[Mimedefang] URI Parsing and SA
Jason Bertoch
jason at electronet.net
Fri Jan 2 09:51:35 EST 2009
A spam passed through my system recently with the following line:
ki2205<.woskulceo[remove].com
woskulceo[remove].com has been listed in the URIBL database since 9/2008,
yet the rule didn't trigger on my message. Manually running the message
through SA gave a hit on the URIBL rule, so I'm left looking at MD. The
URIBL rule does hit when the host part of the above example is removed. Is
it possible MD is interpreting < in the hostname as a redirect when handing
the message to SA or breaking the message into individual parts?
For what it's worth, I'm running MD 2.65, Sendmail 8.14.3, SA 3.2.5 with
latest updates and perl 5.10.0 on CentOS 5.2 64-bit.
Jason A. Bertoch
Network Administrator
jason at electronet.net
Electronet Broadband Communications
3411 Capital Medical Blvd.
Tallahassee, FL 32308
(V) 850.222.0229 (F) 850.222.8771
More information about the MIMEDefang
mailing list