https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6814
Adam Katz <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #3 from Adam Katz <[email protected]> --- (In reply to comment #2) > if I'm reading this right, axb's change for bug 6810 would not actually > fix that bug, instead changing the range 230-259 to 230-249. Did that get > tested? Doesn't look like it. > I'm also not seeing anything in here that would match 2/8 or 5/8, so I guess > I just need help reading this regex. Or maybe people reporting bugs are > using old rules? > > I think this chunk of the regex should match 224/8 - 255/8 and 0/8. Which I > think the regex was closer to before axb's change. I'd like vetting before I check this in: header RCVD_ILLEGAL_IP X-Spam-Relays-Untrusted =~ / (?:by|ip)=(?=\d+\.\d+\.\d+\.\d+ )(?:(?:0|2(?:2[4-9]|[3-5]\d)|192\.0\.2|198\.51\.100|203\.0\.113)\.|(?:\d+\.){0,3}(?!(?:2(?:[0-4]\d|5[0-5])|[01]?\d\d?)\b))/ Spaced as if /x (which is not supported by SA), / (?:by|ip)= (?=\d+\.\d+\.\d+\.\d+ ) (?: (?: 0 |2(?:2[4-9]|[3-5]\d) |192\.0\.2 |198\.51\.100 |203\.0\.113 )\. # this part matches the final octet in " by=10.1.2.326 " |(?:\d+\.){0,3}(?! (?: 2(?:[0-4]\d|5[0-5]) |[01]?\d\d? ) \b ) )/x Thanks to the use of by=, we can have improper IP addresses in here. Therefore, I added a check to ensure that we can't have e.g. "by=10.1.2.326" Testing: for ip in 1.2.3.4 0.1.2.3 223.4.5.6 2.3.4.5 127.0.0.1 255.255.255.255 10.251.257.14; do echo " by=$ip " |grep -P ' (?:by|ip)=(?=\d+\.\d+\.\d+\.\d+ )(?:(?:0|2(?:2[4-9]|[3-5]\d)|192\.0\.2|198\.51\.100|203\.0\.113)\.|(?:\d+\.){0,3}(?!(?:2(?:[0-4]\d|5[0-5])|[01]?\d\d?)\b))' || echo "$ip passed"; done 1.2.3.4 passed by=0.1.2.3 223.4.5.6 passed 2.3.4.5 passed 127.0.0.1 passed by=255.255.255.255 by=10.251.257.14 -- You are receiving this mail because: You are the assignee for the bug.
