Closed filippocarletti closed 3 years ago
in 7.9.2009/nethesis-testing
:
Test case 1
/usr/share/nethserver-yomi/mime_type_graylist
Test case 2
yomi
key has been deleted: VirusWeight
, SuspiciousWeight
, SkipMimeTypes
, CleanWeight
Test case 3
/var/log/maillog
I can't test all mime types, but I sent many different files, and the sandbox received the expected types.
~]# config show yomi
yomi=configuration
Debug=disabled
SuspiciousLevel=0.4
Url=https://sb.nethesis.it/api
VirusLevel=0.8
status=enabled
Jun 10 10:02:50 ns7-ent rspamd[4062]: <4ed400>; lua; yomi.lua:84: yomi: attachment documento4_773.xls: MIME type application/vnd.ms-excel, size: 244736 bytes
Jun 10 10:02:50 ns7-ent rspamd[4062]: <4ed400>; lua; yomi.lua:84: yomi: attachment documento4_773.xls has hash f5622d0d69b8717dba28989c4f3fe160ecf0f4f45c4c7d9a481e4780b8ea6ae3
Jun 10 10:02:52 ns7-ent rspamd[4062]: <4ed400>; lua; yomi.lua:84: yomi: attachment documento4_773.xls: MIME type application/vnd.ms-excel, size: 244736 bytes
Jun 10 10:02:52 ns7-ent rspamd[4062]: <4ed400>; lua; yomi.lua:84: yomi: attachment documento4_773.xls has hash f5622d0d69b8717dba28989c4f3fe160ecf0f4f45c4c7d9a481e4780b8ea6ae3
in 7.9.2009/nethesis-testing
:
in 7.9.2009/nethesis-testing
:
in 7.9.2009/nethesis-testing
:
in 7.9.2009/nethesis-testing
:
We send all files to the Yomi sandbox for analysis, except a list of unsupported types. Unfortunately, the sandbox has two issues with some files:
These problems lead to delayed deliveries and increased costs. Also, debugging email delivery problems is complex, especially when the email has many attachments of different types.
Proposed solution
YOMI score range is 0-1, the proposed formula is SPAM_SCORE=YOMI_SCORE*10-1.