Hi Daniele (this time onlist, sorry for offlist I have a stupid mobile client
when it comes to replies to lists)
thanks a lot for your reply. As I'm really not the perl coder I think I will
keep it as I have my fullhost lookups currently :-)
Can anyone confirm that aux_tlds does not help if one want to perform rh
lookups and fulluri lookups on the same uri found?
Any chance that sa in future will support a urifullsub method to lookup
fullhost of an uri?
Cheers
Tobi
----- Originale Nachricht -----
Von: Daniele Duca <d...@staff.spin.it>
Gesendet: 17.02.18 - 09:04
An: jahli...@gmx.ch, users@spamassassin.apache.org
Betreff: Re: Is there a way to perform selective full uri rbl lookups?
> Hello,
>
> I do full uris dns lookups through a simple SA plugin. The core lines in
> the function are:
>
> sub check_fulluris {
> my ($self, $msg) = @_;
> my $pms = $msg->{permsgstatus};
> my $body = $msg->{msg}->get_pristine_body();
> foreach my $this_url (uniq( $body =~
> /(http|https):\/\/(.*?)\//g )) {
>
> # code to do dns lookups
>
> }
> }
>
> and in the .cf
>
> urirhssub TEST_FULL_URIS mypersonal.dnsbl. A 127.0.0.2
> body TEST_FULL_URIS eval:check_fulluris('TEST_FULL_URIS')
>
> As for my personal reason of doing full hostnames lookups, I find it
> easier to mantain a rbldnsd zone with hacked websites/landing pages of
> marketers than to write uri rules in the .cf each time
>
> Hope it helps
>
> Daniele Duca
>
>
>
> On 16/02/2018 22:08, jahlives wrote:
>> Hi list
>>
>> I'm looking for a way in spamassassin to run a full-uri-host rbl lookup
>> for a specific rule. I do not want to discuss about sense or non-sense
>> of full-uri-hosts lookups ;-)
>>
>> lets assume I have two rules which query my own rbl
>>
>> urirhssub HIT_DOMAIN my.rbl.tld. A 127.0.0.2
>> body HIT_DOMAIN eval:check_uridnsbl('HIT_DOMAIN')
>>
>> urifullsub HIT_FULL my.rbl.tld. A 127.0.0.4
>> body HIT_FULL eval:check_uridnsbl('HIT_FULL')
>>
>> I know urifullsub does not exist, should just visualize what I try to
>> achieve :-)
>>
>> now for a uri like www.sub.domain.tld both rules should be tested. The
>> first one for domain.tld (which sa does with rh lookups) and the second
>> one with the full-uri-host (www.sub.domain.tld)
>>
>> I read about aux_tlds but I think this does not help me as if I add
>> domain.tld to aux_tlds the first query above would be fired with
>> sub.domain.tld
>>
>> I thought that the second query could be solved using askdns plugin in a
>> way like this
>>
>> askdns HIT_FULL _URIFULLHOST_.my.rbl.tld. A 127.0.0.4
>>
>> But how to get access to urifullhost? :-)
>>
>> Currently I use a plugin of my antispam glue to perform the full uri
>> host lookups on uris found. This plugin adds a X-Header upon hit on
>> which spamassassin fires and scores.
>> So I have a solution to this "problem" but it would be nice to do both
>> queries from spamassassin :-)
>>
>> Cheers
>>
>> tobi
>>
>
