Hi,
I'm using version 3.4.0 on Debian stable.
I noticed that when presented with some IPv6 addresses, the ASN
plugin is actually querying them as an IPv4 address e.g. turning
2600:… into 2.0.0.0 and coming back with the wrong ASN.
This appears to already be documented in the bugzilla:
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7211
but the conclusion there seems to be that the plugin just needs to
be configured correctly. So how would one do that?
Looking at the perldoc I see:
asn_lookup asn-zone.example.com [ _ASNTAG_ _ASNCIDRTAG_ ]
Use this to lookup the ASN info in the specified zone for the first
external IP address and add the AS number to the first specified tag and
routing info to the second specified tag.
[…]
If two or more asn_lookups use the same set of template tags, the
results
of their lookups will be appended to each other in the template tag
values
in no particular order. Duplicate results will be omitted when combining
results. In a similar fashion, you can also use the same template tag
for
both the AS number tag and the routing info tag.
The thing is, I can't find one DNS zone that will answer queries
for both IPv4 and IPv6. I can add asn_lookup directives for both,
e.g.:
asn_lookup origin.asn.cymru.com _ASN_ _ASNCIDR_
asn_lookup origin6.asn.cymru.com_ASN_ _ASNCIDR_
but what then happens is that an erroneous v6-as-v4 result from the
first one gets included together with the (correct) answer from
origin6.asn.cymru.com.
What is the correct way of configuring this? Doesn't the plugin need
two different asn_lookup directives, one for IPv4 and one for IPv6,
with only the relevant queries being directed at each?
Cheers,
Andy
