Mercurial > prosody-modules
view mod_firewall/scripts/spam-blocking.pfw @ 2565:fc53165d8afe
spam-blocking.pfw: Much improvement
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Fri, 24 Feb 2017 12:13:17 +0000 |
parents | 56db2ab3b853 |
children | ed4815bb8fe2 |
line wrap: on
line source
#### Anti-spam ruleset ########################################### # This script provides some foundational anti-spam # rules. It does not do any form of content filtering, # but this can be implemented by other scripts and # modules as desired. # # The following chains are available as extension # points: # # ::user/spam_check_message_content # Apply additional checks to messages that may be spam # # ::user/spam_check_subscription_request # Apply additional checks to subscription requests # # ::user/spam_handle_unknown_custom # Override default handling of stanzas that weren't explicitly # passed or rejected by the anti-spam checks # # ::user/spam_reject_custom # Override default handling of stanzas that have # been recognised as spam (default is to bounce # a policy-violation error) ################################################################## #### General rules for all incoming stanzas ###################### ::deliver LOG=Considering $(stanza:top_tag()) # Pass stanzas that a user sends to their own account TO SELF? PASS. # Pass stanzas that are addressed to a valid full JID TO FULL JID? PASS. # Pass stanzas from contacts SUBSCRIBED? PASS. # Run extra rules that apply to messages only KIND: message JUMP CHAIN=user/spam_check_message # Run extra rules that apply to presence stanzas only KIND: presence JUMP CHAIN=user/spam_check_presence JUMP CHAIN=user/spam_handle_unknown # Default is to allow, override this with # the 'user/spam_handle_unknown' chain PASS. #### Rules for messages ########################################## ::user/spam_check_message # Non-chat message types often generate pop-ups in clients, # so we won't accept them from strangers NOT TYPE: chat JUMP CHAIN=user/spam_reject # This chain can be used by other scripts # and modules that analyze message content JUMP CHAIN=user/spam_check_message_content ################################################################## #### Rules for presence stanzas ################################## ::user/spam_check_presence # These may be received if rosters get out of sync and are harmless # because they will not be routed to the client unless necessary TYPE: unsubscribe|unsubscribed PASS. # We don't want to receive presence from random strangers, # but still allow subscription requests NOT TYPE: subscribe DROP. # This chain can be used by other scripts # and modules to filter subscription requests JUMP CHAIN=user/spam_check_subscription_request ################################################################## #### Stanzas reaching this chain will be rejected ################ ::user/spam_reject # This chain can be used by other scripts # and modules to override the default behaviour # when rejecting spam stanzas JUMP CHAIN=user/spam_reject_custom LOG=Rejecting suspected spam: $(stanza:top_tag()) BOUNCE=policy-violation ################################################################## #### Stanzas that may be spam, but we're not sure either way###### ::user/spam_handle_unknown # This chain can be used by other scripts # and modules to apply additional checks, or to # override the default behaviour JUMP CHAIN=user/spam_handle_unknown_custom #LOG=[debug] Spam check allowing: $(stanza:top_tag()) ##################################################################