https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6803
--- Comment #16 from Mark Martinec <[email protected]> --- > Can we trigger a default rule that links to the generic DNSBL issue page > if we get an out of range answer perhaps? I think a rule would be needed for each zone queried, unless we want to add some hack to the code. The check_rbl_sub eval (DNSEval.pm) is rather simpleminded, but does recognize a regexp, so something like '^(?!127\.)' as a subtest could do the job. The uridnsbl and urirhssub can take masks in various forms, but cannot negate them, nor do they take a regexp, so it seems a rule with an associated negated metarule would be needed for each zone queried: URIDNSBL.pm: C<subtest> is a sub-test to run against the returned data. The sub-test may be in one of the following forms: m, n1-n2, or n/m, where n,n1,n2,m can be any of: decimal digits, 0x followed by up to 8 hexadecimal digits, or an IPv4 address in quad-dot form. The 'A' records (IPv4 dotted address) as returned by DNSBLs lookups are converted into a numerical form (r) and checked against the specified sub-test as follows: for a range n1-n2 the following must be true: (r >= n1 && r <= n2); for a n/m form the following must be true: (r & m) == (n & m); for a single value in quad-dot form the following must be true: r == n; for a single decimal or hex form the following must be true: ((r & n) != 0) && ((r & 0xff000000) == 0x7f000000), i.e. within 127.0.0.0/8 so a n/m subtest could be used: 127.0.0.0/255.0.0.0 and then negated with a meta. Similar applies to AskDNS plugin, it uses the same logic as URIDNSBL. -- You are receiving this mail because: You are the assignee for the bug.
