Mail::SpamAssassin::SpamCopURI - blacklist checking of URLs in email
See INSTALL for rules.
You may blacklist/whitelist domains by using the whitelist_spamcop_uri or blacklist_spamcop_uri. The wildcarding is identical to what is used for the core whitelists that ship with SA.
The first checks that SpamCopURI does is against the whitelist/blacklist. If the URL's host appears in the whitelist, then the test is an immediate miss. If the URL's host is in the blacklist, then the test is an immediate hit.
This currently only checks URIs that support methods for host. These are typically just http, https, and ftp.
If the spamcop_uri_limit is set (which it is by default) and the number of URLs in the message exceeds this limit, the URLs are shuffled and testing is done only up to the limit. The limit is to prevent DOS attacks, the shuffling is done to prevent front-loading of URLs that will fill the limit up with valid URLs.
The network method tests the domain portion of the URI against a RHS RBL DNS rbl list that is specified in a conf file. If the domain appears in the RBL, then the test scores a hit.
If open redirect resolution is enabled, then the url's host will be compared against the open_redirect_list_spamcop_uri and if a match is found, then the an attempt is made to get the Location header from the redirect service without actually fetching from the destination site.
A few changes had to be made to the SA core to allow this module to function properly. Specifically, Mail::SpamassAssassin::Conf was modified to allow uri_eval tests. Most of the code already existed, but was commented out. Instead of shipping patches, I have included the full source to both Conf.pm and PerMsgStatus.pm from version 2.63 of SA.
Eric Kolve, email@example.com
SpamCopURI is distributed under Perl's Artistic license.
The latest version of this plugin is available at: