Bug 5066 - SpamAssassin with URIDNSBL tries DNS lookups for *.so in body text
Summary: SpamAssassin with URIDNSBL tries DNS lookups for *.so in body text
Status: RESOLVED WORKSFORME
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: Plugins (show other bugs)
Version: 3.1.3
Hardware: All Linux
: P5 normal
Target Milestone: Undefined
Assignee: SpamAssassin Developer Mailing List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-08-26 12:01 UTC by Anthony Messina
Modified: 2006-08-26 09:48 UTC (History)
0 users


Attachment Type Modified Status Actions Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Anthony Messina 2006-08-26 12:01:06 UTC 
Description of problem:
SpamAssassin, when using the URIDNSBL plugin (the default) attempts DNS queries
on body text containing words such as libplain.so, or anything ending in ".so".
The DNS queries fail of course.

I noticed this problem as I am subscribed to info-cyrus and postfix-users
mailing lists where these libraries are often discussed.

Version-Release number of selected component (if applicable):
spamassassin-3.1.3-1.fc5

How reproducible:
Every time.

Steps to Reproduce:
1. Ensure that the SpamAssassin URIDNSBL plugin is loaded in
/etc/mail/spamassassin/init.pre

2. Send a message with "<whatever word you want>.so" in the body of the message
(I tried "marcinator.so")

3. Check your /var/log/messages and see
Aug 26 06:51:47 home named[5631]: lame server resolving 'marcinator.so' (in
'so'?): 205.166.226.38#53
Aug 26 06:51:49 home named[5631]: unexpected RCODE (REFUSED) resolving
'marcinator.so/NS/IN': 209.68.0.85#53

Actual results:
SpamAssassin looks up *.so from body text

Expected results:
SpamAssassin would not look up *.so as it causes unnecessary DNS lookups that
will fail

Additional info:
When I comment out the URIDNSBL plugin entry in /etc/mail/spamassassin/init.pre
and try again, the symptoms do not occur.
Comment 1 Theo Van Dinter 2006-08-26 16:48:07 UTC 
>Expected results:
>SpamAssassin would not look up *.so as it causes unnecessary DNS lookups that
>will fail

SA is doing the correct thing here.  It sees something that looks like a domain
(.so is a valid TLD: http://www.iana.org/root-whois/so.htm), and so tries to
look it up.

This has come up before, though I was unable to find a ticket, with things like
command.com, which also get looked up.