1Mail::SpamAssassin::PluUgsienr::CUoRnItDreitbauitle(d3M)Paeirll::DSopcaummAesnstaastsiionn::Plugin::URIDetail(3)
2
3
4
6 URIDetail - test URIs using detailed URI information
7
9 This plugin creates a new rule test type, known as "uri_detail". These
10 rules apply to all URIs found in the message.
11
12 loadplugin Mail::SpamAssassin::Plugin::URIDetail
13
15 The format for defining a rule is as follows:
16
17 uri_detail SYMBOLIC_TEST_NAME key1 =~ /value1/ key2 !~ /value2/ ...
18
19 Supported keys are:
20
21 "raw" is the raw URI prior to any cleaning (e.g.
22 "http://spamassassin.apache%2Eorg/").
23
24 "type" is the tag(s) which referenced the raw_uri. parsed is a faked
25 type which specifies that the raw_uri was parsed from the rendered
26 text.
27
28 "cleaned" is a list including the raw URI and various cleaned versions
29 of the raw URI (http://spamassassin.apache%2Eorg/,
30 https://spamassassin.apache.org/).
31
32 "text" is the anchor text(s) (text between <a> and </a>) that linked to
33 the raw URI.
34
35 "domain" is the domain(s) found in the cleaned URIs, as trimmed to
36 registrar boundary by Mail::SpamAssassin::Util::RegistrarBoundaries(3).
37
38 "host" is the full host(s) in the cleaned URIs. (Supported since SA
39 3.4.5)
40
41 Example rule for matching a URI where the raw URI matches "%2Ebar", the
42 domain "bar.com" is found, and the type is "a" (an anchor tag).
43
44 uri_detail TEST1 raw =~ /%2Ebar/ domain =~ /^bar\.com$/ type =~ /^a$/
45
46 Example rule to look for suspicious "https" links:
47
48 uri_detail FAKE_HTTPS text =~ /\bhttps:/ cleaned !~ /\bhttps:/
49
50 Regular expressions should be delimited by slashes.
51
52
53
54perl v5.32.1 2021-M0a3i-l2:5:SpamAssassin::Plugin::URIDetail(3)