On 09/26/2016 07:49 AM, Pedro David Marco wrote:
Hi, When SA 3.4.1 analyzes emails with large random URIs... like this: http://track.parceiroshl.com.br/sessionredir/5745f9d44d45e448d1c7997b/aHR0cHM6Ly9yZWRpci5sb21hZGVlLmNvbS9sLzQ5NDY0ZDM2NDc2YTYzNmYzODZmNGY2YjQ1NTA2ZjU1NzA0ODY5NzAzMjY3NGU3MTc1NzI1MTRkNmQ1NTJmNTk3MzM3Mzg2Yjc3NjM3NDY5NDg0YjMxNzA0NDRmMzc2MTc0MzU2NTQxNzg0NTM3NmY1MDU0NzE3MTU4NGI2MzU5NmY2YjQzNmM1NzU5Njg1NzQ1NDg0NDMyMmY0ZTU0NGU3NDQ0Mzg3NjYxMzg3MDMyNmU0NzUzNzg2NDM2NTgzOTc0NzA3OTczNmU3Njc4NzU2NTU3NGYyYjRkNDM2ODZhNGE0MTQ4NGUyZjQ1MmY2MzJmNDI1Nzc3MzM0YzY5NmEzMTY0NjU2ZTRmMmI1NTY4NGQ2Mjc2NTcyYjc0NmM0ZDRkN2E3MzU3Njk0MzQzNGQzODc3NmIzMzVhNTk1MjY2Nzc0Zjc3NTk2ZDQ3NDM3MjZmNjE0MTYyMzI1MzU4NGM2YjZkNGQ2NTcyNzA2MTJmNjk0YTMwMzI2MjUyNzk0ODQxN2E0MzZlNDI0ZDM1NGY2NjdhNjU1YTQxNGE0OTRjNzA3MjM2NDQ0ZTZkNDQ2YTRiNzM2NDU2NmI0YTRmNTE1Mjc3MzI0YTRjNzkzNjczMzc0Zjc5NDMzNTYxNDI3NjZiNjU3MDcyNzE2YjQ5NzE1NTYxNDUyZjQyNjk0ODQyNDE0ZDUxNzkzMjc3NzM0YjY0NzYzMjQ4NjUzOTRlNzA0MjZhMmY3MTcyNzgyYjRmNWE0ODJmNjM2MzRmNzQ0ZTYyNGM3MDYzNjE1MzY5NTQ0ZDc4NjU3MjcxNGI3YTRkNDE3NzcyMzc2ZjY0NGE0YTczNjc1MTc3NDUzMjY1MzA0NTZjNGU1NTJmNmQ0MjQzNzQzMDY4Njc0ZDU2NDk2OTc0NjEzOTU0NjE2MjQyNGY1NDQyMmY0ZjQ3Njk0OTZmNTkzNDU5MmI1MzY3NmI0ZTQyNjYzNTZkNzU0OTRmMzk1NzQ2NTU3YTVhMzk3OTM2NTc2ZTQ1NzA0ZDc2Nzg2YzRmNjM3NDc0NjgzNDM4NmY0YzU0N2E0MTc1NmIzOTc2N2E2ODcxMzU0ODc3M2QzZA/9348/9348/1/prbr.timeout errors appear... in debug mode i get: info: check: exceeded time limit in Mail::SpamAssassin::Plugin::Check::_uri_tests_0, skipping further tests Ok, it makes sense, since parsing such a huge random string is a pain on the neck.... Making SA ignore such URLs may be an option but it would be clearly an easy SA URL analysis evasion technique for spammers so...what do you thing?? how to deal with this?? what to do? May i ask you for your opinions and feedback, please...??' Thanks!
This is not normal behaviour.Please pastebin original message (with redacted recipient addr) so we can test against other systems
