spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From RW <rwmailli...@googlemail.com>
Subject Re: using URIBL on other headers
Date Sun, 23 Sep 2018 21:58:35 GMT
On Sun, 23 Sep 2018 20:37:48 +0100
Michael Grant wrote:


> I tried to read through the plugin.  I'm not a spamassassin plugin
> developer, I didn't have much luck trying to figure out how to do it
> myself.  I know this plugin only does subject and body but I saw
> nothing in the plugin itself that referenced the subject header.
> arbitrary header through this like the subject and body.

The subject text is the first paragraph of the normalized body which
is parsed for domains.

> I am not sure you need to do that.  Why not just run all the headers
> or rather the entire message including headers through this plugin
> just like the body, in fact, just extend it's scope to look at the
> entire message rather than just the body & subject.

Most emails don't have a domain in the body, so if you start adding
a lot of domains from the headers, the number of look-ups could increase
dramatically. It could push some mail servers beyond the usage limits.

The main point of URI blocklists is to catch the website that's the
point of contact with the spammer. I think it going to be pretty
rare for a listed domain to appear in the headers without its being in
the body. That was my experience with my askdns rules.

The from header is already largely covered by the parse_dkim_uris
option. Reply-to might be worth trying, but  most of the interesting
reply-to addresses are Freemail.

Mime
View raw message