prosody-modules: mod_firewall/scripts/spam-blocking.pfw@56db2ab3b853 (annotated)

2560 cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	1	#### Anti-spam ruleset
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	2
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	3	#### General rules for all incoming stanzas ####
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	4	::deliver
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	5
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	6	# Pass stanzas that a user sends to their own account
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	7	TO SELF?
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	8	PASS.
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	9
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	10	# Pass stanzas that are addressed to a valid full JID
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	11	TO FULL JID?
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	12	PASS.
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	13
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	14	# Pass stanzas from contacts
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	15	SUBSCRIBED?
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	16	PASS.
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	17
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	18	# Run extra rules that apply to messages only
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	19	KIND: message
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	20	JUMP_CHAIN=user/check_spam_message
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	21
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	22	# Run extra rules that apply to presence stanzas only
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	23	KIND: presence
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	24	JUMP CHAIN=user/check_spam_presence
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	25
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	26	#### Rules for messages ####
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	27	::user/check_spam_message
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	28
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	29	# Non-chat message types often generate pop-ups in clients,
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	30	# so we won't accept them from strangers
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	31	NOT TYPE: chat
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	32	JUMP CHAIN=user/reject_spam
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	33
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	34	# This chain can be used by other scripts
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	35	# and modules that analyze message content
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	36	JUMP CHAIN=user/check_spam_message_content
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	37
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	38	#### Rules for presence stanzas ####
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	39	::user/check_spam_presence
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	40
2561 56db2ab3b853 mod_firewall: spam-blocking.pfw: Allow unsubscribe/unsubscribed presence Matthew Wild <mwild1@gmail.com> parents: 2560 diff changeset	41	# These may be received if rosters get out of sync, and are harmless
56db2ab3b853 mod_firewall: spam-blocking.pfw: Allow unsubscribe/unsubscribed presence Matthew Wild <mwild1@gmail.com> parents: 2560 diff changeset	42	# because they will not be routed to the client unless necessary
56db2ab3b853 mod_firewall: spam-blocking.pfw: Allow unsubscribe/unsubscribed presence Matthew Wild <mwild1@gmail.com> parents: 2560 diff changeset	43	TYPE: unsubscribe\|unsubscribed
56db2ab3b853 mod_firewall: spam-blocking.pfw: Allow unsubscribe/unsubscribed presence Matthew Wild <mwild1@gmail.com> parents: 2560 diff changeset	44	PASS.
56db2ab3b853 mod_firewall: spam-blocking.pfw: Allow unsubscribe/unsubscribed presence Matthew Wild <mwild1@gmail.com> parents: 2560 diff changeset	45
2560 cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	46	# We don't want to receive presence from random strangers,
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	47	# but still allow subscription requests
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	48	NOT TYPE: subscribe
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	49	DROP.
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	50
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	51	# This chain can be used by other scripts
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	52	# and modules to filter subscription requests
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	53	JUMP CHAIN=user/check_subscription_request
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	54
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	55	#### Stanzas reaching this chain will be rejected ####
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	56	::user/reject_spam
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	57
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	58	LOG=Rejecting suspected spam: $(stanza:top_tag())
cc01a5bfcf3b mod_firewall: spam-blocking.pfw, initial anti-spam ruleset Matthew Wild <mwild1@gmail.com> parents: diff changeset	59	BOUNCE=policy-violation

author	Matthew Wild <mwild1@gmail.com>
	Thu, 23 Feb 2017 14:26:19 +0000
changeset 2561	56db2ab3b853
parent 2560	cc01a5bfcf3b
child 2569	fc53165d8afe
permissions	-rw-r--r--