diff mod_firewall/scripts/spam-blocking.pfw @ 2565:fc53165d8afe

spam-blocking.pfw: Much improvement
author Matthew Wild <mwild1@gmail.com>
date Fri, 24 Feb 2017 12:13:17 +0000
parents 56db2ab3b853
children ed4815bb8fe2
line wrap: on
line diff
--- a/mod_firewall/scripts/spam-blocking.pfw	Fri Feb 24 09:51:43 2017 +0000
+++ b/mod_firewall/scripts/spam-blocking.pfw	Fri Feb 24 12:13:17 2017 +0000
@@ -1,8 +1,33 @@
-#### Anti-spam ruleset
+#### Anti-spam ruleset ###########################################
+# This script provides some foundational anti-spam
+# rules. It does not do any form of content filtering,
+# but this can be implemented by other scripts and
+# modules as desired.
+#
+# The following chains are available as extension
+# points:
+#
+# ::user/spam_check_message_content
+#   Apply additional checks to messages that may be spam
+#
+# ::user/spam_check_subscription_request
+#   Apply additional checks to subscription requests
+#
+# ::user/spam_handle_unknown_custom
+#   Override default handling of stanzas that weren't explicitly
+#   passed or rejected by the anti-spam checks
+#
+# ::user/spam_reject_custom
+#   Override default handling of stanzas that have
+#   been recognised as spam (default is to bounce
+#   a policy-violation error)
+##################################################################
 
-#### General rules for all incoming stanzas ####
+#### General rules for all incoming stanzas ######################
 ::deliver
 
+LOG=Considering $(stanza:top_tag())
+
 # Pass stanzas that a user sends to their own account
 TO SELF?
 PASS.
@@ -17,28 +42,36 @@
 
 # Run extra rules that apply to messages only
 KIND: message
-JUMP_CHAIN=user/check_spam_message
+JUMP CHAIN=user/spam_check_message
 
 # Run extra rules that apply to presence stanzas only
 KIND: presence
-JUMP CHAIN=user/check_spam_presence
+JUMP CHAIN=user/spam_check_presence
+
+JUMP CHAIN=user/spam_handle_unknown
 
-#### Rules for messages ####
-::user/check_spam_message
+# Default is to allow, override this with
+# the 'user/spam_handle_unknown' chain
+PASS.
+
+#### Rules for messages ##########################################
+::user/spam_check_message
 
 # Non-chat message types often generate pop-ups in clients,
 # so we won't accept them from strangers
 NOT TYPE: chat
-JUMP CHAIN=user/reject_spam
+JUMP CHAIN=user/spam_reject
 
 # This chain can be used by other scripts
 # and modules that analyze message content
-JUMP CHAIN=user/check_spam_message_content
+JUMP CHAIN=user/spam_check_message_content
+
+##################################################################
 
-#### Rules for presence stanzas ####
-::user/check_spam_presence
+#### Rules for presence stanzas ##################################
+::user/spam_check_presence
 
-# These may be received if rosters get out of sync, and are harmless
+# These may be received if rosters get out of sync and are harmless
 # because they will not be routed to the client unless necessary
 TYPE: unsubscribe|unsubscribed
 PASS.
@@ -50,10 +83,31 @@
 
 # This chain can be used by other scripts
 # and modules to filter subscription requests
-JUMP CHAIN=user/check_subscription_request
+JUMP CHAIN=user/spam_check_subscription_request
+
+##################################################################
 
-#### Stanzas reaching this chain will be rejected ####
-::user/reject_spam
+#### Stanzas reaching this chain will be rejected ################
+::user/spam_reject
+
+# This chain can be used by other scripts
+# and modules to override the default behaviour
+# when rejecting spam stanzas
+JUMP CHAIN=user/spam_reject_custom
 
 LOG=Rejecting suspected spam: $(stanza:top_tag())
 BOUNCE=policy-violation
+
+##################################################################
+
+#### Stanzas that may be spam, but we're not sure either way######
+::user/spam_handle_unknown
+
+# This chain can be used by other scripts
+# and modules to apply additional checks, or to
+# override the default behaviour
+JUMP CHAIN=user/spam_handle_unknown_custom
+
+#LOG=[debug] Spam check allowing: $(stanza:top_tag())
+
+##################################################################