SURBL problems #108
Comments
|
#3 I use multi.surbl.org Isn't #4 the same as #1 Have you checked on the forum about this?? https://www.hmailserver.com/forum/ |
|
In my opinion multi.surbl.org does not catch so many spam uri as multi.uribl.com. I use it too. http://aaa.aaa.xyz?email=aaa.aaao@aaa.com produce a "DNS query failed". |
|
Does it just cause that ONE SURBL check (ie just that URL), or does that happen for all URLs in that message? |
|
Just for that url looking at the logs, the problem is that with a "DNS query failed" all SURBL checking process stop and the current checked message does not receive any spam score. |
|
In some conditions hMailserver does not translate URI >>> DOMAIN NAME correctly. Every URI with a query string produce a "DNS query failed". In fact URI with query string is submitted to SURBL: "DEBUG" 8944 "2015-07-29 10:17:01.606" "SURBL: Found URL: spartoo.it?track_id=news_a_36993_145970&utm_source=news_autre&utm_medium=newsletter&utm_campaign=news_a_36993_148970&email_crm=9c5c2cea19682823cf09b541abe9e033&link=6808777" After that no score is assigned to message even if one of the multiple URI matched. |
|
I'M not a C coder but in SURBL.cpp on line 147: if (c == '<' || c == '/' || c == '' || c == '>' ||c == ' ' || c == '"' || c == ''') changing to: if (c == '<' || c == '/' || c == '' || c == '>' ||c == ' ' || c == '"' || c == ''' | c=='?'| c=='&') may solve the problem with query string. |
|
Fixed in 5.7. I've replaced the old implementation with a regular expression to extract the addresses. |
I use hMailserver 5.6.3-B2249, and experienced some problems with antispam features.
1- I receive "SURBL: DNS query failed." for every domain, if I restart hMailserver the problem goes away but return after some time (dns settings are ok)
2- the urls submitted to URIBL servers are not correctly formatted, look at these log examples:
"DEBUG" 5888 "2015-06-21 10:10:01.894" "SURBL: Found URL: groupon.it?nlp=&cid=it_crm_1_0_0_172&a=242&utm_source=newsletter&utm_medium=email&sid=ff9a7e25-3cv1-4bbe-8762-51fdbf178f15&division=verona&uh=2f91dc31-940a-6da1-b472-3cc617b1eb54&date=20152106&sender=rm&s=footer&c=link&d=contact"
"DEBUG" 5888 "2015-06-21 14:27:23.597" "SURBL: Found URL: grosso@veroca.com"
In the first case everything after "?" must be deleted to get correct domain name.
In the second case the original url was "http://jdjj.ozrust.link?email=poalo.grosso@veroca.com"
3- "multi.uribl.com", that usually stops thousands of spam emails every day (and I don't know a valid alternative), stopped working with hmailserver because does no more respond "NXDOMAIN" but 127.0.0.1 (blocked) or 127.0.0.2 (black) or 127.0.0.4 (grey) or 127.0.0.8 (red), and there is no way to configure this on hmailserver. hmailserver configured with multi.uribl.com now marks every email with a link inside as spam.
4- A "SURBL: DNS query failed." on a domain will abort all checks for that SURBL server.
The text was updated successfully, but these errors were encountered: