On 25 Mar 2019, at 7:09, Tobi wrote:
Hello
we're running spamassassin 3.4.2 and have the issue that one of our
rules which tests for existence of a url always sez url found for our
test message. Although the message body does not contain a url
uri __HAS_URI /\S/
After running spamassassin -D against that message we found
Mar 25 11:53:01.005 [7527] dbg: rules: ran uri rule __HAS_URI ======>
got hit: "g"
So as the body did not contain a uri we started stripping out headers
until the match disappeared. Which happend when we stripped out the
DKIM
header. It seems that spamassassin gets the url from this header
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20161025;
h=mime-version:from:date:message-id:subject:to;
if we replace d=gmail with d=example.com the debug tells us
Mar 25 12:04:45.561 [8196] dbg: rules: ran uri rule __HAS_URI ======>
got hit: "e"
Not sure to call it a bug or a feature but imho there should be no URI
found in a dkim header :-)
This is a conscious design issue which has seen heated debate in bug
reports...
The simple fact is that SpamAssassin is designed to detect anything that
any MUA might present as "clickable" and treats it as an URI, no matter
how wrong that label might be for the string in question.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Available For Hire: https://linkedin.com/in/billcole
