Hi,

I'm using version 3.4.0 on Debian stable.

I noticed that when presented with some IPv6 addresses, the ASN
plugin is actually querying them as an IPv4 address e.g. turning
2600:… into  2.0.0.0 and coming back with the wrong ASN.

This appears to already be documented in the bugzilla:

    https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7211

but the conclusion there seems to be that the plugin just needs to
be configured correctly. So how would one do that?

Looking at the perldoc I see:

    asn_lookup asn-zone.example.com [ _ASNTAG_ _ASNCIDRTAG_ ]
        Use this to lookup the ASN info in the specified zone for the first
        external IP address and add the AS number to the first specified tag and
        routing info to the second specified tag.

[…]

        If two or more asn_lookups use the same set of template tags, the 
results
        of their lookups will be appended to each other in the template tag 
values
        in no particular order. Duplicate results will be omitted when combining
        results. In a similar fashion, you can also use the same template tag 
for
        both the AS number tag and the routing info tag.

The thing is, I can't find one DNS zone that will answer queries
for both IPv4 and IPv6. I can add asn_lookup directives for both,
e.g.:

asn_lookup origin.asn.cymru.com     _ASN_ _ASNCIDR_
asn_lookup origin6.asn.cymru.com    _ASN_ _ASNCIDR_

but what then happens is that an erroneous v6-as-v4 result from the
first one gets included together with the (correct) answer from
origin6.asn.cymru.com.

What is the correct way of configuring this? Doesn't the plugin need
two different asn_lookup directives, one for IPv4 and one for IPv6,
with only the relevant queries being directed at each?

Cheers,
Andy

Reply via email to