Am 11.05.2015 um 15:43 schrieb Kevin A. McGrail:
On 5/11/2015 9:13 AM, Reindl Harald wrote:i face false positives where the links are just "facebook.com" with the http-prefix in front and NOT "com" between the http-prefix and the real facebook domain the domain with "com" in front is indeed on both URIBL but it just don#t exist in the messages at all - why does SA extract the domains wrong from the mailsource when there is no "comfacebook" at all besides the SA report? URIBL_DBL_SPAM Contains a spam URL [URIs: com__facebook.com] URIBL_BLACK Contains an URL listed in the URIBL blacklist [URIs: com__facebook.com]Don't know. Are you using 3.4.1? Can you provide a spample that reproduces the issue?
3.4.0, sample attached in my previous mail, sorry for not attach it in the first mail :-(
signature.asc
Description: OpenPGP digital signature