[Bug 3976] New: [RFE] Invisible URIs should tend to be ignored

[bu...@bugzilla.spamassassin.org]

http://bugzilla.spamassassin.org/show_bug.cgi?id=3976

           Summary: [RFE] Invisible URIs should tend to be ignored
           Product: Spamassassin
           Version: SVN Trunk (Latest Devel Version)
          Platform: Other
        OS/Version: other
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: Rules (Eval Tests)
        AssignedTo: dev@spamassassin.apache.org
        ReportedBy: sidney@sidney.com


I'm opening this ticket to address an issue brought up by Jeff Chan in a comment
in bug 3930 where he said:

"IMO invisible or unclickable URIs should have the lowest priority for checking.
 Spammers probably won't dilute their target URI by making other ones visible. 
Therefore the invisible or unclickable ones are probably chaff and safely
ignored.  This is a (social) function of more effective advertising."

Rules that look at URIs can be confused or DoS'd by the addition of chaff in the
form of URIs that cannot be seen or clicked on. For example, URIDNSBL plugin has
a setting for maximum URIs to look at. If a spammer puts many invisible links at
the beginning of a spam it will fool it. If we take n random URIs then having
many non-spam invisible URIs will fool it probabilistically.

A solution is to ignore URIs that we think are invisible or unclickable. That
opens us up to new tricks that look invisible to the rule but really aren't. A
solution to that is to select a maximum of n URIs at random with ones we think
are visible having a higher probability of being chosen, yet still choosing some
we think are invisible. Another solution to go along with it is to have a rule
to catch messages with very many URIs that we think are invisible.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.