Re: IADB, 70_iadb.cf and multiple A records returned
On Sat, 2007-02-10 at 00:00 -0500, Theo Van Dinter wrote:
O
If the last one is true, is the ^ $ really necessary?
[...]
If it really is a RE, what preventes '127.0.0.1' to not match
127.0.0.10? Or 127.1.0.1 to not match 127.120.1.1 ?
You answered your own question. :)
Ok, this answers the first one.
This also implies that the sub-test values is always a RE and needs to
be proper delimeted.
So, in the following cases:
header RCVD_IN_SBLeval:check_rbl_sub('sblxbl', '127.0.0.2')
header RCVD_IN_MAPS_RSS eval:check_rbl_sub('rblplus', '4')
(the last one is really commented out)
If spamhaus decides expand the ruturn code and 127.0.0.20 becomes valid
for something like this ip has an opt-in list, this rule would be
broken, right? (sure, we dont expect this change to happen).
-Raul Dias
Re: IADB, 70_iadb.cf and multiple A records returned
On Sat, Feb 10, 2007 at 10:09:35AM -0300, Raul Dias wrote: This also implies that the sub-test values is always a RE and needs to be proper delimeted. If you read perldoc Mail::SpamAssassin::Conf, specifically the check_rbl_sub() section, it'll explain what the subtests can be. It can be several things, including an RE. -- Randomly Selected Tagline: No, I'm not interested in developing a powerful brain. All I'm after is just a mediocre brain, something like the president of American Telephone and Telegraph Company. -- Alan Turing on the possibilities of a thinking machine, 1943. pgp6716N0MiyG.pgp Description: PGP signature
Re: IADB, 70_iadb.cf and multiple A records returned
On Sat, 2007-02-10 at 16:53 -0500, Theo Van Dinter wrote: On Sat, Feb 10, 2007 at 10:09:35AM -0300, Raul Dias wrote: This also implies that the sub-test values is always a RE and needs to be proper delimeted. If you read perldoc Mail::SpamAssassin::Conf, specifically the check_rbl_sub() section, it'll explain what the subtests can be. It can be several things, including an RE. Yes, I read that. The question is what makes it a RE if not the delimiter? As we discussed earlier the ^ $ is necessary to avoid matching other numbers, which will only be possible if the value is a RE. So: 1 - '^127.0.0.1$' matches only 127.0.0.1 and thats a RE. 2 - '127.0.0.1' might match 127.0.0.12 (if it is considered an RE). If 2 is false, than 1 is unecessary, right? -Raul Dias
IADB, 70_iadb.cf and multiple A records returned
Looking at the IADB page: http://www.isipp.com/iadbcodes.php , it says:
... When queried, the IADB will return one or more A records
for any site which is listed in the IADB ...
Now looking at the 70_iadb.cf file from sa-update, most rules are like
this:
eval:check_rbl_sub('iadb-firsttrusted', '^127.2.255.1$')
Doesn't this prevents the test if more than one A record is returned (^
and $)??
Or each check_rbl_sub is called for each A record returned??
If the last one is true, is the ^ $ really necessary?
If this is set because it is an RE, doesn it need the / / too?
If it really is a RE, what preventes '127.0.0.1' to not match
127.0.0.10? Or 127.1.0.1 to not match 127.120.1.1 ? Shouldn't the dots
be escaped too?
Thats enought for now :)
- Raul Dias
Re: IADB, 70_iadb.cf and multiple A records returned
On Sat, Feb 10, 2007 at 12:42:53AM -0300, Raul Dias wrote:
eval:check_rbl_sub('iadb-firsttrusted', '^127.2.255.1$')
Doesn't this prevents the test if more than one A record is returned (^
and $)??
No. They're not all in a string, the match happens against each response
individually.
Or each check_rbl_sub is called for each A record returned??
No, just one call.
If this is set because it is an RE, doesn it need the / / too?
Nope. The code does that for us.
If the last one is true, is the ^ $ really necessary?
[...]
If it really is a RE, what preventes '127.0.0.1' to not match
127.0.0.10? Or 127.1.0.1 to not match 127.120.1.1 ?
You answered your own question. :)
Shouldn't the dots be escaped too?
Arguably, yes. It works out that things like /^127.0.0.1$/ won't match
any other valid IP though, so in the end it's ok, but technically the
dots should be escaped. Note: I don't recall if the code escapes the
dots for us, but I don't think so.
--
Randomly Selected Tagline:
Integrity is doing the right thing when nobody is watching you.
- Infonaut on Slashdot
pgp1shllGv5wM.pgp
Description: PGP signature
