Re: Spam with broken URI (Zero-Width-Space Unicode characters)

Michel Arboi Fri, 07 Mar 2025 01:56:51 -0800

This piece of HTML triggers my rules, it shouldn't:

    Mobile: 01250 873989 <p></p><p align=3D"left"><font color=3D"black"><sp=
an data-offset-key=3D"fjc2u-0-0"><font color=3D"black"><font face=3D"Calibr=
i"><a href=3D"https://www.jbcorrie.co.uk";><img id=3D"IMG1" border=3D"0" src=
=3D"https://jbcorrie.co.uk/wp-content/uploads/2022/11/JB-Corrie-and-Co-Ltd-=
Signal-Box-Road-Blaigowrie-Perthshire-PH10-6ER-01250-873989.jpg" width=3D"7=



Mar  7 02:37:14.474 [162580] dbg: uri: running uri_detail 
_HFD_URI_HOSTNAME_NOT_RFC_COMP: 
=3D"https://jbcorrie.co.uk/wp-content/uploads/2022/11/JB-Corrie-and-Co-Ltd-=
Mar  7 02:37:14.474 [162580] dbg: uri: all criteria for 
_HFD_URI_HOSTNAME_NOT_RFC_COMP met - HIT

The rule is:

uri_detail _HFD_URI_HOSTNAME_NOT_RFC_COMP       cleaned !~ 
/^[a-z]+?:\/\/([^?\/]*:)?[0-9a-z]([0-9a-z-]{0,61}[0-9a-z])?(\.[0-9a-z]([0-9a-z-]{0,61}[0-9a-z])?)*\.?(:[0-9]+)?([?\/]|$)/

Did I misunderstand what "cleaned" stands for in 
Mail::SpamAssassin::Plugin::URIDetail
or is this a bug in this module?

Re: Spam with broken URI (Zero-Width-Space Unicode characters)

Reply via email to