You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by John Hardin <jh...@impsec.org> on 2012/11/10 20:03:32 UTC
Mixed-case URIs
All:
Mark Perkel brought up on the users list that he's seeing a lot of
mixed-case URIs in spam lately.
I did a quick grep of URI rules and there are quite a few that are
case-sensitivei, probably unintentionally. It might be a good idea for
everybody to audit their sandbox and make sure that any URI rules that
aren't specifically looking for case-based patterns are case-insensitive.
For example:
DOS_GOOGLE_DOCS /^http:\/\/docs\.google\.com\/View\?id=/
This would be easy for a spammer to avoid.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Any time law enforcement becomes a revenue center, the system
becomes corrupt.
-----------------------------------------------------------------------
Tomorrow: Veterans Day