Hi Daniele (this time onlist, sorry for offlist I have a stupid mobile client when it comes to replies to lists)
thanks a lot for your reply. As I'm really not the perl coder I think I will keep it as I have my fullhost lookups currently :-) Can anyone confirm that aux_tlds does not help if one want to perform rh lookups and fulluri lookups on the same uri found? Any chance that sa in future will support a urifullsub method to lookup fullhost of an uri? Cheers Tobi ----- Originale Nachricht ----- Von: Daniele Duca <d...@staff.spin.it> Gesendet: 17.02.18 - 09:04 An: jahli...@gmx.ch, users@spamassassin.apache.org Betreff: Re: Is there a way to perform selective full uri rbl lookups? > Hello, > > I do full uris dns lookups through a simple SA plugin. The core lines in > the function are: > > sub check_fulluris { > my ($self, $msg) = @_; > my $pms = $msg->{permsgstatus}; > my $body = $msg->{msg}->get_pristine_body(); > foreach my $this_url (uniq( $body =~ > /(http|https):\/\/(.*?)\//g )) { > > # code to do dns lookups > > } > } > > and in the .cf > > urirhssub TEST_FULL_URIS mypersonal.dnsbl. A 127.0.0.2 > body TEST_FULL_URIS eval:check_fulluris('TEST_FULL_URIS') > > As for my personal reason of doing full hostnames lookups, I find it > easier to mantain a rbldnsd zone with hacked websites/landing pages of > marketers than to write uri rules in the .cf each time > > Hope it helps > > Daniele Duca > > > > On 16/02/2018 22:08, jahlives wrote: >> Hi list >> >> I'm looking for a way in spamassassin to run a full-uri-host rbl lookup >> for a specific rule. I do not want to discuss about sense or non-sense >> of full-uri-hosts lookups ;-) >> >> lets assume I have two rules which query my own rbl >> >> urirhssub HIT_DOMAIN my.rbl.tld. A 127.0.0.2 >> body HIT_DOMAIN eval:check_uridnsbl('HIT_DOMAIN') >> >> urifullsub HIT_FULL my.rbl.tld. A 127.0.0.4 >> body HIT_FULL eval:check_uridnsbl('HIT_FULL') >> >> I know urifullsub does not exist, should just visualize what I try to >> achieve :-) >> >> now for a uri like www.sub.domain.tld both rules should be tested. The >> first one for domain.tld (which sa does with rh lookups) and the second >> one with the full-uri-host (www.sub.domain.tld) >> >> I read about aux_tlds but I think this does not help me as if I add >> domain.tld to aux_tlds the first query above would be fired with >> sub.domain.tld >> >> I thought that the second query could be solved using askdns plugin in a >> way like this >> >> askdns HIT_FULL _URIFULLHOST_.my.rbl.tld. A 127.0.0.4 >> >> But how to get access to urifullhost? :-) >> >> Currently I use a plugin of my antispam glue to perform the full uri >> host lookups on uris found. This plugin adds a X-Header upon hit on >> which spamassassin fires and scores. >> So I have a solution to this "problem" but it would be nice to do both >> queries from spamassassin :-) >> >> Cheers >> >> tobi >> >