On Mon, Mar 25, 2019 at 12:09:32PM +0100, Tobi <jahli...@gmx.ch> wrote: > Hello > > we're running spamassassin 3.4.2 and have the issue that one of our > rules which tests for existence of a url always sez url found for our > test message. Although the message body does not contain a url > > uri __HAS_URI /\S/ > > After running spamassassin -D against that message we found > > Mar 25 11:53:01.005 [7527] dbg: rules: ran uri rule __HAS_URI ======> > got hit: "g" > > So as the body did not contain a uri we started stripping out headers > until the match disappeared.
Could have just used /.+/ to log it completely.. > Which happend when we stripped out the DKIM header. It seems that > spamassassin gets the url from this header > > DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; > d=gmail.com; s=20161025; > h=mime-version:from:date:message-id:subject:to; > > > if we replace d=gmail with d=example.com the debug tells us > > Mar 25 12:04:45.561 [8196] dbg: rules: ran uri rule __HAS_URI ======> > got hit: "e" > > Not sure to call it a bug or a feature but imho there should be no URI > found in a dkim header :-) Use /^https?:/ to find real uris.
