https://issues.apache.org/SpamAssassin/show_bug.cgi?id=7082
Bug ID: 7082
Summary: possible loose check in URI_HEX
Product: Spamassassin
Version: 3.3.1
Hardware: PC
OS: Mac OS X
Status: NEW
Severity: normal
Priority: P2
Component: Rules
Assignee: [email protected]
Reporter: [email protected]
I have certain emails from some automated reports we send that are flagging
messages that have a line like this in the body for URI_HEX:
96.57.230.174 ool-6039e6ae.static.optonline.net
Sep 15 12:58:39.259 [42617] dbg: rules: ran uri rule URI_HEX ======> got hit:
"http://ool-6039e6ae";
This is easily reproducible (and I see the behavior with 3.4.0 as well).
I realize that it's important to match these encoded URLs, as spammers often
use them, but is it possible to make the check a little tighter?
Also, the debug statement put 'http://' in front of it, even though in this
case, it's not specified as a URI in the actual email message.
May be somewhat related to
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5664
--
You are receiving this mail because:
You are the assignee for the bug.
