You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by John Hardin <jh...@impsec.org> on 2013/04/20 22:00:58 UTC
sa-learn and RFC-822 attachments
Guys:
If sa-learn is fed a message (or mailbox of messages) having an RFC-822
attachment, does it automatically extract the attachment and learn from
that? Or does it learn from the whole message, always?
http://wiki.apache.org/spamassassin/LearningMarkedUpMessages suggests the
former, but it's a bit vague as to whether that occurs *always*, or only
if the attachment was put there by SA.
Background: if users forward misclassified messages as RFC_822 attachments
to a central mailbox, and sa-learn is trained from that mailbox, does it
learn the local headers or does it extract the attachment? The attachment
was not put there by SA in this situation.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
My sidearm is a piece of emergency equipment. It absolutely must
be reliable, not "smart".
-----------------------------------------------------------------------
3 days until Max Planck's 155th birthday
Re: sa-learn and RFC-822 attachments
Posted by John Hardin <jh...@impsec.org>.
On Sat, 20 Apr 2013, John Hardin wrote:
> Guys:
>
> If sa-learn is fed a message (or mailbox of messages) having an RFC-822
> attachment, does it automatically extract the attachment and learn from that?
> Or does it learn from the whole message, always?
>
> http://wiki.apache.org/spamassassin/LearningMarkedUpMessages suggests the
> former, but it's a bit vague as to whether that occurs *always*, or only if
> the attachment was put there by SA.
>
> Background: if users forward misclassified messages as RFC_822 attachments to
> a central mailbox, and sa-learn is trained from that mailbox, does it learn
> the local headers or does it extract the attachment? The attachment was not
> put there by SA in this situation.
Quick review of the code suggests that this is only done in instances
where SA wrapped the original message as an attachment. The structure of
the code looks like it would be pretty simple to add a case where this
unwrapping would be done if a command-line parameter was provided, but the
unwrapping is in SpamAssassin.pm so it would affect *everything*.
Submitting a feature request so this can be debated and tracked.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
It is criminal to teach a man not to defend himself when he is the
constant victim of brutal attacks. -- Malcolm X (1964)
-----------------------------------------------------------------------
3 days until Max Planck's 155th birthday