Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
1.3.4: * [Feature] ASN module; support matching ASN/country in multimap * [Feature] Add SPF method in spf return result * [Feature] Add Yandex and Mail.ru forwarding rules * [Feature] Add mempool maps in multimap * [Feature] Add rule for identifying mail sent by eval()'d PHP code * [Feature] Add support of stub DNSSEC resolver to rdns * [Feature] Add task:get_digest method * [Feature] Allow for more fine-grained scoring for ip_score * [Feature] Allow to get digest of a mime part from lua * [Feature] Allow to print message digest in logs * [Feature] Fold DKIM-Signature header * [Feature] Implement encrypted logs * [Feature] Log URLs encrypted if we have log encryption pubkey * [Feature] Pass authenticated bit to lua * [Feature] Read redis backend statistics configuration from global section * [Feature] Show the exact value matched for multima symbols * [Feature] Store task checksum * [Fix] Avoid setting limits when required elements are missing * [Fix] DMARC: Fix alignment checking for subdomains * [Fix] DMARC: deal with missing and spurious spaces * [Fix] Defer insertion of results in ip_score to avoid skewing stats * [Fix] Disable DMARC for local/authorized mail * [Fix] Fix handling of proxied headers in controller * [Fix] Fix hex printing of strings * [Fix] Fix issue with spaces in maps * [Fix] Fix parsing of forwarded IP * [Fix] Fix reload in some plugins and workers * [Fix] Fix reloading on SIGHUP * [Fix] Fix some border cases for DKIM canonicalization * [Fix] Fix url maps * [Fix] Make dnssec configurable option disabled by default for now * [Fix] rspamadm statconvert: force db to be a string * [Fix] rspamadm statconvert: use db/password for learn cache * [Rework] Rework flags in rspamd logger 1.3.3: * [CritFix] Check hyperscan cache sanity before loading * [CritFix] Fix setting of fuzzy keys (completely breaks fuzzy storage) * [Feature] Add SARBL (sarbl.org) uribl * [Feature] Add `--search-pattern` option to rspamd_stats * [Feature] Add some sanity check for very long from/to log elements * [Feature] Allow to create hashes from string in a single step * [Feature] Fix order of pre and postfilters * [Feature] Improve lua URLs API * [Feature] Improve message about fuzzy rules * [Feature] Pre-calculate blake2 digest for all parts * [Feature] Print radix duplicate keys as IP addresses * [Feature] Simple mechanism for disabling RBLs in local.d/rbl.conf * [Feature] Use faster hash function for fuzzy storage * [Feature] rspamd_stats: support log directory reading * [Fix] Add sanity check for url filters * [Fix] Do not show rmilter section as a fake metric in rspamc * [Fix] Fix URL filters * [Fix] Fix a stupid mistake in util.strequal_caseless * [Fix] Fix blake2b hash of the string "rspamd" * [Fix] Fix filename maps filter * [Fix] Fix finding tld in util.get_tld * [Fix] Fix multimap content filters * [Fix] Fix returning boolean from Lua * [Fix] Fix returning of REDIS_NIL * [Fix] Try to deal with multiple workers terminated * [Fix] Use forced DNS request when calling for lua_http * [Rework] Rework multimap filters, add redis maps 1.3.2: * [Feature] Add a special symbol for SPF DNS errors: R_SPF_DNSFAIL * [Feature] Add correlations report in fuzzy stats * [Feature] Add experimental CGP integration * [Feature] Add method to get urls length in a text part * [Feature] Add new methods to lua_html to access HTML tags * [Feature] Allow all types of symbols to be added via __newindex method * [Feature] Allow to create settings for authenticated users * [Feature] Allow to get block content for HTML tags * [Feature] Improve DNS failures when dealing with SPF * [Feature] Properly implement R_WHITE_ON_WHITE rule * [Feature] Remove old ugly rules * [Feature] Rspamc can now add dkim signature in mime mode * [Feature] Store content length for HTML tags * [Feature] Support reacher set of HTML colors * [Feature] Try to avoid FP for low contrast fonts detection * [Fix] Add missing HTML colors * [Fix] Add spaces to dkim signature to allow folding * [Fix] Avoid returning NaN as score on scan * [Fix] Decode entitles in href parts * [Fix] Do not cache SPF records with DNS errors * [Fix] Do not crash on cyclic depends * [Fix] Do not insert HELO/HOSTNAME unknown when they are not passed * [Fix] Do not set absent hostname to "unknown" * [Fix] Do not stress redis with KEYS command (#791) * [Fix] Fix DMARC_BAD_POLICY symbol * [Fix] Fix HFILTER_URL module * [Fix] Fix HFILTER_URL_ONELINE rule * [Fix] Fix buffering in CGP integration * [Fix] Fix colors propagation from parent nodes * [Fix] Fix confusing OpenSSL API usage of i2d_RSAPublicKey * [Fix] Fix dependencies id sanity check * [Fix] Fix folding for semicolon separated tokens * [Fix] Fix largest possible TLD behaviour * [Fix] Fix last token folding * [Fix] Fix length calculations in white on white rule * [Fix] Fix multiple request headers structure * [Fix] Fix multiple values headers freeing * [Fix] Fix parsing of background color * [Fix] Fix printing from field in log_urls * [Fix] Fix processing of last element of DMARC policies * [Fix] Further fixes for HTML colors * [Fix] Further fixes for multiple values headers * [Fix] Further fixes for white on white rule * [Fix] Further fixes in HTML tags parsing * [Fix] Ignore content type/subtype case * [Fix] Increase score of R_WHITE_ON_WHITE * [Fix] Parse CGP envelope data * [Fix] Propagate colors in HTML * [Fix] Restore multiple values headers in protocol * [Fix] Restore multiple values in headers processing * [Fix] Some more changes to tag's content length calculations * [Fix] Some more fixes for low contrast fonts detector * [Fix] SpamAssassin plugin: support check_freemail_header('EnvelopeFrom', [..]) * [Fix] Trigger HTML_SHORT_LINK_IMG on any external image * [Fix] rspamd_stats: remove deprecated defined(@array) 1.3.1: * [CritFix] Fix catena passwords validation * [CritFix] Fix crash when the first received is faked * [Feature] Add DMARC_BAD_POLICY symbol when DMARC policy was invalid * [Feature] Allow for matching hostnames in multimap (#773) * [Feature] Allow for setting action based on DMARC disposition * [Feature] Allow limiting of the inbound message size * [Feature] Allow maps with multiple symbols and scores * [Feature] Allow regexps in the emails maps * [Feature] Allow to register metric symbols from multimap * [Feature] Allow to reset redis tokens instead of appendig values * [Feature] Allow to store strings in radix maps * [Feature] Check UTF validity when there are utf regexps in a map * [Feature] Correctly work when there is no hard reject action * [Feature] Implement dependencies for maps * [Fix] Another effort to unbreak sqlite locking * [Fix] Avoid crash when closing mmapped file * [Fix] Do not break history on NaN in required score * [Fix] Ensure that hyperscan cache written is written properly * [Fix] Filter NaN from scores in history * [Fix] Fix DNSBL maps * [Fix] Fix another locking issue in sqlite * [Fix] Fix another locking issue with mapped files * [Fix] Fix deadlock in mmaped file stats * [Fix] Fix dependencies in multimap plugin * [Fix] Fix emails module configuration * [Fix] Fix greylist plugin (#755) * [Fix] Fix greylisting plugin variable usage * [Fix] Fix installed permissions for rspamd_stats * [Fix] Fix locking in mmapped statistics * [Fix] Fix paths in tests * [Fix] Fix prefilter mode for multimap * [Fix] Forgot to commit leftover changes * [Fix] Really fix local.d includes * [Fix] Restore selective greylisting behaviour * [Fix] Set max size on per connection basis * [Fix] Use temporary storage for hyperscan cache * [Rework] Remove systemd socket activation 1.3.0: * [CritFix] Fix SA rawbody processing - exclude top part * [CritFix] Fix decoding of UTF HTML entitles * [CritFix] Fix encrypted fuzzy requests * [CritFix] Fix leak of shared memory fds and files * [CritFix] Fix levenshtein distance calculations * [CritFix] Fix mime headers processing * [CritFix] Fix parsing of URLs in texts * [CritFix] Fix parsing of missing classes * [CritFix] Fix redis structure by adding {NULL, NULL} member * [CritFix] Fix some more URL detector issues * [CritFix] Fix systemd sockets activation * [CritFix] Fix unencrypted passwords processing in the controller * [CritFix] Fix writing CDPs to the database * [CritFix] Fix writing of encrypted HTTP requests * [CritFix] Plug memory leak in dkim module * [CritFix] Plug memory leak in headers getting code * [CritFix] Pre-filters and post-filters were completely broken * [CritFix] Properly support SA body regexps * [CritFix] Really skip filters in case of pre-result set * [CritFix] Restore the intended pre-filters behaviour * [Rework] Adopt new maps code * [Rework] Compile ragel sources when building rspamd * [Rework] Finish rework for the rest of places that use HTTP * [Rework] Fix DKIM headers canonicalization * [Rework] Fix lua maps API * [Rework] Import linenoise for line editing * [Rework] Include config structure to all rcl handlers * [Rework] Make chartable module useful * [Rework] Move http internal structures to a private header * [Rework] Partly fix controller * [Rework] Remove dedicated images list * [Rework] Rename http proxy to rspamd proxy * [Rework] Rename mime parts structures * [Rework] Rework HTTP code * [Rework] Rework exceptions and newlines processing * [Rework] Rework pre and postfilters system * [Rework] Separate method to close backend connections * [Rework] Start the complete maps rework * [Rework] Use dynamically generated ragel C sources * [Feature] Add 'blacklist' and 'strict' modes for whitelists * [Feature] Add 'symbols_enabled' and 'groups_enabled' to settings * [Feature] Add ESMTPSA received type * [Feature] Add a simple script to evaluate rspamd rules in the logs * [Feature] Add a simple tool to generate DKIM keys * [Feature] Add a trivial heuristic for codepages * [Feature] Add and use mumhash for non-crypto hashing * [Feature] Add better method to check lua userdata types * [Feature] Add better zip files search algorithm * [Feature] Add catena PBKDF function * [Feature] Add configuration knobs for in and out parser scripts * [Feature] Add content filtering support to multimap * [Feature] Add different timeouts for proxy connections * [Feature] Add dot commands for lua REPL: * [Feature] Add execution of lua global functions script * [Feature] Add function for pretty printing of inet addresses * [Feature] Add function to convert fstring_t to c string * [Feature] Add function to create temporary shared memory mapping * [Feature] Add function to generate random hex string * [Feature] Add generic fucnction to parse IP maps * [Feature] Add initial version of HTTP lua repl * [Feature] Add learn condition to the default configuration * [Feature] Add learn conditions for classifiers * [Feature] Add limit for dkim signatures to be checked * [Feature] Add locking routines for lua_util * [Feature] Add lua API for getting info from archives * [Feature] Add lua utility to decode URL encoding * [Feature] Add method to copy message from http connection * [Feature] Add mirrors feature * [Feature] Add more algorithms for shingles generation * [Feature] Add more domains to redirectors list * [Feature] Add more encodingsto cryptobox hash API * [Feature] Add more file utilities to lua_util * [Feature] Add more functions to extract data from text parts * [Feature] Add more methods to get headers from a task * [Feature] Add more methods to init http message body * [Feature] Add more options for redis config parsing function * [Feature] Add new representation of email address * [Feature] Add new symbols to filter bad extensions in messages * [Feature] Add new utility methods to mimepart object * [Feature] Add openphish support to rspamd phishing module * [Feature] Add parsers for SMTP address in ragel * [Feature] Add parsing of mirror hosts for fuzzy storage * [Feature] Add parsing scripts for master connection as well * [Feature] Add preliminary greylist plugin * [Feature] Add preliminary phishtank support * [Feature] Add preliminary rarv5 support * [Feature] Add preliminary version of ssl toolbox * [Feature] Add protection against open files limit and accepting sockets * [Feature] Add rar v4 support * [Feature] Add reading scripts for master connection * [Feature] Add replies plugin * [Feature] Add results parsing code * [Feature] Add routines to compare and check pubkeys * [Feature] Add simplier versions of refcounts * [Feature] Add some time manipulation functions for lua APi * [Feature] Add support for non-standard BATV signatures * [Feature] Add support of address with at-domain list * [Feature] Add support to search archives by magic * [Feature] Add task:get_rawbody method * [Feature] Add test to check shared memory support sanity * [Feature] Add the initial version of LUA repl to rspamadm * [Feature] Add throughput graph for RRD backend to WebUI * [Feature] Add universal function to make a proper redis request * [Feature] Add universal function to parse redis servers for plugins * [Feature] Add util.unlink function * [Feature] Add utility function to return random number from 0 to 1 * [Feature] Add utility method to convert ftok to C string * [Feature] Add utility to map shared memory segments * [Feature] Add versions to fuzzy storage * [Feature] Add workaround for legacy clients in rspamd proxy * [Feature] Add workaround for systems without sane shmem support * [Feature] Add xoroshiro+ fast rng for non-crypto purposes * [Feature] Adopt plugins for new maps API * [Feature] Allow SPF to be checked for empty tasks * [Feature] Allow binary patterns in lua_trie * [Feature] Allow catena encrypted passwords in controller * [Feature] Allow client ip match in the settings * [Feature] Allow easy adding and overriding of fuzzy rules * [Feature] Allow empty tasks to be processed * [Feature] Allow hostnames in IP maps * [Feature] Allow https maps * [Feature] Allow multiple PBKDF types in `rspamadm pw` * [Feature] Allow named fuzzy rules * [Feature] Allow non zero terminated patterns in multipattern * [Feature] Allow partial hash updates * [Feature] Allow pipelining for redis.make_request * [Feature] Allow sending empty requests using client * [Feature] Allow setting fuzzy flag by symbol not by value * [Feature] Allow setting scores and actions from lua * [Feature] Allow shared memory simple http client * [Feature] Allow static lua files in any parts of rspamd sources * [Feature] Allow to change flag from fuzzy learn condition * [Feature] Allow to check rspamd_text using maps * [Feature] Allow to disable composite rules from settings * [Feature] Allow to disable some modules from common redis setup * [Feature] Allow to extract ucl_object from lua using common API * [Feature] Allow to get settings and settings id hash from lua_task * [Feature] Allow to have specific settings for mirrored traffic * [Feature] Allow to open message from a shared memory segment * [Feature] Allow to parse pubkeys from the rcl config * [Feature] Allow to pass extradata from rspamd to rmilter * [Feature] Allow to query storage about number of fuzzy hashes stored * [Feature] Allow to read logs without symbols scores * [Feature] Allow to read password from console for rspamc * [Feature] Allow to set ciphers and CA paths in config * [Feature] Allow to skip some initialization phases to speed up rspamadm * [Feature] Allow underscore separated names in settings * [Feature] Allow versioning for sqlite databases * [Feature] Always allow to terminate rspamd * [Feature] Better deal with backend errors * [Feature] Better lua_redis logging * [Feature] Configure CA path and ciphers * [Feature] Create a dedicated parser to strip newlines * [Feature] Deduplicate the same urls in multimap module * [Feature] Distinguish luajit from lua * [Feature] Do not print garbadge in --compact output * [Feature] Dynamically detect if a CPU is incompatible with hyperscan * [Feature] Enable forced resolving for some lua plugins * [Feature] Enable rrd by default * [Feature] Enable workaround for exim * [Feature] Fix task functions to work without rspamd_config * [Feature] Further improvements to chartable module * [Feature] Further micro-optimizations for hashing and shingles * [Feature] Further relax parser * [Feature] Humanize numbers in stats widgets * [Feature] Implement HTTPS client * [Feature] Implement SSL support in http client * [Feature] Implement body rules for the trie plugin * [Feature] Implement braced regexp quantifiers * [Feature] Implement compare scripts for mirrors results * [Feature] Implement compare scripts setup * [Feature] Implement composites policies * [Feature] Implement conditional learning for classifiers * [Feature] Implement constructing of map from UCL * [Feature] Implement dkim signing in dkim check plugin * [Feature] Implement fuzzy storage updates * [Feature] Implement fuzzy updates push protocol * [Feature] Implement https maps * [Feature] Implement inter-process maps caching * [Feature] Implement mapping of remote flags to local flags * [Feature] Implement mirroring in rspamd proxy * [Feature] Implement multi-flags fuzzy replies * [Feature] Implement multiple-sources fuzzy storage * [Feature] Implement order of pre/post filters * [Feature] Implement partial deleting for multi-flags * [Feature] Implement pipelining for redis async interface * [Feature] Implement ragel parser for received headers * [Feature] Implement reading of messages to shared memory * [Feature] Implement refcount for messages * [Feature] Implement retransmits for master connection * [Feature] Implement zero-copy mode for HTTP reading * [Feature] Improve SPF domain detection logic * [Feature] Improve config:register_symbol function * [Feature] Improve error report for type missmatch in lua * [Feature] Improve fstrings API * [Feature] Improve getting SMTP data from lua_task * [Feature] Improve levenshtein distance function * [Feature] Improve logging in proxy and add refcounts * [Feature] Improve logging lua types * [Feature] Improve master/slave logging * [Feature] Improve phishing plugin * [Feature] Improve phishtank and openphish support * [Feature] Improve ragel build target * [Feature] Improve statistics script * [Feature] Initialize ssl library to use SSL connections * [Feature] Interpolate points sent to webui * [Feature] Limit logging of elements that could have too many items * [Feature] Lock ANN file when loading * [Feature] New abstract hashing API in cryptobox * [Feature] Normalize quoted addresses * [Feature] Now cryptobox lua API accepts rspamd text as input * [Feature] Optimize alignment to speed up hashing * [Feature] Parse received date and ESMTPA proto * [Feature] Parse received timestamp * [Feature] Pass settings id to log helper * [Feature] Pass settings id to lua script from log helper * [Feature] Perform files expansion on proxying * [Feature] Preliminary implementation of fuzzy master/slave updates * [Feature] Print userdata using tostring if possible * [Feature] Propagate HTTP result string when using proxy * [Feature] Properly implement unweighted round-robin algorithm * [Feature] Reduce number of timers queries * [Feature] Rework and improve fuzzy storage * [Feature] Rework dns resolving API for lua, add 'forced' option * [Feature] Rework fann module to understand settings * [Feature] Rework listening system to allow multiple socket types per worker * [Feature] Rework ratelimit module to set expiration * [Feature] Save bayes probability in memory pool var * [Feature] Save settings id hash for convenience * [Feature] Search for SSL_set_tlsext_host_name support * [Feature] Send DKIM signature to protocol reply * [Feature] Show DKIM signature in rspamc client * [Feature] Show symbols description in scan output * [Feature] Sign message merely after DKIM check * [Feature] Simplify machines by assuming that headers are unfolded * [Feature] Sort symbols when displaying them in log * [Feature] Split main connection from mirrored connections * [Feature] Start moving to the new email address structure * [Feature] Store HTTP headers in a hash table * [Feature] Store more information about compressed files * [Feature] Store raw headers value to use them in DKIM * [Feature] Store text parts content with newlines stripped * [Feature] Support DKIM signing * [Feature] Support EXIF jpeg images * [Feature] Support archive files list extraction * [Feature] Support archives when matching patterns in multimap * [Feature] Support premium/academic feed for openphish * [Feature] Support rspamd_updates via https * [Feature] Supprort FQDNs in phishing module maps * [Feature] Try to read on fuzzy timeout to avoid fake timeouts * [Feature] Try to select the optimal possible function for input * [Feature] Unescape and unquote smtp addresses * [Feature] Update fuzzy timestamp when adding value * [Feature] Update mumhash * [Feature] Use -flto if possible when optimizations are enabled * [Feature] Use extended map types in lua map, unify code * [Feature] Use file lock in logger to avoid deadlocks * [Feature] Use generic global string split function * [Feature] Use metrohash as well * [Feature] Use mumhash by default for incremental hashing * [Feature] Use mumhash for words hashing * [Feature] Use new ip parsing API * [Feature] Use new maps API for local addrs * [Feature] Use new ragel parser in message parsing code * [Feature] Use new received parser instead of old one * [Feature] Use new redis API in DMARC plugin * [Feature] Use new redis API in greylist plugin * [Feature] Use new redis API in ip_score plugin * [Feature] Use new redis API in ratelimit plugin * [Feature] Use new redis API in replies plugin * [Feature] Use new version of register_symbol in rspamd plugins * [Feature] Use offset when passing shm to deal with encrypted requests * [Feature] Use one pass to remove newlines and store their positions * [Feature] Use rspamd specific type checks for userdata * [Feature] Use shared memory storage for http maps * [Feature] Use universal redis definitions in rspamd plugins * [Feature] Various improvements in greylist module * [Feature] Wait for sqlite if locked when switching to WAL mode * [Fix] Add filenames sanity filtering for mime types * [Fix] Add guards for empty parts * [Fix] Add missing types * [Fix] Add more priority for config file symbols registered from UCL * [Fix] Add sanity checks when compiling regexp maps * [Fix] Add spaces instead of newlines to the normalized content * [Fix] Add workaround for ancient openssl * [Fix] Add workaround for gmime CTE stupidity * [Fix] Add workaround for hex digits * [Fix] Adjust MISSING_MIMEOLE score * [Fix] Adjust body/body_buf when stealing encrypted message * [Fix] Adopt lua task API for the new email addresses structure * [Fix] Allow for disabling DMARC reporting when Redis is configured * [Fix] Always register openphish and phishtank virtual symbols * [Fix] Always use shmem on linux * [Fix] Another change of newlines policy * [Fix] Another d3evolution update * [Fix] Another fix for exim workaround * [Fix] Another fix for legacy clients * [Fix] Another fix for maps scheduling * [Fix] Another fix for marking upstreams inactive * [Fix] Another fix for postfilters * [Fix] Another fix for redis timeouts * [Fix] Avoid `table.getn` method as it has been removed in lua 5.3 * [Fix] Avoid double hashing for images * [Fix] Avoid linking with actrie if hyperscan is enabled * [Fix] Check copy result when sending message to mirrors * [Fix] Cleanup message when assiging body * [Fix] Cleanup stack from global vars * [Fix] Correctly parse query type * [Fix] Disable all symbols if enable_groups is found in settings * [Fix] Disable fts as it is completely broken in bloody linux * [Fix] Disable multiple autolearn checks * [Fix] Disallow updates by default * [Fix] Do not abort when cannot load a map * [Fix] Do not check recursion for non-DNS SPF record types * [Fix] Do not delete uninitialized events * [Fix] Do not die if shmem_mkstemp fails * [Fix] Do not die when no metrics defined * [Fix] Do not even try pcre in case of regexp maps * [Fix] Do not greylist messages if redis has failed somehow * [Fix] Do not greylist on rejection * [Fix] Do not leave temporary maps cached * [Fix] Do not output meaningless errors * [Fix] Do not send NaN in json * [Fix] Don't mix hyperscan and pcre processing within a same task * [Fix] Finally rework and simplify redis backend for statistics * [Fix] Fix Exim shutdown patch * [Fix] Fix JIT compilation for PCRE2 expressions * [Fix] Fix JIT usage for PCRE2 * [Fix] Fix REPL output * [Fix] Fix SMTP address parsing machine * [Fix] Fix UTF8 mode in PCRE2 * [Fix] Fix a stupid misprint in word 'phishing' * [Fix] Fix accepting the first update when local idx is -1 * [Fix] Fix adding maps from ucl * [Fix] Fix adding upstream to an active queue * [Fix] Fix and rescore R_PARTS_DIFFER logic * [Fix] Fix body rules in SA plugin * [Fix] Fix body start position * [Fix] Fix border case in urls detector * [Fix] Fix border cases for incremental hashing * [Fix] Fix caseless uthash application * [Fix] Fix chartable issue with starting digits * [Fix] Fix client_ip in users settings * [Fix] Fix compilation issue * [Fix] Fix conditional learning * [Fix] Fix crash on empty maps * [Fix] Fix creating of URLs from LUA * [Fix] Fix creating of temporary shmem segment * [Fix] Fix creation of mmapped statfiles * [Fix] Fix descriptors leak on shmem detaching * [Fix] Fix detaching of shared memory segments * [Fix] Fix detection of URLs in text parts * [Fix] Fix directories processing for rspamc * [Fix] Fix displaying of rewrite subject in WebUI * [Fix] Fix dkim private keys operations * [Fix] Fix dkim signing * [Fix] Fix dynamic scoring of subject symbols * [Fix] Fix email address build * [Fix] Fix encrypted proxy requests * [Fix] Fix errors counting in upstreams * [Fix] Fix errors handling in the proxy * [Fix] Fix event bases for IO events * [Fix] Fix events handling when scheduling map wacth * [Fix] Fix fann rewrite * [Fix] Fix files fallback for shmem transfer * [Fix] Fix fuzzy adding in webui * [Fix] Fix fuzzy storage encrypted mirroring * [Fix] Fix fuzzy storage sync replies * [Fix] Fix handling of the same words * [Fix] Fix inserting values to the sources list * [Fix] Fix ipv6 mask application * [Fix] Fix issue with missing recipients * [Fix] Fix issues with multiple returns from lua * [Fix] Fix learning for non-existent backend * [Fix] Fix legacy clients support in proxy * [Fix] Fix length calculations for shared memory segments * [Fix] Fix listening on UDP sockets * [Fix] Fix loading of file maps * [Fix] Fix long regexp flags (e.g. {sa_body}) * [Fix] Fix lua compare function init * [Fix] Fix maps descriptions * [Fix] Fix maps locking * [Fix] Fix max_train setup in ANN module * [Fix] Fix memory corruption * [Fix] Fix memory leak in unsigned maps reading * [Fix] Fix misprints for lto usage * [Fix] Fix more issues with scripts processing * [Fix] Fix next-to-last extension length check * [Fix] Fix openssl initialization * [Fix] Fix order of arguments * [Fix] Fix order of initialization * [Fix] Fix parser * [Fix] Fix parsing of binary tries * [Fix] Fix parsing of braced IPv6 addresses * [Fix] Fix parsing of nested braces in SMTP comments * [Fix] Fix parsing of rarv5 archives * [Fix] Fix periodic scheduling when a map is not modified * [Fix] Fix possible FP in TRACKER_ID rule * [Fix] Fix post-filters processing * [Fix] Fix potential NULL dereference * [Fix] Fix processing of <br> and <hr> tags * [Fix] Fix processing of addresses in protocol * [Fix] Fix processing of messages without received headers * [Fix] Fix proxying issue for unconnected sessions * [Fix] Fix proxying of the encrypted messages * [Fix] Fix race condition with shared memory by refcounts * [Fix] Fix ratelimit initialization * [Fix] Fix redis set request in replies plugin * [Fix] Fix redis timeout events handling * [Fix] Fix redis timeouts processing logic * [Fix] Fix refcounts in lua_redis * [Fix] Fix results checking if no master connection is active * [Fix] Fix return value for couple of lua functions * [Fix] Fix round-robin selection when upstreams have no weight * [Fix] Fix rows calculation in graph * [Fix] Fix rspamd_redis_make_request syntax in replies plugin * [Fix] Fix scheduling of locked map events * [Fix] Fix scores detection * [Fix] Fix searching for newline positions * [Fix] Fix secure_ip setting in controller * [Fix] Fix sending data to graph command * [Fix] Fix setting of score for parts differ * [Fix] Fix setting of the lua top * [Fix] Fix setting path for lua * [Fix] Fix setting path for phishtank * [Fix] Fix settings application * [Fix] Fix shm_open call as described in POSIX * [Fix] Fix size of length in fuzzy mirror wire protocol * [Fix] Fix smtp grammar issues * [Fix] Fix some issues with redis API * [Fix] Fix some issues with retries in the proxy * [Fix] Fix stack growing * [Fix] Fix start of body detection in DKIM * [Fix] Fix state on timeout * [Fix] Fix stats script * [Fix] Fix substring search when there are '\0' in strings * [Fix] Fix symbol name for spf soft fail * [Fix] Fix symbol type's check * [Fix] Fix symbols registration and execution * [Fix] Fix the case of multiple values keys * [Fix] Fix the default symbol names according to metric * [Fix] Fix timeout setup on learning * [Fix] Fix timeouts in redis cache processing * [Fix] Fix timeouts processing in lua_redis * [Fix] Fix upstreams interaction for rspamd proxy * [Fix] Fix usage of rdns reply structure * [Fix] Fix varargs loop * [Fix] Fix whitelists and blacklists in SA rules * [Fix] Fix write servers setup for redis * [Fix] Fix writing of HTTP messages * [Fix] Force rspamd to upgrade fuzzy db on opening * [Fix] Free the correct pointer * [Fix] Further fixes for lto and static linking * [Fix] Further fixes for surbl extensions map * [Fix] Further fixes in maps code * [Fix] Further improvements to error messages in fuzzy check * [Fix] Further tweaks to redis garbadge collection * [Fix] Groups are now case insensitive * [Fix] Handle log pipe read errors * [Fix] Handle nested dependencies in SpamAssassin plugin * [Fix] Implement new automata to skip empty lines for dkim signing * [Fix] Improve error messages on fuzzy add * [Fix] Improve lua redis handling * [Fix] Improve phishing module logging * [Fix] Improve printing of fuzzy errors * [Fix] Improve rrd diagnostic errors * [Fix] Improve strcase hash used in uthash * [Fix] Include fuzzy key to distinguish storages with different keys * [Fix] Include slave cluster name into http request * [Fix] Include some more information about archives * [Fix] Indicate upstream error on timeout * [Fix] Initialize hash tables array to avoid crashes * [Fix] Initialize parser scripts properly * [Fix] Initialize vars to avoid warnings * [Fix] Inverse logic for saving ANN * [Fix] Link lpeg to rspamd lua library * [Fix] Make extension checks case-insensitive * [Fix] Mark expired hashes as not found and not as zero flag * [Fix] Match archive name as well * [Fix] More and more fixes to redis states * [Fix] More fixes about shared memory in proxy * [Fix] More fixes for redis refcounts * [Fix] More fixes to end of headers detection * [Fix] More fixes to events logic * [Fix] More fixes to multi-flag fuzzy storage * [Fix] More fixes to parts distance calculations * [Fix] More guards for redis free * [Fix] One more fix in redis destructor * [Fix] One more try to fix redis * [Fix] PIE is required for static build * [Fix] Partial fix for mmap'd statistics tests * [Fix] Plug memory leak in proxy * [Fix] Properly detect end of headers position * [Fix] Properly init and free session structures * [Fix] Reduce PRECEDENCE_BULK rule weight * [Fix] Reduce the default thresholds for learning * [Fix] Remove Type=forking from systemd unit file (#709) * [Fix] Remove bad FANN file to save computational resources * [Fix] Remove event before closing of fd to avoid race conditions * [Fix] Remove parsing of 'from' variable in redis backend * [Fix] Remove some bad domains from whitelists * [Fix] Repair optional dependencies * [Fix] Reset master connection when retransmitting scan request * [Fix] Restore ONCE_RECEIVED symbol * [Fix] Restore compatibility with old lua API behaviour * [Fix] Restore redis runtime state * [Fix] Reverse options when received * [Fix] Send updates to mirrors only if we have some changes * [Fix] Set host attribute properly when making HTTP request from lua * [Fix] Set terminated state before calling of async free * [Fix] Simplify MISSING_MIMEOLE rule * [Fix] Simplify state machine by ignoring multiple spaces * [Fix] Skip setting RPATH for static builds * [Fix] Slightly reduce weights of rules with high FP rate * [Fix] Some fixes to libmagic initialization * [Fix] Some more fixes to ratelimit plugin * [Fix] Strip '\r\n' properly * [Fix] Switch hashes to mumhash * [Fix] Treat NaN values properly in graph command * [Fix] Try to avoid FP when checking for phished URLs * [Fix] Try to avoid recursive events deletions * [Fix] Try to fix false positive URL detections in text parts * [Fix] Try to fix issue in redis stats backend when task is closed * [Fix] Try to fix proxying of stupid spamc protocol to HTTP mirrors * [Fix] Try to fix redis crashes * [Fix] Try to fix upstreams with one element * [Fix] Try to handle multiline history in a more sane way * [Fix] Unbreak build on gcc < 4.9 * [Fix] Update RPM spec/sources (#700) * [Fix] Update d3evolution version * [Fix] Update mumhash implementation * [Fix] Use custom error function for pre and post filters * [Fix] Use new postfilters and prefilters API in the plugins * [Fix] Use non-blocking mode for systemd sockets * [Fix] Use shared memory merely for local backends in the proxy * [Fix] Use watchers for spf plugin * [Fix] Varioud fixes to the maps code 1.2.8: * Another fix for exim workaround (#637) * Fix unencrypted passwords processing in the controller * Fix setting path for lua (#652) * Fix usage of rdns reply structure (#654) * Use file lock in logger to avoid deadlocks * Add `application/octet-stream` mime type for `pdf` extension (by @moisseev) * Implement new automata to skip empty lines for dkim signing (#651) * Fix parsing of missing classes * Clarify some rspamc arguments (by @fatalbanana) * Correct suppress spelling 1.2.7: * Slightly reduce weights of rules with high FP rate * Add workround for rspamd-1.3 * Fix possible FP in TRACKER_ID rule * Simplify MISSING_MIMEOLE rule * Add workaround for gmime CTE stupidity * Fix mime headers processing * Fix false positive URL detections in text parts * Fix Exim shutdown patch * Enable workaround for exim mailbox format * Backport shingles static test * Fix levenshtein distance calculations * Fix max_train setup in ANN module * Fix redis structure by adding {NULL, NULL} member * Fix build with unmodified LibreSSL opensslv.h * Repair optional dependencies * Really skip filters in case of pre-result set * Restore the intended pre-filters behaviour * Fix ipv6 mask application 1.2.6: * Fix parsing of URLs in texts * Fix creating of URLs from LUA * Fix some more URL detector issues * Fix unit tests * Fix JIT compilation for PCRE2 expressions * Fix JIT usage for PCRE2 * Fix UTF8 mode in PCRE2 * Add workaround for pre-historic compilers (#605) * Fix and rescore R_PARTS_DIFFER logic * Properly set lua paths for tests * Fix SA rawbody processing - exclude top part * Store text parts content with newlines stripped * Properly support SA body regexps * Fix body rules in SA plugin * Fix setting of score for parts differ * More fixes to parts distance calculations - Use hashed words instead of full words for speed - Improve levenstein distance calculations and penalise replaces - Always return number from 0 to 1 - Use g_malloc instead of alloca * Fix percents output in R_PARTS_DIFFER * Plug memory leak in dkim module * Plug minor memory leak in regexps creation 1.2.5: * Plug an important memory leak in headers getting code * Remove some bad domains from whitelists 1.2.4: * Implement new multipattern matcher that uses hyperscan if possible * Use mutlipattern for lua_trie code * Add utility methods for multipattern * Use multipattern in url matcher * Add escape functions for hyperscan * Allow to optimize lua -> C transition by flattening table args * Optimize hot paths in SA plugin * Optimize rspamd_re_cache_type_from_string * Allow empty tries * Fix extraction of URLs from Subject * Allow to have different flags for different patterns in multipattern * Add common directory for hyperscan cache to config * Implement caching for hyperscan multipattern * Attach domain part to `R_SUSPICIOUS_URL` (by @moisseev) * Allow multipattern scans to be nested for the case of hyperscan * Simplify SURBL redirector search code and avoid ac_trie * Add two way substring search algorithm * Avoid acism usage to find gtube pattern * Fix processing of empty headers * Allow to disable pthread mutexes on broken platforms * Make web interface not send password in query strings (#585) by @fatalbanana * Add maximum delay to ratelimit module * Backport fix for empty files inclusion from libucl * Fix settings id setup * Add min_learns option to classifiers * Use more clever to utf8 conversion strategy * Fix disabling of virtual symbols in the settings * Rework settings to work properly in metric-less configuration * Set the default limit for classifier * Fix ttl based expiration from LRU cache * Rework DKIM module to use OpenSSL for digests * Fix mailto urls parsing with hyperscan * Do not set obscured flag for urls starting with spaces * Fix crash on redis learn * Fix ratelimit ctime setting 1.2.3: * New DCC module (by @smfreegard) * Rework whitelist module: - Now we check different elements for different checks - MIME from for DMARC - DKIM signature domain for DKIM - SMTP from or HELO for SPF * Fix regexps results combination (*critical*) * Fix issue with expressions processing (*critical*) * Optimize strlcpy for aligned input * Add support of half-closed connection in lua_tcp * Allow to print compact json in client * Save required score in history (#581) * Allow to attach file descriptors to control commands * Allow to send descriptors from workers to main * Allow to attach fd when broadcasting to workers * Implement log pipe feature for rspamd logs analysis * Add `log_helper` worker * Add `URIBL_SBL_CSS` (by @smfreegard) * Add worker scripts functionality * Add on load hooks for rspamd_config * Add lua scripts for log_helper worker * Add generic maillist detector (#584) * Implement FANN autolearn using log_helper worker * Rework metrics configuration to allow includes * Change default value of forced removal in composite rules * Allow to use assembly version of blake2b on x86 cpu * Use less precise (but faster) clock if possible * Insert redirected URL to the urls list * Allow to get and set callback data for rspamd symbols * Add binary heap implementation * Use binary heap for expire algorithms in the hash * Use `least frequent used` expiration strategy * Allow to get mime headers from a task * Add support for mime headers in `regexp` module * Update Exim patches (by @fatalbanana) * Allow building rspamd with jemalloc * Save multipart boundaries * SA plugin changes: - Properly handle MIME headers - Fix eval:check_for_missing_to_header rule - Implement SA compatible body regexps - Use sabody rules in SA plugin * LUA API changes: - Add util.get_ticks function - Add util.stat function - Add task:get_symbols_numeric method - Add method to get number of symbols in the cache - Add lua methods to get redirected urls - Allow to get callbacks for lua symbols - Add config:set_symbol_callback function 1.2.2: * Use HTTP Content-Type on non mime input if possible * Save log level when compressing log messages * Further rework of composite rules (add '^' prefix) * Add tracking for rspamd expressions * Store actions limits in metric result * Fix parsing of include/redirect with many records in SPF * Add method to disable symbols execution in the cache * Allow to disable checks from settings * Allow to select settings by id in HTTP query * Find URLs with '\r' and '\n' inside href attribute * Implement vectored mode for hyperscan (experimental) * Improve client connection errors diagnostics * Allow to edit new files with signtool * Improve hashes performance on 32 bit platforms * Fix sorting of limits * Remove slow and unused rules `INVALID_EXIM_RECEIVED*` * Add expression:process_traced lua method * Allow tables in task:insert_result * Save trace for SA metas * Do not parse broken TLD parts in URLs * Investigate many border cases in URLs parser 1.2.1: * Add list support to `mime types` module configuration (by @moisseev) * Allow symbols params to be printed in logs * Fix `MIME_BAD_ATTACHMENT` false positives for MDN/DSN * Fix crashes on arm32 * Do not classify message if some class is missing * Fix cryptobox cleanup * Remove multipart/report from bad mime types (#569) * Improve logging for fuzzy hashes * Show map URLs in webui * Sort symbols in webui 1.2.0: * New dynamic updates plugin * Regular expressions map support * Faster radix trie algorithm * Faster siphash for AVX2 supporing CPUs (used in fuzzy hashes) * PCRE2 support * Allow quoted and slashed keys in map * Add proper support of DNS resolvers balancing (#552) * Rework includes and configuration system for better local changes support * New keypairs framework for signing and encryption * Added support for dynamic modules and workers * Allow to dump configuration with help comments * Rework once_received module - Fix priority for `good_hosts` - If a good host has been found do not add once_received symbols - Fix priorities for strict once_received - Add ability to whitelist IP addresses * Implement support of signed maps for HTTP and file maps * Add command to sync fuzzy storage (#533) * Rework system of symbols and actions registration It is possible now to use priorities when adding symbols to metrics and override scores for symbols with lower priority with the scores with high priority. * Add auth support and db selection for redis stats * Improve composite rules application * Add ignore_received option * Fix critical issue with inconsistent resorting * Fix `all` in spf redirects * Add punycoded versions for IDN domains (#554) * Improve sorting order for symbols cache * Add lockless logging for processes management * Allow to specify flags for metric symbols * Load images height and width from style attribute (#538) * Override DNS requests limits for SPF and DKIM * Fix resetting symbols to their default values in WebUI * Improve configuration agility for redis stats * Allow to set db and password for redis in stat_convert * Import the latest libucl * LUA API changes: - Add rspamd_version function to LUA API - Add lua_cryptobox module - Add lua_map module - Add task:set_metric_action lua API method - Fix race condition in lua_tcp module - Fix a lot of issues in lua_redis module - Rework and abstract lua maps API - Add util.strlen_utf8 lua function - Add lua functions for caseless comparison - Allow optional symbols registration - Add config:add_map table form method, add regexp maps - Add task:has_urls method - Add task:has_flag method - Add html tags methods to lua_html - Add task:get_dns_req * Plugins changes: - Add support for WLBLEval SA plugin - Use caseless comparison in SA and DMARC plugins - Allow SA plugin to set scores for rspamd symbols - Add regexp maps support to multimap - Allow filenames match in multimap - Add more filters for the existing map types - Fix html images rules to reduce FP rates * New rules: - LONG_SUBJ - too long subject - MIME_BAD_ATTACHMENT - bad attachement type - RDNS_NONE - no reverse DNS record for sender's IP - Fix MISSING_MIMEOLE rule for modern OE * Many other bugfixes, memory leaks plugs thanks to: - Coverity scan - New gcc-6 warnings - valgrind manual iterations * Documentation improvements: - FAQ list: https://rspamd.com/doc/faq.html - Reworked quick start guide - Added documentation for all active modules * Other changes: - Dropped Ubuntu Vivid support - Added Ubuntu Xenial support - Rework build system for rspamd and rmilter 1.1.4: * Print traceback on lua errors in lua config * Fix leaks in lua error paths * Improve 'R_EMPTY_IMAGE' rule * Fix metas memoization in SA plugin * Properly set `flag` in fuzzy replies * Fix arguments order * Fix issue with out-of-boundary reading * Fix issues found by coverity * Same result checking error found by coverity * Fix varargs processing (found by coverity) * Fix error in printing hex * Reduce weights for some hfilter patterns * Add aliases for task:get_from_ip: - task:get_addr - task:get_from_addr - task:get_ip * Rework once_received module - Fix priority for `good_hosts` - If a good host has been found do not add once_received symbols - Fix priorities for strict once_received - Add ability to whitelist IP addresses * Fix `MISSING_MIMEOLE` rule for modern OE * Treat meta tags as embedded tags (#501) 1.1.3: * Fix DSN rules when SMTP from is unavailable * Fix statconvert routine to avoid lua module usage * Set a sane quark for configtest to avoid NULL to be printed in logs * Support c11 if available * Fix parsing of ip:port strings * Add more diagnostic for lua subr errors * Fix task:set_from_ip lua method * Add basic routines for digital signatures * Add tool for digital signatures * Add plain open file API method for atomic open * Fix parsing nested braces inside logger vars * Pre filters now actually skip processing * Add pre-filter mode for multimap * Switch to apache 2 license 1.1.2: * Fix stat_cache closing * Add checkpoints to sqlite3 learn cache * Do not recompile lua generated headers all the time * Increase number of messages learned * Fix issues with dual stack and hfilter * Disable MID checks for hfilter by default * Fix cache definitions in multiple classifier and no type * Don't crash if learn cache failed to initialize * Fix googlegroups support in maillist plugin * Rework flags LUA API: - Allow to check for a specific flag - Add `learn_spam`, `learn_ham` and `broken_headers` flags - Unify internal functions * Add `BROKEN_HEADERS` rule * Add support for forged confirmation headers (by @AdUser) * Allow `any`, `mime` and `smtp` for get_from/get_recipients * Add mime types checking plugin * Add rule to detect spammers attempts to cheat mime parsing * Rework parsing of IP addresses in configuration (better IPv6 support) * Add `util.parse_mail_address` function to LUA API * Add lua sqlite3 module * Implement synchronous redis call * Ratelimit: avoid possible indexing of nil value (Fixes #498) (by @fatalbanana) * Add stat_convert command to convert stats tokens from sqlite3 to redis * Implement redis advanced lua api with pipelining * Fix memory leak on redis stat (#500) * Fix user/language learn count in sqlite statistics (#496) (by @fatalbanana) * Fix build with custom pcre * Fix fuzzy relearning (#498) * Improve planning of asynchronous tasks * Show slow rules in log * Add warning for slow regexps * Add base32 decode/encode routines to lua util * Allow converting of learn cache from sqlite to redis * Add methods to check if a messages has from/rcpts * Improve and fix multimap plugin: - Restore 'header' maps - Add filters for headers - Add 'email:addr', 'email:user', 'email:domain' and 'email:name' filters - Add generic regexp filters * Disable reload command in rc scripts * Improve runtime CPU dispatcher for libcryptobox * Add preliminary support of digital signatures via ed25519 * Add detection for RDRAND support * Print configuration of crypto on start * A in SPF presumes AAAA lookup as well 1.1.1: * Fix duplicated XBL symbol * Reduce log severity for ratelimit missing servers * Fix XBL composite to avoid duplicate symbols * Reduce weight of URL_ONLY rule due to FP rate * Disable fuzzy hashes from the metadata for now * Fix processing of empty messages (#486) * Always treat DNS timeouts as temporary fail for SPF * Fix issue with SPF double IP stack (#483) * Use X-Forwarded-For when checking secure_ip (#488) * Fix hash calculation for sqlite stats * Fix memory corruption on punycode * Fix strings allocation in punycode * Fix error message (#491) 1.1.0: * Incompatible change: sqlite3 and per_user behaviour: Now both redis and sqlite3 follows the common principles for per-user statistics: 1) If per-user statistics is enabled check per-user tokens ONLY 2) If per-user statistics is not enabled then check common tokens ONLY If you need old behaviour, then you'd need to use separate classifier for per-user statistics. * Implement redis statistics backend and cache * Implement autolearning for statistics * Reworked statistics architecture from scratch * Add hyperscan (https://github.com/01org/hyperscan) engine for regular expressions: - add lazy loader for hyperscan databases - rework regexp cache to have joint pcre/hyperscan scanning - implement hyperscan pre-filter support - add compilation guards for bad expressions - implement `rspamadm control recompile` command - implement hyperscan cache monitoring - slides: <https://highsecure.ru/rspamd-hyperscan.pdf> * Implement flexible task logging * Rework fuzzy worker: - it is now possible to run multiple fuzzy workers; - implement lazy writing as sqlite3 is bad at concurrent writing; - add retries for simple sql commands in fuzzy backend; - use fine-grained transactions for fuzzy; - implement new multi-pubkeys mode; - allow encrypted only storages; - rework statistics for fuzzy; - add `rspamadm control fuzzystat` command for extended statistics; - implement human readable output for the previous command; - add condition script for learning fuzzy storage; * Various fixes to SPF: - fix `redirect` records; - fix domains when parsing mx/ptr/a records in includes/redirects; - fix issues with multiple addresses in SPF records; - ignore SPF results in case of DNS failure; - adjust TTL of records when resolving subelements of SPF records; - always select `v=spf1` line if it is available - do not cache records with DNS failure in subrequests; - ignore records with temporary fails during subrequests resolving; - fix `RDNS_RC_NOREC` support; * Add clang plugin for static analysis: - implement static checks for `rspamd_printf` format strings; * Add 'allow_raw_input' option for non-mime messages * Recognize types using libmagic * Fix parsing of IPv6 received headers * Add new interface of communication between workers in rspamd * Add support for named socketpairs * Don't write URLs by default as it is too verbose * Set status for HTTP replies * Try load `rspamd.conf.override` * Implement words decaying for text parts to limit many checks * Improve support of SA rules and plugins: - add check_for_shifted_date and check_for_missing_to_header eval rules; - add 'check_relays_unparseable' support; - add `check_for_mime('mime_attachement')` function; - use new re_cache interface for all SA rules; - add support for `Mail::SpamAssassin::Plugin::MIMEHeader`; - add support of 'special' SA headers to `exists` function; - fix issue when SA metas contain other metas; - fix freemail rules; * Many fixes to the URL parser * Match any newline character in regexps * Fix resolving of upstreams and detection of poor IPv6 configurations * Parse upstreams selection algorithm from the configuration line * Add `reresolve` command to the control interface * Generate fuzzy hashes from task metadata (URLs and headers) * Add method to check if IP is local and `local_addrs` option * Implement forced timeout for delayed filters * Disable fast path of pcre-jit as it seems to be broken * Bayes fixes: - new normalizer function; - really use weights of tokens from the OSB algorithm; - restore multiple classifiers support; * Rules changes: - add `R_SUSPICIOUS_URL` rule that detects obfuscated URL's; - improve empty image rule; - rework `FORGED_RECIPIENTS` rule; - reduce weight of `SUSPICIOUS_RECIPS`; - fix `*_NORESOLVE_MX` symbols in hfilter; - add `SUBJ_ALL_CAPS` rule with support of UTF8 - add spamhaus SBL to uribl - fix `SUSPICIOUS_RECIPS` and `SORTED_RECIPS` rules - remove `R_TO_SEEMS_AUTO` as it generates a lot of FP; - add new Message-ID regexp for Thunderbird (by @moisseev); * Plugins changes: - allow ratelimit plugin to set symbol instead of pre-result - support IP DNS black lists for URIBL (e.g spamhaus SBL); - drop deprecated SURBL bits (by @fatalbanana) - rename `JP_SURBL_MULTI` to `ABUSE_SURBL` (by @fatalbanana) - add `SURBL_BLOCKED` (by @fatalbanana) - add `CR_SURBL` - SURBL: allow fallthrough to default symbol (by @fatalbanana) - Settings: fix IP match (by @fatalbanana) - SURBL: add missing symbols to metric (by @fatalbanana) - allow processing images urls for SURBL - unconditionally disable SPF for authenticated users and local networks * Rework ratelimit plugin - switch to `rates` instead of old and stupid strings to setup; - check if a bucket is zero and disable the corresponding limits' - turn off all buckets by default; - check either `rcpt` or `user` buckets, not all together' - document new `rates` and `symbol` options; - inform user about what buckets are used in the configuration; * Add neural network **experimental** plugin * Add a sample script to learn neural network from rspamd logs * Add documentation strings support to rspamd: - add strings for the main configuration options; - document workers options; - add internal plugin options; - create `rspamadm confighelp` routine; - implement human readable output for the previous command; - add subtree search support; - add keyword search support; * Documentation improvements, tutorials section, statistics description * Many other minor and major bugfixes not noted here 1.0.11: * Fix spf redirects * Fix domains when parsing mx/ptr/a records in includes/redirects * Fix unfolded base64 encoding * Fix GError use-after-free * Do not rewrite the original url when using redirector * Fix parsing of fragment in urls * Fix processing of HTML tags * Improve empty image rule * Avoid long double type * Fix tokens weights in OSB algorithm * Improve debugging for bayes 1.0.10: * Fix settings application (#416) * Fix another issue with fixed strings * Fix hash function invocation * Use the proper string for make_dns_request in lua_http * Fix scan time output * Update webui: - fix labels for greylisting - fix dimension of scan time 1.0.9: * Emergency fix in keyed blake2 to fix fuzzy hashes and encrypted password * Support passwords longer than 64 symbols 1.0.8: * Add function to traverse AST atoms * Allow dependencies on rspamd symbols for SA metas * Fix memory corruption when timeout is removed in fuzzy check * Fix encrypted fuzzy add processing * Avoid use-after-free in controller session destructor * Use session pool instead of task pool in fuzzy check * Fix assembly in i386 mode (#413, #412) 1.0.7: * Plugged memory leaks in internet address object & html parser * Fixed static build * Fixed multiple sigchld processing * Fixed deletion of signal events after event processing loop * Fixed build on ARM (#404 - reported by @Gottox) * Fixed setting the default mask for SPF. * Fixed sanitisation of HTTP query values * Fixed parsing of the last header in encrypted HTTP messages * Additions and fixes for test suite & benchmarks * Added openssl aes-256-gcm support to libcryptobox & HTTP server * Implemented support for starting multiple HTTP servers * Implemented batch accept in HTTP server * Added module to get data from HTTP headers (#285 - reported by @msimerson) * Added `rspamadm control` command * Added ability to sort counters output. * Added ability to specify custom headers for rspamc client * Fix architecture detection * Converted history storage to the UCL format * Allow flexible number of rows in history * Fix action badges in WebUI * Add universal cryptobox hash API * Migrated to the optimized blake2b implementation adopted from Andrew Moon * Allow explicit loading of specific modules * Always load settings module * Allow to add symbols from settings * Fix double free in the controller fuzzy learn command * Avoid endless loop when cannot open sqlite db * Updated libucl 1.0.6: * Fix build on i386 * Update CentOS7 service file patch (by @fatalbanana) * Fix path to rspamadm in Debian init script (by @fatalbanana) * Fix broken '_SC_GETPW_R_SIZE_MAX' on FreeBSD * Fix portability issues * Use cryptobox chacha for libottery * Better support of 32 bit builds * Fix header name tokens setup * Fix levenstein distance method for words * Add workaround for old libevent (#400) * Fix microseconds in termination timer * Fix some more issues with fixed strings * Explicitly test CPU instructions even after CPUID call * Do not check out of boundary memory * Do not output broken emails * Fix unknown symbols registration * Handle SIGILL using longjmp * Block signals when exiting event loop * Fix incorrect allocation size * Slightly optimize alignment * Restore rspamd -t for compatibility * Add more sanity checks for emails 1.0.5: * Add rspamd control interface: - support `stat` command to get runtime stats of rspamd workers - support `reload` command to reload runtime elements (e.g. sqlite3 databases) * Rework curve25519 library for modular design: - add Sandy2x implementation by Tung Chou - fix CPU detection for variables loading assembly - add testing for curve25519 ECDH * New fixed strings library * Add `R_SUSPICIOUS_IMAGES` rule * Enable mmap in sqlite3 * Use new strings in the HTTP code * Improve google perftools invocation * Improve performance profiling in http test * Reorganize includes to reduce namespace pollution * Allow specific sections printing in configdump command * Rework workers signals handlers to be chained if needed * Update socketpair utility function * Add control_path option for rspamd control protocol * Fix ownership when listening on UNIX sockets * Rework signals processing in main * Remove extra tools from rspamd (they live in rspamadm now) * Remove global rspamd_main * Add global timeout for the overall task processing (8 seconds by default) * Sanitize NULL values for fuzzy backend * Store NM between encrypt/decrypt * Add textpart:get_words_count method * Fix generic DNS request in lua * Tune hfilter weights * Add support of IPv6 in hfilter * Fix parsing of HTTP headers with IP addresses * Sync with the recent libucl * Various minor bugfixes 1.0.4: * Add configdump routine to rspamadm * Implement retransmits for fuzzy_check plugin * Fix events processing for learning anf checking fuzzy hashes * Avoid dependency on unneeded and uncompatible glib include * Add `historyreset` command to the controller * Fix loading of tokenizer config from dump (#389) * Add sorting hints for the history * Allow custom lua scripts for users/languages extraction (#388) * Do not add FORGED_RECIPIENTS when 'To' is missing (#387) * Do not add R_UNDISC_RCPT when 'To' is missing (#387) * Add encryption to fuzzy check plugin * Add encryption for fuzzy storage * Add new epoch for encrypted fuzzy request * Add encryption for `rspamd.com` storage * Remove gmime processing for LDA mode as it is deadly broken * Add routine to find end of headers position in mime messages * Fix LDA headers folding * Init libraries in rspamc client as well to avoid locale issues * Avoid collision with locally installed includes * Allocate and free memory with the same allocator in rspamadm (#385) * Preserve expired fuzzy hashes counter * Improvements in webui: - Add favicon.ico - Rework history table - Fix sorting for the history - Migrate to bootstrap 3 and jquery 2 - Fix css bugs - Add glyphicons - Add reset history - Improve history buttons - Redraw graph to avoid display issues - Webui is now MIT licensed to match licensing policy of rspamd 1.0.3: * Fix piechart clean slice (#380) * Fix controller crashes when GString is reallocated (#381) * Correctly set locale before start * Set C locale for numeric values * Add rspamadm routine: - add `pw` command to manage passwords - add `help` command for displaying help - add `configtest` command to check configuration files - add `keypair` command for generating encryption keys - add `fuzzy_merge` routine to merge fuzzy sqlite databases - add a simple manual page for rspamadm * Allow metric registration for composite expressions * Add strict mode for configtest * Add logger counters * Save and show learned messages count (#383) * Add `no_stat` flag * Add `task:set_flag` and `task:get_flags` (#382) * Enable foreign keys in sqlite3 * Remove orphaned shingles from fuzzy storage * Optimize synchronization steps for fuzzy storage * Allow delayed conditions registration * Add lua API for conditions registering 1.0.2: * Fix critical bug in webui that prevents password from being sent * Rework webui view: - Switch to d3.js for graphs - Improve piechart look - Rework colors for piechart - Fix layout for symbols - Fix refresh button * Add descriptions for whitelist maps * Fix build on arm (#379) * Fix issue with the last element in the radix trie * Add more tests for radix trie algorithm * Allow to extract URLs from query strings of other URLs (#361) * Initialize rrd fields before writing to file * Fix double free if no password has been specified 1.0.1: * Add writing to rrd from the controller * Fixed lots of bugs in rrd code * Adopt new DNS API in hfilter plugin (by @AlexeySa) * Allow only one controller process to manage rrd file * Set event base for fuzzy calls * Improve fuzzy IO errors logging * Add rra extraction function to rrd library * Add graph handler to the controller * Cache correct passwords to avoid too high CPU usage when working with webui * Controller sockets are owned by router do not export them to task * Optimize logging by skipping hash table search if it's empty * Fix loading issue whith broken statfiles * Print assertions from glib to rspamd logger * Load legacy `lua/rspamd.local.lua` * Update webui with some fixes to learning and scanning 1.0.0: * Rework symbols processing: - Improve sorting logic for symbols - Organize processing into multiple stages - Added asynchronous watchers for symbols - Added ability to organize dependencies between symbols * Fixed URL redirector: - Use optimized POE loop - Organize dependencies - Fix startup * New sqlite3 backend: - Allow to have per-languages and per-user statistics - Allow sqlite3 to be used as statistics backend * Store tokenizer configuration within statfiles * Improve bayes statistics: - Use headers and images metainformation in bayes - Suggest using of pre-processed tokens for statistics - Fix tokens normalization for OSB algorithm * Rewrite url parsing: - Fix numerous issues with url extraction and normalization - Fix mailto urls * Fix settings plugin to allow custom actions scores * Improve rbl plugin * Allow capturing patterns in rspamd lua regexp library * Add GTUBE support * Fix spamc legacy support * Add DKIM support to RBL module * Fix issues with multiple DKIM signatures * Fix issue if rspamd cannot create statfiles (#331) * Rework parts and task structure: - Now text_parts, parts and received are arrays - Pre-allocate arrays with some reasonable defaults - Use arrays instead of lists in plugins and checks - Remove unused fields from task structure - Rework mime_foreach callback function - Remove deprecated scan_milliseconds field * Add ip_score plugin support (not enabled by default): - Can check for asn/country and network using DNS lookups - Can store and load reputation from redis server * Improve PARTS_DIFFER rule to count merely different words * New HTML parser: - Parses HTML parts using a set of state machines - Extracts useful data and exports it to lua functions: + Styles + Images + URLs + Colors + Structure elements - Added HTML rules for some checks * New version of LUA DNS API * Table versions of many functions in LUA API * Improve rspamc client: - Print execution time - Allow executing of external commands a…
- Loading branch information