Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. SpamAssassin>
  3. users
urinsrhsbl not trimmed
sausers at blafasel
Dec 6, 2022, 5:35 AM
Post #1 of 3 (207 views)
Permalink
Hi!

I'm using SA 4 trunk and tried the urinsrhsbl. Not sure if this is a bug or
abuse on my side.

I already have two RBLs... one
uribl.example.at
and one
uriblfull.example.at

The first does not use "tflags notrim", the second does.

Now I added a lookup for uribl.example.at like
urinsrhssub __URIBL_ZID_16 uribl.example.at. A 16
body __URIBL_ZID_16 eval:check_uridnsbl('__URIBL_ZID_16')
tflags __URIBL_ZID_16 net domains_only
But if I check the debug output I see checks for the FQDN of all three NS
RRs instead of one lookup for the trimmed NS domain.

According to the man page of URIBLDNS this should only happen if
urifullnsrhssub is used?

Why are there two variants urinsrhssub/urifullnsrhssub? And what happens if
"tflags notrim" is used with them?

Is it even valid to use urinsrhssub on a RBL where urirhssub is used as
well? I felt quite comfortable to do so since it was the easiest way to add
support for NS listings with an existing uribl.

Greetings, Wolfgang
Re: urinsrhsbl not trimmed [ In reply to ]
hege at hege
Dec 6, 2022, 6:33 AM
Post #2 of 3 (207 views)
Permalink
On Tue, Dec 06, 2022 at 02:35:44PM +0100, Wolfgang Breyha wrote:
> Hi!
>
> I'm using SA 4 trunk and tried the urinsrhsbl. Not sure if this is a bug or
> abuse on my side.
>
> I already have two RBLs... one
> uribl.example.at
> and one
> uriblfull.example.at
>
> The first does not use "tflags notrim", the second does.
>
> Now I added a lookup for uribl.example.at like
> urinsrhssub __URIBL_ZID_16 uribl.example.at. A 16
> body __URIBL_ZID_16 eval:check_uridnsbl('__URIBL_ZID_16')
> tflags __URIBL_ZID_16 net domains_only
> But if I check the debug output I see checks for the FQDN of all three NS
> RRs instead of one lookup for the trimmed NS domain.
>
> According to the man page of URIBLDNS this should only happen if
> urifullnsrhssub is used?
>
> Why are there two variants urinsrhssub/urifullnsrhssub? And what happens if
> "tflags notrim" is used with them?
>
> Is it even valid to use urinsrhssub on a RBL where urirhssub is used as
> well? I felt quite comfortable to do so since it was the easiest way to add
> support for NS listings with an existing uribl.

I would just create a bug, preferably with tested examples of all variants.
:-) Most than likely there has been some oversights with legacy code and
notrim addition, *nsrhs* isn't even used in stock rules.
Re: urinsrhsbl not trimmed [ In reply to ]
sausers at blafasel
Dec 6, 2022, 8:45 AM
Post #3 of 3 (207 views)
Permalink
On 06/12/2022 15:33, Henrik K wrote:
> I would just create a bug, preferably with tested examples of all variants.
> :-) Most than likely there has been some oversights with legacy code and
> notrim addition, *nsrhs* isn't even used in stock rules.

Hmmm, while writing the bugreport and digging deeper... I think I found the
reason and it makes things complicated. It's not a bug in URIDNSBL.pm
itself so far.

The NS RRs result in FQDNs with domain part listed in
20_aux_tlds.cf/util_rb_2tld

That caused trim_domain->split_domain() to not trim dnsX(dot)home(dot)pl
(NS for akadeus(dot)com

I've no idea how to handle entries on util_rb_2tld for NS lookup results
and urinsrhsbl/sub. At least in my case it would have been better to ignore
them;-)

Greetings, Wolfgang

PS: Sorry Henrik that I replied to you directly first. Messed up hitting
the "reply list" button while debugging.

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal