This is definitely a bug. spamdyke isn't correctly terminating the keyword value after loading it into memory, so when it searches the rDNS name for the keyword the search goes too far (tries to match the garbage in memory to text in the rDNS name). Like most uninitialized buffer errors, it behaves differently depending on how spamdyke was compiled and the system running it. For example, I can reproduce this on Mac OS X but not on OpenBSD or Fedora Core 4. Since those last two are my primary test platforms, this one slipped through.
For now, you should be able to work around this bug by reordering your keyword file so the entries are listed in order of increasing length (e.g. put "dyn" before "cable"). This bug will be fixed correctly in 4.0.6. Thanks for reporting this (and insisting on it)! BTW, spamdyke won't find a keyword like "dyn" in the middle of other text like "dynamic". In order to match, a keyword must (1) be at the beginning of the name, (2) be surrounded with non-alphanumeric characters (i.e. dots or dashes) AND include the rDNS name's TLD (e.g. "example" would not be found in "11.22.33.44.example.com") or (3) the keyword must begin with a dot AND match the entire end of the rDNS name (e.g. ".example.com" would match "11.22.33.44.example.com"). This logic exists to prevent a keyword like "dynamic" from matching "11.22.33.44.notdynamic.example.com". -- Sam Clippinger Erald Troja wrote: > Peter, > > If it is, it is not working not even once ;-) > > There's something really quirky with this issue, and it comes to play when > one starts to add keywords. > > We dump all in one file as we feel necessary, and let a script sort them and > uniquely list them. > > But again, even when manually jumping from 2 lines to 3 lines I've seen that > the pattern matching starts to break down. > > The most efficient way I've seen we can block is via the following pattern > > dynamic .com > dynamic .net > > Which successfuly catches any 'dynamic' keywords on the .net + .com TLDs. > > > ------------------------- > Erald Troja > [EMAIL PROTECTED] > 646.528.6671 > > -----Original Message----- > From: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> > > Date: Wed, 15 Oct 2008 00:42:40 > To: spamdyke users<[email protected]> > Subject: Re: [spamdyke-users] spamdyke + > ip-in-rdns-keyword-blacklist-entry option > > > > >> 2)Here' our ip-in-rdns-keyword-blacklist-file entries >> >> adsl >> cable >> dsl >> dyn >> dynamic >> ip >> kabel >> mtu >> nat >> pool >> ppp >> pppoe >> user >> .veloxzone.com.br >> .virtua.com.br >> xdsl >> >> > Does > dyn > not match > > dynamic > also? > > and > adsl > > dsl > also? > > Is it not double? > > Gruss, > Peter > > _______________________________________________ > spamdyke-users mailing list > [email protected] > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > _______________________________________________ > spamdyke-users mailing list > [email protected] > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
