https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6017
Summary: URIBL checks being bypassed
Product: Spamassassin
Version: 3.2.5
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P5
Component: Plugins
AssignedTo: [email protected]
ReportedBy: [EMAIL PROTECTED]
Bill Landry wrote:
> I've posted a short pharma spam message to:
>
> http://www.inetmsg.com/spam.txt
>
> and debug output to:
>
> http://www.inetmsg.com/sa-debug.txt
>
> It displays a single URI linked line in an e-mail client that only
> displays: "Please visit our shop." There seems to be something about
> the URI in the message that allows it to bypass all URIBL testing by
> SpamAssassin.
>
> The domain is listed in the following URIBLs:
>
> URIBL_JP_SURBL
> URIBL_OB_SURBL
>
> dig canadiansitetable.com.multi.surbl.org +short
> 127.0.0.80
>
> and URIBL_BLACK
>
> dig canadiansitetable.com.multi.uribl.com +short
> 127.0.0.2
>
> Yet there were no URIBL hits. The message scored high and was tagged as
> spam, but I'm just curious as to what it is about this message that
> allowed it to bypass all SA URIBL tests?
>
> I'm running spamassassin -V
> SpamAssassin version 3.2.5
> running on Perl version 5.8.8
>
> And in case you're wondering, I'm not using the shortcircuit plugin.
>
Quote from Mouss ([EMAIL PROTECTED]):
looks like a bug. it looks like in
'.... http://uri....'
the uri isn't detected (aka quoted-string).
In the message, the URI is insisde quoted (the one in "You'll" and the one in
"don't"). if you remove one of the quotes or if you break the line so that they
aren't in the same line, the URI is detected.
--
Configure bugmail:
https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
