mouss wrote:
> Bill Landry wrote:
>> I've posted a short pharma spam message to:
>>
>> http://www.inetmsg.com/spam.txt
>>
>> and debug output to:
>>
>> http://www.inetmsg.com/sa-debug.txt
>>
>> It displays a single URI linked line in an e-mail client that only
>> displays: "Please visit our shop." There seems to be something about
>> the URI in the message that allows it to bypass all URIBL testing by
>> SpamAssassin.
>>
>> The domain is listed in the following URIBLs:
>>
>> URIBL_JP_SURBL
>> URIBL_OB_SURBL
>>
>> dig canadiansitetable.com.multi.surbl.org +short
>> 127.0.0.80
>>
>> and URIBL_BLACK
>>
>> dig canadiansitetable.com.multi.uribl.com +short
>> 127.0.0.2
>>
>> Yet there were no URIBL hits. The message scored high and was tagged as
>> spam, but I'm just curious as to what it is about this message that
>> allowed it to bypass all SA URIBL tests?
>>
>> I'm running spamassassin -V
>> SpamAssassin version 3.2.5
>> running on Perl version 5.8.8
>>
>> And in case you're wondering, I'm not using the shortcircuit plugin.
>>

>
> looks like a bug. it looks like in
> '.... http://uri....'
> the uri isn't detected (aka quoted-string).
>
> In the message, the URI is insisde quoted (the one in "You'll" and the
> one in "don't"). if you remove one of the quotes or if you break the
> line so that they aren't in the same line, the URI is detected.


Thanks, I've opened up a bug report: Bug 6017.

Bill