And match any heuristics clamav results.
description => "Whitelist legitimate bounce relays.",
type => 'string',
},
description => "Whitelist legitimate bounce relays.",
type => 'string',
},
- safe_browsing_score => {
- description => "Score for mails listed in Google Safe Browsing database.",
+ clamav_heuristic_score => {
+ description => "Score for ClamaAV heuristics (Google Safe Browsing database, PhishingScanURLs, ...).",
type => 'integer',
minimum => 0,
maximum => 1000,
type => 'integer',
minimum => 0,
maximum => 1000,
wl_bounce_relays => { optional => 1 },
languages => { optional => 1 },
use_bayes => { optional => 1 },
wl_bounce_relays => { optional => 1 },
languages => { optional => 1 },
use_bayes => { optional => 1 },
- safe_browsing_score => { optional => 1 },
+ clamav_heuristic_score => { optional => 1 },
bounce_score => { optional => 1 },
rbl_checks => { optional => 1 },
maxspamsize => { optional => 1 },
bounce_score => { optional => 1 },
rbl_checks => { optional => 1 },
maxspamsize => { optional => 1 },
}
$queue->{all_from_addrs} = [ keys %$fromhash ];
}
$queue->{all_from_addrs} = [ keys %$fromhash ];
- if (my $hit = $queue->{safe_browsing}) {
- my $score = $queue->{safe_browsing_score};
- my $descr = "Found in Google Safe Browsing database.";
- my $rule = 'Safebrowsing';
+ if (my $hit = $queue->{clamav_heuristic}) {
+ my $score = $queue->{clamav_heuristic_score};
+ my $descr = "ClamAV heuristic test: $hit";
+ my $rule = 'ClamAVHeuristics';
$sa_score += $score;
$list .= $list ? ",$rule" : $rule;
push @$sa_scores, { score => $score, rule => $rule, desc => $descr };
$sa_score += $score;
$list .= $list ? ",$rule" : $rule;
push @$sa_scores, { score => $score, rule => $rule, desc => $descr };
my $spamtest = $queue->{sa};
my $spamtest = $queue->{sa};
- # only run SA in testmode or when safe_browsing did not confirm spam (score < 5)
+ # only run SA in testmode or when clamav_heuristic did not confirm spam (score < 5)
# do not run SA if mail is too large
if (($queue->{bytes} <= $maxspamsize) &&
($msginfo->{testmode} || ($sa_score < 5))) {
# do not run SA if mail is too large
if (($queue->{bytes} <= $maxspamsize) &&
($msginfo->{testmode} || ($sa_score < 5))) {
- $res->{'Safebrowsing'}->{desc} = "Found in Google Safe Browsing database.";
+ $res->{'ClamAVHeuristics'}->{desc} = "ClamAV heuristic tests";
$queue = $smtp->{queue};
$queue->{sa} = $self->{sa};
$queue = $smtp->{queue};
$queue->{sa} = $self->{sa};
- $queue->{safe_browsing_score} =
- $opt_testmode ? 100 : $pmg_cfg->get('spam', 'safe_browsing_score');
+ $queue->{clamav_heuristic_score} =
+ $opt_testmode ? 100 : $pmg_cfg->get('spam', 'clamav_heuristic_score');
my $vinfo = PMG::Utils::analyze_virus(
$queue, $queue->{dataname}, $pmg_cfg, $opt_testmode);
my $vinfo = PMG::Utils::analyze_virus(
$queue, $queue->{dataname}, $pmg_cfg, $opt_testmode);
- if ($vinfo && $vinfo =~ m/^Heuristics\.Safebrowsing\.(.+)$/) {
+ if ($vinfo && $vinfo =~ m/^Heuristics\.(.+)$/) {
- $self->log(3, "$queue->{logid}: Google Safe Browsing database hit '%s'", $hit);
- $queue->{safe_browsing} = $hit;
+ $queue->{clamav_heuristic} = $hit;