Hi Warren, On 01/01/11 09:17, Warren Togami Jr. wrote:
What is the status of this plugin?
As far as I'm concerned - I'm actively maintaining it and have been using it in production on several sites; I've been planning to push out an update as I've recently been contributed a massive list of additional shorteners (however I need to double-check them all).
I notice that there is no Bugzilla ticket for this plugin. Do you intend on submitting it for inclusion in future spamassassin upstream?
I hadn't really thought about it TBH and wasn't sure what the procedure was for this.
It's been working well for me and for others based on some feedback that people have sent me - however it could do with being tested in the network mass-checks to see actually how effective it is compared to the other rules.
But I'd also feel a bit more comfortable if one of the core devs looked over the code and made sure I haven't done anything obviously stupid.
Would a DoS happen if the scanned e-mail contains 10,000 short URL's, and your mail server is hit by many such mail? (Either spamassasin becomes very slow, or you piss off the short URL provider by hitting them too quickly and often.)
No - it's got a hard-coded limit of 10 short URLs that will be checked at maximum; anything after the limit of 10 are skipped. You can also optionally enable a cache (requires DBD::SQLite) to prevent multiple messages with the same short link from generating additional queries.
On reflection whilst typing this - I could probably handle this a bit better; currently the short URLs are stored in a Perl hash (to effectively de-dup them); I should possibly turn the hash into an array, randomize it and remove the first 10 entries from it so it's not so predictable.
Could the plugin detect when there are intentionally too many short URL's? If so, what should it do in such cases? Are there ever legit reasons for an e-mail to have a large number of short URL's?
For now - I guess I could add an additional rule (e.g. scored at 0.001 to see how many times it hits the current limit); but the age old issue is 'how many is too many?'.
I'll see about pushing out a new version with the updated list of shorteners and those changes shortly.
Kind regards, Steve.
