search

spamhaus / spamassassin-dqs

Spamhaus code for the Spamassassin plugin. See https://docs.spamhaustech.com/40-real-world-usage/SpamAssassin/000-intro.html
Apache License 2.0
54 stars 15 forks source link

Should check_sh_emails HBL actually use skip_domains? #30

Closed robertmathews closed 3 years ago

robertmathews commented 3 years ago

The code for check_sh_emails currently skips an HBL lookup if the domain name is in skip_domains (uridnsbl_skip_domain).

So, for example, if gmail.com is in skip_domains (as it is by default), it won't do an HBL lookup on the hash for evildoer@gmail.com.

It obviously makes sense to not do DBL lookups for skip_domains, but HBL seems different: my understanding is that it might contain the hash for evildoer@gmail.com even if gmail.com would never be in the DBL. If that's the case, if (!($skip_domains->{$this_domain})) check should probably be removed from check_sh_emails.

ricalfieri commented 3 years ago

Are you using the latest version? Because in my version the function is:

my $skip_domains = $conf->{sh_emailbl_skip_domains};

So it's using a dedicated config directive, not uridnsbl_skip_domain

I just tried with a sample with a listed @gmail.com address and it works as expected

robertmathews commented 3 years ago

You're right, I misunderstood the code, and then did an invalid test that made it look like it was failing when it isn't. I'll close this; sorry for the noise.

ricalfieri commented 3 years ago

Don't worry, any feedback is appreciated :)