On 10/15/2014 4:49 PM, Ken Bass wrote:
I'm using Centos 7, which means SA version 3.3.2.
I am encountering several emails that are not being processed
correctly when checking against URI rules.
1) My local.cf has a rule to address the new .link domain which
spammers appear to be using recently:
uri LR_LINK_TLD /^(?:https?:\/\/|mailto:)[^\/]+\.link(?:\/|$)/i
describe LR_LINK_TLD Contains a URL in the LINK top-level domain
score LR_LINK_TLD 3.0
2) The URIDNSBL rules are not being executed for these email either.
Debug of SA shows an empty domains to query: Huh?
Oct 15 16:24:55.416 [15519] dbg: uridnsbl: domains to query:
Here is the pastebin link to the full spam email:
http://pastebin.com/RJWyGkKB
The TLDs are hardcoded in SA 3.3.2. We are working on not having them
hard-coded in 3.4.1.
I believe someone made a patch suitable for 3.3.2 but I can't find it at
the moment.
regards,
KAM
