Bill Landry wrote:
I've posted a short pharma spam message to:
http://www.inetmsg.com/spam.txt
and debug output to:
http://www.inetmsg.com/sa-debug.txt
It displays a single URI linked line in an e-mail client that only
displays: "Please visit our shop." There seems to be something about
the URI in the message that allows it to bypass all URIBL testing by
SpamAssassin.
The domain is listed in the following URIBLs:
URIBL_JP_SURBL
URIBL_OB_SURBL
dig canadiansitetable.com.multi.surbl.org +short
127.0.0.80
and URIBL_BLACK
dig canadiansitetable.com.multi.uribl.com +short
127.0.0.2
Yet there were no URIBL hits. The message scored high and was tagged as
spam, but I'm just curious as to what it is about this message that
allowed it to bypass all SA URIBL tests?
I'm running spamassassin -V
SpamAssassin version 3.2.5
running on Perl version 5.8.8
And in case you're wondering, I'm not using the shortcircuit plugin.
looks like a bug. it looks like in
'.... http://uri....'
the uri isn't detected (aka quoted-string).
In the message, the URI is insisde quoted (the one in "You'll" and the
one in "don't"). if you remove one of the quotes or if you break the
line so that they aren't in the same line, the URI is detected.
