Linux ip-172-26-2-223 5.4.0-1018-aws #18-Ubuntu SMP Wed Jun 24 01:15:00 UTC 2020 x86_64
Apache
: 172.26.2.223 | : 3.15.38.243
Cant Read [ /etc/named.conf ]
8.1.13
www
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
BLACK DEFEND!
README
+ Create Folder
+ Create File
/
usr /
share /
rspamd /
rules /
[ HOME SHELL ]
Name
Size
Permission
Action
controller
[ DIR ]
drwxr-xr-x
regexp
[ DIR ]
drwxr-xr-x
archives.lua
4.01
KB
-rw-r--r--
bitcoin.lua
6.34
KB
-rw-r--r--
bounce.lua
3.94
KB
-rw-r--r--
content.lua
3.21
KB
-rw-r--r--
forwarding.lua
4.82
KB
-rw-r--r--
headers_checks.lua
31.06
KB
-rw-r--r--
html.lua
11.98
KB
-rw-r--r--
mid.lua
5.32
KB
-rw-r--r--
misc.lua
25.95
KB
-rw-r--r--
parts.lua
290
B
-rw-r--r--
rspamd.lua
2.42
KB
-rw-r--r--
subject_checks.lua
1.91
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : forwarding.lua
--[[ Copyright (c) 2022, Vsevolod Stakhov <vsevolod@rspamd.com> Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. ]]-- -- Rules to detect forwarding local rspamd_util = require "rspamd_util" rspamd_config.FWD_GOOGLE = { callback = function(task) if not (task:has_from(1) and task:has_recipients(1)) then return false end local envfrom = task:get_from { 'smtp', 'orig' } local envrcpts = task:get_recipients(1) -- Forwarding will only be to a single recipient if #envrcpts > 1 then return false end -- Get recipient and compute VERP address local rcpt = envrcpts[1].addr:lower() local verp = rcpt:gsub('@', '=') -- Get the user portion of the envfrom local ef_user = envfrom[1].user:lower() -- Check for a match if ef_user:find('+caf_=' .. verp, 1, true) then local _, _, user = ef_user:find('^(.+)+caf_=') if user then user = user .. '@' .. envfrom[1].domain return true, user end end return false end, score = 0.0, description = "Message was forwarded by Google", group = "forwarding" } rspamd_config.FWD_YANDEX = { callback = function(task) if not (task:has_from(1) and task:has_recipients(1)) then return false end local hostname = task:get_hostname() if hostname and hostname:lower():find('%.yandex%.[a-z]+$') then return task:has_header('X-Yandex-Forward') end return false end, score = 0.0, description = "Message was forwarded by Yandex", group = "forwarding" } rspamd_config.FWD_MAILRU = { callback = function(task) if not (task:has_from(1) and task:has_recipients(1)) then return false end local hostname = task:get_hostname() if hostname and hostname:lower():find('%.mail%.ru$') then return task:has_header('X-MailRu-Forward') end return false end, score = 0.0, description = "Message was forwarded by Mail.ru", group = "forwarding" } rspamd_config.FWD_SRS = { callback = function(task) if not (task:has_from(1) and task:has_recipients(1)) then return false end local envfrom = task:get_from(1) local envrcpts = task:get_recipients(1) -- Forwarding is only to a single recipient if #envrcpts > 1 then return false end -- Get recipient and compute rewritten SRS address local srs = '=' .. envrcpts[1].domain:lower() .. '=' .. envrcpts[1].user:lower() if envfrom[1].user:lower():find('^srs[01]=') and envfrom[1].user:lower():find(srs, 1, false) then return true end return false end, score = 0.0, description = "Message was forwarded using Sender Rewriting Scheme (SRS)", group = "forwarding" } rspamd_config.FORWARDED = { callback = function(task) local function normalize_addr(addr) addr = string.match(addr, '^<?([^>]*)>?$') or addr local cap, _, domain = string.match(addr, '^([^%+][^%+]*)(%+[^@]*)@(.*)$') if cap then addr = string.format('%s@%s', cap, domain) end return addr end if not task:has_recipients(1) or not task:has_recipients(2) then return false end local envrcpts = task:get_recipients(1) -- Forwarding will only be for single recipient messages if #envrcpts > 1 then return false end -- Get any other headers we might need local has_list_unsub = task:has_header('List-Unsubscribe') local to = task:get_recipients(2) local matches = 0 -- Retrieve and loop through all Received headers local rcvds = task:get_received_headers() if rcvds then for _, rcvd in ipairs(rcvds) do local addr = rcvd['for'] if addr then addr = normalize_addr(addr) matches = matches + 1 -- Check that it doesn't match the envrcpt if not rspamd_util.strequal_caseless(addr, envrcpts[1].addr) then -- Check for mailing-lists as they will have the same signature if matches < 2 and has_list_unsub and to and rspamd_util.strequal_caseless(to[1].addr, addr) then return false else return true, 1.0, addr end end -- Prevent any other iterations as we only want -- process the first matching Received header return false end end end return false end, score = 0.0, description = "Message was forwarded", group = "forwarding" }
Close
