You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Linda Walsh <sa...@tlinx.org> on 2009/04/01 21:12:16 UTC
One BUG found: userpref whitelist pattern BUG/DOC prob;
Bowie Bailey wrote:
> Linda Walsh wrote:
>> I get many emails addressed to internal sendmail <id>'s.
>> 123456@mydomain, 1abd56.ef7890@mydomain
>>
>> (seem to fit a basic pattern but don't know how to specify the
>> pattern (or I don't have it right):
>> <(start of an email-address)>[0-9][0-9a-fA-F\.]+\@mydomain
> I think this is what you are looking for (untested):
>
> header MY_NUMBER_EMAIL To:addr =~ /^\d[0-9a-f\.]+\@mydomain/i
>
> Look in the "Rule Definition" section of the man page for
> Mail::SpamAssassin::Conf for more info on the ':addr' option.
--------------
I found, BURIED, in the doc "Mail::SpamAssassin::Conf the broken,
primitive rules for white/black list patterns allowed:
Whitelist and blacklist addresses are now file-glob-style patterns,
so "friend@somewhere.com", "*@isp.com", or "*.domain.net" will all
work. Specifically, "*" and "?" are allowed, but all other
metacharacters are not. Regular expressions are not used for
security reasons.
=======================
These are NOT file-glob style patterns. As on linux
These are examples of non-regex file-glob patterns that don't work under
SA: "[0-9][0-9a-f]*.domain", "[0-9]*.domain", "[^0-9]*.domain".
They don't work: the "bracket notation for a single character" doesn't
work.
1) Instead you need:
0*.domain
1*.domain
2*.domain
3*.domain
4*.domain
5*.domain
6*.domain
7*.domain
8*.domain
9*.domain
-----
2) There is no way to express negation.
3) The documentation is ALSO unclear if the expression is a full or partial
match, as "^ and "$" are also not included.
So unclear if "@domain" is same as "*@domain".
Attempts to match <user-id's> of form:
"^[0-9][0-9a-f].*.domain$" (ex: "0123@domain")
fail to match as well as any more complex file-glob.
white/black lists should not claim 'file-glob' matching ability if they
don't even include single char 'range' matches.
This was the answer THAT NO ONE understood or could answer.
If the format of white/black list entries in 'userprefs' is SO
arcane, limited, and poorly documented, I assert it is a bug.
Short-term, documentation would be quickest fix (get rid of file-glob
description as it's not true in normal sense of fileglob, but longer term,
might be real-file globs
AND
making clear whether the pattern provided must match the full email
address, or if a partial match will be considered a a positive match
(i.e. "@foobar" is same as "*@foobar*")
Sorry if I am coming across a bit terse, but this hard-to-find and
misleading description has been a long-term "bug" in my filtering rules.
Seems like a alot of email-harvesting progs see mail-ID numbers like
"12345.6ab89c@domain" as email addrs, which in my setup are completely
bogus.
-linda
Re: One BUG found: userpref whitelist pattern BUG/DOC prob;
Posted by LuKreme <kr...@kreme.com>.
On 1-Apr-2009, at 13:12, Linda Walsh wrote:
> I found, BURIED, in the doc "Mail::SpamAssassin::Conf the broken,
> primitive rules for white/black list patterns allowed:
>
> Whitelist and blacklist addresses are now file-glob-style
> patterns,
> so "friend@somewhere.com", "*@isp.com", or "*.domain.net"
> will all
> work. Specifically, "*" and "?" are allowed, but all other
> metacharacters are not. Regular expressions are not used
> for
> security reasons.
This text is pretty much in the default user_prefs file.
# Whitelist and blacklist addresses are now file-glob-style patterns, so
# "friend@somewhere.com", "*@isp.com", or "*.domain.net" will all work.
# whitelist_from someone@somewhere.com
> "[0-9][0-9a-f]*.domain", "[0-9]*.domain", "[^0-9]*.domain"
[0-9] is a regex. So is [^0-9]. It's just that most shells support
most basic regex.
> 3) The documentation is ALSO unclear if the expression is a full or
> partial
> match, as "^ and "$" are also not included.
> So unclear if "@domain" is same as "*@domain".
Yes it is clear. Since @domain is not the same globbing as *@domain*,
the matches ar enot the same. ^ and $ are part of 'all other
metacharacters' and not supported.
Granted, I think the lack of regex support in whitelist is a really
stupid mistake, but that's me and I'm probably wrong.
--
Advance and attack! Attack and destroy! Destroy and rejoice!