But in my test messages the email address wasn't in the form of a URI. It was just the email address. I even used pine for a test to make sure it was a gui client doing some reformatting business.
Sorry, I shouldn't have said URI. I had said URI since SpamAssassin internally adds the appropriate resource type, turning it into a URI. It does this since many (most?) MUAs do the same thing.
Do we know if it's possible to know if the results from SBL are for the
domain of the URI being queried or if their results are due to some
association with the domain being queried. If so then we could ignore
any results other than for the domain being queried or weigh the results
differently so long as they aren't accumulative points for each
occurrence.
No we can't. We don't lookup the domain name. We get it's NS server IPs and look them up. Since the name server IP is shared there's nothing we can do.
The best solution in this case, is to convince people not to support providers who host spammers' DNS, and take their business elsewhere (or convince that provider to stop hosting spammers). Hard to convince someone to do that, but it's the intention behind Spamhaus.
Otherwise, the points would add up the more that person's email address appears in the email.
Nope. The list is uniqued. 10 occurrences of the same thing would still only result in one lookup and possible hit (per rule).
Daryl
