1Mail::SpamAssassin::PluUgsienr::CUoRnItDreitbauitle(d3M)Paeirll::DSopcaummAesnstaastsiionn::Plugin::URIDetail(3)
2
3
4
6 URIDetail - test URIs using detailed URI information
7
9 This plugin creates a new rule test type, known as "uri_detail". These
10 rules apply to all URIs found in the message.
11
12 loadplugin Mail::SpamAssassin::Plugin::URIDetail
13
15 The format for defining a rule is as follows:
16
17 uri_detail SYMBOLIC_TEST_NAME key1 =~ /value1/ key2 !~ /value2/ ...
18
19 Supported keys are:
20
21 "raw" is the raw URI prior to any cleaning (e.g.
22 "http://spamassassin.apache%2Eorg/").
23
24 "type" is the tag(s) which referenced the raw_uri. parsed is a faked
25 type which specifies that the raw_uri was parsed from the rendered
26 text.
27
28 "cleaned" is a list including the raw URI and various cleaned versions
29 of the raw URI (http://spamassassin.apache%2Eorg/,
30 https://spamassassin.apache.org/).
31
32 "text" is the anchor text(s) (text between <a> and </a>) that linked to
33 the raw URI.
34
35 "domain" is the domain(s) found in the cleaned URIs.
36
37 Example rule for matching a URI where the raw URI matches "%2Ebar", the
38 domain "bar.com" is found, and the type is "a" (an anchor tag).
39
40 uri_detail TEST1 raw =~ /%2Ebar/ domain =~ /^bar\.com$/ type =~ /^a$/
41
42 Example rule to look for suspicious "https" links:
43
44 uri_detail FAKE_HTTPS text =~ /\bhttps:/ cleaned !~ /\bhttps:/
45
46 Regular expressions should be delimited by slashes.
47
48
49
50perl v5.30.1 2020-M0a2i-l0:3:SpamAssassin::Plugin::URIDetail(3)