Hi list
just as follow up: at least spamassassin 3.4.1 has the necessary stuff
in URIDNSBL.pm.
There _URIDOMAINS_ and _URIHOSTS_ are set so a fullhost lookup becomes a
simple one-liner
askdns MY_FULL_TEST _URIHOSTS_.my.rbl.tld A 127.0.0.4
which fires fullhost lookups according to spamassassin -D
Feb 19 10:44:50.821 [22500] dbg: async: calling callback on key
askdns:A:img.promio-mail.com.my.rbl.tld
Feb 19 10:44:50.821 [22500] dbg: askdns: answer received, rcode NOERROR,
query IN/A/img.promio-mail.com.my.rbl.tld, answer has 2 records
Will keep testing for some days, but this seems to be the solution for
me :-)
Cheers
tobi
Am 17.02.2018 um 12:52 schrieb Tobi:
> Hi Daniele (this time onlist, sorry for offlist I have a stupid mobile client
> when it comes to replies to lists)
>
> thanks a lot for your reply. As I'm really not the perl coder I think I will
> keep it as I have my fullhost lookups currently :-)
>
> Can anyone confirm that aux_tlds does not help if one want to perform rh
> lookups and fulluri lookups on the same uri found?
>
> Any chance that sa in future will support a urifullsub method to lookup
> fullhost of an uri?
>
> Cheers
>
> Tobi
>
> ----- Originale Nachricht -----
> Von: Daniele Duca <d...@staff.spin.it>
> Gesendet: 17.02.18 - 09:04
> An: jahli...@gmx.ch, users@spamassassin.apache.org
> Betreff: Re: Is there a way to perform selective full uri rbl lookups?
>
>> Hello,
>>
>> I do full uris dns lookups through a simple SA plugin. The core lines in
>> the function are:
>>
>> sub check_fulluris {
>> my ($self, $msg) = @_;
>> my $pms = $msg->{permsgstatus};
>> my $body = $msg->{msg}->get_pristine_body();
>> foreach my $this_url (uniq( $body =~
>> /(http|https):\/\/(.*?)\//g )) {
>>
>> # code to do dns lookups
>>
>> }
>> }
>>
>> and in the .cf
>>
>> urirhssub TEST_FULL_URIS mypersonal.dnsbl. A 127.0.0.2
>> body TEST_FULL_URIS eval:check_fulluris('TEST_FULL_URIS')
>>
>> As for my personal reason of doing full hostnames lookups, I find it
>> easier to mantain a rbldnsd zone with hacked websites/landing pages of
>> marketers than to write uri rules in the .cf each time
>>
>> Hope it helps
>>
>> Daniele Duca
>>
>>
>>
>> On 16/02/2018 22:08, jahlives wrote:
>>> Hi list
>>>
>>> I'm looking for a way in spamassassin to run a full-uri-host rbl lookup
>>> for a specific rule. I do not want to discuss about sense or non-sense
>>> of full-uri-hosts lookups ;-)
>>>
>>> lets assume I have two rules which query my own rbl
>>>
>>> urirhssub HIT_DOMAIN my.rbl.tld. A 127.0.0.2
>>> body HIT_DOMAIN eval:check_uridnsbl('HIT_DOMAIN')
>>>
>>> urifullsub HIT_FULL my.rbl.tld. A 127.0.0.4
>>> body HIT_FULL eval:check_uridnsbl('HIT_FULL')
>>>
>>> I know urifullsub does not exist, should just visualize what I try to
>>> achieve :-)
>>>
>>> now for a uri like www.sub.domain.tld both rules should be tested. The
>>> first one for domain.tld (which sa does with rh lookups) and the second
>>> one with the full-uri-host (www.sub.domain.tld)
>>>
>>> I read about aux_tlds but I think this does not help me as if I add
>>> domain.tld to aux_tlds the first query above would be fired with
>>> sub.domain.tld
>>>
>>> I thought that the second query could be solved using askdns plugin in a
>>> way like this
>>>
>>> askdns HIT_FULL _URIFULLHOST_.my.rbl.tld. A 127.0.0.4
>>>
>>> But how to get access to urifullhost? :-)
>>>
>>> Currently I use a plugin of my antispam glue to perform the full uri
>>> host lookups on uris found. This plugin adds a X-Header upon hit on
>>> which spamassassin fires and scores.
>>> So I have a solution to this "problem" but it would be nice to do both
>>> queries from spamassassin :-)
>>>
>>> Cheers
>>>
>>> tobi
>>>
>>
>
