update SpamAssassin to 3.4.6

contains 2 fixes: - Fixed URIDNSBL not triggering meta rules - Fix false positive in T_KAM_HTML_FONT_INVALID on CSS color !important
2025-04-28 12:19:37 +00:00 · 2021-04-13 11:41:50 +02:00 · 2021-04-13 11:41:50 +02:00 · 79fe35d4fe
commit 79fe35d4fe
parent feec84cedd
17 changed files with 408 additions and 93 deletions
--- a/upstream/CREDITS
+++ b/upstream/CREDITS
@ -21,12 +21,12 @@ Project Management Committee (PMC):
   - Kevin A. McGrail
   - Michael Parker       http://www.amazon.com/o/registry/10BBAR2M03T6F
   - Joe Quinn
+   - Paul Stead

 Committers:

  This list contains committers in alphabetical order

-   - Paul Stead
   - Merijn van den Kroonenberg
   - Bryan Vest

--- a/upstream/Changes
+++ b/upstream/Changes
@ -1,4 +1,52 @@
 ------------------------------------------------------------------------
+r1888513 | hege | 2021-04-08 10:29:27 +0000 (Thu, 08 Apr 2021) | 2 lines
+ 
+ Bug 7892 - T_KAM_HTML_FONT_INVALID false positive for "<color> 
+!important"
+ 
+------------------------------------------------------------------------
+r1888498 | sidney | 2021-04-08 05:13:34 +0000 (Thu, 08 Apr 2021) | 1 line
+ 
+ Update PMC list
+------------------------------------------------------------------------
+r1888492 | sidney | 2021-04-08 04:01:39 +0000 (Thu, 08 Apr 2021) | 1 line
+ 
+ preparing to release 3.4.6-rc1
+------------------------------------------------------------------------
+r1888435 | hege | 2021-04-06 13:08:42 +0000 (Tue, 06 Apr 2021) | 2 lines
+ 
+ Revert Revision 1878575,1878574,1878572 (Bugs 7822, 7822), remove any 
+traces of undocumented check_cleanup from 3.4, metas do not work 
+correctly with it. URIDNSBL/HashBL revert to logging only first hit, any 
+improvements will be in 4.0 only.
+ 
+------------------------------------------------------------------------
+r1888433 | hege | 2021-04-06 13:06:49 +0000 (Tue, 06 Apr 2021) | 2 lines
+ 
+ Bug 7897 - add test case for meta net-rules
+ 
+------------------------------------------------------------------------
+r1888042 | sidney | 2021-03-24 23:49:14 +0000 (Wed, 24 Mar 2021) | 1 line
+ 
+ post-release of 3.4.5 ready new development version 3.4.6 in case there 
+is any more development required in this branch
+------------------------------------------------------------------------
+r1888010 | sidney | 2021-03-24 14:27:23 +0000 (Wed, 24 Mar 2021) | 1 line
+ 
+ update 3.4.5 announcement file with actual checksums
+------------------------------------------------------------------------
+r1887843 | sidney | 2021-03-20 09:14:03 +0000 (Sat, 20 Mar 2021) | 1 line
+ 
+ preparing to release 3.4.5 (supersedes r1887620)
+------------------------------------------------------------------------
+r1887653 | sidney | 2021-03-14 21:37:10 +0000 (Sun, 14 Mar 2021) | 1 line
+ 
+ preparing to release 3.4.5-rc2
+------------------------------------------------------------------------
+r1887620 | sidney | 2021-03-14 08:16:27 +0000 (Sun, 14 Mar 2021) | 1 line
+ 
+ preparing to release 3.4.5
+------------------------------------------------------------------------
 r1887306 | hege | 2021-03-07 21:56:45 +0000 (Sun, 07 Mar 2021) | 2 lines
 
 Fix previous commit, need to allow multiple AskDNS hits
--- a/upstream/META.json
+++ b/upstream/META.json
@ -57,5 +57,5 @@
      },
      "x_MailingList" : "http://wiki.apache.org/spamassassin/MailingLists"
   },
-   "version" : "3.004005"
+   "version" : "3.004006"
 }
--- a/upstream/META.yml
+++ b/upstream/META.yml
@ -36,4 +36,4 @@ resources:
  license: http://www.apache.org/licenses/LICENSE-2.0.html
  repository: http://svn.apache.org/repos/asf/spamassassin/
  x_MailingList: http://wiki.apache.org/spamassassin/MailingLists
-version: 3.004005
+version: 3.004006
--- a/upstream/lib/Mail/SpamAssassin.pm
+++ b/upstream/lib/Mail/SpamAssassin.pm
@ -87,7 +87,7 @@ use Time::HiRes qw(time);
 use Cwd;
 use Config;

-our $VERSION = "3.004005";      # update after release (same format as perl $])
+our $VERSION = "3.004006";      # update after release (same format as perl $])
 #our $IS_DEVEL_BUILD = 1;        # 1 for devel build 
 our $IS_DEVEL_BUILD = 0;        # 0 for release versions including rc & pre releases

@ -101,18 +101,18 @@ our @ISA = qw();

 # SUB_VERSION is now just <yyyy>-<mm>-<dd>
 our $SUB_VERSION = 'svnunknown';
-if ('$LastChangedDate: 2021-03-20 22:14:03 +1300 (Sat, 20 Mar 2021) $' =~ ':') {
-  # Subversion keyword "$LastChangedDate: 2021-03-20 22:14:03 +1300 (Sat, 20 Mar 2021) $" has been successfully expanded.
+if ('$LastChangedDate: 2021-04-09 19:54:52 +1200 (Fri, 09 Apr 2021) $' =~ ':') {
+  # Subversion keyword "$LastChangedDate: 2021-04-09 19:54:52 +1200 (Fri, 09 Apr 2021) $" has been successfully expanded.
  # Doesn't happen with automated launchpad builds:
  # https://bugs.launchpad.net/launchpad/+bug/780916
-  $SUB_VERSION = (split(/\s+/,'$LastChangedDate: 2021-03-20 22:14:03 +1300 (Sat, 20 Mar 2021) $ updated by SVN'))[1];
+  $SUB_VERSION = (split(/\s+/,'$LastChangedDate: 2021-04-09 19:54:52 +1200 (Fri, 09 Apr 2021) $ updated by SVN'))[1];
 }


 if (defined $IS_DEVEL_BUILD && $IS_DEVEL_BUILD) {
-  if ('$LastChangedRevision: 1887843 $' =~ ':') {
-    # Subversion keyword "$LastChangedRevision: 1887843 $" has been successfully expanded.
-    push(@EXTRA_VERSION, ('r' . qw{$LastChangedRevision: 1887843 $ updated by SVN}[1]));
+  if ('$LastChangedRevision: 1888548 $' =~ ':') {
+    # Subversion keyword "$LastChangedRevision: 1888548 $" has been successfully expanded.
+    push(@EXTRA_VERSION, ('r' . qw{$LastChangedRevision: 1888548 $ updated by SVN}[1]));
  } else {
    push(@EXTRA_VERSION, ('r' . 'svnunknown'));
  }
--- a/upstream/lib/Mail/SpamAssassin/HTML.pm
+++ b/upstream/lib/Mail/SpamAssassin/HTML.pm
@ -527,6 +527,10 @@ sub text_style {
              # do nothing, just prevent parsing of the valid
              # CSS3 property value as 'invalid color' (Bug 7778)
            }
+            elsif ($value eq '!important') {
+              # do nothing, just prevent parsing of the valid
+              # CSS3 property value as 'invalid color' (Bug 7892)
+            }
 	    else {
 	      $new{$whcolor} = name_to_rgb($value);
 	    }
--- a/upstream/lib/Mail/SpamAssassin/Plugin/Check.pm
+++ b/upstream/lib/Mail/SpamAssassin/Plugin/Check.pm
@ -202,9 +202,6 @@ sub check_main {
    $pms->{resolver}->finish_socket() if $pms->{resolver};
  }

-  # last chance to handle left callbacks, make rule hits etc
-  $self->{main}->call_plugins ("check_cleanup", { permsgstatus => $pms });
-
  if ($pms->{deadline_exceeded}) {
    $pms->got_hit('TIME_LIMIT_EXCEEDED', '', defscore => 0.001,
                  description => 'Exceeded time limit / deadline');
--- a/upstream/lib/Mail/SpamAssassin/Plugin/HashBL.pm
+++ b/upstream/lib/Mail/SpamAssassin/Plugin/HashBL.pm
@ -452,7 +452,6 @@ sub check_hashbl_emails {
  my $max = $opts =~ /\bmax=(\d+)\b/ ? $1 : 10;
  $#filtered_emails = $max-1 if scalar @filtered_emails > $max;

-  $pms->{hashbl_emails_count}{$rulename} = scalar @filtered_emails;
  foreach my $email (@filtered_emails) {
    $self->_submit_query($pms, $rulename, $email, $list, $opts, $subtest);
  }
@ -667,11 +666,9 @@ sub _submit_query {
 sub _finish_query {
  my ($self, $pms, $ent, $pkt) = @_;

-  my $rulename = $ent->{rulename};
-
  if (!$pkt) {
    # $pkt will be undef if the DNS query was aborted (e.g. timed out)
-    dbg("lookup was aborted: $rulename $ent->{key}");
+    dbg("lookup was aborted: $ent->{rulename} $ent->{key}");
    return;
  }

@ -679,35 +676,16 @@ sub _finish_query {
  my @answer = $pkt->answer;
  foreach my $rr (@answer) {
    if ($rr->address =~ $dnsmatch) {
-      dbg("$rulename: $ent->{zone} hit '$ent->{value}'");
+      dbg("$ent->{rulename}: $ent->{zone} hit '$ent->{value}'");
      $ent->{value} =~ s/\@/[at]/g;
-      # Hit now if only one query exists, otherwise call hits at scan end
-      if ($pms->{hashbl_emails_count}{$rulename} == 1) {
-        $pms->test_log($ent->{value});
-        $pms->got_hit($rulename, '', ruletype => 'eval');
-        $pms->register_async_rule_finish($rulename);
-      } else {
-        push @{$pms->{hashbl_emails_hits}{$rulename}}, $ent->{value};
-      }
+      $pms->test_log($ent->{value});
+      $pms->got_hit($ent->{rulename}, '', ruletype => 'eval');
+      $pms->register_async_rule_finish($ent->{rulename});
      return;
    }
  }
 }

-sub check_cleanup {
-  my ($self, $opts) = @_;
-
-  my $pms = $opts->{permsgstatus};
-
-  # Call any remaining hits
-  if (exists $pms->{hashbl_emails_hits}) {
-    foreach my $rulename (keys %{$pms->{hashbl_emails_hits}}) {
-      $pms->test_log(join(', ', sort @{$pms->{hashbl_emails_hits}{$rulename}}));
-      $pms->got_hit($rulename, '', ruletype => 'eval');
-    }
-  }
-}
-
 # Version features
 sub has_hashbl_bodyre { 1 }
 sub has_hashbl_emails { 1 }
--- a/upstream/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm
+++ b/upstream/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm
@ -1159,6 +1159,11 @@ sub got_dnsbl_hit {
  $str =~ s/\s+/  /gs;	# long whitespace => short
  dbg("uridnsbl: domain \"$dom\" listed ($rulename): $str");

+  if (!defined $pms->{uridnsbl_hits}->{$rulename}) {
+    $pms->{uridnsbl_hits}->{$rulename} = { };
+  };
+  $pms->{uridnsbl_hits}->{$rulename}->{$dom} = 1;
+
  if ( $pms->{uridnsbl_active_rules_nsrevipbl}->{$rulename}
    || $pms->{uridnsbl_active_rules_arevipbl}->{$rulename}
    || $pms->{uridnsbl_active_rules_nsrhsbl}->{$rulename}
@ -1167,20 +1172,14 @@ sub got_dnsbl_hit {
    || $pms->{uridnsbl_active_rules_rhsbl_ipsonly}->{$rulename}
    || $pms->{uridnsbl_active_rules_rhsbl_domsonly}->{$rulename})
  {
-    # Hits are saved and called in check_cleanup
-    $pms->{uridnsbl_hits}->{$rulename}->{$dom} = 1;
-  }
-}
+    # TODO: this needs to handle multiple domain hits per rule
+    $pms->clear_test_state();
+    my $uris = join (' ', keys %{$pms->{uridnsbl_hits}->{$rulename}});
+    $pms->test_log ("URIs: $uris");
+    $pms->got_hit ($rulename, "");

-sub check_cleanup {
-  my ($self, $opts) = @_;
-
-  my $pms = $opts->{permsgstatus};
-
-  # Call any remaining hits
-  foreach my $rulename (keys %{$pms->{uridnsbl_hits}}) {
-    $pms->test_log("URIs: ".join(', ', sort keys %{$pms->{uridnsbl_hits}->{$rulename}}));
-    $pms->got_hit($rulename, '');
+    # note that this rule has completed (since it got at least 1 hit)
+    $pms->register_async_rule_finish($rulename);
  }
 }

--- a/upstream/powered_by/powered_by_SpamAssassin-v2.psd
+++ b/upstream/powered_by/powered_by_SpamAssassin-v2.psd
--- a/upstream/rules/active.list
+++ b/upstream/rules/active.list
@ -1,6 +1,6 @@
 # DO NOT EDIT: file generated by build/mkupdates/listpromotable
 # active ruleset list, automatically generated from https://ruleqa.spamassassin.org/
-# with results from: last-net: net-axb-coi-bulk net-axb-generic net-axb-ham-misc net-darxus net-ena-week0 net-ena-week1 net-ena-week2 net-ena-week3 net-ena-week4 net-giovanni-ham net-giovanni-spam net-giovanni-spammy net-grenier net-jhardin net-llanga net-mmiroslaw-mails-ham net-mmiroslaw-mails-spam net-pds net-sihde net-spamsponge net-thendrikx; day 1: axb-coi-bulk axb-generic axb-ham-misc darxus ena-week0 ena-week1 ena-week2 ena-week3 ena-week4 giovanni-ham giovanni-spam giovanni-spammy grenier jhardin llanga mmiroslaw-mails-ham mmiroslaw-mails-spam pds sihde spamsponge thendrikx; day 2: axb-coi-bulk axb-generic axb-ham-misc darxus ena-week0 ena-week1 ena-week2 ena-week3 ena-week4 giovanni-ham giovanni-spam giovanni-spammy grenier jhardin llanga mmiroslaw-mails-ham mmiroslaw-mails-spam pds sihde spamsponge thendrikx; day 3: axb-coi-bulk axb-generic axb-ham-misc darxus ena-week0 ena-week1 ena-week2 ena-week3 ena-week4 giovanni-ham giovanni-spam giovanni-spammy grenier jhardin llanga mmiroslaw-mails-ham mmiroslaw-mails-spam pds sihde spamsponge thendrikx; day 4: axb-coi-bulk axb-generic axb-ham-misc darxus ena-week0 ena-week1 ena-week2 ena-week3 ena-week4 giovanni-ham giovanni-spam giovanni-spammy grenier jhardin llanga mmiroslaw-mails-ham mmiroslaw-mails-spam pds sihde spamsponge thendrikx; day 5: axb-coi-bulk axb-generic axb-ham-misc darxus ena-week0 ena-week1 ena-week2 ena-week3 ena-week4 giovanni-ham giovanni-spam giovanni-spammy grenier llanga mmiroslaw-mails-ham mmiroslaw-mails-spam pds sihde spamsponge thendrikx
+# with results from: last-net: net-axb-coi-bulk net-axb-generic net-axb-ham-misc net-darxus net-ena-week0 net-ena-week1 net-ena-week2 net-ena-week3 net-ena-week4 net-grenier net-jhardin net-llanga net-mmiroslaw-mails-ham net-mmiroslaw-mails-spam net-pds net-sihde net-spamsponge net-thendrikx; day 1: axb-coi-bulk axb-generic axb-ham-misc darxus ena-week0 ena-week1 ena-week2 ena-week3 ena-week4 giovanni-ham giovanni-spam giovanni-spammy grenier jhardin llanga mmiroslaw-mails-ham mmiroslaw-mails-spam pds sihde spamsponge thendrikx; day 2: axb-coi-bulk axb-generic axb-ham-misc darxus ena-week0 ena-week1 ena-week2 ena-week3 ena-week4 giovanni-ham giovanni-spam giovanni-spammy grenier jhardin llanga mmiroslaw-mails-ham mmiroslaw-mails-spam pds sihde spamsponge thendrikx; day 3: axb-coi-bulk axb-generic axb-ham-misc darxus ena-week0 ena-week1 ena-week2 ena-week3 ena-week4 giovanni-ham giovanni-spam giovanni-spammy grenier jhardin llanga mmiroslaw-mails-ham mmiroslaw-mails-spam pds sihde spamsponge thendrikx; day 4: axb-coi-bulk axb-generic axb-ham-misc darxus ena-week0 ena-week1 ena-week2 ena-week3 ena-week4 giovanni-ham giovanni-spam giovanni-spammy grenier jhardin llanga mmiroslaw-mails-ham mmiroslaw-mails-spam pds sihde spamsponge thendrikx; day 5: axb-coi-bulk axb-generic axb-ham-misc darxus ena-week0 ena-week1 ena-week2 ena-week3 ena-week4 giovanni-ham giovanni-spam giovanni-spammy grenier jhardin llanga mmiroslaw-mails-ham mmiroslaw-mails-spam pds sihde spamsponge thendrikx

 # good enough
 ACCT_PHISHING_MANY
@ -236,9 +236,6 @@ BITCOIN_XPRIO
 # tflags publish
 BITCOIN_YOUR_INFO

-# good enough
-BODY_EMPTY
-
 # good enough
 BODY_SINGLE_URI

@ -275,9 +272,6 @@ CHARSET_FARAWAY
 # tflags userconf
 CHARSET_FARAWAY_HEADER

-# good enough
-CK_HELO_GENERIC
-
 # tflags publish
 CN_B2B_SPAMMER

@ -299,15 +293,15 @@ CTE_8BIT_MISMATCH
 # good enough
 CTYPE_NULL

+# good enough
+DATE_IN_FUTURE_96_Q
+
 # tflags publish
 DAY_I_EARNED

 # good enough
 DEAR_BENEFICIARY

-# good enough
-DEAR_WINNER
-
 # tflags net
 DIGEST_MULTIPLE

@ -377,9 +371,6 @@ DOTGOV_IMAGE
 # good enough
 DSN_NO_MIMEVERSION

-# good enough
-DUP_SUSP_HDR
-
 # tflags publish
 DX_TEXT_02

@ -410,6 +401,12 @@ ENV_AND_HDR_SPF_MATCH
 # good enough
 FAKE_REPLY_A1

+# good enough
+FAKE_REPLY_B
+
+# good enough
+FAKE_REPLY_C
+
 # tflags publish
 FBI_MONEY

@ -569,9 +566,6 @@ FROM_SUSPICIOUS_NTLD
 # tflags publish
 FROM_SUSPICIOUS_NTLD_FP

-# good enough
-FROM_WEBSITE
-
 # good enough
 FROM_WSP_TRAIL

@ -668,9 +662,6 @@ GB_FREEMAIL_DISPTO_NOTFREEM
 # tflags publish
 GB_GOOGLE_OBFUR

-# good enough
-GB_GOOGLE_OBFUS
-
 # tflags publish
 GOOGLE_DOCS_PHISH

@ -746,9 +737,6 @@ HELO_LH_HOME
 # good enough
 HELO_LOCALHOST

-# good enough
-HELO_MISC_IP
-
 # tflags publish
 HELO_NO_DOMAIN

@ -861,7 +849,7 @@ LONG_INVISIBLE_TEXT
 LOTS_OF_MONEY

 # good enough
-LOTTO_AGENT
+LOTTO_DEPT

 # tflags publish
 LUCRATIVE
@ -1091,6 +1079,9 @@ PDS_FROM_NAME_TO_DOMAIN
 # tflags net
 PDS_HELO_SPF_FAIL

+# good enough
+PDS_NAKED_TO_NUMERO
+
 # good enough
 PDS_NO_FULL_NAME_SPOOFED_URL

@ -1098,7 +1089,7 @@ PDS_NO_FULL_NAME_SPOOFED_URL
 PDS_OTHER_BAD_TLD

 # good enough
-PDS_SHORTFWD_URISHRT_QP
+PDS_SHORTFWD_URISHRT_FP

 # good enough
 PDS_SHORT_SPOOFED_URL
@ -1121,12 +1112,6 @@ PDS_TONAME_EQ_TOLOCAL_VSHORT
 # good enough
 PDS_TO_EQ_FROM_NAME

-# good enough
-PDS_URISHRT_LOCALPART_SUBJ
-
-# good enough
-PDS_X_PHP_WP_EXP
-
 # tflags publish
 PHISH_ATTACH

@ -1397,6 +1382,15 @@ RCVD_IN_SORBS_WEB
 # tflags net
 RCVD_IN_SORBS_ZOMBIE

+# tflags net
+RCVD_IN_VALIDITY_CERTIFIED
+
+# tflags net
+RCVD_IN_VALIDITY_RPBL
+
+# tflags net
+RCVD_IN_VALIDITY_SAFE
+
 # tflags net
 RCVD_IN_XBL

@ -1415,9 +1409,6 @@ RDNS_NUM_TLD_XM
 # good enough
 READY_TO_SHIP

-# good enough
-REPLYTO_EMPTY
-
 # good enough
 REPLYTO_WITHOUT_TO_CC

@ -1559,6 +1550,9 @@ SUBJECT_IN_BLACKLIST
 # tflags userconf
 SUBJECT_IN_WHITELIST

+# good enough
+SUBJ_ATTENTION
+
 # tflags net
 SUBJ_BRKN_WORDNUMS

@ -1586,6 +1580,9 @@ THIS_AD
 # tflags publish
 THIS_IS_ADV_SUSP_NTLD

+# good enough
+THREAD_INDEX_HEX
+
 # tflags publish
 TONLINE_FAKE_DKIM

@ -1637,9 +1634,6 @@ TO_NO_BRKTS_PCNT
 # tflags publish
 TO_TOO_MANY_WFH_01

-# good enough
-TRANSFORM_LIFE
-
 # good enough
 TVD_IP_HEX

@ -1925,9 +1919,6 @@ XFER_LOTSA_MONEY
 # tflags publish
 XM_DIGITS_ONLY

-# good enough
-XM_LIGHT_HEAVY
-
 # tflags publish
 XM_PHPMAILER_FORGED

--- a/upstream/t/data/dkim/test-pass-20.msg
+++ b/upstream/t/data/dkim/test-pass-20.msg
@ -0,0 +1,15 @@
+DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=
+	sa-test.spamassassin.org; h=from:to:subject:message-id:date
+	:mime-version:content-type; s=t0512; bh=15pFrAvOGi+eHKJgB6psh6iI
+	BCbvYSuhPj+wQn6C7Ss=; b=XaUxvujH+n+i0ABzd5x1ItymfUliXUaW3CuyMCIG
+	aMalpjxOZsu95GzcVpGsIE5qX5RY4ENP3cn6hfs634FDHw==
+From: SpamAssassin Test <test@sa-test.spamassassin.org>
+To: undisclosed-recipients:;
+Subject: test message 19
+X-Foobar: it's really test 20 but with crlf added
+Message-ID: <4A294538.10002@spamassassin.org>
+Date: Mon, 08 Jun 2009 12:00:00 +0000
+MIME-Version: 1.0
+Content-Type: text/plain; charset=us-ascii
+
+testing
--- a/upstream/t/data/dkim/test-pass-21.msg
+++ b/upstream/t/data/dkim/test-pass-21.msg
@ -0,0 +1,15 @@
+DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=
+	sa-test.spamassassin.org; h=from:to:subject:message-id:date
+	:mime-version:content-type; s=t0512; bh=15pFrAvOGi+eHKJgB6psh6iI
+	BCbvYSuhPj+wQn6C7Ss=; b=XaUxvujH+n+i0ABzd5x1ItymfUliXUaW3CuyMCIG
+	aMalpjxOZsu95GzcVpGsIE5qX5RY4ENP3cn6hfs634FDHw==
+From: SpamAssassin Test <test@sa-test.spamassassin.org>
+To: undisclosed-recipients:;
+Subject: test message 19
+X-Foobar: it's really test 21 but with crlf added and bug 7785
+Message-ID: <4A294538.10002@spamassassin.org>
+Date: Mon, 08 Jun 2009 12:00:00 +0000
+MIME-Version: 1.0
+Content-Type: text/plain; charset=us-ascii
+
+testing
--- a/upstream/t/data/dkim/test-pass-22.msg
+++ b/upstream/t/data/dkim/test-pass-22.msg
@ -0,0 +1,16 @@
+X-Foobar: first line, verify crlf detection works vs test 21
+DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=
+	sa-test.spamassassin.org; h=from:to:subject:message-id:date
+	:mime-version:content-type; s=t0512; bh=15pFrAvOGi+eHKJgB6psh6iI
+	BCbvYSuhPj+wQn6C7Ss=; b=XaUxvujH+n+i0ABzd5x1ItymfUliXUaW3CuyMCIG
+	aMalpjxOZsu95GzcVpGsIE5qX5RY4ENP3cn6hfs634FDHw==
+From: SpamAssassin Test <test@sa-test.spamassassin.org>
+To: undisclosed-recipients:;
+Subject: test message 19
+X-Foobar: it's really test 22 but with crlf added and bug 7785
+Message-ID: <4A294538.10002@spamassassin.org>
+Date: Mon, 08 Jun 2009 12:00:00 +0000
+MIME-Version: 1.0
+Content-Type: text/plain; charset=us-ascii
+
+testing
--- a/upstream/t/data/dkim/test-pass-23.msg
+++ b/upstream/t/data/dkim/test-pass-23.msg
@ -0,0 +1,15 @@
+DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=
+	sa-test.spamassassin.org; h=from:to:subject:message-id:date
+	:mime-version:content-type; s=t0512; bh=15pFrAvOGi+eHKJgB6psh6iI
+	BCbvYSuhPj+wQn6C7Ss=; b=XaUxvujH+n+i0ABzd5x1ItymfUliXUaW3CuyMCIG
+	aMalpjxOZsu95GzcVpGsIE5qX5RY4ENP3cn6hfs634FDHw==
+From: SpamAssassin Test <test@sa-test.spamassassin.org>
+To: undisclosed-recipients:;
+Subject: test message 19
+X-Foobar: it's really test 23 with crlf only in the end test
+Message-ID: <4A294538.10002@spamassassin.org>
+Date: Mon, 08 Jun 2009 12:00:00 +0000
+MIME-Version: 1.0
+Content-Type: text/plain; charset=us-ascii
+
+testing
--- a/upstream/t/uri_saferedirect.t
+++ b/upstream/t/uri_saferedirect.t
@ -0,0 +1,233 @@
+#!/usr/bin/perl -w -T
+
+# test URI redirecton patterns
+
+BEGIN {
+  if (-e 't/test_dir') { # if we are running "t/rule_names.t", kluge around ...
+    chdir 't';
+  }
+
+  if (-e 'test_dir') {            # running from test directory, not ..
+    unshift(@INC, '../blib/lib');
+  }
+}
+
+my $prefix = '.';
+if (-e 'test_dir') {            # running from test directory, not ..
+  $prefix = '..';
+}
+
+use strict;
+use lib '.'; use lib 't';
+use SATest; sa_t_init("uri_html");
+use Test::More tests => 2;
+use Mail::SpamAssassin;
+use vars qw(%patterns %anti_patterns);
+
+# initialize SpamAssassin
+my $sa = create_saobj({'dont_copy_prefs' => 1});
+
+$sa->init(0); # parse rules
+
+# load tests and write mail
+%patterns = ();
+%anti_patterns = ();
+my $message = write_mail();
+
+my $mail = $sa->parse($message);
+my $msg = Mail::SpamAssassin::PerMsgStatus->new($sa, $mail);
+
+my $uris = join("\n", $msg->get_uri_list(), "");
+
+# run patterns and anti-patterns
+my $failures = 0;
+for my $pattern (keys %patterns) {
+  if ($uris !~ /${pattern}/m) {
+    print "did not find $pattern\n";
+    $failures++;
+  }
+}
+ok(!$failures);
+$failures = 0;
+
+for my $anti_pattern (keys %anti_patterns) {
+  if ($uris =~ /${anti_pattern}/m) {
+    print "did find $anti_pattern\n";
+    $failures++;
+  }
+}
+ok(!$failures);
+
+# function to write test email
+sub write_mail {
+    my $msg = <<'EOF';
+Message-ID: <clean.1010101@example.com>
+Date: Mon, 07 Oct 2002 09:00:00 +0000
+From: Sender <sender@example.com>
+MIME-Version: 1.0
+To: Recipient <recipient@example.com>
+Subject: this is a trivial message
+Content-Type: multipart/related;
+	boundary="--IDYGGVGT_LIYGR"
+
+----IDYGGVGT_LIYGR
+Content-Type: text/plain
+Content-Transfer-Encoding: 7bit
+
+This text part is ignored
+http://www.dontputthisinthetestdata.com
+
+----IDYGGVGT_LIYGR
+Content-Type: text/html; charset=us-ascii
+Content-Transfer-Encoding: 8bit
+
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text; charset=iso-8859-1">
+</head>
+<body>
+EOF
+
+  while (<DATA>) {
+    chomp;
+    next if /^#/;
+    if (/^(.*?)\t+(.*?)\s*$/) {
+      my $string = $1;
+      my @patterns = split(' ', $2);
+      if ($string && @patterns) {
+	$msg .= qq@<a href="http://www.notexample.com" data-saferedirecturl="$string">click here</a>\n@;
+	for my $pattern (@patterns) {
+	  if ($pattern =~ /^\!(.*)/) {
+	    $anti_patterns{$1} = 1;
+	  }
+	  else {
+	    $patterns{$pattern} = 1;
+	  }
+	}
+      }
+    }
+  }
+  $msg .= "</body>\n</html>\n\n----IDYGGVGT_LIYGR--\n";
+
+  return $msg;
+}
+
+# <line>    : <string><tabs><matches>
+# <string>  : string in the body
+# <tabs>    : one or more tabs
+# <matches> : patterns expected to be found in URI output, if preceded by ! if
+#             it is an antipattern, each pattern is separated by whitespace
+__DATA__
+www5.poh6feib.com	poh6feib
+vau6yaer.com		vau6yaer
+www5.poh6feib.info	poh6feib
+Haegh3de.co.uk		Haegh3de
+
+ftp.yeinaix3.co.uk	ftp://ftp.yeinaix3.co.uk !http://ftp.yeinaix3.co.uk
+ftp5.riexai5r.co.uk	http://ftp5.riexai5r.co.uk !ftp://ftp5.riexai5r.co.uk
+
+http://10.1.3.1/	10.1.3.1
+
+=www.deiJ1pha.com	www.deiJ1pha.com
+@www.Te0xohxu.com	www.Te0xohxu.com
+.www.kuiH5sai.com	www.kuiH5sai.com
+
+a=www.zaiNgoo7.com	www.zaiNgoo7.com
+c.www.moSaoga8.com	www.moSaoga8.com
+
+http://www.example.com/about/wahfah7d.html	wahfah7d
+http://www.example.com?xa1kaLuo			\?xa1kaLuo
+http://www.lap7thob.com/			^http://www.lap7thob.com/$
+
+www.phoh1Koh.com/			^www.phoh1Koh.com/$
+www.Tar4caeg.com:80			http://www.Tar4caeg.com:80
+www.Coo4mowe.com:80/foo/foo.html	^www.Coo4mowe.com:80/foo/foo.html
+www.Nee2quae.com:80/			^www.Nee2quae.com:80/$
+
+HAETEI3D.com	HAETEI3D
+CUK3VEIZ.us	CUK3VEIZ
+CHAI7SAI.biz	CHAI7SAI
+VU4YAPHU.info	VU4YAPHU
+NAUVE1PH.net	NAUVE1PH
+LEIX6QUU.org	LEIX6QUU
+LOT1GOHV.ws	LOT1GOHV
+LI4JAIZI.name	LI4JAIZI
+BA1LOOXU.tv	BA1LOOXU
+yiez7too.CC	yiez7too
+huwaroo1.DE	huwaroo1
+chohza7t.JP	chohza7t
+the7zuum.BE	the7zuum
+sai6bahg.AT	sai6bahg
+leow3del.UK	leow3del
+ba5keinu.NZ	ba5keinu
+chae2shi.CN	chae2shi
+roo7kiey.TW	roo7kiey
+
+www.Chiew0ch.COM	www.Chiew0ch.COM
+www.thohY2qu.US		www.thohY2qu.US
+www.teiP7gei.BIZ	www.teiP7gei.BIZ
+www.xohThai8.INFO	www.xohThai8.INFO
+www.haik7Ram.NET	www.haik7Ram.NET
+www.Quaes3se.ORG	www.Quaes3se.ORG
+www.Chai6tah.WS		www.Chai6tah.WS
+www.Thuoth1y.NAME	www.Thuoth1y.NAME
+www.Chieb8ge.TV		www.Chieb8ge.TV
+WWW.quus4Rok.cc		WWW.quus4Rok.cc
+WWW.maic6Hei.de		WWW.maic6Hei.de
+WWW.he4Hiize.jp		WWW.he4Hiize.jp
+WWW.Soh1toob.be		WWW.Soh1toob.be
+WWW.chahMee5.at		WWW.chahMee5.at
+WWW.peepooN0.uk		WWW.peepooN0.uk
+WWW.Kiox3phi.nz		WWW.Kiox3phi.nz
+WWW.jong3Xou.cn		WWW.jong3Xou.cn
+WWW.waeShoe0.tw		WWW.waeShoe0.tw
+
+invalid_ltd.foo		!invalid_tld
+invalid_ltd.bar		!invalid_tld
+invalid_ltd.xyzzy	!invalid_tld
+invalid_ltd.co.zz	!invalid_tld
+
+www.invalid_ltd.foo	!invalid_tld
+www.invalid_ltd.bar	!invalid_tld
+www.invalid_ltd.xyzzy	!invalid_tld
+www.invalid_ltd.co.zz	!invalid_tld
+
+command.com		command.com
+
+# IPs for www.yahoo.com
+http://66.94.230.33	http://66.94.230.33
+http://1113515555	http://66.94.230.35
+
+http://www.luzoop5k.com		http://www.luzoop5k.com
+https://www.luzoop5k.com	https://www.luzoop5k.com
+ftp://www.luzoop5k.com		ftp://www.luzoop5k.com
+mailto:www.luzoop5k.com		mailto:www.luzoop5k.com
+file://www.luzoop5k.com		file://www.luzoop5k.com
+
+Http://www.auzoop5k.com		Http://www.auzoop5k.com
+Https://www.auzoop5k.com	Https://www.auzoop5k.com
+Ftp://www.auzoop5k.com		Ftp://www.auzoop5k.com
+Mailto:www.auzoop5k.com		Mailto:www.auzoop5k.com
+File://www.auzoop5k.com		File://www.auzoop5k.com
+
+# //<user>:<password>@<host>:<port>/<url-path>
+http://user:pass@jiefeet4.com:80/x/y	http://user:pass@jiefeet4.com:80/x/y
+
+puahi8si.com:80			puahi8si.com:80
+chop8tan.com:443		chop8tan.com:443
+
+ftp://name@su5queib.ca//etc/motd	ftp://name@su5queib.ca//etc/motd
+ftp://name@faikaj4t.dom/%2Fetc/motd	ftp://name@faikaj4t.dom//etc/motd
+
+#keyword:sportscar		!sportscar
+
+# test redirector pattern
+http://www.NATE.com/r/DM03/n%65verp4%79re%74%61%69%6c%2eco%6d/%62%61m/?m%61%6e=%6Di%634%39	http://neverp4yretail.com/bam/[?]man=mic49
+
+# test ignoring text portion of multipart with an html part
+http://www.nowhereinthetestdata.com		!http://www.dontputhisinthetestdata.com
+
+# questionable tests
+
+mailto://cah3neun@thaihe4d.com		mailto://cah3neun@thaihe4d.com
+mailto://jicu8vah@another@jicu8vah	jicu8vah@another@jicu8vah
--- a/upstream/t/uribl.t
+++ b/upstream/t/uribl.t
@ -7,7 +7,7 @@ use Test::More;
 plan skip_all => "Long running tests disabled" unless conf_bool('run_long_tests');
 plan skip_all => "Net tests disabled"          unless conf_bool('run_net_tests');
 plan skip_all => "Can't use Net::DNS Safely"   unless can_use_net_dns_safely();
-plan tests => 6;
+plan tests => 7;

 # ---------------------------------------------------------------------------

@ -16,6 +16,7 @@ plan tests => 6;
 q{ X_URIBL_B } => 'B',
 q{ X_URIBL_NS } => 'NS',
 q{ X_URIBL_DOMSONLY } => 'X_URIBL_DOMSONLY',
+ q{ META_URIBL_A } => 'META_URIBL_A',
 );

 %anti_patterns = (
@ -48,6 +49,9 @@ tstlocalrules(q{

  add_header all RBL _RBL_

+  # Bug 7897 - test that meta rules depending on net rules hit
+  meta META_URIBL_A X_URIBL_A
+
 });

 # note: don't leave -D here, it causes spurious passes