Bill Landry wrote: > mouss wrote: >> Bill Landry wrote: >>> I've posted a short pharma spam message to: >>> >>> http://www.inetmsg.com/spam.txt >>> >>> and debug output to: >>> >>> http://www.inetmsg.com/sa-debug.txt >>> >>> It displays a single URI linked line in an e-mail client that only >>> displays: "Please visit our shop." There seems to be something about >>> the URI in the message that allows it to bypass all URIBL testing by >>> SpamAssassin. >>> >>> The domain is listed in the following URIBLs: >>> >>> URIBL_JP_SURBL >>> URIBL_OB_SURBL >>> >>> dig canadiansitetable.com.multi.surbl.org +short >>> 127.0.0.80 >>> >>> and URIBL_BLACK >>> >>> dig canadiansitetable.com.multi.uribl.com +short >>> 127.0.0.2 >>> >>> Yet there were no URIBL hits. The message scored high and was tagged as >>> spam, but I'm just curious as to what it is about this message that >>> allowed it to bypass all SA URIBL tests? >>> >>> I'm running spamassassin -V >>> SpamAssassin version 3.2.5 >>> running on Perl version 5.8.8 >>> >>> And in case you're wondering, I'm not using the shortcircuit plugin. >>> >> looks like a bug. it looks like in >> '.... http://uri....' >> the uri isn't detected (aka quoted-string). >> >> In the message, the URI is insisde quoted (the one in "You'll" and the >> one in "don't"). if you remove one of the quotes or if you break the >> line so that they aren't in the same line, the URI is detected. > > Thanks, I've opened up a bug report: Bug 6017. > > Bill
This issue has been resolved. Thanks to Justin Mason and Gisle Aas (HTML::Parser guy) for finding the fix. The resolution is to update HTML::Parser to the latest version and then restart SA. Regards, Bill
