Bug 6859 - ASN plugin should run on URI's too
Summary: ASN plugin should run on URI's too
Status: RESOLVED WONTFIX
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: Plugins (show other bugs)
Version: 3.3.2
Hardware: PC Linux
: P2 normal
Target Milestone: Undefined
Assignee: SpamAssassin Developer Mailing List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-11-03 16:51 UTC by Frank Ch. Eigler
Modified: 2021-04-22 16:54 UTC (History)
1 user (show)


Attachment Type Modified Status Actions Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Frank Ch. Eigler 2012-11-03 16:51:53 UTC 
For a spamming-oriented domain / hosting service, it is possible to spray out a bunch of spam ads with embedded URI's pointing to themselves, before the URIDNSBL services catch up and blacklist them.  It would be handy if the spamassassin machines could do a bit of this themselves, by identifying the ASN not only for the email originators, but also the IP addresses associated with web site URLs mentioned in the emails.

Then, ASNs associated with website spams could gradually be learned by the bayes system to build one's own URIBL.

See also bug #5655, which should be considered a prerequisite for this one.
Comment 1 Henrik Krohns 2021-04-22 16:54:44 UTC 
Not going to work for the reasons mentioned in Bug 5655. DNS lookup is required to lookup IP of URIs. Bayes is already tokenizing at that stage, it would have to be moved as the last thing in whole scan process to be able to use them. Also sa-learn would need using DNS then always for proper learning, since Bayes doesn't save the original tokens anywhere for reuse.

Forcefeeding Bayes all kinds stuff doesn't necessarily make it better either, as proven many times. Closing this stale one.