You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2005/06/22 13:15:14 UTC

[Bug 4418] New: Spammers getting by the web bug checking

http://bugzilla.spamassassin.org/show_bug.cgi?id=4418

           Summary: Spammers getting by the web bug checking
           Product: Spamassassin
           Version: 3.0.4
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: Rules (Eval Tests)
        AssignedTo: dev@spamassassin.apache.org
        ReportedBy: sabugzilla@richard.dobson.name


Ive noticed that some spammers are using .html in the URLs of their web bugs 
to get around the spam assassin web bug checking, looking in the code it does 
not check for .html, another idea to enhance the web bug checking would be to 
check for the existance of a query string which normal bog standard images 
shouldnt have in their URLs but web bugs do.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 4418] Spammers getting by the web bug checking

Posted by bu...@bugzilla.spamassassin.org.

http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4418





------- Additional Comments From spamassassin@dostech.ca  2006-09-10 05:13 -------
(In reply to comment #2)

> which means they're unusable as a spam rule.  Even if we did increase the spam
> hitrate, the ham hitrate needs to go down.  I'd say that at this point, we may
> as well remove these rules.

+1




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 4418] [review] Spammers getting by the web bug checking

Posted by bu...@bugzilla.spamassassin.org.

http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4418


spamassassin@dostech.ca changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED




------- Additional Comments From spamassassin@dostech.ca  2006-09-29 23:52 -------
[dos@FC5-VPC 3.1]$ svn ci -m "bug 4418: remove no longer useful HTML_WEB_BUGS
and HTML_LINK_IMAGE_BUG rules"
Sending        lib/Mail/SpamAssassin/HTML.pm
Sending        rules/20_html_tests.cf
Sending        rules/30_text_de.cf
Sending        rules/30_text_fr.cf
Sending        rules/30_text_nl.cf
Sending        rules/30_text_pl.cf
Sending        rules/50_scores.cf
Transmitting file data .......
Committed revision 451554.

[dos@FC5-VPC 3.1]$ svn ci -m "bug 4418: remove no longer useful HTML_WEB_BUGS
and HTML_LINK_IMAGE_BUG rules"
Sending        3.1/20_html_tests.cf
Sending        3.1/30_text_de.cf
Sending        3.1/30_text_fr.cf
Sending        3.1/30_text_nl.cf
Sending        3.1/30_text_pl.cf
Sending        3.1/50_scores.cf
Transmitting file data ......
Committed revision 451555.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 4418] [review] Spammers getting by the web bug checking

Posted by bu...@bugzilla.spamassassin.org.

http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4418


sidney@sidney.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
Attachment #3691 is|0                           |1
           obsolete|                            |




------- Additional Comments From sidney@sidney.com  2006-09-12 06:40 -------
Created an attachment (id=3693)
 --> (http://issues.apache.org/SpamAssassin/attachment.cgi?id=3693&action=view)
Updated patch against 3.1 branch that also removes HTML_WEB_BUGS from language
translation files

The first patch failed lint tests because HTML_WEB_BUGS was still in some of
the language translation files. This patch adds that fix.

+1 for applying this to 3.1 branch. Does it still need two votes or does a
change to language files not need voting?



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 4418] Spammers getting by the web bug checking

Posted by bu...@bugzilla.spamassassin.org.

http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4418





------- Additional Comments From maddoc@maddoc.net  2006-09-10 05:19 -------
(In reply to comment #3)
> (In reply to comment #2)
> 
> > which means they're unusable as a spam rule.  Even if we did increase the spam
> > hitrate, the ham hitrate needs to go down.  I'd say that at this point, we may
> > as well remove these rules.
> 
> +1
> 

+1 for removal




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 4418] Spammers getting by the web bug checking

Posted by bu...@bugzilla.spamassassin.org.

http://bugzilla.spamassassin.org/show_bug.cgi?id=4418


Bob@Menschel.net changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|Undefined                   |3.2.0




------- Additional Comments From Bob@Menschel.net  2005-06-24 18:41 -------
Triage: Sounds like a very good enhancement for a major release. I believe it's
too close to expect this to sneak into 3.1, so provisionally scheduling for 3.2.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 4418] [review] Spammers getting by the web bug checking

Posted by bu...@bugzilla.spamassassin.org.

http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4418


spamassassin@dostech.ca changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Status Whiteboard|needs 2 votes               |needs 1 votes




------- Additional Comments From spamassassin@dostech.ca  2006-09-28 21:39 -------
(In reply to comment #7)

> +1 for applying this to 3.1 branch. Does it still need two votes or does a
> change to language files not need voting?

The original patch never actually had any votes, save for Theo.

Anyway, +1 from me on 3693, +1 from you.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 4418] [review] Spammers getting by the web bug checking

Posted by bu...@bugzilla.spamassassin.org.

http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4418


jm@jmason.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Status Whiteboard|needs 1 votes               |ready




------- Additional Comments From jm@jmason.org  2006-09-29 08:37 -------
+1



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 4418] Spammers getting by the web bug checking

Posted by bu...@bugzilla.spamassassin.org.

http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4418





------- Additional Comments From felicity@apache.org  2006-09-10 04:09 -------
The ticket doesn't mention the rules, but I assume it's about
HTML_LINK_IMAGE_BUG and HTML_WEB_BUGS.  The current results for those rules are:

  2.681   2.8303   1.9224    0.596   0.51    0.00  HTML_WEB_BUGS
  5.555   5.6890   4.8718    0.539   0.48    0.00  HTML_LINK_IMAGE_BUG

which means they're unusable as a spam rule.  Even if we did increase the spam
hitrate, the ham hitrate needs to go down.  I'd say that at this point, we may
as well remove these rules.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 4418] [review] Spammers getting by the web bug checking

Posted by bu...@bugzilla.spamassassin.org.

http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4418


felicity@apache.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|Spammers getting by the web |[review] Spammers getting by
                   |bug checking                |the web bug checking
  Status Whiteboard|                            |needs 2 votes
   Target Milestone|3.2.0                       |3.1.6




------- Additional Comments From felicity@apache.org  2006-09-10 05:51 -------
I did some more investigation, and I couldn't find any file extentions used in
spam that isn't used in ham, so I don't think we can lower the ham hitrate.  I
removed the rules from 3.2 and am reassigning to 3.1 to remove from 3.1 as well.

If this is approved for 3.1, we need to remove the rules from the updates as well.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 4418] [review] Spammers getting by the web bug checking

Posted by bu...@bugzilla.spamassassin.org.

http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4418





------- Additional Comments From felicity@apache.org  2006-09-10 05:52 -------
Created an attachment (id=3691)
 --> (http://issues.apache.org/SpamAssassin/attachment.cgi?id=3691&action=view)
remove the rules




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.