From 02f2679dc4719ed85cd4035a2abde98d3f2d09b5 Mon Sep 17 00:00:00 2001
From: Florent Daigniere <nextgens@freenetproject.org>
Date: Thu, 24 Nov 2022 13:51:54 +0100
Subject: [PATCH] name collision

---
 core/rspamd/conf/composites.conf              | 2 +-
 core/rspamd/conf/external_services.conf       | 2 +-
 core/rspamd/conf/external_services_group.conf | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/core/rspamd/conf/composites.conf b/core/rspamd/conf/composites.conf
index eaf48d8e..62236081 100644
--- a/core/rspamd/conf/composites.conf
+++ b/core/rspamd/conf/composites.conf
@@ -5,7 +5,7 @@ OLETOOLS_MACRO_MRAPTOR {
     score = 20.0;
 }
 OLETOOLS_MACRO_SUSPICIOUS {
-    expression = "OLETOOLS_SUSPICIOUS | OLETOOLS_VBASTOMP | OLETOOLS_A";
+    expression = "OLETOOLS_FLAG | OLETOOLS_VBASTOMP | OLETOOLS_A";
     message = "Rejected (malicious macro)";
     policy = "leave";
     score = 20.0;
diff --git a/core/rspamd/conf/external_services.conf b/core/rspamd/conf/external_services.conf
index 170b2b00..678cdb96 100644
--- a/core/rspamd/conf/external_services.conf
+++ b/core/rspamd/conf/external_services.conf
@@ -12,7 +12,7 @@ oletools {
   patterns {
     OLETOOLS_MACRO_FOUND= '^.....M..$';
     OLETOOLS_AUTOEXEC   = '^A....M..$';
-    OLETOOLS_SUSPICIOUS = '^.....MS.$';
+    OLETOOLS_FLAG       = '^.....MS.$';
     OLETOOLS_VBASTOMP   = '^VBA Stomping$';
 # see https://github.com/decalage2/oletools/blob/master/oletools/mraptor.py
     OLETOOLS_A   = '(?i)\b(?:Auto(?:Exec|_?Open|_?Close|Exit|New)|Document(?:_?Open|_Close|_?BeforeClose|Change|_New)|NewDocument|Workbook(?:_Open|_Activate|_Close|_BeforeClose)|\w+_(?:Painted|Painting|GotFocus|LostFocus|MouseHover|Layout|Click|Change|Resize|BeforeNavigate2|BeforeScriptExecute|DocumentComplete|DownloadBegin|DownloadComplete|FileDownload|NavigateComplete2|NavigateError|ProgressChange|PropertyChange|SetSecureLockIcon|StatusTextChange|TitleChange|MouseMove|MouseEnter|MouseLeave|OnConnecting))\b|Auto_Ope\b';
diff --git a/core/rspamd/conf/external_services_group.conf b/core/rspamd/conf/external_services_group.conf
index ac032fbc..a22c5878 100644
--- a/core/rspamd/conf/external_services_group.conf
+++ b/core/rspamd/conf/external_services_group.conf
@@ -15,7 +15,7 @@ symbols = {
     weight = 0.0;
     one_shot = true;
   },
-  "OLETOOLS_SUSPICIOUS" {
+  "OLETOOLS_FLAG" {
     weight = 0.0;
     one_shot = true;
   },