1853 – Allow primary RBL tests to match only on certain responses

Bug 1853 - Allow primary RBL tests to match only on certain responses

Summary: Allow primary RBL tests to match only on certain responses

Status:	RESOLVED FIXED

Alias:	None

Product:	Spamassassin
Classification:	Unclassified
Component:	Rules (Eval Tests) (show other bugs)
Version:	SVN Trunk (Latest Devel Version)
Hardware:	Other other

Importance:	P3 normal
Target Milestone:	2.60
Assignee:	Daniel Quinlan

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2003-05-02 22:41 UTC by Daniel Quinlan
Modified:	2003-05-02 17:50 UTC (History)
CC List:	1 user (show)

Attachment	Type	Modified	Status	Actions	Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Daniel Quinlan 2003-05-02 22:41:38 UTC

Two RBL sub-tests suffer from a slight problem.  They only want to run
on -notfirsthop relays, but they are sub-tests of a relay test that runs
on every relay (including the first hop).  The tests are:

OVERALL%   SPAM%     HAM%     S/O    RANK   SCORE  NAME
   5988     2997     2991    0.501   0.00    0.00  (all messages)
100.000  50.0501  49.9499    0.501   0.00    0.00  (all messages as %)
  1.754   2.3690   1.1367    0.676   0.28    0.00  X_OSIRU_DUL
  2.739   3.2366   2.2401    0.591   0.19    0.00  X_NJABL_DIALUP

And they are defined as:

header X_OSIRU_DUL              rbleval:check_rbl_sub('osirusoft', '127.0.0.3')
header X_NJABL_DIALUP           rbleval:check_rbl_sub('njabl', '127.0.0.3')

There are three ways this could be fixed:

1. Allow a sub-test to be defined on -notfirsthop of a pre-existing RBL query
   (also known as a set).  This would be a bit nasty since check_rbl_sub would
   have to call a modified check_rbl_backend or reproduce a lot of the
   check_rbl_backend logic.

2. Just define new tests and rely on the DNS cache.  For example,

   header __NJABL_DIALUP  rbleval:check_rbl('njabl-notfirsthop', 'dnsbl.njabl.org.')
   tflags __NJABL_DIALUP  net
   header T_NJABL_DIALUP  rbleval:check_rbl_sub('njabl-notfirsthop', '127.0.0.3')
   tflags T_NJABL_DIALUP  net

   The first test is not used except to launch the query.  A bit ugly.
   I tried this first just to make sure the rules could actually be fixed
   and the results were very good:

OVERALL%   SPAM%     HAM%     S/O    RANK   SCORE  NAME
   5988     2997     2991    0.501   0.00    0.00  (all messages)
100.000  50.0501  49.9499    0.501   0.00    0.00  (all messages as %)
  0.852   1.7017   0.0000    1.000   0.91    0.01  T_NJABL_DIALUP
  0.852   1.7017   0.0000    1.000   0.91    0.01  T_OSIRU_DUL

It's only coincidence that the SPAM% numbers are the same, the hits
overlap less than 10% of the time.

3. Allow primary tests to use the subtest logic (so they only match on
   certain responses instead of all responses).  This also relies on the
   DNS cache.  This requires a few lines of code, but eliminates some launch
   rules.

Anyway, option 3 is the one I'm trying.  This bug obviously also includes
fixing those two DIALUP tests.

Comment 1 Daniel Quinlan 2003-05-03 01:50:40 UTC

Done.  This didn't really complicate things too much.  :-)

 Dns.pm       |   40 ++++++++++++++++------------------------
 EvalTests.pm |   12 ++++++------
 2 files changed, 22 insertions(+), 30 deletions(-)

And it also removes __FIVE10, replaces T_RCVD_IN_FIVETEN_DIALUP_NFH
(same number of hits), and adds two new tests (T_NJABL_DIALUP and T_OSIRU_DUL).

 70_cvs_rules_under_test.cf |   17 ++++++++++-------
 1 files changed, 10 insertions(+), 7 deletions(-)

You can now specify tests of this form:

header T_NJABL_DIALUP          rbleval:check_rbl('njabl-notfirsthop', 'dnsbl.n\
jabl.org.', '127.0.0.3')
tflags T_NJABL_DIALUP          net

The last argument (subtest) is optional and specifies the criteria to match
just like the subtest argument in check_rbl_set.