Bug Tracker item #2692425, was opened at 2009-03-18 20:00
Message generated for change (Comment added) made by sbajic
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=1126467&aid=2692425&group_id=250683
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: RABL
Group: None
>Status: Closed
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: chris (interplanetaryc)
Assigned to: SteveB (steeeeeveee)
Summary: DNSBL Detection and Inoculation are broken
Initial Comment:
It appears that the dspam-3.8.0 code with regards to DNS Black List "Lookup"
and "RBLInoculate" is incompletely implemented and broken.
The is_blacklisted() function in dspam.c never finishes constructing a
reverse-octet address and the rest of the code is never used.
In particular, the call:
if (ptr == NULL && i<4)
Should be:
if (ptr == NULL && i>0 && i<4)
As it will always evaluate to "true" on the last octet and return out of the
function.
Further more, the expected return code of 127.0.0.2 is too limited for some
services (like zen.spamhaus.org) and needs to be expanded out to 127.0.0
Once detected, it appears that process_message isn't actually coded to
inoculate against the message properly.
(diffs to dspam.c to be submitted)
Finally, a minor change in dspam.cgi is necessary if you want to retrain
something that was incorrectly blacklisted:
+++ dspam.cgi 2009-03-17 09:07:52.000000000 -0700
@@ -377,7 +377,7 @@
my($rclass);
$rclass = "spam" if ($class eq "I" || $class eq "W" || $class eq "F");
- $rclass = "innocent" if ($class eq "S" || $class eq "M");
+ $rclass = "innocent" if ($class eq "S" || $class eq "M" || $class eq "N" );
----------------------------------------------------------------------
>Comment By: Stevan Bajic (sbajic)
Date: 2009-05-22 22:56
Message:
Issue is fixed. See following GIT commit:
http://dspam.git.sourceforge.net/git/gitweb.cgi?p=dspam;a=commit;h=e8a7e100c6e8e804874ed8c1bad390451de7cad3
----------------------------------------------------------------------
Comment By: chris (interplanetaryc)
Date: 2009-03-19 16:25
Message:
Yeah - that looks good, I used strstr as follows instead:
@@ -3731,11 +3756,13 @@
if (!bad) {
memcpy(&saddr, res->ai_addr, sizeof(struct sockaddr));
inet_ntoa_r(saddr.sin_addr, buff, sizeof(buff));
- if (!strcmp(buff, "127.0.0.2")) {
- STATUS("Blacklisted (%s)", attrib->value);
+ /* Blacklisted if any return in the 127.0.0.0/8 network
*/
+ if (strstr(buff, "127.0.0")) {
+ STATUS("Blacklisted (%s %s)", attrib->value,
strrchr(buff,'.'));
bad = 1;
I'll rebuild this against the 3.8.1 tree on git and submit diffs by
tomorrow.
----------------------------------------------------------------------
Comment By: SteveB (steeeeeveee)
Date: 2009-03-19 01:39
Message:
For the fix of the RBL Lookup you mean something like that here:
--- src/dspam.c 2006-12-12 16:33:45.000000000 +0100
+++ src/dspam.new.c 2007-12-04 00:46:24.873748650 +0100
@@ -3713,7 +3713,7 @@
while(ptr != NULL && i>=0 && i<4) {
octet[i] = ptr;
ptr = strtok(NULL, ".");
- if (ptr == NULL && i<4)
+ if (ptr == NULL && i!=0)
return 0;
i--;
}
@@ -3731,7 +3731,7 @@
if (!bad) {
memcpy(&saddr, res->ai_addr, sizeof(struct sockaddr));
inet_ntoa_r(saddr.sin_addr, buff, sizeof(buff));
- if (!strcmp(buff, "127.0.0.2")) {
+ if (strncmp(buff, "127.0.0.", 8) == 0) {
STATUS("Blacklisted (%s)", attrib->value);
bad = 1;
}
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=1126467&aid=2692425&group_id=250683
------------------------------------------------------------------------------
Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT
is a gathering of tech-side developers & brand creativity professionals. Meet
the minds behind Google Creative Lab, Visual Complexity, Processing, &
iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian
Group, R/GA, & Big Spaceship. http://www.creativitycat.com
_______________________________________________
Dspam-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspam-devel
