On Wed, 26 Nov 2003, Matt Kettler wrote: > At 11:10 PM 11/26/03 +0000, Alan Munday wrote: > >If I lint with this in the SaUriCustomRules > > > >uri MY_YAHOO_BOUNCED /http:\/\/srd\.yahoo\.com\/drst\/.*\* > >http:\/\/ > >describe MY_YAHOO_BOUNCED Trying to hide real URL through Yahoo redirect > >score MY_YAHOO_BOUNCED 0.5 > > > >I get a shed load of errors of which the first is: > > > >Bareword found where operator expected at > >/etc/mail/spamassassin/SaUriCustomRules.cf, rule MY_YAHOO_BOUNCED, line 12, > >near "usr" > > (Might be a runaway multi-line // string starting on line 1) > > (Missing operator before usr?) > > That rule is missing a trailing /.. at casual glance it looks like it has > one, but it does not. > The end part should be: http:\/\//
One thing that you can do which makes writing this kind of rule easier is to specify an alternative match delimiter character (somthing other than / ). For example if you use ! that rule could then be written as: uri MY_YAHOO_BOUNCED m!http://srd\.yahoo\.com/drst/.*\*http://! MUCH easier to see where things fit with out the "flying Ws" \/\/ Note that if you are going to use an alternative delimiter, the explicit 'm' match operator becomes necessary. FYI, my version of that rule looks like: uri __L_URI_REDIR m!https?://.{1,170}/\*http://!i uri __L_YAHOO_REDIR m!https?://us\.ard\.yahoo\.com/.{1,170}/\*https?://!i meta L_URI_REDIR ( __L_URI_REDIR && !__L_YAHOO_REDIR ) describe L_URI_REDIR URI redirector score L_URI_REDIR 4.5 I don't like unbounded wildcard searches (".*"), as a potential time-eater and DOS attack point, so I like to bound them with a reasonable limit (EG: ".{1,170}"). This should get anybody's abused redirector and honor valid YAHOO ones. I hope ;) Dave -- Dave Funk University of Iowa <dbfunk (at) engineering.uiowa.edu> College of Engineering 319/335-5751 FAX: 319/384-0549 1256 Seamans Center Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527 #include <std_disclaimer.h> Better is not better, 'standard' is better. B{ ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk