Parsing of address headers in spamassassin ($pms->get('From:name'))

Benning, Markus Wed, 24 Feb 2016 08:10:39 -0800

Hello,

recently i'm recieving mails which try to fool user by sending
mails with a From: like


From: "John Doe <john....@doe-company.tld>" <spamu...@spamdomain.tld>

While implementing a header check to detect such attempts i noticed
that SA seems to have problems parsing such addresses correctly.

When accessing the displayname with From:name the PerMsgStatus.pm module
only returns the string "\"John Doe".

$pms->get('From:name');

"John Doe

The regex should be extended to cover all characters of a quoted stringto the closing quote.


On line 2056 in PerMsgStatus.pm:

http://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm?view=markup#l2056

It should be extended to something like:

  if ($result =~ /^ \s* ( [^"]*? | "[^"]*" ) \s* < [^<>]* >/sx) {


Markus

--
https://markusbenning.de/

Parsing of address headers in spamassassin ($pms->get('From:name'))

Reply via email to