Ubuntu Manpage: URIDetail - test URIs using detailed URI information

Provided by: spamassassin_3.4.2-0ubuntu0.18.04.5_all

NAME

       URIDetail - test URIs using detailed URI information

SYNOPSIS

       This plugin creates a new rule test type, known as "uri_detail".  These rules apply to all
       URIs found in the message.

         loadplugin    Mail::SpamAssassin::Plugin::URIDetail

RULE DEFINITIONS AND PRIVILEGED SETTINGS

       The format for defining a rule is as follows:

         uri_detail SYMBOLIC_TEST_NAME key1 =~ /value1/  key2 !~ /value2/ ...

       Supported keys are:

       "raw" is the raw URI prior to any cleaning (e.g. "http://spamassassin.apache%2Eorg/").

       "type" is the tag(s) which referenced the raw_uri.  parsed is a faked type which specifies
       that the raw_uri was parsed from the rendered text.

       "cleaned" is a list including the raw URI and various cleaned versions of the raw URI
       (http://spamassassin.apache%2Eorg/, http://spamassassin.apache.org/).

       "text" is the anchor text(s) (text between <a> and </a>) that linked to the raw URI.

       "domain" is the domain(s) found in the cleaned URIs.

       Example rule for matching a URI where the raw URI matches "%2Ebar", the domain "bar.com"
       is found, and the type is "a" (an anchor tag).

         uri_detail TEST1 raw =~ /%2Ebar/  domain =~ /^bar\.com$/  type =~ /^a$/

       Example rule to look for suspicious "https" links:

         uri_detail FAKE_HTTPS text =~ /\bhttps:/  cleaned !~ /\bhttps:/

       Regular expressions should be delimited by slashes.