Bill, Shane...
we do that with a plugin becasue exceptions must be considered... for example
to avoid false positives with rewrited URLs (used by some companies)
-Pedro.
Nice Loren
nowadays with uri_detail this is easily solved with something like
uri_detail HTTPS_HTTP_MISMATCH text =~ /^https:\/\//i cleaned
=~ /^http:\/\//iscore HTTPS_HTTP_MISMATCH 0.5describe
HTTPS_HTTP_MISMATCH URL claims to use SSL but
Dear Shane,
Have you had a look at the uri_detail plugin? You should find
interesting info there:
perldoc Mail::SpamAssassin::Plugin::URIDetail
I guess you should be able to do what you want with this plugin. But I
rarely use it, so I can't help you further.
In order to catch those mismatch
There are rough equivalents to these in the current default rules:
HTTPS_IP_MISMATCH and HTTPS_HTTP_MISMATCH.
I'm not surprised. Those were my original rules, which became SARE rules,
and a number of those still exist under different names.
Loren
On 14 Jul 2020, at 20:20, Loren Wilton wrote:
I'm looking to detect a mismatch between the domain in the href
property of a URI and a domain in the anchor text itself.
Not using lookbehind, but I long ago wrote these two rules to look for
similar situations. Either could be modified fairly
> I'm looking to detect a mismatch between the domain in the href
> property of a URI and a domain in the anchor text itself.
Not using lookbehind, but I long ago wrote these two rules to look for similar
situations. Either could be modified fairly easily to do what you want.
Note: these are
On 14 Jul 2020, at 18:02, Shane Williams wrote:
I'm looking to detect a mismatch between the domain in the href
property of a URI and a domain in the anchor text itself.
That will match a lot of ham. I'm not saying that it is a bad rule but
it would probably need to be a component in
I'm looking to detect a mismatch between the domain in the href
property of a URI and a domain in the anchor text itself. It seems
like this is the right place for a negative lookbehind, and I don't
mind writing my own rule, but I can't help thinking that this has been
solved already. Searching