DECNET

anti/DECNET

Fork 0

Commit Graph

Author	SHA1	Message	Date
anti	321ea7a2a6	refactor(ttp): normalise lifter:<owner>_<name> match.kind prefix E.3.9.1 prerequisite. Rules R0031-R0040 now use lifter:behavioral_, R0041 (open_relay) uses lifter:email_open_relay; the rest of the email, canary, and intel cohorts already conformed. Each lifter at E.3.9-E.3.12 will claim its rules via str.startswith('lifter:<owner>_'), keeping the ownership routing explicit and trivially extensible. R0001-R0006 / R0030 lifter: rules are E.3.13 (Identity/Credential) territory and stay as-is.	2026-05-01 20:10:33 -04:00
anti	1ad15470a1	feat(ttp): E.3.8 R0041-R0048 email cohort 8 YAMLs for the email cohort per Appendix B: open-relay abuse, mass phishing, phishing-kit X-Mailer signatures, IDN/punycode URLs, sender masquerade, malicious attachment, BEC, encoded payload in body. EmailLifter (E.3.12) consumes by rule_id. test_email_rules.py: YAML-present + inert-in-v0 + xfail(strict) precision case gated on E.3.12.	2026-05-01 09:19:56 -04:00

Author

SHA1

Message

Date

anti

321ea7a2a6

refactor(ttp): normalise lifter:<owner>_<name> match.kind prefix

E.3.9.1 prerequisite. Rules R0031-R0040 now use lifter:behavioral_*,
R0041 (open_relay) uses lifter:email_open_relay; the rest of the email,
canary, and intel cohorts already conformed. Each lifter at E.3.9-E.3.12
will claim its rules via str.startswith('lifter:<owner>_'), keeping the
ownership routing explicit and trivially extensible.

R0001-R0006 / R0030 lifter:* rules are E.3.13 (Identity/Credential)
territory and stay as-is.

2026-05-01 20:10:33 -04:00

anti

1ad15470a1

feat(ttp): E.3.8 R0041-R0048 email cohort

8 YAMLs for the email cohort per Appendix B: open-relay abuse,
mass phishing, phishing-kit X-Mailer signatures, IDN/punycode
URLs, sender masquerade, malicious attachment, BEC, encoded
payload in body. EmailLifter (E.3.12) consumes by rule_id.

test_email_rules.py: YAML-present + inert-in-v0 + xfail(strict)
precision case gated on E.3.12.

2026-05-01 09:19:56 -04:00

2 Commits