http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5644
------- Additional Comments From [EMAIL PROTECTED] 2007-11-13 00:53 ------- (In reply to comment #4) > On a general note: I'm observing occasional similar degenarete cases > (as are also reported on a mailing list from time to time) ever since > the change was made from one-line-at-a-time rule application, to > per-paragraph rule application. Such cases are not frequent, but when > they hit, it is not unusual they cause a massive disruption in mail flow, > mostly because such mail comes in multiple similar instances at about > the same period. Admittedly it is often the mainstream SARE rules that > take the worst hit, but the problem is not exclusive to SARE rules. > > When SpamAssassin takes more then a period a client is willing > to wait (depending on a setup), a timed-out mail may stay in a > MTA queue for a retry, aggreviating the situation. > > The situation is quite unfortunate. If someone should want to cause > a DoS, it should not be too hard to target a couple of problematic > rules and devise a crafted message to purposely cause lengthy regexp > evaluation. I wonder if this is a good situation for a reputation of > a service that more and more folks depend upon to run mostly unattended. > > Apart from reverting to per-line regexps (at the expense of accuracy), > I don't have a good solution. Perhaps limiting paragraphs in size, > maybe compressing spans of 3+ occurrences of same characters before > applying rules, ... ? I think we should discuss reverting back to per-line regexps, as I agree with your thoughts regarding reliability etc. Shall I open a bug? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
