Mail::SpamAssassin::Plugin::DecodeShortURLs(3pm)

1Mail::SpamAssassin::PluUgsienr::CDoenctordiMebaSuihtloe:rd:tSUPpReaLrmslA(s3Ds)oacsusmienn:t:aPtliuognin::DecodeShortURLs(3)
2
3
4

NAME

6       DecodeShortURLs - Check for shortened URLs
7

SYNOPSIS

9         loadplugin    Mail::SpamAssassin::Plugin::DecodeShortURLs
10
11         url_shortener tinyurl.com
12         url_shortener_get bit.ly
13
14         body HAS_SHORT_URL          eval:short_url()
15         describe HAS_SHORT_URL      Message has one or more shortened URLs
16
17         body SHORT_URL_REDIR        eval:short_url_redir()
18         describe SHORT_URL_REDIR    Message has shortened URL that resulted in a valid redirection
19
20         body SHORT_URL_CHAINED      eval:short_url_chained()
21         describe SHORT_URL_CHAINED  Message has shortened URL chained to other shorteners
22
23         body SHORT_URL_MAXCHAIN     eval:short_url_maxchain()
24         describe SHORT_URL_MAXCHAIN Message has shortened URL that causes too many redirections
25
26         body SHORT_URL_LOOP         eval:short_url_loop()
27         describe SHORT_URL_LOOP     Message has short URL that loops back to itself
28
29         body SHORT_URL_200          eval:short_url_code('200') # Can check any non-redirect HTTP code
30         describe SHORT_URL_200      Message has shortened URL returning HTTP 200
31
32         body SHORT_URL_404          eval:short_url_code('404') # Can check any non-redirect HTTP code
33         describe SHORT_URL_404      Message has shortened URL returning HTTP 404
34
35         uri URI_TINYURL_BLOCKED      m,https://tinyurl\.com/app/nospam,
36         describe URI_TINYURL_BLOCKED Message contains a tinyurl that has been disabled due to abuse
37
38         uri URI_BITLY_BLOCKED       m,^https://bitly\.com/a/blocked,
39         describe URI_BITLY_BLOCKED  Message contains a bit.ly URL that has been disabled due to abuse
40

DESCRIPTION

42       This plugin looks for URLs shortened by a list of URL shortening
43       services.  Upon finding a matching URL, plugin will send a HTTP request
44       to the shortening service and retrieve the Location-header which points
45       to the actual shortened URL.  It then adds this URL to the list of URIs
46       extracted by SpamAssassin which can then be accessed by uri rules and
47       plugins such as URIDNSBL.
48
49       This plugin will follow chained redirections, where a short URL
50       redirects to another short URL.  Redirection depth limit can be set
51       with "max_short_url_redirections".
52
53       Maximum of "max_short_urls" short URLs are checked in a message (10 by
54       default).  Setting it to 0 disables HTTP requests, allowing only
55       short_url() test to work and report found shorteners.
56
57       All supported rule types for checking short URLs and redirection status
58       are documented in SYNOPSIS section.
59

NOTES

61       This plugin runs at the check_dnsbl hook (priority -100) so that it may
62       modify the parsed URI list prior to normal uri rules or the URIDNSBL
63       plugin.
64

PRIVILEGED SETTINGS

66       url_shortener  domain [domain...]     (default: none)
67           Domains that should be considered as an URL shortener.  If the
68           domain begins with a '.', 3rd level tld of the main domain will be
69           checked.
70
71           Example:
72
73            url_shortener tinyurl.com
74            url_shortener .page.link
75
76       url_shortener_get  domain [domain...]     (default: none)
77           Alias to "url_shortener".  HTTP request will be done with GET
78           method, instead of default HEAD.  Required for some services like
79           bit.ly to return blocked URL correctly.
80
81           Example:
82
83            url_shortener_get bit.ly
84
85       clear_url_shortener  [domain] [domain...]
86           Clear configured url_shortener and url_shortener_get domains, for
87           example to override default settings from an update channel.  If
88           domains are specified, then only those are removed from list.
89
90       url_shortener_cache_type     (default: none)
91           The cache type that is being utilized.  Currently only supported
92           value is "dbi" that implies "url_shortener_cache_dsn" is a DBI
93           connect string.  DBI module is required.
94
95           Example: url_shortener_cache_type dbi
96
97       url_shortener_cache_dsn       (default: none)
98           The DBI dsn of the database to use.
99
100           For SQLite, the database will be created automatically if it does
101           not already exist, the supplied path and file must be read/writable
102           by the user running spamassassin or spamd.
103
104           For MySQL/MariaDB or PostgreSQL, see sql-directory for database
105           table creation clauses.
106
107           You will need to have the proper DBI module for your database.  For
108           example DBD::SQLite, DBD::mysql, DBD::MariaDB or DBD::Pg.
109
110           Minimum required SQLite version is 3.24.0 (available from
111           DBD::SQLite 1.59_01).
112
113           Examples:
114
115            url_shortener_cache_dsn dbi:SQLite:dbname=/var/lib/spamassassin/DecodeShortURLs.db
116
117       url_shortener_cache_username  (default: none)
118           The username that should be used to connect to the database.  Not
119           used for SQLite.
120
121       url_shortener_cache_password  (default: none)
122           The password that should be used to connect to the database.  Not
123           used for SQLite.
124
125       url_shortener_cache_ttl       (default: 86400)
126           The length of time a cache entry will be valid for in seconds.
127           Default is 86400 (1 day).
128
129           See "url_shortener_cache_autoclean" for database cleaning.
130
131       url_shortener_cache_autoclean (default: 1000)
132           Automatically purge old entries from database.  Value describes a
133           random run chance of 1/x.  The default value of 1000 means that
134           cleaning is run approximately once for every 1000 messages
135           processed.  Value of 1 would mean database is cleaned every time a
136           message is processed.
137
138           Set 0 to disable automatic cleaning and to do it manually.
139
140       url_shortener_loginfo           (default: 0 (off))
141           If this option is enabled (set to 1), then short URLs and the
142           decoded URLs will be logged with info priority.
143
144       url_shortener_timeout     (default: 5)
145           Maximum time a short URL HTTP request can take, in seconds.
146
147       max_short_urls                 (default: 10)
148           Maximum amount of short URLs that will be looked up per message.
149           Chained redirections are not counted, only initial short URLs
150           found.
151
152           Setting it to 0 disables HTTP requests, allowing only short_url()
153           test to work and report any found shortener URLs.
154
155       max_short_url_redirections     (default: 10)
156           Maximum depth of chained redirections that a short URL can
157           generate.
158
159       url_shortener_user_agent       (default: Mozilla/5.0 (Windows NT 10.0;
160       Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.67
161       Safari/537.36)
162           Set User-Agent header for HTTP requests.  Some services require it
163           to look like a common browser.
164

ACKNOWLEDGEMENTS

166       Original DecodeShortURLs plugin was developed by Steve Freegard.
167
168
169
170perl v5.38.0                    Ma2i0l2:3:-S0p7a-m2A2ssassin::Plugin::DecodeShortURLs(3)