diff --git a/Esp-rbl.cf b/Esp-rbl.cf index a2dbb43..d0162e0 100644 --- a/Esp-rbl.cf +++ b/Esp-rbl.cf @@ -100,6 +100,16 @@ ifplugin Mail::SpamAssassin::Plugin::Esp tflags RBL_ESP_KEYSENDER net endif + header ESP_KLAVIYO eval:esp_klaviyo_check() + describe ESP_KLAVIYO Message from Klaviyo abused account + score ESP_KLAVIYO 0.01 + + ifplugin Mail::SpamAssassin::Plugin::AskDNS + askdns RBL_ESP_KLAVIYO _KLAVIYOID_.klaviyo.espbl.snb.it A 127.0.0.1 + describe RBL_ESP_KLAVIYO Esp Klaviyo Id blacklist + tflags RBL_ESP_KLAVIYO net + endif + header ESP_MAILCHIMP eval:esp_mailchimp_check() describe ESP_MAILCHIMP Message from Mailchimp abused account score ESP_MAILCHIMP 0.01 @@ -318,6 +328,13 @@ if (version >= 4.000000) describe RBL_ESP_KEYSENDER Esp Keysender Id blacklist tflags RBL_ESP_KEYSENDER net + header __ESP_KLAVIYO_MSG exists:X-Kmail-Message + header __ESP_KLAVIYO_UID X-Kmail-Account =~ /(?.*)/ + header __ESP_KLAVIYO_RBL eval:check_hashbl_tag('klaviyo.espbl.snb.it/A', 'raw', 'KLAVIYO_UID', '^127\.') + meta RBL_ESP_KLAVIYO ( __ESP_KLAVIYO_MSG && __ESP_KLAVIYO_RBL ) + describe RBL_ESP_KLAVIYO Esp Klaviyo Id blacklist + tflags RBL_ESP_KLAVIYO net + header __ESP_MAILCHIMP_XM X-Mailer =~ /MailChimp\s+Mailer/ header __ESP_MAILCHIMP_ID X-MC-User =~ /^(?[0-9a-z]{25})$/ header __ESP_MAILCHIMP_RBL eval:check_hashbl_tag('mailchimp.espbl.snb.it/A', 'raw', 'MAILCHIMP_ID', '^127\.') @@ -427,6 +444,7 @@ score RBL_ESP_ECMESSENGER 4.0 score RBL_ESP_EMARSYS 4.0 score RBL_ESP_EXACTTARGET 4.0 score RBL_ESP_FXYN 4.0 +score RBL_ESP_KLAVIYO 4.0 score RBL_ESP_MAILCHIMP 4.0 score RBL_ESP_MAILCHIMP_M 4.0 score RBL_ESP_MAILDOME 4.0 diff --git a/Esp.cf b/Esp.cf index cb81b5f..f82ff8b 100644 --- a/Esp.cf +++ b/Esp.cf @@ -100,6 +100,13 @@ header KEYSENDER eval:esp_keysender_check() describe KEYSENDER Message from Keysender abused account score KEYSENDER 5.0 +# -------- KLAVIYO -------- +klaviyo_feed /etc/mail/spamassassin/klaviyo_id.txt + +header KLAVIYO eval:esp_klaviyo_check() +describe KLAVIYO Message from Klaviyo abused account +score KLAVIYO 5.0 + # -------- MAILCHIMP -------- mailchimp_feed /etc/mail/spamassassin/mailchimp_id.txt diff --git a/Esp.pm b/Esp.pm index e5d06f8..3232c71 100644 --- a/Esp.pm +++ b/Esp.pm @@ -67,6 +67,7 @@ sub new { $self->register_eval_rule('esp_exacttarget_check', $Mail::SpamAssassin::Conf::TYPE_HEAD_EVALS); $self->register_eval_rule('esp_fxyn_check', $Mail::SpamAssassin::Conf::TYPE_HEAD_EVALS); $self->register_eval_rule('esp_keysender_check', $Mail::SpamAssassin::Conf::TYPE_HEAD_EVALS); + $self->register_eval_rule('esp_klaviyo_check', $Mail::SpamAssassin::Conf::TYPE_HEAD_EVALS); $self->register_eval_rule('esp_mailchimp_check', $Mail::SpamAssassin::Conf::TYPE_HEAD_EVALS); $self->register_eval_rule('esp_maildome_check', $Mail::SpamAssassin::Conf::TYPE_HEAD_EVALS); $self->register_eval_rule('esp_mailgun_check', $Mail::SpamAssassin::Conf::TYPE_HEAD_EVALS); @@ -132,6 +133,9 @@ Usage: esp_keysender_check() Checks for Keysender abused accounts + esp_klaviyo_check() + Checks for Klaviyo abused accounts + esp_mailchimp_check() Checks for Mailchimp abused accounts @@ -235,6 +239,11 @@ Files can be separated by a comma. A list of files with abused Keysender accounts. Files can be separated by a comma. +=item klaviyo_feed [...] + +A list of files with abused Klaviyo accounts. +Files can be separated by a comma. + =item mailchimp_feed [...] A list of files with abused Mailchimp accounts. @@ -353,6 +362,9 @@ FXYNID =item * KEYSENDERID +=item * +KLAVIYOID + =item * MAILCHIMPID @@ -460,6 +472,12 @@ sub set_config { type => $Mail::SpamAssassin::Conf::CONF_TYPE_STRING, } ); + push(@cmds, { + setting => 'klaviyo_feed', + is_admin => 1, + type => $Mail::SpamAssassin::Conf::CONF_TYPE_STRING, + } + ); push(@cmds, { setting => 'mailchimp_feed', is_admin => 1, @@ -559,6 +577,7 @@ sub finish_parsing_end { $self->_read_configfile('fordem_feed', 'FORDEM'); $self->_read_configfile('fxyn_feed', 'FXYN'); $self->_read_configfile('keysender_feed', 'KEYSENDER'); + $self->_read_configfile('klaviyo_feed', 'KLAVIYO'); $self->_read_configfile('mailchimp_feed', 'MAILCHIMP'); $self->_read_configfile('maildome_feed', 'MAILDOME'); $self->_read_configfile('mailgun_feed', 'MAILGUN'); @@ -847,6 +866,23 @@ sub esp_keysender_check { return _hit_and_tag($self, $pms, $uid, 'KEYSENDER', 'Keysender', 'KEYSENDERID', $opts); } +sub esp_klaviyo_check { + my ($self, $pms, $opts) = @_; + my $uid; + + # return if X-Kmail-Message is not set + my $xkm = $pms->get("X-Kmail-Message", undef); + + if(not defined $xkm) { + return; + } + + $uid = $pms->get("X-Kmail-Account", undef); + return if not defined $uid; + + return _hit_and_tag($self, $pms, $uid, 'KLAVIYO', 'Klaviyo', 'KLAVIYOID', $opts); +} + sub esp_mailchimp_check { my ($self, $pms, $opts) = @_; my $mailchimp_id; @@ -1138,6 +1174,7 @@ sub has_esp_emarsys_check { 1 }; sub has_esp_exacttarget_check { 1 }; sub has_esp_fxyn_check { 1 }; sub has_esp_keysender_check { 1 }; +sub has_esp_klaviyo_check { 1 }; sub has_esp_mailchimp_check { 1 }; sub has_esp_maildome_check { 1 }; sub has_esp_mailgun_check { 1 };