RSPAMD_URIBL is not checked on incoming mail? #24
Description
system info
| Haraka | Haraka.js — Version: 2.8.25 |
|---|---|
| Node | v12.16.3 |
| OS | Linux calamity 4.15.0-99-generic #100-Ubuntu SMP Wed Apr 22 20:32:56 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux |
| openssl | OpenSSL 1.1.1 11 Sep 2018 |
Expected behavior
Scanning a spam message through rspamd's "scan" tab on its web interface reports a RSPAMD_URIBL symbol (with weight of 4.5).
I would expect incoming mail to also be tested on this, so it could be rejected. Here's the full list from the scan result:
ABUSE_SURBL (5.5)
RSPAMD_URIBL (4.5)
HTML_SHORT_LINK_IMG_1 (2)
RBL_MAILSPIKE_WORST (2)
FROM_EXCESS_BASE64 (1.5)
SUBJECT_HAS_CURRENCY (1)
MIME_HTML_ONLY (0.2)
BAD_REP_POLICIES (0.1)
RCVD_NO_TLS_LAST (0.1)
Observed behavior
This RSPAMD_URIBL test is not applied to actual, incoming mail (it is not added to the X-Rspamd-Report header, its value is not added to the score.) This allows the spam to be accepted.
Here's the header of the actual received mail:
X-Rspamd-Bar: ++++++++++++
X-Rspamd-Report: ABUSE_SURBL(5.5) FROM_EXCESS_BASE64(1.5) HTML_SHORT_LINK_IMG_1(2) RBL_MAILSPIKE_WORST(2) BAD_REP_POLICIES(0.1) SUBJECT_HAS_CURRENCY(1) MIME_HTML_ONLY(0.2) FORGED_SENDER(0.3) RCVD_NO_TLS_LAST(0.1)
X-Rspamd-Score: 12.699999
Steps to reproduce
Test incoming spam messages?
Do I have to enable this test somewhere?