https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6188
Summary: ISO-2022-JP false positives on OBFUSCATING_COMMENT
Product: Spamassassin
Version: 3.3.0
Platform: Other
OS/Version: All
Status: NEW
Severity: major
Priority: P5
Component: Rules
AssignedTo: [email protected]
ReportedBy: [email protected]
http://ruleqa.spamassassin.org/20090831-r809502-n/OBFUSCATING_COMMENT/detail
OBFUSCATING_COMMENT is triggering abnormally large amounts with ISO-2022-JP
encoded mail.
rawbody __OBFUSCATING_COMMENT_A /\w(?:<![^>]*>)+\w/
rawbody __OBFUSCATING_COMMENT_B /[^\s>](?:<![^>]*>)+[^\s<]/
meta OBFUSCATING_COMMENT ((__OBFUSCATING_COMMENT_A && HTML_MESSAGE) ||
(__OBFUSCATING_COMMENT_B && MIME_HTML_ONLY))
describe OBFUSCATING_COMMENT HTML comments which obfuscate text
If I'm reading these regex correctly, it is looking for <! comment tags in the
middle of words or non-whitespace?
But if spamassassin (by default) does not decode the body of mail, then
<![^>]*> can be valid text in the body that is not parsed by the HTML parser,
since it is recognized as ISO-2022-JP formatted text.
--
Configure bugmail:
https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
