progress-report+xml 0
+application/vnd.oma.poc.final-report+xml 0
+application/vnd.oma.poc.groups+xml 0
+application/vnd.oma.poc.invocation-descriptor+xml 0
+application/vnd.oma.poc.optimized-progress-report+xml 0
+application/vnd.oma.push 0
+application/vnd.oma.scidm.messages+xml 0
+application/vnd.oma.xcap-directory+xml 0
+application/vnd.omads-email+xml 0
+application/vnd.omads-file+xml 0
+application/vnd.omads-folder+xml 0
+application/vnd.omaloc-supl-init 0
+application/vnd.openblox.game+xml 0
+application/vnd.openblox.game-binary 0
+application/vnd.openeye.oeb 0
+application/vnd.openxmlformats-officedocument.custom-properties+xml 0
+application/vnd.openxmlformats-officedocument.customXmlProperties+xml 0
+application/vnd.openxmlformats-officedocument.drawing+xml 0
+application/vnd.openxmlformats-officedocument.drawingml.chart+xml 0
+application/vnd.openxmlformats-officedocument.drawingml.chartshapes+xml 0
+application/vnd.openxmlformats-officedocument.drawingml.diagramColors+xml 0
+application/vnd.openxmlformats-officedocument.drawingml.diagramData+xml 0
+application/vnd.openxmlformats-officedocument.drawingml.diagramLayout+xml 0
+application/vnd.openxmlformats-officedocument.drawingml.diagramStyle+xml 0
+application/vnd.openxmlformats-officedocument.extended-properties+xml 0
+application/vnd.openxmlformats-officedocument.presentationml-template 0
+application/vnd.openxmlformats-officedocument.presentationml.commentAuthors+xml 0
+application/vnd.openxmlformats-officedocument.presentationml.comments+xml 0
+application/vnd.openxmlformats-officedocument.presentationml.handoutMaster+xml 0
+application/vnd.openxmlformats-officedocument.presentationml.notesMaster+xml 0
+application/vnd.openxmlformats-officedocument.presentationml.notesSlide+xml 0
+application/vnd.openxmlformats-officedocument.presentationml.presProps+xml 0
+application/vnd.openxmlformats-officedocument.presentationml.presentation 0
+application/vnd.openxmlformats-officedocument.presentationml.presentation.main+xml 0
+application/vnd.openxmlformats-officedocument.presentationml.slide 0
+application/vnd.openxmlformats-officedocument.presentationml.slide+xml 0
+application/vnd.openxmlformats-officedocument.presentationml.slideLayout+xml 0
+application/vnd.openxmlformats-officedocument.presentationml.slideMaster+xml 0
+application/vnd.openxmlformats-officedocument.presentationml.slideUpdateInfo+xml 0
+application/vnd.openxmlformats-officedocument.presentationml.slideshow 0
+application/vnd.openxmlformats-officedocument.presentationml.slideshow.main+xml 0
+application/vnd.openxmlformats-officedocument.presentationml.tableStyles+xml 0
+application/vnd.openxmlformats-officedocument.presentationml.tags+xml 0
+application/vnd.openxmlformats-officedocument.presentationml.template.main+xml 0
+application/vnd.openxmlformats-officedocument.presentationml.viewProps+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml-template 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.calcChain+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.chartsheet+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.comments+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.connections+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.dialogsheet+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.externalLink+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.pivotCacheDefinition+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.pivotCacheRecords+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.pivotTable+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.queryTable+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.revisionHeaders+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.revisionLog+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.sharedStrings+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.sheet 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.sheet.main+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.sheetMetadata+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.styles+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.table+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.tableSingleCells+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.template.main+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.userNames+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.volatileDependencies+xml 0
+application/vnd.openxmlformats-officedocument.spreadsheetml.worksheet+xml 0
+application/vnd.openxmlformats-officedocument.theme+xml 0
+application/vnd.openxmlformats-officedocument.themeOverride+xml 0
+application/vnd.openxmlformats-officedocument.vmlDrawing 0
+application/vnd.openxmlformats-officedocument.wordprocessingml-template 0
+application/vnd.openxmlformats-officedocument.wordprocessingml.comments+xml 0
+application/vnd.openxmlformats-officedocument.wordprocessingml.document 0
+application/vnd.openxmlformats-officedocument.wordprocessingml.document.glossary+xml 0
+application/vnd.openxmlformats-officedocument.wordprocessingml.document.main+xml 0
+application/vnd.openxmlformats-officedocument.wordprocessingml.endnotes+xml 0
+application/vnd.openxmlformats-officedocument.wordprocessingml.fontTable+xml 0
+application/vnd.openxmlformats-officedocument.wordprocessingml.footer+xml 0
+application/vnd.openxmlformats-officedocument.wordprocessingml.footnotes+xml 0
+application/vnd.openxmlformats-officedocument.wordprocessingml.numbering+xml 0
+application/vnd.openxmlformats-officedocument.wordprocessingml.settings+xml 0
+application/vnd.openxmlformats-officedocument.wordprocessingml.styles+xml 0
+application/vnd.openxmlformats-officedocument.wordprocessingml.template.main+xml 0
+application/vnd.openxmlformats-officedocument.wordprocessingml.webSettings+xml 0
+application/vnd.openxmlformats-package.core-properties+xml 0
+application/vnd.openxmlformats-package.digital-signature-xmlsignature+xml 0
+application/vnd.openxmlformats-package.relationships+xml 0
+application/vnd.oracle.resource+json 0
+application/vnd.orange.indata 0
+application/vnd.osa.netdeploy 0
+application/vnd.osgeo.mapguide.package 0
+application/vnd.osgi.bundle 0
+application/vnd.osgi.dp 0
+application/vnd.osgi.subsystem 0
+application/vnd.otps.ct-kip+xml 0
+application/vnd.oxli.countgraph 0
+application/vnd.pagerduty+json 0
+application/vnd.palm 0
+application/vnd.panoply 0
+application/vnd.paos+xml 0
+application/vnd.pawaafile 0
+application/vnd.pcos 0
+application/vnd.pg.format 0
+application/vnd.pg.osasli 0
+application/vnd.piaccess.application-licence 0
+application/vnd.picsel 0
+application/vnd.pmi.widget 0
+application/vnd.poc.group-advertisement+xml 0
+application/vnd.pocketlearn 0
+application/vnd.powerbuilder6 0
+application/vnd.powerbuilder6-s 0
+application/vnd.powerbuilder7 0
+application/vnd.powerbuilder7-s 0
+application/vnd.powerbuilder75 0
+application/vnd.powerbuilder75-s 0
+application/vnd.preminet 0
+application/vnd.previewsystems.box 0
+application/vnd.proteus.magazine 0
+application/vnd.publishare-delta-tree 0
+application/vnd.pvi.ptid1 0
+application/vnd.pwg-multiplexed 0
+application/vnd.pwg-xhtml-print+xml 0
+application/vnd.qualcomm.brew-app-res 0
+application/vnd.quobject-quoxdocument 0
+application/vnd.radisys.moml+xml 0
+application/vnd.radisys.msml+xml 0
+application/vnd.radisys.msml-audit+xml 0
+application/vnd.radisys.msml-audit-conf+xml 0
+application/vnd.radisys.msml-audit-conn+xml 0
+application/vnd.radisys.msml-audit-dialog+xml 0
+application/vnd.radisys.msml-audit-stream+xml 0
+application/vnd.radisys.msml-conf+xml 0
+application/vnd.radisys.msml-dialog+xml 0
+application/vnd.radisys.msml-dialog-base+xml 0
+application/vnd.radisys.msml-dialog-fax-detect+xml 0
+application/vnd.radisys.msml-dialog-fax-sendrecv+xml 0
+application/vnd.radisys.msml-dialog-group+xml 0
+application/vnd.radisys.msml-dialog-speech+xml 0
+application/vnd.radisys.msml-dialog-transform+xml 0
+application/vnd.rainstor.data 0
+application/vnd.rapid 0
+application/vnd.realvnc.bed 0
+application/vnd.recordare.musicxml 0
+application/vnd.recordare.musicxml+xml 0
+application/vnd.renlearn.rlprint 0
+application/vnd.rig.cryptonote 0
+application/vnd.route66.link66+xml 0
+application/vnd.rs-274x 0
+application/vnd.ruckus.download 0
+application/vnd.s3sms 0
+application/vnd.sailingtracker.track 0
+application/vnd.sbm.cid 0
+application/vnd.sbm.mid2 0
+application/vnd.scribus 0
+application/vnd.sealed-doc 0
+application/vnd.sealed-eml 0
+application/vnd.sealed-mht 0
+application/vnd.sealed-ppt 0
+application/vnd.sealed-tiff 0
+application/vnd.sealed-xls 0
+application/vnd.sealed.3df 0
+application/vnd.sealed.csf 0
+application/vnd.sealed.net 0
+application/vnd.sealedmedia.softseal-html 0
+application/vnd.sealedmedia.softseal-pdf 0
+application/vnd.seemail 0
+application/vnd.semd 0
+application/vnd.semf 0
+application/vnd.shana.informed.formdata 0
+application/vnd.shana.informed.formtemplate 0
+application/vnd.shana.informed.interchange 0
+application/vnd.shana.informed.package 0
+application/vnd.siren+json 0
+application/vnd.smaf 0
+application/vnd.smart.notebook 0
+application/vnd.smart.teacher 0
+application/vnd.software602.filler.form+xml 0
+application/vnd.software602.filler.form-xml-zip 0
+application/vnd.solent.sdkm+xml 0
+application/vnd.spotfire.dxp 0
+application/vnd.spotfire.sfs 0
+application/vnd.sss-cod 0
+application/vnd.sss-dtf 0
+application/vnd.sss-ntf 0
+application/vnd.stepmania.package 0
+application/vnd.stepmania.stepchart 0
+application/vnd.street-stream 0
+application/vnd.sun.wadl+xml 0
+application/vnd.sus-calendar 0
+application/vnd.svd 0
+application/vnd.swiftview-ics 0
+application/vnd.syncml+xml 0
+application/vnd.syncml.dm+wbxml 0
+application/vnd.syncml.dm+xml 0
+application/vnd.syncml.dm.notification 0
+application/vnd.syncml.dmddf+wbxml 0
+application/vnd.syncml.dmddf+xml 0
+application/vnd.syncml.dmtnds+wbxml 0
+application/vnd.syncml.dmtnds+xml 0
+application/vnd.syncml.ds.notification 0
+application/vnd.tao.intent-module-archive 0
+application/vnd.tcpdump.pcap 0
+application/vnd.tmd.mediaflex.api+xml 0
+application/vnd.tml 0
+application/vnd.tmobile-livetv 0
+application/vnd.trid.tpt 0
+application/vnd.triscape.mxs 0
+application/vnd.trueapp 0
+application/vnd.truedoc 0
+application/vnd.ubisoft.webplayer 0
+application/vnd.ufdl 0
+application/vnd.uiq.theme 0
+application/vnd.umajin 0
+application/vnd.unity 0
+application/vnd.uoml+xml 0
+application/vnd.uplanet.alert 0
+application/vnd.uplanet.alert-wbxml 0
+application/vnd.uplanet.bearer-choice 0
+application/vnd.uplanet.bearer-choice-wbxml 0
+application/vnd.uplanet.cacheop 0
+application/vnd.uplanet.cacheop-wbxml 0
+application/vnd.uplanet.channel 0
+application/vnd.uplanet.channel-wbxml 0
+application/vnd.uplanet.list 0
+application/vnd.uplanet.list-wbxml 0
+application/vnd.uplanet.listcmd 0
+application/vnd.uplanet.listcmd-wbxml 0
+application/vnd.uplanet.signal 0
+application/vnd.uri-map 0
+application/vnd.valve.source.material 0
+application/vnd.vcx 0
+application/vnd.vd-study 0
+application/vnd.vectorworks 0
+application/vnd.verimatrix.vcas 0
+application/vnd.vidsoft.vidconference 0
+application/vnd.visio 0
+application/vnd.visionary 0
+application/vnd.vividence.scriptfile 0
+application/vnd.vsf 0
+application/vnd.wap-slc 0
+application/vnd.wap-wbxml 0
+application/vnd.wap.sic 0
+application/vnd.wap.wmlscriptc 0
+application/vnd.webturbo 0
+application/vnd.wfa.p2p 0
+application/vnd.wfa.wsc 0
+application/vnd.windows.devicepairing 0
+application/vnd.wmc 0
+application/vnd.wmf.bootstrap 0
+application/vnd.wolfram.mathematica 0
+application/vnd.wolfram.mathematica.package 0
+application/vnd.wolfram.player 0
+application/vnd.wordperfect 0
+application/vnd.wqd 0
+application/vnd.wrq-hp3000-labelled 0
+application/vnd.wt.stf 0
+application/vnd.wv.csp+wbxml 0
+application/vnd.wv.csp+xml 0
+application/vnd.wv.ssp+xml 0
+application/vnd.xacml+json 0
+application/vnd.xara 0
+application/vnd.xfdl 0
+application/vnd.xfdl.webform 0
+application/vnd.xmi+xml 0
+application/vnd.xmpie.cpkg 0
+application/vnd.xmpie.dpkg 0
+application/vnd.xmpie.plan 0
+application/vnd.xmpie.ppkg 0
+application/vnd.xmpie.xlim 0
+application/vnd.yamaha.hv-dic 0
+application/vnd.yamaha.hv-script 0
+application/vnd.yamaha.hv-voice 0
+application/vnd.yamaha.openscoreformat 0
+application/vnd.yamaha.openscoreformat.osfpvg+xml 0
+application/vnd.yamaha.remote-setup 0
+application/vnd.yamaha.smaf-audio 0
+application/vnd.yamaha.smaf-phrase 0
+application/vnd.yamaha.through-ngn 0
+application/vnd.yamaha.tunnel-udpencap 0
+application/vnd.yaoweme 0
+application/vnd.yellowriver-custom-menu 0
+application/vnd.zul 0
+application/vnd.zzazz.deck+xml 0
+application/voicexml+xml 0
+application/vq-rtcpxr 0
+application/watcherinfo+xml 0
+application/whoispp-query 0
+application/whoispp-response 0
+application/wita 0
+application/wordperfect5.1 0
+application/wsdl+xml 0
+application/wspolicy+xml 0
+application/x-msdownload 0
+application/x-pkcs12 0
+application/x-www-form-urlencoded 0
+application/x-tar 0
+application/x-x509-ca-cert 0
+application/x-zip-compressed 0
+application/x400-bp 0
+application/xacml+xml 0
+application/xcap-att+xml 0
+application/xcap-caps+xml 0
+application/xcap-diff+xml 0
+application/xcap-el+xml 0
+application/xcap-error+xml 0
+application/xcap-ns+xml 0
+application/xcon-conference-info+xml 0
+application/xcon-conference-info-diff+xml 0
+application/xenc+xml 0
+application/xhtml+xml 0
+application/xml 0
+application/xml-dtd 0
+application/xml-external-parsed-entity 0
+application/xml-patch+xml 0
+application/xmpp+xml 0
+application/xop+xml 0
+application/xv+xml 0
+application/yang 0
+application/yin+xml 0
+application/zip 0
+application/zlib 0
+audio/1d-interleaved-parityfec 0
+audio/32kadpcm 0
+audio/3gpp 0
+audio/3gpp2 0
+audio/AMR 0
+audio/AMR-WB 0
+audio/ATRAC-ADVANCED-LOSSLESS 0
+audio/ATRAC-X 0
+audio/ATRAC3 0
+audio/BV16 0
+audio/BV32 0
+audio/CN 0
+audio/DAT12 0
+audio/DV 0
+audio/DVI4 0
+audio/EVRC 0
+audio/EVRC-QCP 0
+audio/EVRC0 0
+audio/EVRC1 0
+audio/EVRCB 0
+audio/EVRCB0 0
+audio/EVRCB1 0
+audio/EVRCNW 0
+audio/EVRCNW0 0
+audio/EVRCNW1 0
+audio/EVRCWB 0
+audio/EVRCWB0 0
+audio/EVRCWB1 0
+audio/EVS 0
+audio/G711-0 0
+audio/G719 0
+audio/G722 0
+audio/G7221 0
+audio/G723 0
+audio/G726-16 0
+audio/G726-24 0
+audio/G726-32 0
+audio/G726-40 0
+audio/G728 0
+audio/G729 0
+audio/G729D 0
+audio/G729E 0
+audio/GSM 0
+audio/GSM-EFR 0
+audio/GSM-HR-08 0
+audio/L16 0
+audio/L20 0
+audio/L24 0
+audio/L8 0
+audio/LPC 0
+audio/MP4A-LATM 0
+audio/MPA 0
+audio/PCMA 0
+audio/PCMA-WB 0
+audio/PCMU 0
+audio/PCMU-WB 0
+audio/RED 0
+audio/SMV 0
+audio/SMV-QCP 0
+audio/SMV0 0
+audio/UEMCLIP 0
+audio/VDVI 0
+audio/VMR-WB 0
+audio/ac3 0
+audio/amr-wb+ 0
+audio/aptx 0
+audio/asc 0
+audio/basic 0
+audio/clearmode 0
+audio/dls 0
+audio/dsr-es201108 0
+audio/dsr-es202050 0
+audio/dsr-es202211 0
+audio/dsr-es202212 0
+audio/eac3 0
+audio/encaprtp 0
+audio/example 0
+audio/fwdred 0
+audio/iLBC 0
+audio/ip-mr_v2.5 0
+audio/mobile-xmf 0
+audio/mp4 0
+audio/mpa-robust 0
+audio/mpeg 0
+audio/mpeg4-generic 0
+audio/ogg 0
+audio/opus 0
+audio/prs.sid 0
+audio/qcelp 0
+audio/raptorfec 0
+audio/rtp-enc-aescm128 0
+audio/rtp-midi 0
+audio/rtploopback 0
+audio/rtx 0
+audio/sp-midi 0
+audio/speex 0
+audio/t140c 0
+audio/t38 0
+audio/telephone-event 0
+audio/tone 0
+audio/ulpfec 0
+audio/vnd.3gpp.iufp 0
+audio/vnd.4SB 0
+audio/vnd.CELP 0
+audio/vnd.audiokoz 0
+audio/vnd.cisco.nse 0
+audio/vnd.cmles.radio-events 0
+audio/vnd.cns.anp1 0
+audio/vnd.cns.inf1 0
+audio/vnd.dece.audio 0
+audio/vnd.digital-winds 0
+audio/vnd.dlna.adts 0
+audio/vnd.dolby.heaac.1 0
+audio/vnd.dolby.heaac.2 0
+audio/vnd.dolby.mlp 0
+audio/vnd.dolby.mps 0
+audio/vnd.dolby.pl2 0
+audio/vnd.dolby.pl2x 0
+audio/vnd.dolby.pl2z 0
+audio/vnd.dolby.pulse.1 0
+audio/vnd.dra 0
+audio/vnd.dts 0
+audio/vnd.dts.hd 0
+audio/vnd.dvb.file 0
+audio/vnd.everad.plj 0
+audio/vnd.hns.audio 0
+audio/vnd.lucent.voice 0
+audio/vnd.ms-playready.media.pya 0
+audio/vnd.nokia.mobile-xmf 0
+audio/vnd.nortel.vbk 0
+audio/vnd.nuera.ecelp4800 0
+audio/vnd.nuera.ecelp7470 0
+audio/vnd.nuera.ecelp9600 0
+audio/vnd.octel.sbc 0
+audio/vnd.rhetorex.32kadpcm 0
+audio/vnd.rip 0
+audio/vnd.sealedmedia.softseal-mpeg 0
+audio/vnd.vmx.cvsd 0
+audio/vorbis 0
+audio/vorbis-config 0
+image/bmp 0
+image/cgm 0
+image/example 0
+image/fits 0
+image/g3fax 0
+image/gif 0
+image/jp2 0
+image/jpeg 0
+image/jpm 0
+image/jpx 0
+image/naplps 0
+image/png 0
+image/prs.btif 0
+image/prs.pti 0
+image/pwg-raster 0
+image/t38 0
+image/tiff 0
+image/tiff-fx 0
+image/vnd-djvu 0
+image/vnd-svf 0
+image/vnd-wap-wbmp 0
+image/vnd.adobe.photoshop 0
+image/vnd.airzip.accelerator.azv 0
+image/vnd.cns.inf2 0
+image/vnd.dece.graphic 0
+image/vnd.dvb.subtitle 0
+image/vnd.dwg 0
+image/vnd.dxf 0
+image/vnd.fastbidsheet 0
+image/vnd.fpx 0
+image/vnd.fst 0
+image/vnd.fujixerox.edmics-mmr 0
+image/vnd.fujixerox.edmics-rlc 0
+image/vnd.globalgraphics.pgb 0
+image/vnd.microsoft.icon 0
+image/vnd.mix 0
+image/vnd.mozilla.apng 0
+image/vnd.ms-modi 0
+image/vnd.net-fpx 0
+image/vnd.radiance 0
+image/vnd.sealed-png 0
+image/vnd.sealedmedia.softseal-gif 0
+image/vnd.sealedmedia.softseal-jpg 0
+image/vnd.tencent.tap 0
+image/vnd.valve.source.texture 0
+image/vnd.xiff 0
+image/vnd.zbrush.pcx 0
+image/wmf 0
+image/x-wmf 0
+message/CPIM 0
+message/delivery-status 0
+message/disposition-notification 0
+message/example 0
+message/feedback-report 0
+message/global 0
+message/global-delivery-status 0
+message/global-disposition-notification 0
+message/global-headers 0
+message/http 0
+message/imdn+xml 0
+message/news 0
+message/rfc822 0
+message/rfc822-headers 0
+message/s-http 0
+message/sip 0
+message/sipfrag 0
+message/tracking-status 0
+message/vnd.si.simp 0
+message/vnd.wfa.wsc 0
+model/example 0
+model/iges 0
+model/vnd-dwf 0
+model/vnd.collada+xml 0
+model/vnd.flatland.3dml 0
+model/vnd.gdl 0
+model/vnd.gs-gdl 0
+model/vnd.gtw 0
+model/vnd.moml+xml 0
+model/vnd.mts 0
+model/vnd.opengex 0
+model/vnd.parasolid.transmit-binary 0
+model/vnd.parasolid.transmit-text 0
+model/vnd.valve.source.compiled-map 0
+model/vnd.vtu 0
+model/x3d+fastinfoset 0
+model/x3d+xml 0
+model/x3d-vrml 0
+multipart/alternative -1
+multipart/mixed -1
+multipart/appledouble 2
+multipart/byteranges 2
+multipart/encrypted -2
+multipart/example 2
+multipart/form-data 2
+multipart/header-set 2
+multipart/related -1
+multipart/report 0
+multipart/signed -2
+multipart/voice-message 2
+multipart/x-mixed-replace 2
+text/1d-interleaved-parityfec 0
+text/RED 0
+text/SGML 0
+text/cache-manifest 0
+text/calendar 0
+text/css 0
+text/csv 0
+text/csv-schema 0
+text/directory 0
+text/dns 0
+text/encaprtp 0
+text/example 0
+text/fwdred 0
+text/grammar-ref-list 0
+text/html 0
+text/jcr-cnd 0
+text/markdown 0
+text/mizar 0
+text/n3 0
+text/parameters 0
+text/provenance-notation 0
+text/prs.fallenstein.rst 0
+text/prs.lines.tag 0
+text/plain -1
+text/raptorfec 0
+text/rfc822-headers 0
+text/rtf 0
+text/rtp-enc-aescm128 0
+text/rtploopback 0
+text/rtx 0
+text/t140 0
+text/tab-separated-values 0
+text/troff 0
+text/turtle 0
+text/ulpfec 0
+text/uri-list 0
+text/vcard 0
+text/vnd-a 0
+text/vnd-curl 0
+text/vnd.DMClientScript 0
+text/vnd.IPTC.NITF 0
+text/vnd.IPTC.NewsML 0
+text/vnd.abc 0
+text/vnd.debian.copyright 0
+text/vnd.dvb.subtitle 0
+text/vnd.esmertec.theme-descriptor 0
+text/vnd.fly 0
+text/vnd.fmi.flexstor 0
+text/vnd.graphviz 0
+text/vnd.in3d.3dml 0
+text/vnd.in3d.spot 0
+text/vnd.latex-z 0
+text/vnd.motorola.reflex 0
+text/vnd.ms-mediapackage 0
+text/vnd.net2phone.commcenter.command 0
+text/vnd.radisys.msml-basic-layout 0
+text/vnd.si.uricatalogue 0
+text/vnd.sun.j2me.app-descriptor 0
+text/vnd.trolltech.linguist 0
+text/vnd.wap-wml 0
+text/vnd.wap.si 0
+text/vnd.wap.sl 0
+text/vnd.wap.wmlscript 0
+text/xml 0
+text/xml-external-parsed-entity 0
+text/x-vcard 0
+video/1d-interleaved-parityfec 0
+video/3gpp 0
+video/3gpp-tt 0
+video/3gpp2 0
+video/BMPEG 0
+video/BT656 0
+video/CelB 0
+video/DV 0
+video/H261 0
+video/H263 0
+video/H263-1998 0
+video/H263-2000 0
+video/H264 0
+video/H264-RCDO 0
+video/H264-SVC 0
+video/H265 0
+video/JPEG 0
+video/MP1S 0
+video/MP2P 0
+video/MP2T 0
+video/MP4V-ES 0
+video/MPV 0
+video/SMPTE292M 0
+video/VP8 0
+video/encaprtp 0
+video/example 0
+video/iso.segment 0
+video/jpeg2000 0
+video/mj2 0
+video/mp4 0
+video/mpeg4-generic 0
+video/nv 0
+video/ogg 0
+video/pointer 0
+video/quicktime 0
+video/raptorfec 0
+video/rtp-enc-aescm128 0
+video/rtploopback 0
+video/rtx 0
+video/ulpfec 0
+video/vc1 0
+video/vnd-mpegurl 0
+video/vnd-vivo 0
+video/vnd.CCTV 0
+video/vnd.dece-mp4 0
+video/vnd.dece.hd 0
+video/vnd.dece.mobile 0
+video/vnd.dece.pd 0
+video/vnd.dece.sd 0
+video/vnd.dece.video 0
+video/vnd.directv-mpeg 0
+video/vnd.directv.mpeg-tts 0
+video/vnd.dlna.mpeg-tts 0
+video/vnd.dvb.file 0
+video/vnd.fvt 0
+video/vnd.hns.video 0
+video/vnd.iptvforum.1dparityfec-1010 0
+video/vnd.iptvforum.1dparityfec-2005 0
+video/vnd.iptvforum.2dparityfec-1010 0
+video/vnd.iptvforum.2dparityfec-2005 0
+video/vnd.iptvforum.ttsavc 0
+video/vnd.iptvforum.ttsmpeg2 0
+video/vnd.motorola.video 0
+video/vnd.motorola.videop 0
+video/vnd.ms-playready.media.pyv 0
+video/vnd.nokia.interleaved-multimedia 0
+video/vnd.nokia.videovoip 0
+video/vnd.objectvideo 0
+video/vnd.radgamettools.bink 0
+video/vnd.radgamettools.smacker 0
+video/vnd.sealed-swf 0
+video/vnd.sealed.mpeg1 0
+video/vnd.sealed.mpeg4 0
+video/vnd.sealedmedia.softseal-mov 0
+video/vnd.uvvu-mp4 0
--- /dev/null
+000d.ru
+0845.com
+0c.ru
+0lv.ru
+0pen.me
+0rz.tw
+10r.us
+123url.org
+140.uz
+17q.com
+1c-bitrix.ru
+1cl.in
+1ink.in
+1ink.ru
+1iny.com
+1lik.net
+1link.in
+1url.com
+1url.in
+1-url.net
+1-url.ru
+2big.at
+2dwww.com
+2.gp
+2it.info
+2.ly
+2mb.eu
+2qu.ru
+2sms.ru
+2tu.me
+2tu.us
+2url.org
+307.to
+3fw.ru
+3le.ru
+3.ly
+3.vu
+3x.si
+4.gg
+4job.ru
+4.ly
+4ms.me
+4p5.com
+4ry.ru
+4sq.com
+4u.gd
+4url.cc
+4url.tk
+5.gp
+5link.tk
+5pl.us
+5url.net
+5z8.info
+6fr.ru
+6.ly
+6pn.com
+6url.com
+6yo.org
+70.ru
+74job.ru
+7.ly
+7ly.ru
+7pisem.ru
+7ruh.com
+7ry.us
+7xu.org
+8.ly
+8q.ro
+9mp.com
+9-n.org
+9xi.ru
+a1.tc
+a2k.in
+aa.cx
+aafter.us
+abe5.com
+access.im
+action-emails.ru
+ad4.us
+adf.ly
+adjix.com
+adsbeta.net
+ad.vu
+afx.cc
+a.gg
+ah.ae
+aipro.ru
+airs.ru
+aka-url.com
+alic.at
+all.fuseurl.com
+allshort.ru
+all-top.ru
+alturl.com
+a.md
+amzn.to
+a.nf
+apeurl.com
+api.m3653.net
+apsense.cc
+apu.sh
+ar.gy
+arm.in
+arst.ch
+atiny.me
+atto.co.za
+atu.ca
+autodesk.com
+avast.com
+avoo.net
+azc.cc
+b23.ru
+b2l.me
+backupurl.com
+bacn.me
+bai.lu
+bcool.bz
+bezurl.com
+bi.gl
+binged.it
+bin.nu
+bitby.net
+bit.do
+bit.gy
+bit.ly
+bitly.com
+biturl.net
+bit.uz
+bizj.us
+bloat.me
+bmu.li
+boi.re
+bq.ro
+bravo.ly
+briefurl.pl
+bsa.ly
+bsndsy.ru
+budurl.com
+bun.ru
+bu.tt
+byst.ro
+byyb.net
+bz9.com
+campaign-services.directcrm.ru
+canurl.com
+capello.linkatty.com
+capourl.com
+care2share.tk
+cbs.so
+cbuz.com
+cctv.ws
+cd.vg
+cektkp.com
+cha.la
+chilp.it
+chzb.gr
+cjb.net
+cjt99.tk
+clck.ru
+cliccami.info
+click2.info
+click.email4customers.com
+click.emailinfo.mail.hpe.com
+click.icptrack.com
+click-me.us
+clickthru.ca
+clickv.tk
+cli.gs
+clkit.co
+cl.lk
+cl.ly
+clme.ru
+cloakreferer.com
+clockurl.com
+clop.in
+cms.im
+cmylink.com
+cnect.us
+comyonet.com
+conta.cc
+coolestone.com
+cort.as
+cortas.elpais.com
+cot.ag
+cowurl.com
+cp.bitrix.ru
+cr.am
+createurl.com
+crks.me
+crlf.ru
+crop.im
+crum.pl
+ctvr.us
+cug.kr
+cut4.me
+cut.by
+cuthut.com
+cutt.us
+d2u.us
+d8z.ru
+dai.ly
+da.lc
+ddp.net
+decenturl.com
+delivr.com
+dev0.ru
+dft.ba
+digbig.com
+di.gd
+digg.com
+digidns.net
+din.gy
+directtrafficlink.com
+disq.us
+dld.bz
+dlvr.it
+dmanalytics1.com
+doiop.com
+do.my
+dopen.us
+dot.tk
+dr2.biz
+driz.ru
+dr.tl
+durlz.info
+easyuri.com
+easyurl.jp
+easyurl.net
+eepurl.com
+ej.uz
+elurl.com
+email.account.2gis.com
+email.mail.ostrovok.ru
+email.news.ostrovok.ru
+e.mail.ru
+em.digium.com
+emap.ws
+etdurl.com
+eweri.com
+exa.im
+f1ru.net
+fa.by
+fanta.linkatty.com
+fav.me
+fbi.pp.ua
+fb.me
+fbshare.me
+fff.to
+ff.im
+ffs.cc
+fi.gd
+fire.to
+firsturl.de
+firsturl.net
+fishurl.ru
+flane.info
+flavr.be
+flic.kr
+flq.us
+flx.im
+fly2.ws
+folo.me
+fo.my
+fon.gs
+forex-trade.be
+fqav.com
+freak.to
+freepl.us
+free-redirect.tk
+freeurl.me
+free-url-redirection.com.ru
+fur.ly
+fuseurl.com
+fuzzy.to
+fwd4.me
+fwds.me
+fwib.net
+fyad.org
+fyn.im
+g00.me
+gadaf.fi
+game-url.com
+gentleurl.net
+geteml.com
+getlink.info
+get.sh
+get.tf
+gho.co
+gig140.com
+gizmo.do
+gl.am
+glink.co
+gltw.ru
+gmetzner.de
+gmy.su
+gnu.su
+go2-url.com
+go.9nl.com
+go9.us
+goandgrab.info
+gog.tc
+go.it
+go-links.net
+golook.at
+go.ly
+good.ly
+goo.gl
+goo.pm
+go.qb.by
+goshrink.com
+gosite.in
+goto.pattayacitythailand.com
+gourl.ca
+gourl.gr
+gourl.it
+go-url.ru
+go.usa.gov
+gri.bz
+g.ro.lt
+gtgg.us
+g.ua
+gu.ma
+gurl.es
+haqm.com
+hex.io
+hhvx.com
+hiderefer.com
+hijw.com
+hi.kg
+hit.kg
+hj.to
+hlurl.com
+hmm.ph
+ho.io
+hop.clickbank.net
+hopclicks.com
+ho.pe
+hop.kz
+href.in
+hsblinks.com
+htxt.it
+hubb.me
+huff.to
+hulu.com
+hurl.me
+hurl.ws
+huuk.net
+hvmnd.org
+i2h.de
+i5.be
+icanhaz.com
+idek.net
+idelink.com
+ifree.kz
+ih3.ru
+ikeafamilynews.ru
+ilix.in
+ilnk.me
+informer.ru
+innogam.es
+ino.me
+int.kz
+ipsha.ru
+ir.pe
+is.gd
+is.gs
+issuu.com
+itshrunk.com
+its.my
+iurlz.com
+ix.lt
+ixr.be
+j3w.it
+ja.cx
+jdem.cz
+jewi.sh
+jijr.com
+jmb.tw
+j.mp
+jom.la
+joo.ru
+just.as
+juu.cc
+keep2.me
+kickurl.com
+kipq.com
+kisaurl.com
+ki.tl
+kl.am
+klck.me
+klik.sihitam.com
+klx.co
+knb.im
+kon.tl
+kore.us
+korta.nu
+kqon.com
+kr1n.ru
+krunchd.com
+krz.ch
+ktzr.us
+l24.cm
+l3ss.me
+l9k.net
+lat.ms
+lavvs.com
+lcut.us
+leeturl.net
+leto.tk
+liip.to
+liltext.com
+lin.io
+link2me.ru
+link.ac
+linkbee.com
+linkbun.ch
+linkcash.biz
+linkde.info
+linkee.com
+link.hhut.ru
+linkl.ru
+link.mail.e.glavbukh-mail.ru
+link.rengo.ru
+link.sendsay.ru
+linkslash.ca
+linkunion.de
+linkx.me
+linkyy.com
+linkzip.net
+lip.tc
+li.ru
+list-manage1.com
+list-manage2.com
+list-manage.com
+little.im
+littleurl.net
+liurl.cn
+livehoster.org
+llinks.net
+ln0.ru
+ln4.me
+lnk.by
+lnk.cm
+lnk.co
+lnkd.in
+lnk.gd
+lnk.in
+lnk.ly
+lnk.ms
+lnks.it
+lnk.sk
+lnkstts.com
+lnkurl.com
+ln-s.net
+ln-s.ru
+loh.ru
+loo.gl
+lovebyt.es
+low.cc
+l.pr
+lr.tc
+lru.jp
+lrwk.com
+ltos.ru
+lt.tl
+lul.es
+lurl.no
+lx2.net
+ly9.net
+m4u.in
+m7a.org
+macte.ch
+mail.rambler.ru
+mandrillapp.com
+mash.to
+mee.la
+merky.de
+metamark.net
+micurl.com
+migre.me
+miliuner.com
+miniurl.com
+miniurl.net.ru
+miniurl.pl
+minu.me
+minurl.fr
+minyurl.net
+minyurl.org
+mislead.in
+miud.in
+mixe.me
+mke.me
+mlcampaignru.com
+mlsendru.com
+mmt.su
+mobotix-news.com
+mo.by
+moby.to
+mockurl.com
+moourl.com
+mp77.com
+mrte.ch
+mtp.pl
+mty.in
+mug.gs
+murl.kz
+mvp.im
+mylink4u.info
+mylink.to
+myloc.me
+myooo.info
+mypaqe.com
+mypl.us
+mytinyurl.net
+myurl.in
+myurl.si
+myxx.me
+mzan.si
+n3n.in
+n3r.ru
+nbc.co
+nblo.gs
+nbold.com
+ne1.net
+netgod.tk
+neuf.tk
+newhotlink.com
+nexturl.ru
+nicesharing.com
+nik.im
+niurl.com
+nl.cr
+nn.nf
+no1.in
+no.io
+nonameno.com
+normalurl.com
+notlong.com
+not.my
+now.am
+n.pr
+nsfw.in
+nutshellurl.com
+nxy.in
+nyti.ms
+oc1.us
+oeeq.com
+oiurl.com
+o.ly
+omf.gd
+om.ly
+omoikane.net
+on.cnn.com
+on.mktw.net
+oogyah.com
+oork.com
+opurl.us
+orbita.co.il
+orz.se
+ourgplus.at
+out.houseofgaga.ru
+ovr.me
+ow.ly
+o-x.fr
+p1.fr
+pathto.net
+pb8.ru
+pburl.com
+pcw.ro
+pduda.mobi
+pechkincensor.ru
+pechkinspy.ru
+peeep.us
+peekurl.com
+pendek.in
+penting.web.id
+pfat.de
+pho.se
+phpm.ru
+php-ru.info
+pi90.com
+picourl.ru
+piks.nl
+ping.fm
+pli.gs
+plink.es
+plo.cc
+ploshadka.ru
+plugin.name
+plusphp.com
+p.ly
+pnt.me
+pobierz-film.tk
+politi.co
+ponyurl.com
+poo.pr
+post.ly
+pot.vg
+pp.gg
+ppt.cc
+pra.im
+privacy-surf.com
+proext.com
+professionali.ru
+profile.to
+prourl.de
+ptiturl.com
+p.tl
+pub.vitrue.com
+punyurl.com
+purl.org
+pvh.me
+pw.ly
+pxlz.org
+py6.ru
+pygmyurl.com
+pysper.com
+q32.ru
+qick.ws
+qid.in
+qkr.cc
+qlnk.net
+qlql.ru
+qnh.pl
+qr.cx
+qr.ee
+qrf.in
+qr.net
+qru.ru
+qte.me
+qtwk.com
+quik.in
+qurl.com
+qu.tc
+qz.bz
+rb6.me
+r.delphicomponent.ru
+rdrct.us
+rdr.to
+read.bi
+readthis.ca
+reallytinyurl.com
+redir.ec
+redirectingat.com
+redirects.ca
+redirect.subscribe.ru
+redire.ru
+redirx.com
+reduc.in
+referer.us
+retweet.cc
+retwt.me
+reurl.org
+rhwm.eu
+rickroll.it
+r.im
+ri.ms
+riz.gd
+rlu.ru
+rmse.ru
+rnd.ru
+romb.su
+r-ss.de
+rt.nu
+rubyurl.com
+ru.ly
+rurl.org
+rurl.ru
+rurls.ru
+rustech.org
+rww.tw
+s0bu.ru
+s0e.ru
+s4c.in
+s7y.us
+s8.hk
+safe.mn
+saf.li
+sami.24.gg
+sayabit.com
+s.coop
+scurtare-url.hi2.ro
+sdut.us
+securityexpert.ru
+securl.ru
+sendgrid.net
+sendit.in
+sendsay.ru
+sendurl.info
+sg4d.com
+sg-url.tk
+shadyurl.com
+share.flocktory.com
+shar.es
+shink.de
+shiturl.com
+shli.de
+shorl.com
+shortb.net
+shorten.im
+shorten.ws
+short.ie
+short.im
+shortlinks.co.uk
+short-me.com
+shortner.com
+shortn.me
+short.nr
+short.su
+short.to
+shorturl.asia
+shorturl.com
+short-url.co.uk
+shorturls.co.uk
+shortz.me
+shout.to
+show.my
+shrinkee.com
+shrinkify.com
+shrinkr.com
+shrten.com
+shrt.fr
+shrtl.com
+shrt.st
+shrunkin.com
+shx.in
+simplesite.com
+simurl.com
+sitefwd.com
+sk9.pl
+slate.me
+sli.su
+slki.ru
+sl.to
+smallr.com
+smallurl.in
+smallurl.ru
+smalur.com
+s-m.co
+smsh.me
+smurl.ca
+smurl.name
+sn9.ru
+sn.im
+snipr.com
+snipurl.com
+snurl.com
+softlinemail.ru
+sokrati.ru
+somexyz.com
+song.ly
+sorturl.net
+so.vg
+sp2.ro
+spedr.com
+speed-tester.info
+sq6.ru
+srclick.ru
+srcom.net
+srnk.net
+srs.li
+srtn.me
+starts.com
+starturl.com
+stat-pulse.com
+stnx.at
+stump.ws
+su.ly
+su.pr
+surl.co.uk
+surl.hu
+surl.me
+surs.nl
+susurl.com
+swturl.com
+t1ny.net
+ta.gd
+ta.gg
+tagiturl.com
+taourl.com
+tbd.ly
+t.cn
+t.co
+tcrn.ch
+techto.us
+tez.co
+tgl.net
+tgr.me
+tgr.ph
+th8.us
+thexyz.org
+thinfi.com
+th.ly
+thnlnk.com
+thurl.in
+tie.ly
+tighturl.com
+tin.cc
+tiniuri.com
+tiny9.com
+tinyarro.ws
+tiny.by
+tiny.cc
+tinyit.cc
+tinylink.ca
+tinylink.in
+tiny.ly
+tiny.pl
+tiny.ps
+tinyuri.ca
+tinyurl.com
+tinyurl.ru
+tki.me
+tldr.in
+tl.gd
+t.lh.com
+tlim.ru
+tllg.net
+tmi.me
+tnij.org
+tny.com
+tny.tc
+to8.cc
+togoto.us
+to.je
+to.ly
+toma.ai
+tos.co
+totc.us
+tourl.fr
+toysr.us
+tozm.com
+tpm.ly
+tra.kz
+trg.li
+trii.us
+tr.im
+trimurl.me
+trunc.it
+trusteml.com
+tty.su
+tuckinfo.com
+tux-pla.net
+tvsl.eu
+tweet.ms
+tweez.me
+twhub.com
+twirl.at
+twitclicks.com
+twitter.com
+twitterurl.net
+twiturl.de
+twiu.ru
+twurl.cc
+twurl.nl
+tyny.me
+u2s.in
+u76.org
+ub0.cc
+u.info-mg.ru
+ukril.ru
+ulk.me
+ulmart.ru
+ulo.me
+ulu.lu
+u.mavrev.com
+umenytt.se
+unfake.it
+u.nu
+updating.me
+ur1.ca
+ur3.us
+ural-tender.ru
+url2.ru
+url360.me
+url3.ru
+url4.eu
+url4.ru
+url4t.com
+url5.ru
+url66.com
+urla.ru
+url.az
+url.b24.am
+urlbit.us
+urlborg.com
+urlbrief.com
+urlcantik.com
+urlclick.ru
+url.cn
+urlcorta.es
+url.co.uk
+urlcover.com
+urlcut.com
+urldefender.com
+urldepo.ru
+url.dflix.net
+urlel.com
+urlenco.de
+urle.us
+url.g4team.com
+urlgator.com
+urlgeo.me
+urlg.in
+url-go.com
+urlgo.ru
+url.ie
+urlin.it
+urlink.eu
+urli.nl
+urlite.de
+url.lotpatrol.com
+urlmint.com
+url.mk.ua
+urlms.com
+urloid.com
+urloo.com
+urlot.com
+urlredo.com
+urlscott.com
+urls.co.za
+url.shinri.biz
+urlshorteningservicefortwitter.com
+urlshort.me
+urls.im
+urlsim.com
+urlsnip.com
+urlsp.in
+urlsqueeze.com
+urls.vg
+urltwit.com
+urlu.ms
+urlus.ru
+url.vsofte.ru
+urlx.ie
+urlxs.fr
+ur.ly
+url.yanclex.com
+urlz.at
+urlzen.com
+url-zip.com
+urlz.ro
+usat.ly
+use.my
+u.to
+uud.in
+uuu.su
+uww.me
+uyurl.com
+vani.sh
+vash-repetitor.ru
+vb.ly
+vc8.net
+vgn.am
+view.my
+vk.cc
+vl.am
+vll.me
+vog.me
+vovka.com
+vst.tv
+w3t.org
+w55.de
+wa.la
+wapo.st
+wapurl.co.uk
+warble.co
+webformyself.com
+weblist.kharkov.ua
+weburl.me
+weeclix.com
+wez.su
+whspr.it
+widg.me
+wik.ro
+wipi.es
+wlatcy-moch.tk
+wlink.me.uk
+wmturls.com
+wom.im
+wowurl.com
+wp.me
+wp.nu
+wurl.in
+wurl.us
+wuw.su
+ww.tl
+www.clickmeeting.com
+www.grandstreamnetworks.ru
+wz.ae
+x2t.com
+xaa.su
+xav.cc
+xcqv.com
+xcs.me
+xd5.net
+xdvn.net
+xew.co
+xops.fr
+xp.cm
+xr.com
+xrl.in
+xrls.tk
+xrl.us
+x-url.com
+xurl.es
+xurl.jp
+x.vu
+xvx.su
+xw6.com
+xxsurl.de
+xxw.me
+y.ahoo.it
+yatuc.com
+ydn.ru
+ye.pe
+yep.it
+yfrog.com
+yhoo.it
+yi.pe
+yiyd.com
+ysu.me
+yuarel.com
+yurl.in
+y-url.ru
+yurl.ru
+z0p.de
+z2z.ca
+zapt.in
+zazi.me
+zcom.us
+zebratelecom.ru
+zeep.in
+zi.ma
+zi.mu
+zio.in
+zipmyurl.com
+zolp.net
+zrps.info
+zti.me
+zud.me
+zurl.ws
+zxc9.com
+zzang.kr
+zz.gd
--- /dev/null
+# Domains with valid SPF and DKIM
+
+4chan.org
+6pm.com
+about.com
+addthis.com
+adf.ly
+adobe.com
+adp.com
+adschemist.com
+airbnb.com
+airtel.in
+alibaba.com
+aliexpress.com 2.0
+alipay.com 2.0
+allrecipes.com
+amazon.ca
+amazon.cn
+amazon.co.jp
+amazon.com
+amazon.co.uk
+amazon.de
+amazon.es
+amazon.fr
+amazon.in
+amazon.it
+amazon.ru
+americanexpress.com
+ancestry.com
+android.com
+apple.com
+asana.com
+att.com
+autohome.com.cn
+avg.com
+aweber.com
+badoo.com
+bankofamerica.com
+basecamp.com
+battle.net
+bet365.com
+biglobe.ne.jp
+bitly.com
+bleacherreport.com
+blogger.com
+bloomberg.com
+booking.com
+box.com
+bt.com
+capitalone.com
+cdiscount.com
+change.org
+chase.com
+cisco.com
+citi.com
+constantcontact.com
+costco.com
+craigslist.org
+custhelp.com
+dell.com
+delta.com
+diply.com
+discovercard.com
+disqus.com
+dropbox.com
+drweb.com
+ebay.ca
+ebay.com
+ebay.com.au
+ebay.co.uk
+ebay.de
+ebay.fr
+ebay.in
+ebay.it
+ebay.ru
+etsy.com
+evernote.com
+expedia.com
+facebook.com
+fedex.com
+fidelity.com
+fishki.net
+flickr.com
+flirchi.com
+force.com
+freepik.com
+gap.com
+gawker.com
+github.com 2.0
+gizmodo.com
+godaddy.com
+googleadservices.com
+googleusercontent.com
+groupon.com
+hdfcbank.com
+hgtv.com
+hh.ru
+hm.com
+houzz.com
+hubspot.com
+icicibank.com
+icloud.com
+ign.com
+imgur.com
+immobilienscout24.de
+indeed.com
+indiatimes.com
+infusionsoft.com
+instagram.com
+intel.com
+irctc.co.in
+kayak.com
+kickstarter.com
+kijiji.ca
+kotaku.com
+letsencrypt.org
+libero.it
+lifehacker.com
+likes.com
+linkedin.com
+linux.com
+list-manage.com
+mackeeper.com
+mailchimp.com
+mashable.com
+match.com
+mercadolibre.com.ar
+mercadolivre.com.br
+messenger.com
+microsoft.com
+microsoftonline.com
+moikrug.ru
+mts.ru
+neobux.com
+netflix.com
+newegg.com
+nhk.or.jp
+nifty.com
+nikkeibp.co.jp
+nyaa.se
+nytimes.com
+odnoklassniki.ru
+ok.ru
+olx.ua
+overstock.com
+ozon.ru
+ozon.travel
+pandora.com
+paypal.ca
+paypal.cn
+paypal.com
+paypal.com
+paypal.co.uk
+paypal.de
+paypal.es
+paypal.fr
+paypal.it
+paypal.ru
+paytm.com
+pch.com
+pinterest.com
+porn.com
+priceline.com
+qq.com
+quora.com
+rakuten.co.jp
+reddit.com
+researchgate.net
+salesforce.com
+sciencedirect.com
+shopify.com
+slack.com
+slideshare.net
+so-net.ne.jp
+southwest.com
+spotify.com
+springer.com
+squarespace.com
+stalker.com
+steampowered.com
+stumbleupon.com
+surveymonkey.com
+swagbucks.com
+taboola.com
+taleo.net
+taobao.com
+target.com
+taringa.net
+taxi.yandex.ru
+tele2.ru
+thekitchn.com
+tokopedia.com
+trello.com
+tribunnews.com
+trulia.com
+tumblr.com
+twitter.com
+ultimate-guitar.com
+ups.com
+usaa.com
+usbank.com
+usps.com
+verizon.com
+verizonwireless.com
+vimeo.com
+vine.co
+vk.com
+vmware.com
+vtb24.ru
+wahoofitness.com
+walmart.com
+wav.tv
+wellsfargo.com
+whatsapp.com
+wikia.com
+wikimedia.org
+wikipedia.org
+wildberries.ru
+wix.com
+wordpress.com
+wordpress.org
+wp.com
+xuite.net
+xvideos.com
+yelp.com
+youtube.com
+yts.to
+zappos.com
+zendesk.com
+zippyshare.com
+zomato.com
+zulily.com
+zwift.com
--- /dev/null
+126.com
+163.com
+1gost.info
+1stnationalbank.com
+2o7.net
+365online.com
+4at1.com
+53.com
+5iantlavalamp.com
+abl.com.pk
+about.com
+accessbankplc.com
+adelphia.net
+adib.ae
+adobe.com
+agora-inc.com
+agoramedia.com
+aibgb.co.uk
+aib.ie
+airdriesavingsbank.com
+akamai.net
+akamaitech.net
+aldermore.co.uk
+alexa.com
+alliancebank.com.my
+alliancefg.com
+alliantcreditunion.com
+alliantcreditunion.org
+allianz.de
+allybank.com
+alterna.ca
+amazon.com
+americanexpress.ch
+americanexpress.com
+anadolubank.nl
+ancestry.com
+anz.com
+anz.co.nz
+aol.com
+apache.org
+apple.com
+arbuthnotlatham.co.uk
+arcamax.com
+asb.co.nz
+ask.com
+astrology.com
+atdmt.com
+att.net
+authorize.net
+autorambler.ru
+axisbank.co.in
+axisbank.com
+b2bbank.com
+baaderbank.de
+baidu.com
+baloise.ch
+baml.com
+banamex.com
+bancanetbsc.do
+bancanetsantacruz.com.do
+bancapulia.it
+bancarios.com
+bancastato.ch
+bancatransilvania.ro
+bancobase.com
+bancobic.ao
+bancobic.pt
+bancobpi.pt
+banco.bradesco
+bancobrasil.com.br
+bancochile.cl
+bancochile.com
+bancoestado.cl
+bancofalabella.cl
+bancofalabella.com.co
+bancofalabella.pe
+bancomer.com
+bancopopolare.it
+bancopostaclick.it
+bancoposta.it
+bancosantander.es
+bancovotorantimcartoes.com.br
+bank24.ru
+bankalhabib.com
+bankaustria.at
+bank.barclays.co.uk
+bankbgzbnpparibas.pl
+bankcardservices.co.uk
+bankcomm.com
+bankcoop.ch
+bankiabancapersonal.es
+bankia.com
+bankia.es
+bankinter.com
+bankinter.es
+bankmutual.com
+bankofamerica.com
+bankofcanada.ca
+bankofchina.com
+bankofcyprus.com
+bankofindia.co.nz
+bankofireland.com
+bank-of-ireland.co.uk
+bankofirelanduk.com
+bankofoklahoma.com
+bankofscotland.co.uk
+banksinarmas.com
+bankvonroll.ch
+bankwest.com.au
+banque-casino.fr
+banquepopulaire.fr
+banquescotia.com
+barclaycard.co.uk
+barclaycard.de
+barclaycard.es
+barclays.com
+barclays.co.uk
+barclayspartnerfinance.com
+barclays.sc
+barodanzltd.co.nz
+basler.ch
+bbandt.com
+bbc.co.uk
+bcentral.com
+bci.cl
+bcp.com.pe
+bcv.ch
+bcvs.ch
+bekb.ch
+bellevue.ch
+bellsouth.net
+bendigobank.com.au
+berliner-bank.de
+berliner-sparkasse.de
+bfanet.ao
+bfi0.com
+bgfi.com
+bgfionline.com
+bgzbnpparibas.pl
+billmelater.com
+bing.com
+bkb.ch
+bk.rw
+bks.at
+blkb.ch
+bmocm.com
+bmo.com
+bmogam.com
+bmoharris.com
+bmoharrisprivatebankingonline.com
+bmoinvestorline.com
+bmonesbittburns.com
+bnl.it
+bnpparibas.com
+bnpparibas.fr
+boc.cnnz
+bonuscard.ch
+bpe-gruposantander.com
+bpi.pt
+bpostbank.be
+bradescardonline.com.br
+bradesco.com.br
+bradescoseguranca.com.br
+bridgetrack.com
+bridgewaterbank.ca
+bsibank.com
+btrl.ro
+bt-trade.ro
+businessonline-boi.com
+bzbank.ch
+ca-cib.com
+ca-egypt.com
+cafbank.org
+cafe24.com
+cafonline.org
+caisse-epargne.com
+caisse-epargne.fr
+caixabank.com
+caixa.gov.br
+cajasur.es
+camsonline.com
+canadiandirect.com
+capitalone360.com
+capitalone.com
+capitaloneonline.co.uk
+capitecbank.co.za
+cariparma.it
+carrefour-banque.fr
+cartabcc.it
+cartabccpos.it
+cartasi.it
+ca-suisse.com
+catalunyacaixa.com
+cbg.gm
+cbonline.co.uk
+cembra.ch
+cenbank.org
+centralbank.ae
+charitybank.org
+charter.net
+chase.com
+chebanca.it
+chinatrust.com.tw
+cial.ch
+cibc.com
+cic.ch
+cimbclicks.com.my
+citibank.ae
+citibank.co.in
+citibank.com
+citibank.co.uk
+citibankonline.com
+citibusiness.com
+citicards.com
+citi.com
+citi.co.nz
+citi.eu
+citigroup.com
+citizensbank.ca
+citizensbank.com
+civibank.com
+civibank.it
+cjb.net
+classmates.com
+clickbank.net
+closebrothers.com
+closebrothers.co.uk
+clubsc.ch
+cnet.com
+cnn.com
+colpatria.com
+colpatria.com.co
+comcast.net
+com.com
+commbank.com.au
+commerzbank.com
+commerzbank.de
+com.ne.kr
+coopbank.dk
+co-operativebank.co.uk
+cornerbanca.ch
+cornercard.ch
+cornercard.com
+corner.ch
+corporate-ir.net
+cosycard.ch
+coutts.com
+cox.net
+craigslist.org
+credit-agricole.com
+credit-agricole.fr
+creditagricole.rs
+credit-suisse.com
+cs.com
+css.ch
+ctbcbank.com
+ctfs.com
+custhelp.com
+cwbank.com
+cwbankgroup.com
+cwt.ca
+cybg.com
+danskebankas.lt
+danskebank.com
+danskebank.co.uk
+danskebank.de
+danskebank.dk
+danskebank.ee
+danskebank.fi
+danskebank.ie
+danskebank.no
+datatrans.biz
+datatrans.ch
+daum.net
+db.com
+dbs.com
+dd.se
+debian.org
+dell.com
+demirbank.kg
+denizbank.com
+desjardins.ca
+desjardins.com
+deutschebank.be
+deutschebank.co.nz
+deutsche-bank.de
+diamondbank.com
+dibpak.com
+directnic.com
+directtrack.com
+discovercard.com
+discover.com
+discovery.co.za
+dnbnord.lt
+domain.com
+doubleclick.com
+dresdner-bank.de
+dsbbank.sr
+dsbl.org
+duncanlawrie.com
+earthlink.net
+easybank.at
+easylnk.com
+ebay.com
+ebay.co.uk
+ebay.de
+ebayimg.com
+ebaystatic.com
+ecobank.com
+edgesuite.net
+ediets.com
+edwardjones.com
+egroups.com
+e-gulfbank.com
+emode.com
+esunbank.com.tw
+example.com
+example.net
+example.org
+excite.com
+facebook.com
+fedex.com
+fednetbank.com
+fidelity.com
+fidor.de
+finance.com
+finansbank.com.tr
+finasta.lt
+fineco.it
+firstbankcard.com
+firstmerit.com
+firstnational.com
+firstnationalmerchantsolutions.com
+firsttrustbank.co.uk
+flickr.com
+fnbc.ca
+fnb.co.za
+fnb-online.com
+freebsd.org
+free.fr
+friuladria.it
+f-secure.com
+garantibank.eu
+garantibank.nl
+garanti.com.tr
+gazprombank.ch
+gazprombank.ru
+generali.es
+genevoise.ch
+gentoo.org
+geocities.com
+gkb.ch
+gmail.com
+gmx.net
+go.com
+godaddy.com
+googleadservices.com
+google.co.in
+google.com
+google.it
+google.ru
+granitbank.hu
+grisoft.com
+gtbank.com
+halifax.co.uk
+hallmark.com
+handelsbanken.se
+harrodsbank.co.uk
+hbl.com
+hblibank.com
+hblibank.com.pk
+hdfcbank.com
+heartland.co.nz
+hellenicbank.com
+hinet.net
+hkbea.com
+hlb.com.kh
+hlb.com.my
+hoaresbank.co.uk
+home.barclays
+hongleongconnect.com.kh
+hongleongconnect.com.vn
+hongleongconnect.my
+hotbar.com
+hotmail.com
+hotpop.com
+hp.com
+hsbc.com
+hsbc.com.ar
+hsbc.com.hk
+hsbc.co.nz
+hsbc.co.uk
+hypovereinsbank.co.uk
+hypovereinsbank.de
+ibm.com
+icbcnz.com
+icicibank.co.in
+icicibank.com
+icicibankprivatebanking.com
+icorner.ch
+icscards.de
+icscards.nl
+incredimail.com
+ing.be
+ing.com
+ing-diba.de
+ingdirect.ca
+ing.lu
+ing.nl
+ingvysyabank.com
+interac.ca
+investorplace.com
+iobnet.co.in
+isbank.com.tr
+isbank.de
+isbank.ge
+isbank.iq
+isbankkosova.com
+itau.com.br
+ivillage.com
+joingevalia.com
+jpmchase.com
+jpmorgan.com
+jsafrasarasin.com
+julianhodgebank.com
+juliusbaer.com
+juno.com
+jyskebank.dk
+kantonalbank.ch
+kernel.org
+key.com
+kiwibank.co.nz
+kotak.com
+kredytbank.pl
+kreissparkasse-schwalm-eder.de
+ksklb.de
+kutxabank.es
+laboralkutxa.com
+lacaixa.cat
+lacaixa.es
+laurentianbank.ca
+lbb.de
+lcl.com
+lcl.fr
+li.ru
+list.ru
+liveinternet.ru
+livejournal.com
+lloydsbank.com
+lloydsbankcommercial.com
+lloydsbankinggroup.com
+lloydstsb.ch
+lloydstsb.co.uk
+lombardodier.com
+loydsbank.com
+lycos.com
+m7z.net
+mac.com
+macromedia.com
+maerki-baumann.ch
+mail.com
+mail.ru
+mailscanner.info
+mandtbank.com
+manulifebank.ca
+manulifebankselect.ca
+manulife.com
+manulifeone.ca
+marketwatch.com
+mashreqbank.com
+mastercard.com
+maybank2u.com
+maybank2u.com.my
+mcafee.com
+mchsi.com
+mdmbank.com
+mechanicsbank.com
+medbank.lt
+messagelabs.com
+metrobankdirect.com
+metrobankonline.co.uk
+microsoft.com
+migbank.com
+migrosbank.ch
+military.com
+mindspring.com
+mit.edu
+mizuhobank.co.jp
+mmwarburg.lu
+monster.com
+montepio.pt
+morganstanley.com
+mozilla.com
+mps.it
+ms.com
+msn.com
+mufg.jp
+myonlineresourcecenter.com
+myonlineservices.ch
+myspace.com
+nate.com
+nationalesuisse.ch
+nationwide-communications.co.uk
+nationwide.co.uk
+nationwide-service.co.uk
+natwest.com
+navyfederal.org
+nbc.ca
+netflix.com
+netscape.com
+netscape.net
+netzero.net
+newyorkfed.org
+nibl.com.np
+nod32.com
+nordea.fi
+nordea.lt
+nordfynsbank.dk
+norisbank.de
+norman.com
+notenstein.ch
+nuvisionfederal.com
+nytimes.com
+oceanbank.com
+onlinesbi.com
+openoffice.org
+openxmlformats.org
+optonline.net
+orchardbank.com
+osdn.com
+ostsaechsische-sparkasse-dresden.de
+overstock.com
+pacbell.net
+pandasoftware.com
+passport.com
+paylife.at
+paypal.be
+paypal-brasil.com.br
+paypal.ca
+paypal.ch
+paypal.co.il
+paypal.com
+paypal.com.au
+paypal.com.br
+paypal-communication.com
+paypal-community.com
+paypal.com.mx
+paypal.com.pt
+paypal.co.uk
+paypal-customerfeedback.com
+paypal.de
+paypal-deutschland.de
+paypal.dk
+paypal.es
+paypal-exchanges.com
+paypal.fr
+paypal.it
+paypal-marketing.co.uk
+paypal-marketing.pl
+paypal.net
+paypal.nl
+paypal.no
+paypal-notify.com
+paypal-now.com
+paypalobjects.com
+paypal-opwaarderen.nl
+paypal-pages.com
+paypal.pt
+paypal.ru
+paypal.se
+paypal-search.com
+paypal-shopping.co.uk
+paypal-techsupport.com
+pbebank.com
+pcfinancial.ca
+peoplepc.com
+permanenttsb.ie
+plaxo.com
+pnc.com
+popolarevicenza.it
+postbank.de
+postepay.it
+postfinancearena.ch
+postfinance.ch
+postfinance.info
+price.ru
+prodigy.net
+publicislamicbank.com.my
+rabobank.com
+rabobank.co.nz
+rabobank.nl
+radaruol.com.br
+rahnbodmer.ch
+raiffeisenbank.rs
+raiffeisen.ch
+raiffeisen.hu
+raiffeisen.li
+raiffeisen.ru
+rambler-co.ru
+rambler.ru
+raphaelsbank.com
+rbc.com
+rbcroyalbank.com
+rbs.co.uk
+rbssecure.co.uk
+rbsworldpay.com
+rcb.at rcb.at
+real.com
+recordbank.be
+redhat.com
+rediff.com
+regiobank.nl
+regions.com
+regionsnet.com
+renasantbank.com
+rhbgroup.com
+rogersbank.com
+rogers.com
+rothschildbank.com
+rothschild.com
+royalbank.com
+rr.com
+sagepay.com
+sagepay.co.uk
+sainsburysbank.co.uk
+samba.com
+santander.cl
+santander.com
+santander.com.br
+santander.com.mx
+santandercorretora.com.br
+santander.co.uk
+santanderesfera.com.br
+santandersantiago.cl
+sarasin.ch
+sbcglobal.net
+sberbank.ch
+sbs.net.nz
+sc.com
+schoellerbank.at
+scotiabank.ca
+scotiabank.com
+scotiamocatta.com
+scotiaonline.com
+s.de
+sec.gov
+securetrustbank.com
+service-sparkasse.de
+serviciobancomer.com
+sf.net
+shawbrook.co.uk
+shaw.ca
+shkb.ch
+shockwave.com
+six-group.com
+six-payment-services.com
+skrill.com
+sls-direkt.de
+smithbarney.com
+snb.ch snb.ch
+snsbank.nl
+societegenerale.fr
+sourceforge.net
+spamcop.net
+sparda-a.de
+sparda-bank-hamburg.de
+sparda-b.de
+sparda-bw.de
+sparda-h.de
+sparda-hessen.de
+sparda-m.de
+sparda-ms.de
+sparda-n.de
+sparda-ostbayern.de
+sparda-sw.de
+sparda-verband.de
+sparda-west.de
+sparkasse.at
+sparkasse-bank-malta.com
+sparkasse-bielefeld.de
+sparkasseblog.de
+sparkasse-bochum.de
+sparkasse.ch
+sparkasse.de
+sparkasse-gera-greiz.de
+sparkasse-hamm.de
+sparkasse-heidelberg.de
+sparkasse-ingolstadt.de
+sparkasse-mittelthueringen.de
+speedera.net
+sportsline.com
+standardbank.com
+standardbank.co.za
+standardchartered.com.gh
+standardchartered.com.my
+subscribe.ru
+sun.com
+suncorpbank.com.au
+suntrust.com
+swedbank.com
+swedbank.ee
+swedbank.lt
+swedbank.lu
+swedbank.se
+swisscanto.ch
+swisscaution.ch
+swissquote.ch
+sydbank.dk
+sympatico.ca
+tails.nl
+tangerine.ca
+tcb-bank.com.tw
+tdbank.com
+tdcommercialbanking.com
+telus.net
+terra.com.br
+tescobank.com
+ticketmaster.com
+tinyurl.com
+tiscali.co.uk
+tns-counter.ru
+tom.com
+tone.co.nz
+t-online.de
+top4top.ru
+tsbbank.co.nz
+tsb.co.nz
+tsb.co.uk
+tux.org
+twitter.com
+ubibanca.com
+ubs.com
+ulsterbankanytimebanking.co.uk
+ulsterbank.co.uk
+unibancoconnect.pt
+unibanco.pt
+unicreditbank.lt
+unicredit.eu
+unicreditgroup.eu
+unicredit.it
+unionbankcameroon.com
+unionbank.com
+unity.co.uk
+uob.com.sg
+uobgroup.com
+uol.com.br
+ups.com
+usbank.com
+valianttrust.com
+vaudoise.ch
+venetobanca.it
+venetobanka.al
+verizon.net
+versabank.com
+videobank.it
+virginmoney.com
+visa.com.ar
+visa.com.br
+visaeurope.ch
+visaeurope.com
+viseca.ch
+volksbank.de
+volkswagenbank.de
+vpbank.com
+vr.de
+vwbank.de
+w3.org
+wachovia.com
+walmart.com
+wamu.com
+wanadoo.fr
+washingtonpost.com
+weatherbug.com
+weatherbys.co.uk
+web.de
+webshots.com
+webtv.net
+wegelin.ch
+wellsfargo.com
+wellsfargoemail.com
+westernunion.ca
+westernunion.com
+westernunion.fr
+westernunion.se
+westpac.com.au
+westpac.co.nz
+wir.ch
+wordpress.com
+worldbank.org
+worldpay.com
+wsj.com
+wvb.de
+xmlsoap.org
+yacht.nl
+yahoo.ca
+yahoo.co.jp
+yahoo.co.kr
+yahoo.com
+yahoo.com.br
+yahoo.co.uk
+yahoogroups.com
+yandex.net
+yandex.ru
+ybonline.co.uk
+yimg.com
+yopi.de
+yorkshirebank.co.uk
+yourbankcard.com
+yoursite.com
+youtube.com
+zagbank.ca
+zdnet.com
+zenithbank.com
+zkb.ch
+zugerkb.ch
+vistaprint.dk
+vistaprint.com
+anpdm.com
+dovecot.org
+exacttarget.com
+github.com
+isc.org
+# list-manage1.com # grey
+# list-manage2.com # grey
+# list-manage.com # grey
+lists.isc.org
+lists.roundcube.net
+svn.apache.org
+taggedmail.com
+tumblr.com
\ No newline at end of file
--- /dev/null
+# Metrics settings
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
+# parameters defined on the top level
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
+# parameters defined on the top level
+#
+# For specific modules or configuration you can also modify
+# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
+# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
+#
+# See https://rspamd.com/doc/tutorials/writing_rules.html for details
+
+# DEPRECATION WARNING!!
+# This file is deprecated since 1.7
+# Please use actions.conf and groups.conf files instead
+metric {
+ name = "default";
+ .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/metrics.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/metrics.conf"
+}
--- /dev/null
+# A common rspamd configuration file (should never ever be changed)
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
+# parameters defined on the top level
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
+# parameters defined on the top level
+#
+# For specific modules or configuration you can also modify
+# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
+# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
+#
+# See https://rspamd.com/doc/tutorials/writing_rules.html for details
+
+.include(glob=true) "${CONFDIR}/modules.d/*.conf"
\ No newline at end of file
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/antivirus.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/antivirus.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/antivirus.html
+
+antivirus {
+ # multiple scanners could be checked, for each we create a configuration block with an arbitrary name
+ #clamav {
+ # If set force this action if any virus is found (default unset: no action is forced)
+ # action = "reject";
+ # message = '${SCANNER}: virus found: "${VIRUS}"';
+ # Scan mime_parts separately - otherwise the complete mail will be transferred to AV Scanner
+ #scan_mime_parts = true;
+ # Scanning Text is suitable for some av scanner databases (e.g. Sanesecurity)
+ #scan_text_mime = false;
+ #scan_image_mime = false;
+ # If `max_size` is set, messages > n bytes in size are not scanned
+ #max_size = 20000000;
+ # symbol to add (add it to metric if you want non-zero weight)
+ #symbol = "CLAM_VIRUS";
+ # type of scanner: "clamav", "fprot", "sophos" or "savapi"
+ #type = "clamav";
+ # For "savapi" you must also specify the following variable
+ #product_id = 12345;
+ # You can enable logging for clean messages
+ #log_clean = true;
+ # servers to query (if port is unspecified, scanner-specific default is used)
+ # can be specified multiple times to pool servers
+ # can be set to a path to a unix socket
+ # Enable this in local.d/antivirus.conf
+ #servers = "127.0.0.1:3310";
+ # if `patterns` is specified virus name will be matched against provided regexes and the related
+ # symbol will be yielded if a match is found. If no match is found, default symbol is yielded.
+ #patterns {
+ # symbol_name = "pattern";
+ # JUST_EICAR = '^Eicar-Test-Signature$';
+ #}
+ #patterns_fail {
+ # symbol_name = "pattern";
+ #CLAM_PROTOCOL_ERROR = '^unhandled response';
+ #}
+ # `whitelist` points to a map of signature names. Hits on these signatures are ignored.
+ #whitelist = "/etc/rspamd/antivirus.wl";
+ #}
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/antivirus.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/antivirus.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/antivirus.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/arc.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/arc.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/arc.html
+
+
+# To configure this module, please also check the following document:
+# https://rspamd.com/doc/tutorials/scanning_outbound.html and
+# https://rspamd.com/doc/modules/arc.html
+
+# To enable this module define the following attributes:
+# path = "${DBDIR}/arc/$domain.$selector.key";
+# OR
+# domain { ... }, if you use per-domain conf
+# OR
+# set `use_redis=true;` and define redis servers
+
+arc {
+ # If false, messages with empty envelope from are not signed
+ allow_envfrom_empty = true;
+ # If true, envelope/header domain mismatch is ignored
+ allow_hdrfrom_mismatch = true;
+ # If true, multiple from headers are allowed (but only first is used)
+ allow_hdrfrom_multiple = false;
+ # If true, username does not need to contain matching domain
+ allow_username_mismatch = false;
+ # Default path to key, can include '$domain' and '$selector' variables
+ #path = "${DBDIR}/arc/$domain.$selector.key";
+ # Default selector to use
+ selector = "arc";
+ # If false, messages from authenticated users are not selected for signing
+ sign_authenticated = false;
+ # If false, inbound messages are not selected for signing
+ sign_inbound = true;
+ # If false, messages from local networks are not selected for signing
+ sign_local = false;
+ # Symbol to add when message is signed
+ symbol_sign = "ARC_SIGNED";
+ # Whether to fallback to global config
+ try_fallback = true;
+ # Domain to use for ARC signing: can be "header", "envelope" or "recipient"
+ use_domain = "recipient";
+ # Whether to normalise domains to eSLD
+ use_esld = true;
+ # Whether to get keys from Redis
+ use_redis = false;
+ # Hash for ARC keys in Redis
+ key_prefix = "ARC_KEYS";
+
+ # Domain specific settings
+ #domain {
+ # example.com {
+ # # Private key path
+ # path = "${DBDIR}/arc/example.key";
+ # # Selector
+ # selector = "ds";
+ # }
+ #}
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/arc.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/arc.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/arc.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/asn.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/asn.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/asn.html
+
+asn {
+ # Provider: just "rspamd" for now
+ provider_type = "rspamd";
+ # Provider-specific configuration
+ provider_info {
+ ip4 = "asn.rspamd.com";
+ ip6 = "asn6.rspamd.com";
+ }
+ # If defined, insert symbol with lookup results
+ # symbol = "ASN";
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/asn.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/asn.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/asn.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/asn.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/asn.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/asn.html
+
+aws_s3 {
+ # Required attributes
+ #s3_bucket = 'xxx';
+ s3_region = 'us-east-1';
+ s3_host = 's3.amazonaws.com';
+ #s3_secret_key = 'xxx';
+ #s3_key_id = 'xxx';
+ # Enable in local.d/aws_s3.conf
+ enabled = false;
+ .include(try=true,priority=5) "${DBDIR}/dynamic/aws_s3.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/aws_s3.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/aws_s3.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/asn.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/asn.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/asn.html
+
+bimi {
+ # Required attributes
+ #helper_url = "http://127.0.0.1:3030",
+ helper_timeout = 5s;
+ helper_sync = true;
+ vmc_only = true;
+ redis_prefix = 'rs_bimi';
+ redis_min_expiry = 24h;
+
+ # Enable in local.d/bimi.conf
+ enabled = false;
+ .include(try=true,priority=5) "${DBDIR}/dynamic/bimi.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/bimi.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/bimi.conf"
+}
\ No newline at end of file
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/chartable.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/chartable.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/chartable.html
+
+chartable {
+ threshold = 0.300000;
+ symbol = "R_MIXED_CHARSET";
+ .include(try=true,priority=5) "${DBDIR}/dynamic/chartable.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/chartable.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/chartable.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/clickhouse.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/clickhouse.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/clickhouse.html
+
+
+clickhouse {
+ # Push update when 1000 records are collected (1000 if unset)
+ limit = 1000;
+ # IP:port of Clickhouse server
+ # server = "localhost:8123";
+ # Timeout to wait for response (5 seconds if unset)
+ timeout = 5;
+ # How many bits of sending IP to mask in logs for IPv4 (19 if unset)
+ ipmask = 19;
+ # How many bits of sending IP to mask in logs for IPv6 (48 if unset)
+ ipmask6 = 48;
+ # Record URL paths? (default false)
+ full_urls = false;
+ # This parameter points to a map of domain names
+ # If a message has a domain in this map in From: header and DKIM signature,
+ # record general metadata in a table named after the domain
+ #from_tables = "/etc/rspamd/clickhouse_from.map";
+ # These are symbols of other checks in Rspamd
+ # Set these if you use non-default symbol names (unlikely)
+ #bayes_spam_symbols = ["BAYES_SPAM"];
+ #bayes_ham_symbols = ["BAYES_HAM"];
+ #fann_symbols = ["FANN_SCORE"];
+ #fuzzy_symbols = ["FUZZY_DENIED"];
+ #whitelist_symbols = ["WHITELIST_DKIM", "WHITELIST_SPF_DKIM", "WHITELIST_DMARC"];
+ #dkim_allow_symbols = ["R_DKIM_ALLOW"];
+ #dkim_reject_symbols = ["R_DKIM_REJECT"];
+ #dmarc_allow_symbols = ["DMARC_POLICY_ALLOW"];
+ #dmarc_reject_symbols = ["DMARC_POLICY_REJECT", "DMARC_POLICY_QUARANTINE"];
+
+ #retention {
+ # # disabled by default
+ # enable = true;
+ # # drop | detach, please refer to ClickHouse docs for details
+ # # http://clickhouse-docs.readthedocs.io/en/latest/query_language/queries.html#manipulations-with-partitions-and-parts
+ # method = "drop";
+ # # how many month the data should be kept in ClickHouse
+ # period_months = 3;
+ # # how often run the cleanup process
+ # run_every = "7d";
+ #}
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/clickhouse.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/clickhouse.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/clickhouse.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/dcc.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/dcc.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/dcc.html
+
+dcc {
+
+ enabled = false;
+
+ # Define local socket or TCP servers in upstreams syntax
+ # When sockets and servers are definined - servers is used!
+ socket = "/var/dcc/dccifd"; # Unix socket
+ #servers = "127.0.0.1:10045" # OR TCP upstreams
+ timeout = 2s; # Timeout to wait for checks
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/dcc.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/dcc.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/dcc.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/dkim.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/dkim.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/dkim.html
+
+dkim {
+ dkim_cache_size = 2k;
+ dkim_cache_expire = 1d;
+ time_jitter = 6h;
+ trusted_only = false;
+ skip_multi = false;
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/dkim.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/dkim.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/dkim.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/dkim_signing.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/dkim_signing.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+
+
+# To configure this module, please also check the following document:
+# https://rspamd.com/doc/tutorials/scanning_outbound.html and
+# https://rspamd.com/doc/modules/dkim_signing.html
+
+# To enable this module define the following attributes:
+# path = "/var/lib/rspamd/dkim/$domain.$selector.key";
+# OR
+# domain { ... }, if you use per-domain conf
+# OR
+# set `use_redis=true;` and define redis servers
+
+dkim_signing {
+ # If false, messages with empty envelope from are not signed
+ allow_envfrom_empty = true;
+ # If true, envelope/header domain mismatch is ignored
+ allow_hdrfrom_mismatch = false;
+ # If true, multiple from headers are allowed (but only first is used)
+ allow_hdrfrom_multiple = false;
+ # If true, username does not need to contain matching domain
+ allow_username_mismatch = false;
+ # Default path to key, can include '$domain' and '$selector' variables
+ #path = "/var/lib/rspamd/dkim/$domain.$selector.key";
+ # Default selector to use
+ selector = "dkim";
+ # If false, messages from authenticated users are not selected for signing
+ sign_authenticated = true;
+ # If false, messages from local networks are not selected for signing
+ sign_local = true;
+ # Symbol to add when message is signed
+ symbol = "DKIM_SIGNED";
+ # Whether to fallback to global config
+ try_fallback = true;
+ # Domain to use for DKIM signing: can be "header" or "envelope"
+ use_domain = "header";
+ # Whether to normalise domains to eSLD
+ use_esld = true;
+ # Whether to get keys from Redis
+ use_redis = false;
+ # Hash for DKIM keys in Redis
+ key_prefix = "DKIM_KEYS";
+
+ # Domain specific settings
+ #domain {
+ # example.com {
+ # selectors [
+ # { # Private key path
+ # path = "/var/lib/rspamd/dkim/example.key";
+ # # Selector
+ # selector = "ds";
+ # },
+ # { # multiple dkim signature
+ # path = "/var/lib/rspamd/dkim/eddsa.key";
+ # selector = "eddsa";
+ # }
+ # ]
+ # }
+ #}
+
+
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/dkim_signing.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/dkim_signing.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/dkim_signing.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/dmarc.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/dmarc.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/dmarc.html
+
+dmarc {
+ .include(try=true,priority=5) "${DBDIR}/dynamic/dmarc.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/dmarc.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/dmarc.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/elastic.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/elastic.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/elastic.html
+
+elastic {
+ # Push update when 10 records are collected (10 if unset)
+ limit = 10;
+ # IP:port of Elasticsearch server
+ #server = "localhost:9200";
+ # Timeout to wait for response (5 seconds if unset)
+ timeout = 5;
+ # Elasticsearch template file (json format)
+ #template_file = "${SHAREDIR}/elastic/rspamd_template.json";
+ # Kibana prebuild visualizations and dashboard template (json format)
+ #kibana_file = "${SHAREDIR}/elastic/kibana.json";
+ # Elasticsearch index name pattern
+ index_pattern = "rspamd-%Y.%m.%d";
+ # Dump debug information
+ debug = false;
+ # Import kibana template
+ import_kibana = false;
+ .include(try=true,priority=5) "${DBDIR}/dynamic/elastic.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/elastic.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/elastic.conf"
+}
--- /dev/null
+# Deprecated, preserved for compatibility purposes! Use rbl module
+# Module documentation https://rspamd.com/doc/modules/rbl.html
+
+emails {
+ .include(try=true,priority=5) "${DBDIR}/dynamic/emails.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/emails.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/emails.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/external_relay.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/external_relay.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/external_relay.html
+
+external_relay {
+ # This module is default-disabled
+ enabled = false;
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/external_relay.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/external_relay.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/external_relay.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/external_services.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/external_services.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/external_services.html
+
+external_services {
+ oletools {
+ # If set force this action if any virus is found (default unset: no action is forced)
+ # action = "reject";
+ # If set, then rejection message is set to this value (mention single quotes)
+ # If `max_size` is set, messages > n bytes in size are not scanned
+ # max_size = 20000000;
+ # log_clean = true;
+ # servers = "127.0.0.1:10050";
+ # cache_expire = 86400;
+ # scan_mime_parts = true;
+ # extended = false;
+ # if `patterns` is specified virus name will be matched against provided regexes and the related
+ # symbol will be yielded if a match is found. If no match is found, default symbol is yielded.
+ patterns {
+ # symbol_name = "pattern";
+ }
+ # mime-part regex matching in content-type or filename
+ mime_parts_filter_regex {
+ #GEN1 = "application\/octet-stream";
+ DOC2 = "application\/msword";
+ DOC3 = "application\/vnd\.ms-word.*";
+ XLS = "application\/vnd\.ms-excel.*";
+ PPT = "application\/vnd\.ms-powerpoint.*";
+ GEN2 = "application\/vnd\.openxmlformats-officedocument.*";
+ }
+ # Mime-Part filename extension matching (no regex)
+ mime_parts_filter_ext {
+ doc = "doc";
+ dot = "dot";
+ docx = "docx";
+ dotx = "dotx";
+ docm = "docm";
+ dotm = "dotm";
+ xls = "xls";
+ xlt = "xlt";
+ xla = "xla";
+ xlsx = "xlsx";
+ xltx = "xltx";
+ xlsm = "xlsm";
+ xltm = "xltm";
+ xlam = "xlam";
+ xlsb = "xlsb";
+ ppt = "ppt";
+ pot = "pot";
+ pps = "pps";
+ ppa = "ppa";
+ pptx = "pptx";
+ potx = "potx";
+ ppsx = "ppsx";
+ ppam = "ppam";
+ pptm = "pptm";
+ potm = "potm";
+ ppsm = "ppsm";
+ }
+ # `whitelist` points to a map of IP addresses. Mail from these addresses is not scanned.
+ whitelist = "/etc/rspamd/antivirus.wl";
+ }
+ dcc {
+ # If set force this action if any virus is found (default unset: no action is forced)
+ # action = "reject";
+ # If set, then rejection message is set to this value (mention single quotes)
+ # If `max_size` is set, messages > n bytes in size are not scanned
+ max_size = 20000000;
+ #servers = "127.0.0.1:10045";
+ # if `patterns` is specified virus name will be matched against provided regexes and the related
+ # symbol will be yielded if a match is found. If no match is found, default symbol is yielded.
+ patterns {
+ # symbol_name = "pattern";
+ }
+ # `whitelist` points to a map of IP addresses. Mail from these addresses is not scanned.
+ whitelist = "/etc/rspamd/antivirus.wl";
+ }
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/external_services.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/external_services.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/external_services.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/force_actions.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/force_actions.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/force_actions.html
+
+force_actions {
+
+ # Refer to https://rspamd.com/doc/modules/force_actions.html for information on configuration
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/force_actions.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/force_actions.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/force_actions.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/forged_recipients.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/forged_recipients.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/forged_recipients.html
+
+forged_recipients {
+ symbol_sender = "FORGED_SENDER";
+ symbol_rcpt = "FORGED_RECIPIENTS";
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/forged_recipients.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/forged_recipients.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/forged_recipients.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/fuzzy_check.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/fuzzy_check.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/fuzzy_check.html
+
+fuzzy_check {
+ min_bytes = 1k; # Since small parts and small attachments causes too many FP
+ timeout = 2s;
+ retransmits = 1;
+ rule "rspamd.com" {
+ algorithm = "mumhash";
+ servers = "round-robin:fuzzy1.rspamd.com:11335,fuzzy2.rspamd.com:11335";
+ encryption_key = "icy63itbhhni8bq15ntp5n5symuixf73s1kpjh6skaq4e7nx5fiy";
+ symbol = "FUZZY_UNKNOWN";
+ mime_types = ["*"];
+ max_score = 20.0;
+ read_only = yes;
+ skip_unknown = yes;
+ short_text_direct_hash = true; # If less than min_length then use direct hash
+ min_length = 64; # Minimum words count to consider shingles
+ fuzzy_map = {
+ FUZZY_DENIED {
+ max_score = 20.0;
+ flag = 1;
+ }
+ FUZZY_PROB {
+ max_score = 10.0;
+ flag = 2;
+ }
+ FUZZY_WHITE {
+ max_score = 2.0;
+ flag = 3;
+ }
+ }
+ }
+ # Include dynamic conf for the rule
+ .include(try=true,priority=5) "${DBDIR}/dynamic/fuzzy_check.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/fuzzy_check.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/fuzzy_check.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/greylist.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/greylist.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/greylisting.html
+
+greylist {
+ # Search "example.com" and "mail.example.com" for "mx.out.mail.example.com":
+ whitelist_domains_url = [
+ "$LOCAL_CONFDIR/local.d/greylist-whitelist-domains.inc",
+ "$LOCAL_CONFDIR/local.d/maps.d/greylist-whitelist-domains.inc",
+ ];
+
+ expire = 1d; # 1 day by default
+ timeout = 5min; # 5 minutes by default
+ key_prefix = "rg"; # default hash name
+ max_data_len = 10k; # default data limit to hash
+ message = "Try again later"; # default greylisted message
+ #symbol = "GREYLIST"; # Symbol to insert
+ action = "soft reject"; # default greylisted action
+ ipv4_mask = 19; # Mask bits for ipv4
+ ipv6_mask = 64; # Mask bits for ipv6
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/greylist.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/greylist.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/greylist.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/hfilter.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/hfilter.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/hfilter.html
+
+hfilter {
+ helo_enabled = true;
+ hostname_enabled = true;
+ url_enabled = true;
+ from_enabled = true;
+ rcpt_enabled = true;
+ mid_enabled = false;
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/hfilter.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/hfilter.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/hfilter.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/history_redis.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/history_redis.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/history_redis.html
+
+history_redis {
+ #servers = 127.0.0.1:6379; # Redis server to store history
+ key_prefix = "rs_history"; # Default key name
+ nrows = 200; # Default rows limit
+ compress = true; # Use zstd compression when storing data in redis
+ subject_privacy = false; # subject privacy is off
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/history_redis.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/history_redis.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/history_redis.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/http_headers.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/http_headers.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/http_headers.html
+
+http_headers {
+ # This module is default-disabled
+ enabled = false;
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/http_headers.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/http_headers.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/http_headers.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/maillist.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/maillist.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/maillist.html
+
+maillist {
+ symbol = "MAILLIST";
+ .include(try=true,priority=5) "${DBDIR}/dynamic/maillist.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/maillist.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/maillist.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/metadata_exporter.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/metadata_exporter.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/metadata_exporter.html
+
+metadata_exporter {
+
+ # Refer to https://rspamd.com/doc/modules/metadata_exporter.html for information on configuration
+ rules {
+ }
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/metadata_exporter.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/metadata_exporter.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/metadata_exporter.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/metric_exporter.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/metric_exporter.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/metric_exporter.html
+metric_exporter {
+
+ # Refer to https://rspamd.com/doc/modules/metric_exporter.html for information on configuration
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/metric_exporter.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/metric_exporter.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/metric_exporter.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/mid.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/mid.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/mid.html
+
+mid = {
+ source = {
+ url = [
+ "https://maps.rspamd.com/rspamd/mid.inc.zst",
+ "$LOCAL_CONFDIR/local.d/maps.d/mid.inc",
+ "$LOCAL_CONFDIR/local.d/mid.inc",
+ "fallback+file://${CONFDIR}/maps.d/mid.inc"
+ ];
+ }
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/mid.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/mid.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/mid.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/milter_headers.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/milter_headers.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/milter_headers.html
+
+milter_headers {
+
+ # Refer to https://rspamd.com/doc/modules/milter_headers.html for information on configuration
+
+ use = [];
+
+ # Compatibility
+ .include(try=true,priority=5) "${DBDIR}/dynamic/rmilter_headers.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/rmilter_headers.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/rmilter_headers.conf"
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/milter_headers.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/milter_headers.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/milter_headers.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/mime_types.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/mime_types.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/mime_types.html
+
+mime_types {
+ file = [
+ "https://maps.rspamd.com/rspamd/mime_types.inc.zst",
+ "$LOCAL_CONFDIR/local.d/maps.d/mime_types.inc.local",
+ "${DBDIR}/mime_types.inc.local",
+ "fallback+file://${CONFDIR}/maps.d/mime_types.inc"
+ ]
+
+ # Match specific extensions to specific content types
+ extension_map = {
+ html = "text/html";
+ txt = [
+ "message/disposition-notification",
+ "text/plain",
+ "text/rfc822-headers"
+ ];
+ pdf = [
+ "application/octet-stream",
+ "application/pdf",
+ "application/x-pdf"
+ ];
+ }
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/mime_types.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/mime_types.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/mime_types.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/multimap.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/multimap.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/multimap.html
+
+multimap {
+ # Freemail Addresses
+ freemail_envfrom {
+ type = "from";
+ filter = "email:domain";
+ map = "https://maps.rspamd.com/freemail/free.txt.zst";
+ symbol = "FREEMAIL_ENVFROM";
+ description = "Envelope From is a Freemail address";
+ score = 0.0;
+ }
+
+ freemail_envrcpt {
+ type = "rcpt";
+ filter = "email:domain";
+ map = "https://maps.rspamd.com/freemail/free.txt.zst";
+ symbol = "FREEMAIL_ENVRCPT";
+ description = "Envelope Recipient is a Freemail address";
+ score = 0.0;
+ }
+
+ freemail_from {
+ type = "header";
+ header = "from";
+ filter = "email:domain";
+ map = "https://maps.rspamd.com/freemail/free.txt.zst";
+ symbol = "FREEMAIL_FROM";
+ description = "From is a Freemail address";
+ score = 0.0;
+ }
+
+ freemail_to {
+ type = "header";
+ header = "To";
+ filter = "email:domain";
+ map = "https://maps.rspamd.com/freemail/free.txt.zst";
+ symbol = "FREEMAIL_TO";
+ description = "To is a Freemail address";
+ score = 0.0;
+ }
+
+ freemail_cc {
+ type = "header";
+ header = "Cc";
+ filter = "email:domain";
+ map = "https://maps.rspamd.com/freemail/free.txt.zst";
+ symbol = "FREEMAIL_CC";
+ description = "To is a Freemail address";
+ score = 0.0;
+ }
+
+ freemail_replyto {
+ type = "header";
+ header = "Reply-To";
+ filter = "email:domain";
+ map = "https://maps.rspamd.com/freemail/free.txt.zst";
+ symbol = "FREEMAIL_REPLYTO";
+ description = "Reply-To is a Freemail address";
+ score = 0.0;
+ }
+
+ # Disposable Addresses
+ disposable_envfrom {
+ type = "from";
+ filter = "email:domain";
+ map = "https://maps.rspamd.com/freemail/disposable.txt.zst";
+ symbol = "DISPOSABLE_ENVFROM";
+ description = "Envelope From is a Disposable e-mail address";
+ score = 0.0;
+ }
+
+ disposable_envrcpt {
+ type = "rcpt";
+ filter = "email:domain";
+ map = "https://maps.rspamd.com/freemail/disposable.txt.zst";
+ symbol = "DISPOSABLE_ENVRCPT";
+ description = "Envelope Recipient is a Disposable e-mail address";
+ score = 0.0;
+ }
+
+ disposable_from {
+ type = "header";
+ header = "from";
+ filter = "email:domain";
+ map = "https://maps.rspamd.com/freemail/disposable.txt.zst";
+ symbol = "DISPOSABLE_FROM";
+ description = "From a Disposable e-mail address";
+ score = 0.0;
+ }
+
+ disposable_to {
+ type = "header";
+ header = "To";
+ filter = "email:domain";
+ map = "https://maps.rspamd.com/freemail/disposable.txt.zst";
+ symbol = "DISPOSABLE_TO";
+ description = "To a disposable e-mail address";
+ score = 0.0;
+ }
+
+ disposable_cc {
+ type = "header";
+ header = "Cc";
+ filter = "email:domain";
+ map = "https://maps.rspamd.com/freemail/disposable.txt.zst";
+ symbol = "DISPOSABLE_CC";
+ description = "To a disposable e-mail address";
+ score = 0.0;
+ }
+
+ disposable_replyto {
+ type = "header";
+ header = "Reply-To";
+ filter = "email:domain";
+ map = "https://maps.rspamd.com/freemail/disposable.txt.zst";
+ symbol = "DISPOSABLE_REPLYTO";
+ description = "Reply-To a disposable e-mail address";
+ score = 0.0;
+ }
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/multimap.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/multimap.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/multimap.conf"
+}
+
+/* Example setup
+sender_from_whitelist_user {
+ type = "from";
+ filter = "email:user";
+ map = "file:///tmp/from.map";
+ symbol = "SENDER_FROM_WHITELIST_USER";
+ action = "accept"; # Prefilter mode
+}
+sender_from_regexp {
+ type = "header";
+ header = "from";
+ filter = 'regexp:/.*@/';
+ map = "file:///tmp/from_re.map";
+ symbol = "SENDER_FROM_REGEXP";
+}
+url_map {
+ type = "url";
+ filter = "tld";
+ map = "file:///tmp/url.map";
+ symbol = "URL_MAP";
+}
+url_tld_re {
+ type = "url";
+ filter = 'tld:regexp:/\.[^.]+$/'; # Extracts the last component of URL
+ map = "file:///tmp/url.map";
+ symbol = "URL_MAP_RE";
+}
+*/
+
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/mx_check.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/mx_check.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/mx_check.html
+
+# This module is *DISABLED* by default
+# If you need to enable it, then define the following line in
+# local.d/mx_check.conf:
+#
+# enabled = true;
+#
+# You also need to define redis servers for this module
+
+mx_check {
+ # connection timeout in seconds
+ timeout = 1.0;
+ # symbol yielded if no MX is connectable
+ symbol_bad_mx = "MX_INVALID";
+ # symbol yielded if no MX is found
+ symbol_no_mx = "MX_MISSING";
+ # symbol yielded if MX is connectable
+ symbol_good_mx = "MX_GOOD";
+ # lifetime of redis cache - 1 day by default
+ expire = 86400;
+ # prefix used for redis key
+ key_prefix = "rmx";
+
+ # !!! Disabled by default !!!
+ enabled = false;
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/mx_check.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/mx_check.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/mx_check.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/neural.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/neural.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/neural.html
+
+neural {
+ #servers = 127.0.0.1:6379; # Redis server to store learning data and ANN
+
+ train {
+ max_trains = 1k; # Number of trains per epoch
+ max_usages = 20; # Number of learn iterations while ANN data is valid
+ learning_rate = 0.01; # Rate of learning (Torch only)
+ max_iterations = 25; # Maximum iterations of learning (Torch only)
+ }
+
+ timeout = 20; # Increase redis timeout
+
+ # Legacy support
+ .include(try=true,priority=5) "${DBDIR}/dynamic/fann_redis.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/fann_redis.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/fann_redis.conf"
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/neural.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/neural.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/neural.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/once_received.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/once_received.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/once_received.html
+
+once_received {
+ good_host = "mail";
+ bad_host = "static";
+ bad_host = "dynamic";
+ symbol_strict = "ONCE_RECEIVED_STRICT";
+ symbol = "ONCE_RECEIVED";
+ symbol_mx = "DIRECT_TO_MX";
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/once_received.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/once_received.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/once_received.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/p0f.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/p0f.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/p0f.html
+
+p0f {
+ # Disable module by default
+ enabled = false;
+
+ # Path to the unix socket that p0f listens on
+ socket = '/var/run/p0f.sock';
+
+ # Connection timeout
+ timeout = 5s;
+
+ # If defined, insert symbol with lookup results
+ symbol = 'P0F';
+
+ # Patterns to match against results returned by p0f
+ # Symbol will be yielded on OS string, link type or distance matches
+ patterns = {
+ WINDOWS = '^Windows.*';
+ #DSL = '^DSL$';
+ #DISTANCE10 = '^distance:10$';
+ }
+
+ # Cache lifetime in seconds (default - 2 hours)
+ expire = 7200;
+
+ # Cache key prefix
+ prefix = 'p0f';
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/p0f.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/p0f.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/p0f.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/phishing.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/phishing.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/phishing.html
+
+phishing {
+ symbol = "PHISHING";
+ # Disabled by default
+ openphish_enabled = false;
+ openphish_premium = false;
+ openphish_map = "https://www.openphish.com/feed.txt";
+ # Phishtank is disabled by default in the module, so let's enable it here explicitly
+ phishtank_enabled = true;
+
+ # Make exclusions for known redirectors and domains
+ exceptions = {
+ REDIRECTOR_FALSE = [
+ "https://maps.rspamd.com/rspamd/redirectors.inc.zst",
+ "$LOCAL_CONFDIR/local.d/maps.d/redirectors.inc",
+ "$LOCAL_CONFDIR/local.d/redirectors.inc",
+ "fallback+file://${CONFDIR}/maps.d/redirectors.inc"
+ ];
+ PHISHED_WHITELISTED = [
+ "glob;https://maps.rspamd.com/rspamd/phishing_whitelist.inc.zst",
+ "glob;$LOCAL_CONFDIR/local.d/maps.d/phishing_whitelist.inc",
+ "glob;$LOCAL_CONFDIR/local.d/phishing_whitelist.inc",
+ ];
+ };
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/phishing.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/phishing.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/phishing.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/ratelimit.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/ratelimit.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/ratelimit.html
+
+ratelimit {
+ #rates {
+ # Predefined ratelimit
+ #to = {
+ # bucket = {
+ # burst = 100;
+ # rate = 0.01666666666666666666; # leak 1 message per minute
+ # }
+ #}
+ # or define it with selector
+ #other_limit_alt = {
+ # selector = 'rcpts:addr.take_n(5)';
+ # bucket = {
+ # burst = 100;
+ # rate = "1 / 1m"; # leak 1 message per minute
+ # }
+ #}
+ #}
+ # If symbol is specified, then it is inserted *instead* of setting result to soft reject
+ #symbol = "R_RATELIMIT";
+
+ # If info_symbol is specified, then it is inserted next to set the result
+ #info_symbol = "R_RATELIMIT_INFO";
+
+ whitelisted_rcpts = "postmaster,mailer-daemon";
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/ratelimit.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/ratelimit.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/ratelimit.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/rbl.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/rbl.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/rbl.html
+
+rbl {
+ default_exclude_users = true;
+ default_unknown = true;
+
+ url_whitelist = [
+ "https://maps.rspamd.com/rspamd/surbl-whitelist.inc.zst",
+ "$LOCAL_CONFDIR/local.d/maps.d/surbl-whitelist.inc.local",
+ "${DBDIR}/surbl-whitelist.inc.local",
+ "fallback+file://${CONFDIR}/maps.d/surbl-whitelist.inc"
+ ];
+
+ rbls {
+
+ spamhaus {
+ symbol = "SPAMHAUS"; # Augmented by prefixes
+ rbl = "zen.spamhaus.org";
+ # Check types
+ checks = ['received', 'from'];
+
+ symbols_prefixes = {
+ received = 'RECEIVED',
+ from = 'RBL',
+ }
+ returncodes {
+ SPAMHAUS_SBL = "127.0.0.2";
+ SPAMHAUS_CSS = "127.0.0.3";
+ SPAMHAUS_XBL = ["127.0.0.4", "127.0.0.5",
+ "127.0.0.6", "127.0.0.7"];
+ SPAMHAUS_PBL = ["127.0.0.10", "127.0.0.11"];
+ SPAMHAUS_DROP = "127.0.0.9";
+ SPAMHAUS_BLOCKED_OPENRESOLVER = "127.255.255.254";
+ SPAMHAUS_BLOCKED= "127.255.255.255";
+ }
+ }
+
+ mailspike {
+ symbol = "MAILSPIKE";
+ rbl = "rep.mailspike.net";
+ is_whitelist = true;
+ checks = ['from'];
+ whitelist_exception = "MAILSPIKE";
+ whitelist_exception = "RWL_MAILSPIKE_GOOD";
+ whitelist_exception = "RWL_MAILSPIKE_NEUTRAL";
+ whitelist_exception = "RWL_MAILSPIKE_POSSIBLE";
+ whitelist_exception = "RBL_MAILSPIKE_WORST";
+ whitelist_exception = "RBL_MAILSPIKE_VERYBAD";
+ whitelist_exception = "RBL_MAILSPIKE_BAD";
+ returncodes {
+ RBL_MAILSPIKE_WORST = "127.0.0.10";
+ RBL_MAILSPIKE_VERYBAD = "127.0.0.11";
+ RBL_MAILSPIKE_BAD = "127.0.0.12";
+ RWL_MAILSPIKE_NEUTRAL = ["127.0.0.16", "127.0.0.15", "127.0.0.14", "127.0.0.13"];
+ RWL_MAILSPIKE_POSSIBLE = "127.0.0.17";
+ RWL_MAILSPIKE_GOOD = "127.0.0.18";
+ RWL_MAILSPIKE_VERYGOOD = "127.0.0.19";
+ RWL_MAILSPIKE_EXCELLENT = "127.0.0.20";
+ }
+ }
+
+ senderscore {
+ symbol = "RBL_SENDERSCORE";
+ checks = ['from'];
+ rbl = "bl.score.senderscore.com";
+ }
+
+ sem {
+ symbol = "RBL_SEM";
+ rbl = "bl.spameatingmonkey.net";
+ ipv6 = false;
+ checks = ['from'];
+ }
+
+ semIPv6 {
+ symbol = "RBL_SEM_IPV6";
+ rbl = "bl.ipv6.spameatingmonkey.net";
+ ipv4 = false;
+ ipv6 = true;
+ checks = ['from'];
+ }
+
+ dnswl {
+ symbol = "RCVD_IN_DNSWL";
+ rbl = "list.dnswl.org";
+ ipv6 = true;
+ checks = ['from', 'received'];
+ is_whitelist = true;
+ whitelist_exception = "RCVD_IN_DNSWL";
+ whitelist_exception = "RCVD_IN_DNSWL_NONE";
+ whitelist_exception = "RCVD_IN_DNSWL_LOW";
+ whitelist_exception = "DNSWL_BLOCKED";
+ returncodes {
+ RCVD_IN_DNSWL_NONE = "127.0.%d+.0";
+ RCVD_IN_DNSWL_LOW = "127.0.%d+.1";
+ RCVD_IN_DNSWL_MED = "127.0.%d+.2";
+ RCVD_IN_DNSWL_HI = "127.0.%d+.3";
+ DNSWL_BLOCKED = "127.0.0.255";
+ }
+ }
+
+ # Provided by https://virusfree.cz
+ virusfree {
+ symbol = "RBL_VIRUSFREE_UNKNOWN";
+ rbl = "bip.virusfree.cz";
+ ipv6 = true;
+ checks = ['from'];
+ returncodes {
+ RBL_VIRUSFREE_BOTNET = "127.0.0.2";
+ }
+ }
+
+ nixspam {
+ symbol = "RBL_NIXSPAM";
+ rbl = "ix.dnsbl.manitu.net";
+ ipv6 = true;
+ checks = ['from'];
+ }
+
+ blocklistde {
+ symbols_prefixes = {
+ received = 'RECEIVED',
+ from = 'RBL',
+ }
+ symbol = "BLOCKLISTDE";
+ rbl = "bl.blocklist.de";
+ checks = ['from', 'received'];
+ }
+
+ # Dkim whitelist
+ dnswl_dwl {
+ symbol = "DWL_DNSWL";
+ rbl = "dwl.dnswl.org";
+ checks = ['dkim'];
+ ignore_whitelist = true;
+ unknown = false;
+
+ returncodes {
+ DWL_DNSWL_NONE = "127.0.%d+.0";
+ DWL_DNSWL_LOW = "127.0.%d+.1";
+ DWL_DNSWL_MED = "127.0.%d+.2";
+ DWL_DNSWL_HI = "127.0.%d+.3";
+ DWL_DNSWL_BLOCKED = "127.0.0.255";
+ }
+ }
+
+ RSPAMD_EMAILBL {
+ ignore_whitelist = true;
+ ignore_defaults = true;
+ exclude_users = false;
+ emails_delimiter = ".";
+ hash_format = "base32";
+ hash_len = 32;
+ rbl = "email.rspamd.com";
+ checks = ['emails', 'replyto'];
+ hash = "blake2";
+ returncodes = {
+ RSPAMD_EMAILBL = "127.0.0.2";
+ }
+ }
+ MSBL_EBL {
+ ignore_whitelist = true;
+ ignore_defaults = true;
+ exclude_users = false;
+ rbl = "ebl.msbl.org";
+ checks = ['emails', 'replyto'];
+ emails_domainonly = false;
+ hash = "sha1";
+ returncodes = {
+ MSBL_EBL = [
+ "127.0.0.2",
+ "127.0.0.3"
+ ];
+ MSBL_EBL_GREY = [
+ "127.0.1.2",
+ "127.0.1.3"
+ ];
+ }
+ }
+ # Old SURBL module
+ "SURBL_MULTI" {
+ ignore_defaults = true;
+ rbl = "multi.surbl.org";
+ checks = ['emails', 'dkim', 'helo', 'rdns', 'replyto', 'urls'];
+ emails_domainonly = true;
+ exclude_users = false;
+
+ returnbits = {
+ CRACKED_SURBL = 128; # From February 2016
+ ABUSE_SURBL = 64;
+ MW_SURBL_MULTI = 16;
+ PH_SURBL_MULTI = 8;
+ SURBL_BLOCKED = 1;
+ }
+ }
+
+ "URIBL_MULTI" {
+ ignore_defaults = true;
+ rbl = "multi.uribl.com";
+ checks = ['emails', 'dkim', 'helo', 'rdns', 'replyto', 'urls'];
+ emails_domainonly = true;
+ exclude_users = false;
+
+ returnbits {
+ URIBL_BLOCKED = 1;
+ URIBL_BLACK = 2;
+ URIBL_GREY = 4;
+ URIBL_RED = 8;
+ }
+ }
+
+ "RSPAMD_URIBL" {
+ ignore_defaults = true;
+ rbl = "uribl.rspamd.com";
+ checks = ['emails', 'dkim', 'urls'];
+ emails_domainonly = true;
+ hash = 'blake2';
+ hash_len = 32;
+ hash_format = 'base32';
+ exclude_users = false;
+
+ returncodes = {
+ RSPAMD_URIBL = [
+ "127.0.0.2",
+ ];
+ }
+ }
+
+ "DBL" {
+ ignore_defaults = true;
+ rbl = "dbl.spamhaus.org";
+ no_ip = true;
+ checks = ['emails', 'dkim', 'helo', 'rdns', 'replyto', 'urls'];
+ emails_domainonly = true;
+ exclude_users = false;
+
+ returncodes = {
+ # spam domain
+ DBL_SPAM = "127.0.1.2";
+ # phish domain
+ DBL_PHISH = "127.0.1.4";
+ # malware domain
+ DBL_MALWARE = "127.0.1.5";
+ # botnet C&C domain
+ DBL_BOTNET = "127.0.1.6";
+ # abused legit spam
+ DBL_ABUSE = "127.0.1.102";
+ # abused spammed redirector domain
+ DBL_ABUSE_REDIR = "127.0.1.103";
+ # abused legit phish
+ DBL_ABUSE_PHISH = "127.0.1.104";
+ # abused legit malware
+ DBL_ABUSE_MALWARE = "127.0.1.105";
+ # abused legit botnet C&C
+ DBL_ABUSE_BOTNET = "127.0.1.106";
+ # error - IP queries prohibited!
+ DBL_PROHIBIT = "127.0.1.255";
+ # issue #3074
+ DBL_BLOCKED_OPENRESOLVER = "127.255.255.254";
+ DBL_BLOCKED = "127.255.255.255";
+ }
+ }
+
+ # Not enabled by default due to privacy concerns! (see also groups.d/surbl_group.conf)
+ "SPAMHAUS_ZEN_URIBL" {
+ enabled = false;
+ rbl = "zen.spamhaus.org";
+ checks = ['emails'];
+ resolve_ip = true;
+ returncodes = {
+ URIBL_SBL = "127.0.0.2";
+ URIBL_SBL_CSS = "127.0.0.3";
+ URIBL_XBL = ["127.0.0.4", "127.0.0.5", "127.0.0.6", "127.0.0.7"];
+ URIBL_PBL = ["127.0.0.10", "127.0.0.11"];
+ URIBL_DROP = "127.0.0.9";
+ }
+ }
+
+ "SEM_URIBL_UNKNOWN" {
+ ignore_defaults = true;
+ rbl = "uribl.spameatingmonkey.net";
+ no_ip = true;
+ checks = ['emails', 'dkim', 'urls'];
+ emails_domainonly = true;
+ returnbits {
+ SEM_URIBL = 2;
+ }
+ }
+
+ "SEM_URIBL_FRESH15_UNKNOWN" {
+ ignore_defaults = true;
+ rbl = "fresh15.spameatingmonkey.net";
+ no_ip = true;
+ checks = ['emails', 'dkim', 'urls'];
+ emails_domainonly = true;
+ returnbits {
+ SEM_URIBL_FRESH15 = 2;
+ }
+ }
+
+ # Proved to be broken
+ #"RBL_SARBL_BAD" {
+ # suffix = "public.sarbl.org";
+ # noip = true;
+ # images = true;
+ #}
+ }
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/rbl.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/rbl.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/rbl.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/redis.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/redis.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# See https://rspamd.com/doc/configuration/redis.html
+
+redis {
+ #servers = "127.0.0.1"; # Read servers (unless write_servers are unspecified)
+ #servers = "master-slave:127.0.0.1,10.0.1.1";
+ #write_servers = "127.0.0.1"; # Servers to write data
+ #disabled_modules = ["ratelimit"]; # List of modules that should not use redis from this section
+ #timeout = 1s;
+ #db = "0";
+ #password = "some_password";
+ .include(try=true,priority=5) "${DBDIR}/dynamic/redis.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/redis.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/redis.conf"
+}
\ No newline at end of file
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/regexp.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/regexp.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/regexp.html
+
+regexp {
+ max_size = 1M;
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/regexp.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/regexp.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/regexp.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/replies.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/replies.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/replies.html
+
+replies {
+ # This setting is non-default & is required to be set
+ # Redis servers to use
+ #servers = "localhost";
+ # This setting is non-default & may be desirable
+ #action = "no action";
+ # These are default settings you may want to change
+ expire = 86400;
+ key_prefix = "rr";
+ message = "Message is reply to one we originated";
+ symbol = "REPLY";
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/replies.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/replies.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/replies.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/reputation.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/reputation.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/reputation.html
+
+reputation {
+# rules {
+# SPF_REPUTATION = {
+# selector {
+# type = "spf";
+# }
+# backend {
+# type = "redis";
+# }
+# symbol = "SPF_REPUTATION";
+# }
+# }
+ .include(try=true,priority=5) "${DBDIR}/dynamic/reputation.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/reputation.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/reputation.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/rspamd_update.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/rspamd_update.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/rspamd_update.html
+
+# This module is disabled by default, please don't enable it unless you know
+# what are you doing!
+
+rspamd_update {
+ rules = "sign+https://updates.rspamd.com/rspamd-${BRANCH_VERSION}.ucl";
+ key = "qxuogdh5eghytji1utkkte1dn3n81c3y5twe61uzoddzwqzuxxyb";
+ enabled = false; # Disable this module by default
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/rspamd_update.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/rspamd_update.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/rspamd_update.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/spamassassin.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/spamassassin.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/spamassassin.html
+
+spamassassin {
+ # This config defines no SA files leaving this module efficiently disabled by default
+ #ruleset = "/path/to/file";
+ # Limit search size to 100 kilobytes for all regular expressions
+ #match_limit = 100k;
+ # Those regexp atoms will not be passed through hyperscan:
+ #pcre_only = ["RULE1", "__RULE2"];
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/spamassassin.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/spamassassin.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/spamassassin.conf"
+}
\ No newline at end of file
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/spamtrap.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/spamtrap.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/spamtrap.html
+
+# This module is *DISABLED* by default
+# If you need to enable it, then define the following line in
+# local.d/spamtrap.conf:
+#
+# enabled = true;
+#
+# You also need to define redis servers for this module
+
+spamtrap {
+ # Optionally set an action
+ #action = "no action";
+ # A map file containing regexp entries for spamtrap emails and domains
+ #map = file://$LOCAL_CONFDIR/local.d/maps.d/spamtrap.map
+ # Name of the symbol
+ #symbol = "SPAMTRAP";
+ # A score for this module
+ #score = 0.0;
+ # Flag to enable fuzzy learning
+ learn_fuzzy = false;
+ # Flag to enable bayes spam learning
+ learn_spam = false;
+ # Fuzzy flag
+ #fuzzy_flag = 1;
+ # Fuzzy weight
+ #fuzzy_weight = 10.0;
+ # Redis key prefix
+ #key_prefix = 'sptr_';
+ # Skip spamtrap checks for authorized users
+ #check_authed = false;
+ # Skip spamtrap checks for local networks
+ #check_local = false;
+
+ # !!! Disabled by default !!!
+ enabled = false;
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/spamtrap.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/spamtrap.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/spamtrap.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/spf.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/spf.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/spf.html
+spf {
+ spf_cache_size = 2k;
+ spf_cache_expire = 1d;
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/spf.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/spf.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/spf.conf"
+
+}
--- /dev/null
+# Deprecated, use RBL module!
+surbl {
+ rules {
+ }
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/surbl.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/surbl.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/surbl.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/trie.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/trie.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/trie.html
+
+trie {
+ # Each subsection defines a single rule with associated symbol
+ # This config defines no tries leaving this module efficiently disabled by default
+# SYMBOL1 {
+# # Define rules in the file (it is *NOT* a map)
+# file = "/some/path";
+# # Raw rules search within the whole undecoded messages
+# raw = true;
+# # If we have multiple occurrences of strings from this rule
+# # then we insert a symbol multiple times
+# multi = true;
+# }
+# SYMBOL2 {
+# patterns = [
+# "pattern1",
+# "pattern2",
+# "pattern3"
+# ]
+# }
+ .include(try=true,priority=5) "${DBDIR}/dynamic/trie.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/trie.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/trie.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/url_redirector.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/url_redirector.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/url_redirector.html
+
+url_redirector {
+ expire = 1d; # 1 day by default
+ timeout = 10; # 10 seconds by default
+ nested_limit = 1; # How many redirects to follow
+ #proxy = "http://example.com:3128"; # Send request through proxy
+ key_prefix = "rdr:"; # default hash name
+ check_ssl = false; # check ssl certificates
+ max_size = 10k; # maximum body to process
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/url_redirector.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/url_redirector.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/url_redirector.conf"
+}
--- /dev/null
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/whitelist.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/whitelist.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation can be found at https://rspamd.com/doc/modules/whitelist.html
+
+whitelist {
+ rules {
+ "WHITELIST_SPF" = {
+ valid_spf = true;
+ domains = [
+ "$LOCAL_CONFDIR/local.d/maps.d/spf_whitelist.inc.local",
+ "${DBDIR}/spf_whitelist.inc.local",
+ "fallback+file://${CONFDIR}/maps.d/spf_whitelist.inc"
+ ];
+ score = -1.0
+ inverse_symbol = "BLACKLIST_SPF";
+ }
+
+ "WHITELIST_DKIM" = {
+ valid_dkim = true;
+ domains = [
+ "$LOCAL_CONFDIR/local.d/maps.d/dkim_whitelist.inc.local",
+ "${DBDIR}/dkim_whitelist.inc.local",
+ "fallback+file://${CONFDIR}/maps.d/dkim_whitelist.inc"
+ ];
+ score = -1.0;
+ inverse_symbol = "BLACKLIST_DKIM";
+ }
+ "WHITELIST_SPF_DKIM" = {
+ valid_spf = true;
+ valid_dkim = true;
+ domains = [
+ "https://maps.rspamd.com/rspamd/spf_dkim_whitelist.inc.zst",
+ "$LOCAL_CONFDIR/local.d/maps.d/spf_dkim_whitelist.inc.local",
+ "${DBDIR}/spf_dkim_whitelist.inc.local",
+ "fallback+file://${CONFDIR}/maps.d/spf_dkim_whitelist.inc"
+ ];
+ score = -3.0;
+ inverse_symbol = "BLACKLIST_SPF_DKIM";
+ }
+ "WHITELIST_DMARC" = {
+ valid_dmarc = true;
+ domains = [
+ "https://maps.rspamd.com/rspamd/dmarc_whitelist_new.inc.zst",
+ "$LOCAL_CONFDIR/local.d/maps.d/dmarc_whitelist.inc.local",
+ "${DBDIR}/dmarc_whitelist.inc.local",
+ "fallback+file://${CONFDIR}/maps.d/dmarc_whitelist.inc"
+ ];
+ score = -7.0;
+ inverse_symbol = "BLACKLIST_DMARC";
+ }
+ }
+
+ .include(try=true,priority=5) "${DBDIR}/dynamic/whitelist.conf"
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/whitelist.conf"
+ .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/whitelist.conf"
+}
--- /dev/null
+# Basic rspamd configuration
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/options.inc' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/options.inc' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Relevant documentation: https://rspamd.com/doc/configuration/options.html
+
+filters = "chartable,dkim,regexp,fuzzy_check";
+one_shot = false;
+cache_file = "$DBDIR/symbols.cache";
+# How often maps are checked (
+map_watch_interval = 5min;
+# Multiplier for watch interval for files
+map_file_watch_multiplier = 0.1;
+dynamic_conf = "$DBDIR/rspamd_dynamic";
+history_file = "$DBDIR/rspamd.history";
+check_all_filters = false;
+
+# Default settings
+dns_max_requests = 64;
+max_lua_urls = 1024;
+max_urls = 10240;
+max_recipients = 1024;
+
+dns {
+ timeout = 1s;
+ sockets = 16;
+ retransmits = 5;
+}
+tempdir = "/tmp";
+url_tld = "${SHAREDIR}/effective_tld_names.dat";
+classify_headers = [
+ "User-Agent",
+ "X-Mailer",
+ "Content-Type",
+ "X-MimeOLE",
+];
+
+control_socket = "$DBDIR/rspamd.sock mode=0600";
+history_rows = 200;
+explicit_modules = ["settings", "bayes_expiry"];
+
+# Scan messages even if they are not MIME
+allow_raw_input = true;
+
+# Start ignore words when reaching the following limit, so the total
+# amount of words processed will not be *LIKELY more than the twice of that limit
+words_decay = 600;
+
+# Write statistics about rspamd usage to the round-robin database
+rrd = "${DBDIR}/rspamd.rrd";
+
+# Write statistics for `rspamc` here
+stats_file = "${DBDIR}/stats.ucl";
+
+# Local networks
+local_addrs = [192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12, fd00::/8, 169.254.0.0/16, fe80::/10];
+hs_cache_dir = "${DBDIR}/";
+
+# Timeout for messages processing (must be larger than any internal timeout used)
+task_timeout = 8s;
+
+# Emit soft reject when timeout takes place
+soft_reject_on_timeout = false;
--- /dev/null
+# System V init adopted top level configuration
+
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
+# parameters defined on the top level
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
+# parameters defined on the top level
+#
+# For specific modules or configuration you can also modify
+# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
+# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
+#
+# See https://rspamd.com/doc/tutorials/writing_rules.html for details
+
+.include "$CONFDIR/common.conf"
+
+options {
+ pidfile = "$RUNDIR/rspamd.pid";
+ .include "$CONFDIR/options.inc"
+ .include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/options.inc"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/options.inc"
+}
+
+.include(try=true; duplicate=merge) "$CONFDIR/cgp.inc"
+.include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/cgp.inc"
+
+logging {
+ type = "file";
+ filename = "$LOGDIR/rspamd.log";
+ .include "$CONFDIR/logging.inc"
+ .include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/logging.inc"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/logging.inc"
+}
+
+worker "normal" {
+ bind_socket = "localhost:11333";
+ .include "$CONFDIR/worker-normal.inc"
+ .include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/worker-normal.inc"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/worker-normal.inc"
+}
+
+worker "controller" {
+ bind_socket = "localhost:11334";
+ .include "$CONFDIR/worker-controller.inc"
+ .include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/worker-controller.inc"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/worker-controller.inc"
+}
+
+worker "rspamd_proxy" {
+ bind_socket = "localhost:11332";
+ .include "$CONFDIR/worker-proxy.inc"
+ .include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/worker-proxy.inc"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/worker-proxy.inc"
+}
+
+# Local fuzzy storage is disabled by default
+
+worker "fuzzy" {
+ bind_socket = "localhost:11335";
+ count = -1; # Disable by default
+ .include "$CONFDIR/worker-fuzzy.inc"
+ .include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/worker-fuzzy.inc"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/worker-fuzzy.inc"
+}
--- /dev/null
+# Content matching rules
+#
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
+# parameters defined on the top level
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
+# parameters defined on the top level
+#
+# For specific modules or configuration you can also modify
+# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
+# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
+#
+# See https://rspamd.com/doc/tutorials/writing_rules.html for details
+
+description = "Content rules";
+
+symbols = {
+ "PDF_ENCRYPTED" {
+ weight = 0.3;
+ description = "There is an encrypted PDF in the message";
+ one_shot = true;
+ }
+ "PDF_JAVASCRIPT" {
+ weight = 0.1;
+ description = "There is an PDF with JavaScript in the message";
+ one_shot = true;
+ }
+ "PDF_SUSPICIOUS" {
+ weight = 4.5;
+ description = "There is an PDF with suspicious properties in the message";
+ one_shot = true;
+ }
+ "PDF_LONG_TRAILER" {
+ weight = 0.2;
+ description = "There is an PDF with a long trailer";
+ one_shot = true;
+ }
+ "PDF_MANY_OBJECTS" {
+ weight = 0;
+ description = "There is a PDF file with too many objects";
+ one_shot = true;
+ }
+ "PDF_TIMEOUT" {
+ weight = 0;
+ description = "There is a PDF file that caused timeout in processing";
+ one_shot = true;
+ }
+}
+
--- /dev/null
+# Fuzzy rules scores
+#
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
+# parameters defined on the top level
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
+# parameters defined on the top level
+#
+# For specific modules or configuration you can also modify
+# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
+# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
+#
+# See https://rspamd.com/doc/tutorials/writing_rules.html for details
+
+description = "Fuzzy hashes group";
+
+symbols = {
+ "FUZZY_UNKNOWN" {
+ weight = 5.0;
+ description = "Generic fuzzy hash match, bl.rspamd.com";
+ }
+ "FUZZY_DENIED" {
+ weight = 12.0;
+ description = "Denied fuzzy hash, bl.rspamd.com";
+ }
+ "FUZZY_PROB" {
+ weight = 5.0;
+ description = "Probable fuzzy hash, bl.rspamd.com";
+ }
+ "FUZZY_WHITE" {
+ weight = -2.1;
+ description = "Whitelisted fuzzy hash, bl.rspamd.com";
+ }
+}
\ No newline at end of file
--- /dev/null
+# Headers rules scores
+#
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
+# parameters defined on the top level
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
+# parameters defined on the top level
+#
+# For specific modules or configuration you can also modify
+# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
+# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
+#
+# See https://rspamd.com/doc/tutorials/writing_rules.html for details
+
+description = "Various headers checks";
+max_score = 8.0;
+
+symbols = {
+ "FORGED_SENDER" {
+ weight = 0.3;
+ description = "Sender is forged (different From: header and smtp MAIL FROM: addresses)";
+ }
+ "R_MIXED_CHARSET" {
+ weight = 5.0;
+ description = "Mixed characters in a message";
+ one_shot = true;
+ }
+ "R_MIXED_CHARSET_URL" {
+ weight = 7.0;
+ description = "Mixed characters in a URL inside message";
+ one_shot = true;
+ }
+ "FORGED_RECIPIENTS" {
+ weight = 2.0;
+ description = "Recipients are not the same as RCPT TO: mail command";
+ }
+ "FORGED_RECIPIENTS_MAILLIST" {
+ weight = 0.0;
+ description = "Recipients are not the same as RCPT TO: mail command, but a message from a maillist";
+ }
+ "FORGED_SENDER_MAILLIST" {
+ weight = 0.0;
+ description = "Sender is not the same as MAIL FROM: envelope, but a message is from a maillist";
+ }
+ "ONCE_RECEIVED" {
+ weight = 0.1;
+ description = "One received header in a message";
+ }
+ "RDNS_NONE" {
+ weight = 1.0;
+ description = "Cannot resolve reverse DNS for sender's IP";
+ }
+ "RDNS_DNSFAIL" {
+ weight = 0.0;
+ description = "PTR verification DNS error";
+ }
+ "ONCE_RECEIVED_STRICT" {
+ weight = 4.0;
+ description = "One received header with 'bad' patterns inside";
+ }
+ "DIRECT_TO_MX" {
+ weight = 0.0;
+ description = "Message has been directly delivered from MUA to local MX";
+ }
+ "MAILLIST" {
+ weight = -0.2;
+ description = "Message seems to be from maillist";
+ }
+ "BOUNCE" {
+ weight = -0.1;
+ description = "(Non) Delivery Status Notification";
+ }
+}
--- /dev/null
+# Host and connection rules scores
+#
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
+# parameters defined on the top level
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
+# parameters defined on the top level
+#
+# For specific modules or configuration you can also modify
+# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
+# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
+#
+# See https://rspamd.com/doc/tutorials/writing_rules.html for details
+
+description = "SMTP envelope filter";
+
+symbols = {
+ "HFILTER_HELO_BAREIP" {
+ weight = 3.0;
+ description = "Helo host is bare ip";
+ }
+ "HFILTER_HELO_BADIP" {
+ weight = 4.5;
+ description = "Helo host is very bad ip";
+ }
+ "HFILTER_HELO_1" {
+ weight = 0.5;
+ description = "Helo host checks (very low)";
+ }
+ "HFILTER_HELO_2" {
+ weight = 1.0;
+ description = "Helo host checks (low)";
+ }
+ "HFILTER_HELO_3" {
+ weight = 2.0;
+ description = "Helo host checks (medium)";
+ }
+ "HFILTER_HELO_4" {
+ weight = 2.5;
+ description = "Helo host checks (hard)";
+ }
+ "HFILTER_HELO_5" {
+ weight = 3.0;
+ description = "Helo host checks (very hard)";
+ }
+ "HFILTER_HOSTNAME_1" {
+ weight = 0.5;
+ description = "Hostname checks (very low)";
+ }
+ "HFILTER_HOSTNAME_2" {
+ weight = 1.0;
+ description = "Hostname checks (low)";
+ }
+ "HFILTER_HOSTNAME_3" {
+ weight = 2.0;
+ description = "Hostname checks (medium)";
+ }
+ "HFILTER_HOSTNAME_4" {
+ weight = 2.5;
+ description = "Hostname checks (hard)";
+ }
+ "HFILTER_HOSTNAME_5" {
+ weight = 3.0;
+ description = "Hostname checks (very hard)";
+ }
+ "HFILTER_HELO_NORESOLVE_MX" {
+ weight = 0.2;
+ description = "MX found in Helo and no resolve";
+ }
+ "HFILTER_HELO_NORES_A_OR_MX" {
+ weight = 0.3;
+ description = "Helo no resolve to A or MX";
+ }
+ "HFILTER_HELO_IP_A" {
+ weight = 1.0;
+ description = "Helo A IP != hostname IP";
+ }
+ "HFILTER_HELO_NOT_FQDN" {
+ weight = 2.0;
+ description = "Helo not FQDN";
+ }
+ "HFILTER_FROMHOST_NORESOLVE_MX" {
+ weight = 0.5;
+ description = "MX found in FROM host and no resolve";
+ }
+ "HFILTER_FROMHOST_NORES_A_OR_MX" {
+ weight = 1.5;
+ description = "FROM host no resolve to A or MX";
+ }
+ "HFILTER_FROMHOST_NOT_FQDN" {
+ weight = 3.0;
+ description = "FROM host not FQDN";
+ }
+ "HFILTER_FROM_BOUNCE" {
+ weight = 0.0;
+ description = "Bounce message";
+ }
+/*
+ # Disabled by default
+ "HFILTER_MID_NORESOLVE_MX" {
+ weight = 0.5;
+ description = "MX found in Message-id host and no resolve";
+ }
+ "HFILTER_MID_NORES_A_OR_MX" {
+ weight = 0.5;
+ name = ;
+ description = "Message-id host no resolve to A or MX";
+ }
+ "HFILTER_MID_NOT_FQDN" {
+ weight = 0.5;
+ description = "Message-id host not FQDN";
+ }
+*/
+ "HFILTER_HOSTNAME_UNKNOWN" {
+ weight = 2.5;
+ description = "Unknown client hostname (PTR or FCrDNS verification failed)";
+ }
+ "HFILTER_RCPT_BOUNCEMOREONE" {
+ weight = 1.5;
+ description = "Message from bounce and over 1 recipient";
+ }
+ "HFILTER_URL_ONLY" {
+ weight = 2.2;
+ description = "URL only in body";
+ }
+ "HFILTER_URL_ONELINE" {
+ weight = 2.5;
+ description = "One line URL and text in body";
+ }
+}
--- /dev/null
+# Mime types rules scores
+#
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
+# parameters defined on the top level
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
+# parameters defined on the top level
+#
+# For specific modules or configuration you can also modify
+# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
+# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
+#
+# See https://rspamd.com/doc/tutorials/writing_rules.html for details
+
+description = "Mime attachments rules";
+# Define some limit for this group
+max_score = 10.0;
+
+
+symbols = {
+ "MIME_GOOD" {
+ weight = -0.1;
+ description = "Known content-type";
+ one_shot = true;
+ }
+ "MIME_BAD" {
+ weight = 1.0;
+ description = "Known bad content-type";
+ one_shot = true;
+ }
+ "MIME_UNKNOWN" {
+ weight = 0.1;
+ description = "Missing or unknown content-type";
+ one_shot = true;
+ }
+ "MIME_BAD_ATTACHMENT" {
+ weight = 4.0;
+ description = "Invalid attachment mime type";
+ one_shot = true;
+ }
+ "MIME_ENCRYPTED_ARCHIVE" {
+ weight = 2.0;
+ description = "Encrypted archive in a message";
+ one_shot = true;
+ }
+ "MIME_OBFUSCATED_ARCHIVE" {
+ weight = 8.0;
+ description = "Archive has files with clear obfuscation signs";
+ one_shot = true;
+ }
+ "MIME_EXE_IN_GEN_SPLIT_RAR" {
+ weight = 5.0;
+ description = "EXE file in RAR archive with generic split extension (e.g. .001)";
+ one_shot = true;
+ }
+ "MIME_ARCHIVE_IN_ARCHIVE" {
+ weight = 5.0;
+ description = "Archive within another archive";
+ one_shot = true;
+ }
+ "MIME_DOUBLE_BAD_EXTENSION" {
+ weight = 3.0; # This rule has dynamic weight up to 4.0
+ description = "Bad extension cloaking";
+ one_shot = true;
+ }
+ "MIME_BAD_EXTENSION" {
+ weight = 2.0; # This rule has dynamic weight up to 4.0
+ description = "Bad extension";
+ one_shot = true;
+ }
+ "MIME_BAD_UNICODE" {
+ weight = 8.0;
+ description = "Filename with known obscured unicode characters";
+ one_shot = true;
+ }
+}
\ No newline at end of file
--- /dev/null
+# MUA rules scores
+#
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
+# parameters defined on the top level
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
+# parameters defined on the top level
+#
+# For specific modules or configuration you can also modify
+# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
+# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
+#
+# See https://rspamd.com/doc/tutorials/writing_rules.html for details
+
+description = "MUA forgeries";
+
+symbols = {
+ "FORGED_MUA_MAILLIST" {
+ weight = 0.0;
+ description = "Avoid false positives for FORGED_MUA_* in maillist";
+ }
+}
\ No newline at end of file
--- /dev/null
+# Phishing rules scores
+#
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
+# parameters defined on the top level
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
+# parameters defined on the top level
+#
+# For specific modules or configuration you can also modify
+# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
+# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
+#
+# See https://rspamd.com/doc/tutorials/writing_rules.html for details
+
+description = "Phishing in emails";
+
+max_score = 10.0;
+
+symbols = {
+ "PHISHING" {
+ weight = 4.0;
+ description = "Phished URL";
+ one_shot = true;
+ }
+ "PHISHED_OPENPHISH" {
+ weight = 7.0;
+ description = "Phished URL found in openphish.com";
+ }
+ "PHISHED_PHISHTANK" {
+ weight = 7.0;
+ description = "Phished URL found in phishtank.com";
+ }
+ HACKED_WP_PHISHING {
+ weight = 4.5;
+ description = "Phishing message from hacked wordpress";
+ }
+ REDIRECTOR_FALSE {
+ weight = 0.0;
+ description = "Phishing exclusion symbol for known redirectors";
+ }
+ PHISHED_WHITELISTED {
+ weight = 0.0;
+ description = "Phishing exclusion symbol for known exceptions";
+ }
+}
\ No newline at end of file
--- /dev/null
+# Policies rules scores, includes SPF, DKIM, DMARC and ARC symbols
+#
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
+# parameters defined on the top level
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
+# parameters defined on the top level
+#
+# For specific modules or configuration you can also modify
+# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
+# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
+#
+# See https://rspamd.com/doc/tutorials/writing_rules.html for details
+
+description = "SPF, DKIM, DMARC, ARC";
+
+symbols = {
+ # SPF
+ "R_SPF_FAIL" {
+ weight = 1.0;
+ description = "SPF verification failed";
+ groups = ["spf"];
+ }
+ "R_SPF_SOFTFAIL" {
+ weight = 0.0;
+ description = "SPF verification soft-failed";
+ groups = ["spf"];
+ }
+ "R_SPF_NEUTRAL" {
+ weight = 0.0;
+ description = "SPF policy is neutral";
+ groups = ["spf"];
+ }
+ "R_SPF_ALLOW" {
+ weight = -0.2;
+ description = "SPF verification allows sending";
+ groups = ["spf"];
+ }
+ "R_SPF_DNSFAIL" {
+ weight = 0.0;
+ description = "SPF DNS failure";
+ groups = ["spf"];
+ }
+ "R_SPF_NA" {
+ weight = 0.0;
+ description = "Missing SPF record";
+ one_shot = true;
+ groups = ["spf"];
+ }
+ "R_SPF_PERMFAIL" {
+ weight = 0.0;
+ description = "SPF record is malformed or persistent DNS error";
+ groups = ["spf"];
+ }
+
+ # DKIM
+ "R_DKIM_REJECT" {
+ weight = 1.0;
+ description = "DKIM verification failed";
+ one_shot = true;
+ groups = ["dkim"];
+ }
+ "R_DKIM_TEMPFAIL" {
+ weight = 0.0;
+ description = "DKIM verification soft-failed";
+ groups = ["dkim"];
+ }
+ "R_DKIM_PERMFAIL" {
+ weight = 0.0;
+ description = "DKIM verification hard-failed (invalid)";
+ groups = ["dkim"];
+ }
+ "R_DKIM_ALLOW" {
+ weight = -0.2;
+ description = "DKIM verification succeed";
+ one_shot = true;
+ groups = ["dkim"];
+ }
+ "R_DKIM_NA" {
+ weight = 0.0;
+ description = "Missing DKIM signature";
+ one_shot = true;
+ groups = ["dkim"];
+ }
+
+ # DMARC
+ "DMARC_POLICY_ALLOW" {
+ weight = -0.5;
+ description = "DMARC permit policy";
+ groups = ["dmarc"];
+ }
+ "DMARC_POLICY_ALLOW_WITH_FAILURES" {
+ weight = -0.5;
+ description = "DMARC permit policy with DKIM/SPF failure";
+ groups = ["dmarc"];
+ }
+ "DMARC_POLICY_REJECT" {
+ weight = 2.0;
+ description = "DMARC reject policy";
+ groups = ["dmarc"];
+ }
+ "DMARC_POLICY_QUARANTINE" {
+ weight = 1.5;
+ description = "DMARC quarantine policy";
+ groups = ["dmarc"];
+ }
+ "DMARC_POLICY_SOFTFAIL" {
+ weight = 0.1;
+ description = "DMARC failed";
+ groups = ["dmarc"];
+ }
+ "DMARC_NA" {
+ weight = 0.0;
+ description = "No DMARC record";
+ groups = ["dmarc"];
+ }
+
+ # ARC
+ "ARC_ALLOW" {
+ weight = -1.0;
+ description = "ARC checks success";
+ groups = ["arc"];
+ }
+
+ "ARC_REJECT" {
+ weight = 1.0;
+ description = "ARC checks failed";
+ groups = ["arc"];
+ }
+
+ "ARC_INVALID" {
+ weight = 0.5;
+ description = "ARC structure invalid";
+ groups = ["arc"];
+ }
+
+ "ARC_DNSFAIL" {
+ weight = 0.0;
+ description = "ARC DNS error";
+ groups = ["arc"];
+ }
+
+ "ARC_NA" {
+ weight = 0.0;
+ description = "ARC signature absent";
+ groups = ["arc"];
+ }
+}
--- /dev/null
+# RBL rules scores
+#
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
+# parameters defined on the top level
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
+# parameters defined on the top level
+#
+# For specific modules or configuration you can also modify
+# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
+# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
+#
+# See https://rspamd.com/doc/tutorials/writing_rules.html for details
+
+description = "IP DNS lists";
+
+symbols = {
+
+ "DNSWL_BLOCKED" {
+ weight = 0.0;
+ description = "Resolver blocked due to excessive queries";
+ groups = ["dnswl", "blocked"];
+ }
+ "RCVD_IN_DNSWL" {
+ weight = 0.0;
+ description = "Unrecognised result from https://www.dnswl.org";
+ groups = ["dnswl"];
+ }
+ "RCVD_IN_DNSWL_NONE" {
+ weight = 0.0;
+ description = "Sender listed at https://www.dnswl.org, no trust";
+ groups = ["dnswl"];
+ }
+ "RCVD_IN_DNSWL_LOW" {
+ weight = -0.1;
+ description = "Sender listed at https://www.dnswl.org, low trust";
+ groups = ["dnswl"];
+ }
+ "RCVD_IN_DNSWL_MED" {
+ weight = -0.2;
+ description = "Sender listed at https://www.dnswl.org, medium trust";
+ groups = ["dnswl"];
+ }
+ "RCVD_IN_DNSWL_HI" {
+ weight = -0.5;
+ description = "Sender listed at https://www.dnswl.org, high trust";
+ groups = ["dnswl"];
+ }
+
+ "DWL_DNSWL_BLOCKED" {
+ weight = 0.0;
+ description = "Resolver blocked due to excessive queries (dwl)";
+ groups = ["dnswl", "blocked"];
+ }
+ "DWL_DNSWL" {
+ weight = 0.0;
+ description = "Unrecognised result from https://www.dnswl.org (dwl)";
+ groups = ["dnswl"];
+ }
+ "DWL_DNSWL_NONE" {
+ weight = 0.0;
+ description = "Message has a valid dkim signature originated from domain listed at https://www.dnswl.org, no trust";
+ groups = ["dnswl"];
+ }
+ "DWL_DNSWL_LOW" {
+ weight = -1.0;
+ description = "Message has a valid dkim signature originated from domain listed at https://www.dnswl.org, low trust";
+ groups = ["dnswl"];
+ }
+ "DWL_DNSWL_MED" {
+ weight = -2.0;
+ description = "Message has a valid dkim signature originated from domain listed at https://www.dnswl.org, medium trust";
+ groups = ["dnswl"];
+ }
+ "DWL_DNSWL_HI" {
+ weight = -3.5;
+ description = "Message has a valid dkim signature originated from domain listed at https://www.dnswl.org, high trust";
+ groups = ["dnswl"];
+ }
+
+ "RBL_SPAMHAUS" {
+ weight = 0.0;
+ description = "Unrecognised result from Spamhaus ZEN";
+ groups = ["spamhaus"];
+ }
+ "RBL_SPAMHAUS_SBL" {
+ weight = 4.0;
+ description = "From address is listed in ZEN SBL";
+ groups = ["spamhaus"];
+ }
+ "RBL_SPAMHAUS_CSS" {
+ weight = 2.0;
+ description = "From address is listed in ZEN CSS";
+ groups = ["spamhaus"];
+ }
+ "RBL_SPAMHAUS_XBL" {
+ weight = 4.0;
+ description = "From address is listed in ZEN XBL";
+ groups = ["spamhaus"];
+ }
+ "RBL_SPAMHAUS_XBL_ANY" {
+ weight = 4.0;
+ description = "From or received address is listed in ZEN XBL (any list)";
+ groups = ["spamhaus"];
+ }
+ "RBL_SPAMHAUS_PBL" {
+ weight = 2.0;
+ description = "From address is listed in ZEN PBL (ISP list)";
+ groups = ["spamhaus"];
+ }
+ "RBL_SPAMHAUS_DROP" {
+ weight = 7.0;
+ description = "From address is listed in ZEN DROP BL";
+ groups = ["spamhaus"];
+ }
+ "RBL_SPAMHAUS_BLOCKED_OPENRESOLVER" {
+ weight = 0.0;
+ description = "You are querying Spamhaus from an open resolver, please see https://www.spamhaus.org/returnc/pub/";
+ groups = ["spamhaus"];
+ }
+ "RBL_SPAMHAUS_BLOCKED" {
+ weight = 0.0;
+ description = "You are exceeding the query limit, please see https://www.spamhaus.org/returnc/vol/";
+ groups = ["spamhaus"];
+ }
+ "RECEIVED_SPAMHAUS_SBL" {
+ weight = 3.0;
+ description = "Received address is listed in ZEN SBL";
+ groups = ["spamhaus"];
+ one_shot = true;
+ }
+ "RECEIVED_SPAMHAUS_CSS" {
+ weight = 1.0;
+ description = "Received address is listed in ZEN CSS";
+ groups = ["spamhaus"];
+ one_shot = true;
+ }
+ "RECEIVED_SPAMHAUS_XBL" {
+ weight = 3.0;
+ description = "Received address is listed in ZEN XBL";
+ groups = ["spamhaus"];
+ one_shot = true;
+ }
+ "RECEIVED_SPAMHAUS_PBL" {
+ weight = 0.0;
+ description = "Received address is listed in ZEN PBL (ISP list)";
+ groups = ["spamhaus"];
+ one_shot = true;
+ }
+ "RECEIVED_SPAMHAUS_DROP" {
+ weight = 6.0;
+ description = "Received address is listed in ZEN DROP BL";
+ groups = ["spamhaus"];
+ one_shot = true;
+ }
+ "RECEIVED_SPAMHAUS_BLOCKED_OPENRESOLVER" {
+ weight = 0.0;
+ description = "You are querying Spamhaus from an open resolver, please see https://www.spamhaus.org/returnc/pub/";
+ groups = ["spamhaus"];
+ }
+ "RECEIVED_SPAMHAUS_BLOCKED" {
+ weight = 0.0;
+ description = "You are exceeding the query limit, please see https://www.spamhaus.org/returnc/vol/";
+ groups = ["spamhaus"];
+ }
+
+ "RBL_SENDERSCORE" {
+ weight = 2.0;
+ description = "From address is listed in senderscore.com BL";
+ }
+ "MAILSPIKE" {
+ weight = 0.0;
+ description = "Unrecognised result from Mailspike";
+ groups = ["mailspike"];
+ }
+ "RWL_MAILSPIKE_NEUTRAL" {
+ weight = 0.0;
+ description = "Neutral result from Mailspike";
+ groups = ["mailspike"];
+ }
+ "RBL_MAILSPIKE_WORST" {
+ weight = 2.0;
+ description = "From address is listed in RBL - worst possible reputation";
+ groups = ["mailspike"];
+ }
+ "RBL_MAILSPIKE_VERYBAD" {
+ weight = 1.5;
+ description = "From address is listed in RBL - very bad reputation";
+ groups = ["mailspike"];
+ }
+ "RBL_MAILSPIKE_BAD" {
+ weight = 1.0;
+ description = "From address is listed in RBL - bad reputation";
+ groups = ["mailspike"];
+ }
+ "RWL_MAILSPIKE_POSSIBLE" {
+ weight = 0.0;
+ description = "From address is listed in RWL - possibly legit";
+ groups = ["mailspike"];
+ }
+ "RWL_MAILSPIKE_GOOD" {
+ weight = -0.1;
+ description = "From address is listed in RWL - good reputation";
+ groups = ["mailspike"];
+ }
+ "RWL_MAILSPIKE_VERYGOOD" {
+ weight = -0.2;
+ description = "From address is listed in RWL - very good reputation";
+ groups = ["mailspike"];
+ }
+ "RWL_MAILSPIKE_EXCELLENT" {
+ weight = -0.4;
+ description = "From address is listed in RWL - excellent reputation";
+ groups = ["mailspike"];
+ }
+
+ "RBL_SEM" {
+ weight = 1.0;
+ description = "From address is listed in Spameatingmonkey RBL";
+ groups = ["sem"];
+ }
+
+ "RBL_SEM_IPV6" {
+ weight = 1.0;
+ description = "From address is listed in Spameatingmonkey RBL (IPv6)";
+ groups = ["sem"];
+ }
+
+ "RBL_VIRUSFREE_BOTNET" {
+ weight = 2.0;
+ description = "From address is listed in virusfree.cz BL";
+ }
+
+ "RBL_NIXSPAM" {
+ weight = 4.0;
+ description = "From address is listed in NiX Spam (http://www.dnsbl.manitu.net/)";
+ }
+
+ "RBL_BLOCKLISTDE" {
+ weight = 4.0;
+ description = "From address is listed in Blocklist (https://www.blocklist.de/)";
+ groups = ["blocklistde"];
+ }
+
+ "RECEIVED_BLOCKLISTDE" {
+ weight = 3.0;
+ description = "Received address is listed in Blocklist (https://www.blocklist.de/)";
+ groups = ["blocklistde"];
+ one_shot = true;
+ }
+}
--- /dev/null
+# Bayes and statistics rules scores
+#
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
+# parameters defined on the top level
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
+# parameters defined on the top level
+#
+# For specific modules or configuration you can also modify
+# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
+# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
+#
+# See https://rspamd.com/doc/tutorials/writing_rules.html for details
+
+description = "Statistical symbols";
+
+symbols = {
+ "BAYES_SPAM" {
+ weight = 5.1;
+ description = "Message probably spam, probability: ";
+ }
+ "BAYES_HAM" {
+ weight = -3.0;
+ description = "Message probably ham, probability: ";
+ }
+}
\ No newline at end of file
--- /dev/null
+# Subject rules scores
+#
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
+# parameters defined on the top level
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
+# parameters defined on the top level
+#
+# For specific modules or configuration you can also modify
+# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
+# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
+#
+# See https://rspamd.com/doc/tutorials/writing_rules.html for details
+
+description = "Subject filters";
+
+symbols = {
+}
+
+max_score = 6.0;
\ No newline at end of file
--- /dev/null
+# URIBL rules scores
+#
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
+# parameters defined on the top level
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
+# parameters defined on the top level
+#
+# For specific modules or configuration you can also modify
+# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
+# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
+#
+# See https://rspamd.com/doc/tutorials/writing_rules.html for details
+
+description = "URL DNS lists";
+
+max_score = 12.5;
+
+symbols = {
+ "SURBL_BLOCKED" {
+ weight = 0.0;
+ description = "SURBL: blocked by policy/overusage";
+ one_shot = true;
+ groups = ["surblorg", "blocked"];
+ }
+ "PH_SURBL_MULTI" {
+ weight = 5.5;
+ description = "SURBL: Phishing sites";
+ one_shot = true;
+ groups = ["surblorg", "phishing"];
+ }
+ "MW_SURBL_MULTI" {
+ weight = 5.5;
+ description = "SURBL: Malware sites";
+ one_shot = true;
+ groups = ["surblorg"];
+ }
+ "ABUSE_SURBL" {
+ weight = 5.5;
+ description = "SURBL: ABUSE";
+ one_shot = true;
+ groups = ["surblorg"];
+ }
+ "CRACKED_SURBL" {
+ weight = 4.0;
+ description = "SURBL: cracked site";
+ one_shot = true;
+ groups = ["surblorg"];
+ }
+ "RSPAMD_URIBL" {
+ weight = 4.5;
+ description = "Rspamd uribl, bl.rspamd.com";
+ one_shot = true;
+ groups = ["rspamdbl"];
+ }
+
+ "RSPAMD_EMAILBL" {
+ weight = 2.5;
+ description = "Rspamd emailbl, bl.rspamd.com";
+ one_shot = true;
+ groups = ["rspamdbl"];
+ }
+
+ "MSBL_EBL" {
+ weight = 7.5;
+ description = "MSBL emailbl";
+ one_shot = true;
+ groups = ["ebl"];
+ }
+
+ "MSBL_EBL_GREY" {
+ weight = 0.5; # TODO: test it
+ description = "MSBL emailbl grey list";
+ one_shot = true;
+ groups = ["ebl"];
+ }
+
+ "SEM_URIBL_UNKNOWN" {
+ weight = 0.0;
+ description = "Spameatingmonkey uribl: unknown result";
+ one_shot = true;
+ groups = ["sem"];
+ }
+ "SEM_URIBL" {
+ weight = 3.5;
+ description = "Spameatingmonkey uribl";
+ one_shot = true;
+ groups = ["sem"];
+ }
+
+ "SEM_URIBL_FRESH15_UNKNOWN" {
+ weight = 0.0;
+ description = "Spameatingmonkey Fresh15 uribl: unknown result";
+ one_shot = true;
+ groups = ["sem"];
+ }
+ "SEM_URIBL_FRESH15" {
+ weight = 3.0;
+ description = "Spameatingmonkey uribl. Domains registered in the last 15 days (.AERO,.BIZ,.COM,.INFO,.NAME,.NET,.PRO,.SK,.TEL,.US)";
+ one_shot = true;
+ groups = ["sem"];
+ }
+
+ "DBL" {
+ weight = 0.0;
+ description = "DBL unknown result";
+ one_shot = true;
+ groups = ["spamhaus"];
+ }
+ "DBL_SPAM" {
+ weight = 6.5;
+ description = "DBL uribl spam";
+ one_shot = true;
+ groups = ["spamhaus"];
+ }
+ "DBL_PHISH" {
+ weight = 6.5;
+ description = "DBL uribl phishing";
+ one_shot = true;
+ groups = ["spamhaus"];
+ }
+ "DBL_MALWARE" {
+ weight = 6.5;
+ description = "DBL uribl malware";
+ one_shot = true;
+ groups = ["spamhaus"];
+ }
+ "DBL_BOTNET" {
+ weight = 5.5;
+ description = "DBL uribl botnet C&C domain";
+ one_shot = true;
+ groups = ["spamhaus"];
+ }
+ "DBL_ABUSE" {
+ weight = 6.5;
+ description = "DBL uribl abused legit spam";
+ one_shot = true;
+ groups = ["spamhaus"];
+ }
+ "DBL_ABUSE_REDIR" {
+ weight = 1.5;
+ description = "DBL uribl abused spammed redirector domain";
+ one_shot = true;
+ groups = ["spamhaus"];
+ }
+ "DBL_ABUSE_PHISH" {
+ weight = 7.5;
+ description = "DBL uribl abused legit phish";
+ one_shot = true;
+ groups = ["spamhaus"];
+ }
+ "DBL_ABUSE_MALWARE" {
+ weight = 7.5;
+ description = "DBL uribl abused legit malware";
+ one_shot = true;
+ groups = ["spamhaus"];
+ }
+ "DBL_ABUSE_BOTNET" {
+ weight = 5.5;
+ description = "DBL uribl abused legit botnet C&C";
+ one_shot = true;
+ groups = ["spamhaus"];
+ }
+ "DBL_PROHIBIT" {
+ weight = 0.0;
+ description = "DBL uribl IP queries prohibited!";
+ one_shot = true;
+ groups = ["spamhaus"];
+ }
+ "DBL_BLOCKED_OPENRESOLVER" {
+ weight = 0.0;
+ description = "You are querying Spamhaus from an open resolver, please see https://www.spamhaus.org/returnc/pub/";
+ one_shot = true;
+ groups = ["spamhaus"];
+ }
+ "DBL_BLOCKED" {
+ weight = 0.0;
+ description = "You are exceeding the query limit, please see https://www.spamhaus.org/returnc/vol/";
+ one_shot = true;
+ groups = ["spamhaus"];
+ }
+ "URIBL_MULTI" {
+ weight = 0.0;
+ description = "uribl.com: unrecognised result";
+ one_shot = true;
+ groups = ["uribl"];
+ }
+ "URIBL_BLOCKED" {
+ weight = 0.0;
+ description = "uribl.com: query refused";
+ one_shot = true;
+ groups = ["uribl", "blocked"];
+ }
+ "URIBL_BLACK" {
+ weight = 7.5;
+ description = "uribl.com black url";
+ one_shot = true;
+ groups = ["uribl"];
+ }
+ "URIBL_RED" {
+ weight = 3.5;
+ description = "uribl.com red url";
+ one_shot = true;
+ groups = ["uribl"];
+ }
+ "URIBL_GREY" {
+ weight = 1.5;
+ description = "uribl.com grey url";
+ one_shot = true;
+ groups = ["uribl"];
+ }
+ "SPAMHAUS_ZEN_URIBL" {
+ ignore = true;
+ weight = 0.0;
+ description = "Spamhaus ZEN URIBL: Filtered result";
+ one_shot = true;
+ groups = ["spamhaus"];
+ }
+ "URIBL_SBL" {
+ ignore = true;
+ weight = 6.5;
+ description = "A domain in the message body resolves to an IP listed in Spamhaus SBL";
+ one_shot = true;
+ groups = ["spamhaus"];
+ }
+ "URIBL_SBL_CSS" {
+ ignore = true;
+ weight = 6.5;
+ description = "A domain in the message body resolves to an IP listed in Spamhaus SBL CSS";
+ one_shot = true;
+ groups = ["spamhaus"];
+ }
+ "URIBL_XBL" {
+ ignore = true;
+ weight = 1.5;
+ description = "A domain in the message body resolves to an IP listed in Spamhaus XBL";
+ one_shot = true;
+ groups = ["spamhaus"];
+ }
+ "URIBL_PBL" {
+ ignore = true;
+ weight = 0.01;
+ description = "A domain in the message body resolves to an IP listed in Spamhaus PBL";
+ one_shot = true;
+ groups = ["spamhaus"];
+ }
+ "URIBL_DROP" {
+ ignore = true;
+ weight = 5.0;
+ description = "A domain in the message body resolves to an IP listed in Spamhaus DROP";
+ one_shot = true;
+ groups = ["spamhaus"];
+ }
+ #"RBL_SARBL_BAD" {
+ # weight = 2.5;
+ # description = "A domain in the message body is blacklisted in SARBL";
+ # one_shot = true;
+ #}
+}
--- /dev/null
+# Whitelist rules scores
+#
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine
+# parameters defined on the top level
+#
+# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add
+# parameters defined on the top level
+#
+# For specific modules or configuration you can also modify
+# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults
+# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults
+#
+# See https://rspamd.com/doc/tutorials/writing_rules.html for details
+
+description = "White lists group";
+
+max_score = 10.0;
+
+symbols = {
+ "WHITELIST_SPF" {
+ weight = -1.0;
+ description = "Mail comes from the whitelisted domain and has a valid SPF policy";
+ groups = ["spf"];
+ }
+ "BLACKLIST_SPF" {
+ weight = 1.0;
+ description = "Mail comes from the whitelisted domain and has no valid SPF policy";
+ groups = ["spf"];
+ }
+ "WHITELIST_DKIM" {
+ weight = -1.0;
+ description = "Mail comes from the whitelisted domain and has a valid DKIM signature";
+ groups = ["dkim"];
+ }
+ "BLACKLIST_DKIM" {
+ weight = 2.0;
+ description = "Mail comes from the whitelisted domain and has non-valid DKIM signature";
+ groups = ["dkim"];
+ }
+ "WHITELIST_SPF_DKIM" {
+ weight = -3.0;
+ description = "Mail comes from the whitelisted domain and has valid SPF and DKIM policies";
+ groups = ["spf", "dkim"];
+ }
+ "BLACKLIST_SPF_DKIM" {
+ weight = 3.0;
+ description = "Mail comes from the whitelisted domain and has no valid SPF policy or a bad DKIM signature";
+ groups = ["spf", "dkim"];
+ }
+ "WHITELIST_DMARC" {
+ weight = -7.0;
+ description = "Mail comes from the whitelisted domain and has valid DMARC and DKIM policies";
+ groups = ["dmarc", "spf", "dkim"];
+ }
+ "BLACKLIST_DMARC" {
+ weight = 6.0;
+ description = "Mail comes from the whitelisted domain and has failed DMARC and DKIM policies";
+ groups = ["dmarc", "spf", "dkim"];
+ }
+}
--- /dev/null
+# Settings setup
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/settings.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/settings.conf' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation: https://rspamd.com/doc/configuration/settings.html
+
+# If you want to use settings map, then please define something like:
+#
+# settings = "http://example.com/settings.json"
+#
+# in rspamd.conf.override
+
+settings {
+ # Some examples below (define in local.d/settings.conf without `settings {}`!)
+ #some_users {
+ # id = "some_users";
+ # priority = high;
+ # from = "@example.com";
+ # rcpt = "admin";
+ # rcpt = "/user.*/";
+ # ip = "172.16.0.0/16";
+ # user = "@example.net";
+ # request_header = {
+ # "MTA-Tag" = "\.example\.net$";
+ # }
+ # apply {
+ # symbol1 = 10.0;
+ # symbol2 = 0.0;
+ # actions {
+ # reject = 100.0;
+ # greylist = 10.0;
+ # "add header" = 5.0; # Please note the space, NOT an underscore
+ # }
+ # }
+ # Always add these symbols when settings rule has matched
+ # symbols [
+ # "symbol2", "symbol4"
+ # ]
+ #}
+ #whitelist {
+ # priority = low;
+ # rcpt = "postmaster@example.com";
+ # want_spam = yes;
+ #}
+ # Disable some checks for authenticated users
+ #authenticated {
+ # priority = high;
+ # authenticated = yes;
+ # apply {
+ # groups_disabled = ["rbl", "spf"];
+ # }
+ #}
+ # End of examples
+
+ .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/settings.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/settings.conf"
+}
\ No newline at end of file
--- /dev/null
+# Statistics setup
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/statistic.conf' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/statistic.conf' to strictly override all
+# parameters defined inside this section
+#
+# If you just need to change the default bayes classifier, you can also use
+# 'local.d/classifier-bayes.conf' or 'override.d/classifier-bayes.conf'. But
+# never ever use both `statistic.conf` and `classifier-bayes.conf` locals files
+# together!
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+#
+# Module documentation: https://rspamd.com/doc/configuration/statistic.html
+
+classifier "bayes" {
+ tokenizer {
+ name = "osb";
+ }
+ cache {
+ }
+ new_schema = true; # Always use new schema
+ store_tokens = false; # Redefine if storing of tokens is desired
+ signatures = false; # Store learn signatures
+ #per_user = true; # Enable per user classifier
+ min_tokens = 11;
+ backend = "redis";
+ min_learns = 200;
+
+ statfile {
+ symbol = "BAYES_HAM";
+ spam = false;
+ }
+ statfile {
+ symbol = "BAYES_SPAM";
+ spam = true;
+ }
+ learn_condition = 'return require("lua_bayes_learn").can_learn';
+
+ # Autolearn sample
+ # autolearn {
+ # spam_threshold = 6.0; # When to learn spam (score >= threshold and action is reject)
+ # junk_threshold = 4.0; # When to learn spam (score >= threshold and action is rewrite subject or add header, and has two or more positive results)
+ # ham_threshold = -0.5; # When to learn ham (score <= threshold and action is no action, and score is negative or has three or more negative results)
+ # check_balance = true; # Check spam and ham balance
+ # min_balance = 0.9; # Keep diff for spam/ham learns for at least this value
+ #}
+
+ .include(try=true; priority=1) "$LOCAL_CONFDIR/local.d/classifier-bayes.conf"
+ .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/classifier-bayes.conf"
+}
+
+.include(try=true; priority=1) "$LOCAL_CONFDIR/local.d/statistic.conf"
+.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/statistic.conf"
--- /dev/null
+# Controller worker setup
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/worker-controller.inc' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/worker-controller.inc' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+# Module documentation: https://rspamd.com/doc/workers/controller.html
+
+count = 1;
+password = "q1";
+secure_ip = "127.0.0.1";
+secure_ip = "::1";
+static_dir = "${WWWDIR}";
--- /dev/null
+# Fuzzy storage worker setup
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/worker-fuzzy.inc' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/worker-fuzzy.inc' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+# Module documentation: https://rspamd.com/doc/workers/fuzzy_storage.html
+
+backend = "redis";
+
+# For sqlite stuff
+#backend = "sqlite";
+#hash_file = "${DBDIR}/fuzzy.db";
+
+expire = 90d;
+allow_update = ["localhost"];
\ No newline at end of file
--- /dev/null
+# Normal scanner worker setup
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/worker-normal.inc' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/worker-normal.inc' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+# Module documentation: https://rspamd.com/doc/workers/normal.html
+
+mime = true;
--- /dev/null
+# Proxy worker setup
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+# You can modify 'local.d/worker-proxy.inc' to add and merge
+# parameters defined inside this section
+#
+# You can modify 'override.d/worker-proxy.inc' to strictly override all
+# parameters defined inside this section
+#
+# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
+# for details
+# Module documentation: https://rspamd.com/doc/workers/rspamd_proxy.html
+
+milter = yes; # Enable milter mode
+timeout = 120s; # Needed for Milter usually
+
+upstream "local" {
+ default = yes;
+ hosts = "localhost";
+}
+
+count = 1; # Do not spawn too many processes of this type
+max_retries = 5; # How many times master is queried in case of failure
+discard_on_reject = false; # Discard message instead of rejection
+quarantine_on_reject = false; # Tell MTA to quarantine rejected messages
+spam_header = "X-Spam"; # Use the specific spam header
+reject_message = "Spam message rejected"; # Use custom rejection message
dovecot:!:20101::::::
dovenull:!:20101::::::
redis:!:20101::::::
+_rspamd:!:20101::::::
frank:$y$j9T$d2nMqKcO8uBhmFbv2qlWV.$lQS7p07tBUrXzjnTx28mVj7vPCbdqZNt33Ne8w.EBL8:20097:0:99999:7:::
_chrony:!:20097::::::
postfix:!:20097::::::
-valkey:!:20097::::::
mysql:!:20098::::::
tcpdump:!:20101::::::
dovecot:!:20101::::::
--- /dev/null
+/lib/systemd/system/rspamd.service
\ No newline at end of file
projects / config / dev-mail-fbrehm / etc.git / commitdiff