Hi Robin,
On Mon, 13 Nov 2006 22:42:24 -0800
"Robin H. Johnson" <[EMAIL PROTECTED]> wrote:
> I've recently started seeing a lot of spam with insane dates bypassing
> teh check_basicheaders day count.
>
> A Date line from two of the emails:
> Tue, 19 Jan 2038 11:14:07 +0800
> Wed, 23 Mar 1969 05:57:34 -0900
... this one's fsck'd up, it should be a "Sun" instead of "Wed",
but see below
> I tried to figure out a pattern, and did manage to find one: All of
> them are outside of the 32-bit UNIX time, and Date::Parse fails on
> every single one of them because of this.
Hmm, the second works fine here, it just returns something smaller than
zero.
> I'm not sure of any easy fix to this, other than finding a smarter
> parser (I don't do enough Perl it seems).
You can try
use Date::Manip;
my $date = $transaction->header->get('Date');
return (DENY, "Mail with no Date header not accepted here")
unless $date;
# don't trust the printed day of week, ParseDate() fails if it's wrong
$date =~ s/^\w\w\w, //;
$date = ParseDate($date);
$date =~ /^(\d\d\d\d)(\d\d)(\d\d)(\d\d):(\d\d):(\d\d)$/;
my $secs = Date_SecsSince1970GMT($3,$2,$1,$4,$5,$6);
return (DECLINED) unless $secs;
return (DENY, "The Date in the header was too far in the past")
if $secs < time - ($self->{_days}*24*3600);
return (DENY, "The Date in the header was too far in the future")
if $secs > time + ($self->{_days}*24*3600);
tell me if it really works :)
Hanno
