You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Axb <ax...@gmail.com> on 2014/10/28 17:06:46 UTC
CYA .link
Patience quota exceeded.
What a weird way to get a new TLD's ROI
if (version >= 3.004000)
blacklist_uri_host link
endif
Re: CYA .link
Posted by Axb <ax...@gmail.com>.
On 10/28/2014 11:16 PM, Quanah Gibson-Mount wrote:
>
> --On Tuesday, October 28, 2014 6:06 PM +0100 Axb <ax...@gmail.com>
> wrote:
>
>> Patience quota exceeded.
>>
>>
>> What a weird way to get a new TLD's ROI
>>
>>
>> if (version >= 3.004000)
>> blacklist_uri_host link
>> endif
>
> Testing this on my MTA's now...
Not sure what is broken, don't see the eval hitting in "-D rules" mode
either
Re: CYA .link
Posted by Axb <ax...@gmail.com>.
On 10/28/2014 11:28 PM, Quanah Gibson-Mount wrote:
> --On Tuesday, October 28, 2014 4:16 PM -0700 Quanah Gibson-Mount
> <qu...@zimbra.com> wrote:
>
>>
>> --On Tuesday, October 28, 2014 6:06 PM +0100 Axb <ax...@gmail.com>
>> wrote:
>>
>>> Patience quota exceeded.
>>>
>>>
>>> What a weird way to get a new TLD's ROI
>>>
>>>
>>> if (version >= 3.004000)
>>> blacklist_uri_host link
>>> endif
>>
>> Testing this on my MTA's now...
>
> Doesn't seem to work.
>
> Oct 28 17:22:35 edge02 amavis[35776]: (35776-08) spam-tag,
> <Fa...@vdsc.100web-hostingplusonline.link> ->
> <xy...@zimbra.com>, Yes, score=6.7 tagged_above=-10 required=3
> tests=[BAYES_50=0.8, DCC_CHECK=3.5, RP_MATCHES_RCVD=-0.8,
> URIBL_BLACK=3.2] autolearn=no autolearn_force=no
>
> This is with the updated RegistrarBoundaries.pm file
I think I've found the issue...
SA source is missing the eval rules <blush>
with the eval rule it looks like:
blacklist_uri_host link
* 100 URI_HOST_IN_BLACKLIST BODY: domain is in the URL's black-list
* [URI: www.bupahif.link (link)]
will commit in a few...
Re: CYA .link
Posted by Quanah Gibson-Mount <qu...@zimbra.com>.
--On Tuesday, October 28, 2014 4:16 PM -0700 Quanah Gibson-Mount
<qu...@zimbra.com> wrote:
>
> --On Tuesday, October 28, 2014 6:06 PM +0100 Axb <ax...@gmail.com>
> wrote:
>
>> Patience quota exceeded.
>>
>>
>> What a weird way to get a new TLD's ROI
>>
>>
>> if (version >= 3.004000)
>> blacklist_uri_host link
>> endif
>
> Testing this on my MTA's now...
Doesn't seem to work.
Oct 28 17:22:35 edge02 amavis[35776]: (35776-08) spam-tag,
<Fa...@vdsc.100web-hostingplusonline.link> ->
<xy...@zimbra.com>, Yes, score=6.7 tagged_above=-10 required=3
tests=[BAYES_50=0.8, DCC_CHECK=3.5, RP_MATCHES_RCVD=-0.8, URIBL_BLACK=3.2]
autolearn=no autolearn_force=no
This is with the updated RegistrarBoundaries.pm file
--Quanah
--
Quanah Gibson-Mount
Server Architect
Zimbra, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration
Re: CYA .link
Posted by Quanah Gibson-Mount <qu...@zimbra.com>.
--On Tuesday, October 28, 2014 6:06 PM +0100 Axb <ax...@gmail.com>
wrote:
> Patience quota exceeded.
>
>
> What a weird way to get a new TLD's ROI
>
>
> if (version >= 3.004000)
> blacklist_uri_host link
> endif
Testing this on my MTA's now...
--Quanah
--
Quanah Gibson-Mount
Server Architect
Zimbra, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration
Re: CYA .link
Posted by Axb <ax...@gmail.com>.
On 10/31/2014 01:30 PM, Kevin A. McGrail wrote:
> On 10/31/2014 2:56 AM, Axb wrote:
>> On 10/30/2014 11:32 PM, Kevin A. McGrail wrote:
>>> On 10/29/2014 5:17 PM, Axb wrote:
>>>> Ok so it looks like it's committed in rules/60_whitelist.cf which
>>>> should
>>>>> go out in tonight's rule update if all goes according to plan, yes?
>>>>
>>>> Yep... if all goes according to plan.. :)
>>> So I'm not sure if you have fixed it since because I pulled down the
>>> latest updates and I don't want to backtrack but the update run last
>>> night Exited with STATUS=4 which I've never seen (at least in recent
>>> memory)
>>>
>>> Looks to be related to your changes Alex.
>>>
>>> rules: failed to run URI_HOST_IN_BLACKLIST test, skipping:
>>> (Can't locate object method "check_uri_host_in_blacklist" via
>>> package "Mail::SpamAssassin::PerMsgStatus" at (eval 1266) line 1477.
>>> )
>>> rules: failed to run URI_HOST_IN_WHITELIST test, skipping:
>>> (Can't locate object method "check_uri_host_in_whitelist" via
>>> package "Mail::SpamAssassin::PerMsgStatus" at (eval 1266) line 2363.
>>> )
>>>
>>> Thoughts?
>>
>>
>> do you see this running 3.4.0 release or trunk?
>>
>> I'm not seeing running "release" + # UPDATE version 1634816
> This is for 3.3.0 which is part of the process for rules creation. I
> think you forgot to encapsulate the rules in a version or has/can check.
DOH! - fixed...
Re: CYA .link
Posted by "Kevin A. McGrail" <KM...@PCCC.com>.
On 10/31/2014 2:56 AM, Axb wrote:
> On 10/30/2014 11:32 PM, Kevin A. McGrail wrote:
>> On 10/29/2014 5:17 PM, Axb wrote:
>>> Ok so it looks like it's committed in rules/60_whitelist.cf which
>>> should
>>>> go out in tonight's rule update if all goes according to plan, yes?
>>>
>>> Yep... if all goes according to plan.. :)
>> So I'm not sure if you have fixed it since because I pulled down the
>> latest updates and I don't want to backtrack but the update run last
>> night Exited with STATUS=4 which I've never seen (at least in recent
>> memory)
>>
>> Looks to be related to your changes Alex.
>>
>> rules: failed to run URI_HOST_IN_BLACKLIST test, skipping:
>> (Can't locate object method "check_uri_host_in_blacklist" via
>> package "Mail::SpamAssassin::PerMsgStatus" at (eval 1266) line 1477.
>> )
>> rules: failed to run URI_HOST_IN_WHITELIST test, skipping:
>> (Can't locate object method "check_uri_host_in_whitelist" via
>> package "Mail::SpamAssassin::PerMsgStatus" at (eval 1266) line 2363.
>> )
>>
>> Thoughts?
>
>
> do you see this running 3.4.0 release or trunk?
>
> I'm not seeing running "release" + # UPDATE version 1634816
This is for 3.3.0 which is part of the process for rules creation. I
think you forgot to encapsulate the rules in a version or has/can check.
Regards,
KAM
Re: CYA .link
Posted by Axb <ax...@gmail.com>.
On 10/30/2014 11:32 PM, Kevin A. McGrail wrote:
> On 10/29/2014 5:17 PM, Axb wrote:
>> Ok so it looks like it's committed in rules/60_whitelist.cf which should
>>> go out in tonight's rule update if all goes according to plan, yes?
>>
>> Yep... if all goes according to plan.. :)
> So I'm not sure if you have fixed it since because I pulled down the
> latest updates and I don't want to backtrack but the update run last
> night Exited with STATUS=4 which I've never seen (at least in recent
> memory)
>
> Looks to be related to your changes Alex.
>
> rules: failed to run URI_HOST_IN_BLACKLIST test, skipping:
> (Can't locate object method "check_uri_host_in_blacklist" via
> package "Mail::SpamAssassin::PerMsgStatus" at (eval 1266) line 1477.
> )
> rules: failed to run URI_HOST_IN_WHITELIST test, skipping:
> (Can't locate object method "check_uri_host_in_whitelist" via
> package "Mail::SpamAssassin::PerMsgStatus" at (eval 1266) line 2363.
> )
>
> Thoughts?
do you see this running 3.4.0 release or trunk?
I'm not seeing running "release" + # UPDATE version 1634816
Re: CYA .link
Posted by "Kevin A. McGrail" <KM...@PCCC.com>.
On 10/29/2014 5:17 PM, Axb wrote:
> Ok so it looks like it's committed in rules/60_whitelist.cf which should
>> go out in tonight's rule update if all goes according to plan, yes?
>
> Yep... if all goes according to plan.. :)
So I'm not sure if you have fixed it since because I pulled down the
latest updates and I don't want to backtrack but the update run last
night Exited with STATUS=4 which I've never seen (at least in recent memory)
Looks to be related to your changes Alex.
rules: failed to run URI_HOST_IN_BLACKLIST test, skipping:
(Can't locate object method "check_uri_host_in_blacklist" via
package "Mail::SpamAssassin::PerMsgStatus" at (eval 1266) line 1477.
)
rules: failed to run URI_HOST_IN_WHITELIST test, skipping:
(Can't locate object method "check_uri_host_in_whitelist" via
package "Mail::SpamAssassin::PerMsgStatus" at (eval 1266) line 2363.
)
Thoughts?
KAM
Re: CYA .link
Posted by Axb <ax...@gmail.com>.
On 10/29/2014 10:09 PM, Kevin A. McGrail wrote:
> On 10/28/2014 7:24 PM, Axb wrote:
>> On 10/29/2014 12:23 AM, Jeff Mincy wrote:
>>> From: Axb <ax...@gmail.com>
>>> Date: Wed, 29 Oct 2014 00:00:39 +0100
>>>
>>> before I commit please test with
>>>
>>> describe HEADER_HOST_IN_BLACKLIST Whitelisted header host or domain
>>> describe HEADER_HOST_IN_WHITELIST Blacklisted header host or domain
>>>
>>> These two are backwards?
>>>
>>
>> fixed... thanks (it's late for me :)
> Ok so it looks like it's committed in rules/60_whitelist.cf which should
> go out in tonight's rule update if all goes according to plan, yes?
Yep... if all goes according to plan.. :)
Re: CYA .link
Posted by "Kevin A. McGrail" <KM...@PCCC.com>.
On 10/28/2014 7:24 PM, Axb wrote:
> On 10/29/2014 12:23 AM, Jeff Mincy wrote:
>> From: Axb <ax...@gmail.com>
>> Date: Wed, 29 Oct 2014 00:00:39 +0100
>>
>> before I commit please test with
>>
>> describe HEADER_HOST_IN_BLACKLIST Whitelisted header host or domain
>> describe HEADER_HOST_IN_WHITELIST Blacklisted header host or domain
>>
>> These two are backwards?
>>
>
> fixed... thanks (it's late for me :)
Ok so it looks like it's committed in rules/60_whitelist.cf which should
go out in tonight's rule update if all goes according to plan, yes?
Regards,
KAM
Re: CYA .link
Posted by Axb <ax...@gmail.com>.
On 10/29/2014 12:23 AM, Jeff Mincy wrote:
> From: Axb <ax...@gmail.com>
> Date: Wed, 29 Oct 2014 00:00:39 +0100
>
> before I commit please test with
>
> describe HEADER_HOST_IN_BLACKLIST Whitelisted header host or domain
> describe HEADER_HOST_IN_WHITELIST Blacklisted header host or domain
>
> These two are backwards?
>
fixed... thanks (it's late for me :)
Re: CYA .link
Posted by Axb <ax...@gmail.com>.
On 10/28/2014 10:30 PM, Kevin A. McGrail wrote:
> On 10/28/2014 5:19 PM, Axb wrote:
>> On 10/28/2014 10:13 PM, Kevin A. McGrail wrote:
>>> On 10/28/2014 12:06 PM, Axb wrote:
>>>> Patience quota exceeded.
>>>>
>>>>
>>>> What a weird way to get a new TLD's ROI
>>>>
>>>>
>>>> if (version >= 3.004000)
>>>> blacklist_uri_host link
>>>> endif
>>> So we added this wanting to play with this command and had no change in
>>> behavior for an email with this from header:
>>>
>>> From: "Notification" <no...@22notification-munge.linkmunge>
>>>
>>> But no use of .linkmunge domains in the body
>>>
>>> Expected, yes?
>>
>> It should tag blubber[[.]]link
> Interesting. Ok, definitely not hitting just a from with a [[.]]link
> email address for me. Can you test that.
>> Are you sure you're using an updated RegistrarBoundaries.pm ?
> Running trunk with your TLD updates, yes.
>
before I commit please test with
(BEWARE LINE BREAKS IN RULES!!!)
body URI_HOST_IN_BLACKLIST eval:check_uri_host_in_blacklist()
describe URI_HOST_IN_BLACKLIST domain is in the URL's black-list
tflags URI_HOST_IN_BLACKLIST userconf noautolearn
score URI_HOST_IN_BLACKLIST 100.0
body URI_HOST_IN_WHITELIST eval:check_uri_host_in_whitelist()
describe URI_HOST_IN_WHITELIST domain is in the URL's white-list
tflags URI_HOST_IN_WHITELIST userconf noautolearn
score URI_HOST_IN_WHITELIST -100.0
header HEADER_HOST_IN_BLACKLIST eval:check_uri_host_listed('BLACK')
describe HEADER_HOST_IN_BLACKLIST Whitelisted header host or domain
tflags HEADER_HOST_IN_BLACKLIST userconf noautolearn
score HEADER_HOST_IN_BLACKLIST 100.0
header HEADER_HOST_IN_WHITELIST eval:check_uri_host_listed('WHITE')
describe HEADER_HOST_IN_WHITELIST Blacklisted header host or domain
tflags HEADER_HOST_IN_WHITELIST userconf noautolearn
score HEADER_HOST_IN_WHITELIST -100.0
you should see something like
* 100.0 HEADER_HOST_IN_BLACKLIST Host or domain found in URI is
blacklisted
* [URI: www.bupahif.link (link)]
* 100 URI_HOST_IN_BLACKLIST BODY: domain is in the URL's black-list
* [URI: www.bupahif.link (link)]
thanks
Axb
Re: CYA .link
Posted by Axb <ax...@gmail.com>.
On 10/28/2014 10:30 PM, Kevin A. McGrail wrote:
> On 10/28/2014 5:19 PM, Axb wrote:
>> On 10/28/2014 10:13 PM, Kevin A. McGrail wrote:
>>> On 10/28/2014 12:06 PM, Axb wrote:
>>>> Patience quota exceeded.
>>>>
>>>>
>>>> What a weird way to get a new TLD's ROI
>>>>
>>>>
>>>> if (version >= 3.004000)
>>>> blacklist_uri_host link
>>>> endif
>>> So we added this wanting to play with this command and had no change in
>>> behavior for an email with this from header:
>>>
>>> From: "Notification" <no...@22notification-munge.linkmunge>
>>>
>>> But no use of .linkmunge domains in the body
>>>
>>> Expected, yes?
>>
>> It should tag blubber[[.]]link
> Interesting. Ok, definitely not hitting just a from with a [[.]]link
> email address for me. Can you test that.
>> Are you sure you're using an updated RegistrarBoundaries.pm ?
> Running trunk with your TLD updates, yes.
it should not hit mailto:
but I can't see it hitting even a full blah[dot]link domain
hmmm
Re: CYA .link
Posted by "Kevin A. McGrail" <KM...@PCCC.com>.
On 10/28/2014 5:19 PM, Axb wrote:
> On 10/28/2014 10:13 PM, Kevin A. McGrail wrote:
>> On 10/28/2014 12:06 PM, Axb wrote:
>>> Patience quota exceeded.
>>>
>>>
>>> What a weird way to get a new TLD's ROI
>>>
>>>
>>> if (version >= 3.004000)
>>> blacklist_uri_host link
>>> endif
>> So we added this wanting to play with this command and had no change in
>> behavior for an email with this from header:
>>
>> From: "Notification" <no...@22notification-munge.linkmunge>
>>
>> But no use of .linkmunge domains in the body
>>
>> Expected, yes?
>
> It should tag blubber[[.]]link
Interesting. Ok, definitely not hitting just a from with a [[.]]link
email address for me. Can you test that.
> Are you sure you're using an updated RegistrarBoundaries.pm ?
Running trunk with your TLD updates, yes.
Re: CYA .link
Posted by Axb <ax...@gmail.com>.
On 10/28/2014 10:13 PM, Kevin A. McGrail wrote:
> On 10/28/2014 12:06 PM, Axb wrote:
>> Patience quota exceeded.
>>
>>
>> What a weird way to get a new TLD's ROI
>>
>>
>> if (version >= 3.004000)
>> blacklist_uri_host link
>> endif
> So we added this wanting to play with this command and had no change in
> behavior for an email with this from header:
>
> From: "Notification" <no...@22notification-munge.linkmunge>
>
> But no use of .linkmunge domains in the body
>
> Expected, yes?
It should tag blubber[[.]]link
Are you sure you're using an updated RegistrarBoundaries.pm ?
Re: CYA .link
Posted by "Kevin A. McGrail" <KM...@PCCC.com>.
On 10/28/2014 12:06 PM, Axb wrote:
> Patience quota exceeded.
>
>
> What a weird way to get a new TLD's ROI
>
>
> if (version >= 3.004000)
> blacklist_uri_host link
> endif
So we added this wanting to play with this command and had no change in
behavior for an email with this from header:
From: "Notification" <no...@22notification-munge.linkmunge>
But no use of .linkmunge domains in the body
Expected, yes?
regards,
KAM