https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6814
--- Comment #2 from Darxus <[email protected]> --- Mattias, are you using current rules? A 3.3.x release of spamassassin? Commit fixing bug 6810: http://svn.apache.org/viewvc?rev=1353840&view=rev I'm finding breaking down this regex a little challenging. header RCVD_ILLEGAL_IP X-Spam-Relays-Untrusted =~ / (?:by|ip)=(?=\d+\.\d+\.\d+\.\d+ )(?:0|2(?:2[4-9]|[3-4]\d)|192\.0\.2|198\.51\.100|203\.0\.113)\./ axb, why was more than this line changed in that commit? Looks like we just need to worry about bad IPs matching this chunk: (?:0|2(?:2[4-9]|[3-4]\d)|192\.0\.2|198\.51\.100|203\.0\.113)\. And the end of that outer group is clear enough: 192\.0\.2|198\.51\.100|203\.0\.113 So what I'm not real clear on is: 0|2(?:2[4-9]|[3-4]\d) Wouldn't that be: 0/8 or 2 2,4-9 or 3-4,0-9 Which would result in including /8s: 0 224-229 230-249 That doesn't seem to match up well with the reserved space. And if I'm reading this right, axb's change for bug 6810 would not actually fix that bug, instead changing the range 230-259 to 230-249. Did that get tested? I'm also not seeing anything in here that would match 2/8 or 5/8, so I guess I just need help reading this regex. Or maybe people reporting bugs are using old rules? I think this chunk of the regex should match 224/8 - 255/8 and 0/8. Which I think the regex was closer to before axb's change. -- You are receiving this mail because: You are the assignee for the bug.
