Mercurial > prosody-modules
view mod_firewall/scripts/spam-blocking.pfw @ 2569:f622fb016155
mod_saslname/README: Expand description
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Fri, 24 Feb 2017 16:41:32 +0100 |
parents | 5e1fb7e6b558 |
children | a33edc07d829 |
line wrap: on
line source
#### Anti-spam ruleset ########################################### # This script provides some foundational anti-spam # rules. It does not do any form of content filtering, # but this can be implemented by other scripts and # modules as desired. # # The following chains are available as extension # points: # # ::user/spam_check_message_custom # Apply additional rules to messages from strangers # # ::user/spam_check_message_content # Apply additional rules to messages that may be spam # # ::user/spam_check_presence_custom # Apply additional rules to presence that may be spam # # ::user/spam_check_subscription_request # Apply additional rules to subscription requests # # ::user/spam_handle_unknown_custom # Override default handling of stanzas that weren't explicitly # passed or rejected by the anti-spam checks # # ::user/spam_reject_custom # Override default handling of stanzas that have # been recognised as spam (default is to bounce # a policy-violation error) # ################################################################## #### Entry point for all incoming stanzas ######################## ::deliver # Override this if you want to prevent certain stanzas going through # the normal spam_check chain JUMP_CHAIN=user/spam_check_custom # Run the default spam_check chain JUMP_CHAIN=user/spam_check ################################################################## #### General spam-checking rules (all stanzas) ################### ::user/spam_check # Pass stanzas that a user sends to their own account TO SELF? PASS. # Pass stanzas that are addressed to a valid full JID TO FULL JID? PASS. # Pass stanzas from contacts SUBSCRIBED? PASS. # Run extra rules that apply to messages only KIND: message JUMP CHAIN=user/spam_check_message # Run extra rules that apply to presence stanzas only KIND: presence JUMP CHAIN=user/spam_check_presence JUMP CHAIN=user/spam_handle_unknown # Default is to allow, override this with # the 'user/spam_handle_unknown' chain PASS. #### Rules for messages ########################################## ::user/spam_check_message JUMP CHAIN=user/spam_check_message_custom # Non-chat message types often generate pop-ups in clients, # so we won't accept them from strangers NOT TYPE: chat JUMP CHAIN=user/spam_reject # This chain can be used by other scripts # and modules that analyze message content JUMP CHAIN=user/spam_check_message_content ################################################################## #### Rules for presence stanzas ################################## ::user/spam_check_presence JUMP CHAIN=user/spam_check_presence_custom # These may be received if rosters get out of sync and are harmless # because they will not be routed to the client unless necessary TYPE: unsubscribe|unsubscribed PASS. # We don't want to receive presence from random strangers, # but still allow subscription requests NOT TYPE: subscribe DROP. # This chain can be used by other scripts # and modules to filter subscription requests JUMP CHAIN=user/spam_check_subscription_request ################################################################## #### Stanzas reaching this chain will be rejected ################ ::user/spam_reject # This chain can be used by other scripts # and modules to override the default behaviour # when rejecting spam stanzas JUMP CHAIN=user/spam_reject_custom LOG=Rejecting suspected spam: $(stanza:top_tag()) BOUNCE=policy-violation ################################################################## #### Stanzas that may be spam, but we're not sure either way###### ::user/spam_handle_unknown # This chain can be used by other scripts # and modules to apply additional checks, or to # override the default behaviour JUMP CHAIN=user/spam_handle_unknown_custom #LOG=[debug] Spam check allowing: $(stanza:top_tag()) ##################################################################