You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2005/02/17 19:36:42 UTC
[Bug 4144] New: FORGED_IMS_HTML and FORGED_IMS_TAGS false-positive.
http://bugzilla.spamassassin.org/show_bug.cgi?id=4144
Summary: FORGED_IMS_HTML and FORGED_IMS_TAGS false-positive.
Product: Spamassassin
Version: 3.0.2
Platform: Other
OS/Version: other
Status: NEW
Severity: normal
Priority: P5
Component: Rules
AssignedTo: dev@spamassassin.apache.org
ReportedBy: ssharma@odc.net
One of my users said they received a ham message that barely went over the limit
and these were the rules it hit on:
0.1 FORGED_RCVD_HELO Received: contains a forged HELO
0.0 HTML_60_70 BODY: Message is 60% to 70% HTML
0.0 HTML_MESSAGE BODY: HTML included in message
1.2 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.4 DNS_FROM_RFC_ABUSE RBL: Envelope sender in abuse.rfc-ignorant.org
1.7 FORGED_IMS_HTML IMS can't send HTML message only
1.9 FORGED_IMS_TAGS IMS mailers can't send HTML in this format
It scored 5.1 which barely bumped it over, but those two FORGED_IMS_* rules
might be scoring the message too high as it's a ham and not forged.
I'm running spamassassin 3.0.2 on Centos (RHEL-clone) 3.4. spamc is being
called from the LDA, maildrop.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4144] FORGED_IMS_HTML and FORGED_IMS_TAGS false-positive.
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4144
felicity@apache.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|3.1.1 |3.1.2
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4144] FORGED_IMS_HTML and FORGED_IMS_TAGS false-positive.
Posted by bu...@bugzilla.spamassassin.org.
http://bugzilla.spamassassin.org/show_bug.cgi?id=4144
Bob@Menschel.net changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|Undefined |3.1.1
------- Additional Comments From Bob@Menschel.net 2005-04-28 23:08 -------
Ran the attached email against 3.0.3 and 3.1 svn. Results:
X-Spam-Status: No, score=0.5 required=5.0 tests=ALL_TRUSTED,AWL,
FORGED_IMS_TAGS,HTML_60_70,HTML_MESSAGE autolearn=ham version=3.0.3
So FORGED_IMS_HTML is fixed. FORGED_IMS_TAGS remains.
debug: tests=ALL_TRUSTED,AWL,FORGED_IMS_TAGS,HTML_60_70,HTML_MESSAGE
debug: subtests=__ANY_IMS_MUA, __COMMENT_EXISTS, __CT, __CTYPE_HAS_BOUNDARY,
__CTYPE_MULTIPART_ALT, __HAS_MIMEOLE, __HAS_MSGID, __HAS_SUBJECT,
__HAS_X_MAILER, __IMS_MSGID, __IMS_MUA, __JS_DOCWRITE, __MIME_HTML, __MIME_QP,
__MIME_VERSION, __MSGID_OK_DIGITS, __NEXTPART_ALL, __NEXTPART_NORMAL,
__SANE_MSGID, __TAG_EXISTS_BODY, __TAG_EXISTS_HTML, __UNUSABLE_MSGID
By the definition of FORGED_IMS_TAGS, this email is flagged such because
__TAG_EXISTS_HEAD and __TAG_EXISTS_META didn't fire.
X-Mailer: Internet Mail Service (5.5.2655.55)
The question then becomes, can this version of IMS really generate such emails?
Given that FORGED_IMS_HTML and this email therefore falls well under the spam
threshold, I don't see any need to fix this in crisis mode before 3.1.0. So I'm
setting a provisional target threshold of 3.1.1.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4144] FORGED_IMS_HTML and FORGED_IMS_TAGS false-positive.
Posted by bu...@bugzilla.spamassassin.org.
http://bugzilla.spamassassin.org/show_bug.cgi?id=4144
------- Additional Comments From ssharma@odc.net 2005-02-17 10:38 -------
Created an attachment (id=2657)
--> (http://bugzilla.spamassassin.org/attachment.cgi?id=2657&action=view)
false positive email.
the email in question which hit on the FORGED_IMS_* tags.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4144] FORGED_IMS_HTML and FORGED_IMS_TAGS false-positive.
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4144
spamassassin@dostech.ca changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |DUPLICATE
------- Additional Comments From spamassassin@dostech.ca 2006-04-05 22:02 -------
Bug 4649 has a rule patch to fix this. Marking as dupe.
*** This bug has been marked as a duplicate of 4649 ***
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4144] FORGED_IMS_HTML and FORGED_IMS_TAGS false-positive.
Posted by bu...@bugzilla.spamassassin.org.
http://bugzilla.spamassassin.org/show_bug.cgi?id=4144
------- Additional Comments From ssharma@odc.net 2005-05-10 11:53 -------
sorry everyone. I don't have the full message, I asked the user but she doesn't
have it either. It hasn't come up again since I posted this bug.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4144] FORGED_IMS_HTML and FORGED_IMS_TAGS false-positive.
Posted by bu...@bugzilla.spamassassin.org.
http://bugzilla.spamassassin.org/show_bug.cgi?id=4144
------- Additional Comments From spamassassin@dostech.ca 2005-05-10 23:13 -------
Googling through some html messages sent through Yahoo! Groups, I couldn't find
any that lost their <head>s.
Here's an example: http://www.imc.org/ietf-mailsig/mail-archive/msg00720.html
So... it appears that it isn't mangling by Yahoo! Groups, which leaves us
pondering whether IMS can actually send mail without head tags.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4144] FORGED_IMS_HTML and FORGED_IMS_TAGS false-positive.
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4144
Bug 4144 depends on bug 4649, which changed state.
Bug 4649 Summary: [review] Outlook Express mails sent to Yahoo groups gets blocked when received
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4649
What |Old Value |New Value
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution| |FIXED
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4144] FORGED_IMS_HTML and FORGED_IMS_TAGS false-positive.
Posted by bu...@bugzilla.spamassassin.org.
http://bugzilla.spamassassin.org/show_bug.cgi?id=4144
------- Additional Comments From spamassassin@dostech.ca 2005-05-09 14:57 -------
Ajay can you please attach a *complete* message, including all of the received
headers?
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4144] FORGED_IMS_HTML and FORGED_IMS_TAGS false-positive.
Posted by bu...@bugzilla.spamassassin.org.
http://bugzilla.spamassassin.org/show_bug.cgi?id=4144
------- Additional Comments From spamassassin@dostech.ca 2005-05-02 20:52 -------
As far as I can tell, it's mangling by Yahoo! Groups that is causing this FP.
Unless anyone can provide a similar message (without <head> tags), sent directly
from an IMS client, we can fix this by adding a test for 'via Yahoo! Groups' to
the FORGED_IMS_TAGS meta test.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4144] FORGED_IMS_HTML and FORGED_IMS_TAGS false-positive.
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4144
spamassassin@dostech.ca changed:
What |Removed |Added
----------------------------------------------------------------------------
BugsThisDependsOn| |4649
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.