Re: Unicode considered harmful again

2021-11-04 Thread Loren Wilton
In v4.x, Unicode support will be better. That also means it may be easier to make this sort of attack quieter in the future, as non-ASCII rules won't be definitively wrong as they are now. The question is whether non-ascii malicious rules could do anything more damaging than simply failing to

Re: Unicode considered harmful again

2021-11-04 Thread Benny Pedersen
On 2021-11-04 09:34, Damian wrote: >> Please convert all source code to ASCII. If it fails to compile, then it may have a trojan hiding in Unicode clothing. >Instructions unclear. CVE 2021-42574 It remains unclear (to me). What source code should spamassassin-users convert? Attached source

Re: timeouts on processing some messages, started October 24

2021-11-04 Thread Greg Troxel
I have captured a bad message. It seems innocuous; it's from me at a host in my domain, to me, basically From: g...@foo.lexort.com To: g...@lexort.com and has a body "foo", no DKIM headers, just Received, Subject, Message-Id. Processing this with my normal config results in the timeout. I

Re: Unicode considered harmful again

2021-11-04 Thread Jared Hall
On 11/4/2021 10:44 AM, Bill Cole wrote: On 2021-11-04 at 08:45:02 UTC-0400 (Thu, 4 Nov 2021 08:45:02 -0400) Jared Hall is rumored to have said: [...] 2) Beware of using somebody else's source code :) That's the really significant warning... Agreed.  Does one need to write a paper and

Re: Unicode considered harmful again

2021-11-04 Thread Bill Cole
On 2021-11-04 at 08:45:02 UTC-0400 (Thu, 4 Nov 2021 08:45:02 -0400) Jared Hall is rumored to have said: [...] 2) Beware of using somebody else's source code :) That's the really significant warning... The relevance to SA is that it uses a config system with "rules" that can be auto-updated

Re: Unicode considered harmful again

2021-11-04 Thread Rupert Gallagher
Original Message On Nov 4, 2021, 09:34, Damian < spamassas...@arcsin.de> wrote: > >> Please convert all source code to ASCII. If it fails to compile, > then it may have a trojan hiding in Unicode clothing. > > >Instructions unclear. > > CVE 2021-42574 > It remains unclear (to

Re: Unicode considered harmful again

2021-11-04 Thread Damian
>> Please convert all source code to ASCII. If it fails to compile, then it may have a trojan hiding in Unicode clothing. >Instructions unclear. CVE 2021-42574 It remains unclear (to me). What source code should spamassassin-users convert? Attached source code in emails? How should they

Re: Unicode considered harmful again

2021-11-04 Thread Rupert Gallagher
Original Message On Nov 4, 2021, 07:45, Damian < spamassas...@arcsin.de> wrote: >> Please convert all source code to ASCII. If it fails to compile, then it may >> have a trojan hiding in Unicode clothing. >Instructions unclear. CVE 2021-42574

Re: Unicode considered harmful again

2021-11-04 Thread Damian
Please convert all source code to ASCII. If it fails to compile, then it may have a trojan hiding in Unicode clothing. Instructions unclear.