1557 – Tool to expand on test results

Bug 1557 - Tool to expand on test results

Summary: Tool to expand on test results

Status:	RESOLVED WONTFIX

Alias:	None

Product:	Spamassassin
Classification:	Unclassified
Component:	Tools (show other bugs)
Version:	SVN Trunk (Latest Devel Version)
Hardware:	All All

Importance:	P5 enhancement
Target Milestone:	Undefined
Assignee:	SpamAssassin Developer Mailing List

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2003-02-25 09:03 UTC by Robert J. Accettura
Modified:	2004-12-01 08:27 UTC (History)
CC List:	0 users

Attachment	Type	Modified	Status	Actions	Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Robert J. Accettura 2003-02-25 09:03:32 UTC

I would like to propose a new tool for distribution with SpamAssassin.  I
personally like the ability to turn off reports... but... sometimes later I find
that I would like to see that report on certain spam items....

Many I think turn them off by default, so that it doesn't fluster end users...
if they filter, they filter, if not, just extra tags in the header... nothing to
bewilder them.   

The headers have the tests in them, but it's pretty cryptic.  
So my proposition is to create a perl script that can take the header, and
expand it into a detailed analysis like the reports do (or perhaps take it a
step further.

Lets face it... this isn't the most easily understood header:
-------------------------------------------------------------------
X-Spam-Flag: YES
X-Spam-Status: Yes, hits=19.3 required=5.0
	tests=BAYES_80,CLICK_BELOW,HEADER_8BITS,HTML_80_90,
	      HTML_FONT_COLOR_BLUE,HTML_FONT_COLOR_RED,
	      HTML_FONT_COLOR_UNSAFE,HTML_FONT_FACE_ODD,HTML_MESSAGE,
	      HTML_TAG_EXISTS_TBODY,KOREAN_UCE_SUBJECT,MAILTO_LINK,
	      MIME_HTML_ONLY,NO_REAL_NAME,SUBJ_FULL_OF_8BITS
	version=2.51-cvs
X-Spam-Level: *******************
X-Spam-Checker-Version: SpamAssassin 2.51-cvs 1.174-2003-02-20-exp
-------------------------------------------------------------------

Also, would be really nice to process spam that didn't get caught (hence no
report) to easily see what it did catch.

Perhaps to "kick it up a notch" the script could highlight in the email, what it
catches,   For example, it could list the tests it used on top, each in a
different color/style, etc.... then display the email, coloring what it found.

Would be a good tool for development too.  A great way to see what is working,
and what isn't in a more visual manner.


I'm thinking of something kind of spamcop style.  You copy paste the email into
the system, and it shows you what's wrong.

Comment 1 Robert J. Accettura 2003-02-25 09:04:24 UTC

Changing:
severity -> enhancement
milestone -> 3.0

Comment 2 Rich Puhek 2003-02-25 10:57:14 UTC

Subject: Re: [SAdev]  Tool to expand on test results

Here's a tool that works for me. A couple of notes:

1) Doesn't like CR/LF pairs on the input email. Don't know if that's 
really a problem for anyone...
2) It's setup to be run on the machine running spamassassin/spamd. Works 
by parsing the SA config files so that any local rules/scores are picked 
up as well.
3) Output could be made prettier...

--Rich



bugzilla-daemon@hughes-family.org wrote:
> http://www.hughes-family.org/bugzilla/show_bug.cgi?id=1557
> 
> robert@accettura.com changed:
> 
>            What    |Removed                     |Added
> ----------------------------------------------------------------------------
>            Severity|normal                      |enhancement
>    Target Milestone|2.60                        |3.0
> 
> 
> 
> ------- Additional Comments From robert@accettura.com  2003-02-25 09:04 -------
> Changing:
> severity -> enhancement
> milestone -> 3.0
> 
> 
> 
> ------- You are receiving this mail because: -------
> You are the assignee for the bug, or are watching the assignee.
> 
> 
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Spamassassin-devel mailing list
> Spamassassin-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/spamassassin-devel


-- 

_________________________________________________________

Rich Puhek
ETN Systems Inc.
2125 1st Ave East
Hibbing MN 55746

tel:   218.262.1130
email: rpuhek@etnsystems.com
_________________________________________________________
#!/usr/bin/perl -w
#
#
#  splain_sa.pl  -- Explain the spamassassin tests that "hit" on this rule.


#Default settings...
$rule_location="/usr/share/spamassassin";

my %score;
my %rule;

$status="FALSE";

# read input email, find X-Spam-Status line to determine what hit.
while (<>) {
	chop;
	next if ( (!/\s*tests=/) and ($status eq "FALSE") );
	$status="TRUE";
	last if ( /version=/ );
	s/^\s*//;
	s/tests=//;
	push @tests, split /,/;
};


# read through SA config files. Build list of rules with descriptions and scores.
# look for lines like: describe\s(ruleset)\s(description) and 
#                      score\s(ruleset)\s(score)
#
# parse local.cf last to overwrite desc. and scores...

@files=`ls $rule_location/*.cf`;

foreach $file (@files) {
	#warn "opening: $file\n";
	open (RULE,$file) or die "unable to open $file $!\n";
	
	while (<RULE>) {
		chop;
		next unless ( /^(describe)\s*(\S*)\s*(.*)$/ or
				/^(score)\s*(\S*)\s*(.*)$/ );
		$type=$1;
		$test=$2;
		$value=$3;
		if ($type eq "describe") {
			$desc{$test} = $value;
			next;
		};
		if ($type eq "score") {
			$score{$test} = $value;
			next;
		};
		warn "error: soemthin's wrong, I shouldn't be here\n";
		next;
	};
	
	close RULE;
};


#once the lists are generated, iterate over the matched rules, print info.
print "The email matched the following rules:\n";
foreach $test (@tests) {
	next if $test =~ /^\W*$/;
	$score{$test} = "undefined" if (!defined($score{$test}));
	$desc{$test}  = "undefined" if (!defined($desc{$test}));
	
	print "test: $test score: $score{$test} desc: $desc{$test}\n";
};

Comment 3 Duncan Findlay 2004-12-01 17:27:43 UTC

I suspect this is less of an issue with the report safe method of encapsulating
spam (which maybe wasn't implemented when this was reported?). spamassassin -t
should probably do just fine.

Furthermore, with the number of potential formats for header lines, this may be
best left as a site-specific thing? It would be technically difficult to do this
with required generality, IMHO.

Marking WONTFIX to clean up bugzilla.