Hi Am 25.03.19 um 13:25 schrieb Henrik K: > > Use /^https?:/ to find real uris. >
what if the scheme is ftp (or something else) or fully missing just the URI? Think that approach is not so much reliable ;-) Found this config param in the docs "parse_dkim_uris" which defaults to 1. But set it to 0 in local.cf does not change anything. URI is still taken from dkim header Cheers tobi Am 25.03.19 um 13:25 schrieb Henrik K: > On Mon, Mar 25, 2019 at 12:09:32PM +0100, Tobi <jahli...@gmx.ch> wrote: >> Hello >> >> we're running spamassassin 3.4.2 and have the issue that one of our >> rules which tests for existence of a url always sez url found for our >> test message. Although the message body does not contain a url >> >> uri __HAS_URI /\S/ >> >> After running spamassassin -D against that message we found >> >> Mar 25 11:53:01.005 [7527] dbg: rules: ran uri rule __HAS_URI ======> >> got hit: "g" >> >> So as the body did not contain a uri we started stripping out headers >> until the match disappeared. > > Could have just used /.+/ to log it completely.. > >> Which happend when we stripped out the DKIM header. It seems that >> spamassassin gets the url from this header >> >> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; >> d=gmail.com; s=20161025; >> h=mime-version:from:date:message-id:subject:to; >> >> >> if we replace d=gmail with d=example.com the debug tells us >> >> Mar 25 12:04:45.561 [8196] dbg: rules: ran uri rule __HAS_URI ======> >> got hit: "e" >> >> Not sure to call it a bug or a feature but imho there should be no URI >> found in a dkim header :-) > > Use /^https?:/ to find real uris. >