On Dec 6, 2018, at 12:14 PM, John Hardin <jhar...@impsec.org> wrote: > > Runaway backtracking that was killing masscheck for several people.
Hrm, that is disconcerting. I'm not sure where any backtracking might be occurring... Can anyone help improve this suggested rule? rawbody AC_HTML_ENTITY_BONANZA_NEW (?:(?:\w|\s|[.,!?:'"()$])*(?:&(?:[A-Za-z0-9]{2,}|#(?:[0-9]{2,5}|x[0-9A-F]{2,4}));\s*)+){10,} describe AC_HTML_ENTITY_BONANZA_NEW Lots of HTML entities, possibly interspersed within words I don't see where there is backtracking, and I tested this on spamples prior to suggesting it... but clearly I must have missed something. Any help is appreciated. (John: is it worth sandboxing the other proposed ZW rule, AC_HTML_ZEROWIDTH_BONANZA, or would that be duplicated by the unicode ZW obfuscation rules? (The difference is that this is a rawbody rule.) Thanks! --- Amir