You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2013/04/20 23:47:33 UTC

[Bug 6928] New: Add sa-learn option to learn from RFC822 attachment to message rather than full message

https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6928

            Bug ID: 6928
           Summary: Add sa-learn option to learn from RFC822 attachment to
                    message rather than full message
           Product: Spamassassin
           Version: unspecified
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: Learner
          Assignee: dev@spamassassin.apache.org
          Reporter: jhardin@impsec.org
    Classification: Unclassified

It's a fairly common practice to have users forward misclassified emails to a
training mailbox address as RFC-822 attachments.

If the site admin doesn't know to (or how to) extract these attachments and
instead learns from the raw training mailbox, the training won't be correct -
it will include the local forward headers, and if a given spam is addressed to
multiple recipients it would be learned once for each forwarded copy.

It would be much easier in this situation to have a command-line option
(perhaps --attachment) to tell sa-learn to extract and learn from an RFC-822
attachment to the message being provided (if present) rather than from the
whole message.

sa-learn already unwraps attachments that are present due to SA markup with
report_safe = 1. At first glance it looks like it would be pretty easy to
implement by adding another clause here in remove_spamassassin_markup looking
for Content-Type = message/rfc822 with no other qualifiers, but only if the
command line option were provided:


        # Ok, we found the encapsulated piece ...
    if ($ct =~ m@^(?:message/rfc822|text/plain);\s+x-spam-type=original@ ||
        ($ct eq "message/rfc822" &&
         $cd eq $self->{conf}->{'encapsulated_content_description'}))
        {


...maybe something like:

   || ($ct eq "message/rfc822" &&
defined(@self->{conf}->{'opt_extract_attachment'}))


This solution wouldn't work for a forwarded message having SA markup using
report_safe = 1, though. That would require two unwraps.

-- 
You are receiving this mail because:
You are the assignee for the bug.