https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7210
Bug ID: 7210
Summary: URI_WP_HACKED_2 / __PS_TEST_LOC_WP matches legitimate
CiviCRM emails
Product: Spamassassin
Version: 3.4.1
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Rules
Assignee: [email protected]
Reporter: [email protected]
Hi there,
A recent email from the OpenAustralia Foundation had a link that was to their
CiviCRM enabled Wordpress site and that was matched by the __PS_TEST_LOC_WP
test used by the URI_WP_HACKED_2 rule. The URL in question is (tokens
anonymised):
https://www.openaustraliafoundation.org.au/wp-content/plugins/civicrm/civicrm/extern/url.php?u=000&qid=00000
Talking to Henare Degan from OpenAustralia about it on Twitter he pointed out
that this URL is inserted by the CiviCRM Wordpress plugin and so this will be a
pretty widespread false-positive match.
I would suggest that as CiviCRM is used by a lot of non-profits it might be
useful to exclude /wp-content/plugins/civicrm/ from the __PS_TEST_LOC_WP rule.
All the best and thanks for SpamAssassin!
Chris
--
You are receiving this mail because:
You are the assignee for the bug.
