You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2008/04/07 05:12:58 UTC
[Bug 5878] New: IPV4_ADDRESS regexp matches ip.ad.dr.in-addr.arpa
format
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5878
Summary: IPV4_ADDRESS regexp matches ip.ad.dr.in-addr.arpa format
Product: Spamassassin
Version: 3.2.4
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P5
Component: Libraries
AssignedTo: dev@spamassassin.apache.org
ReportedBy: yusufg@outblaze.com
Hi, via some recent testing. I saw that RCVD_NUMERIC_HELO was being fired when
the helo detected by SA was of the form a.b.c.d.in-adddr.arpa (where a.b.c.d)
was an ip address in reverse octect form
I wrote the following test case which uses the constant IPV4_ADDRESS from the
SA source to show this behaviour.
#!/usr/bin/perl
use strict;
use warnings;
use Test::More tests => 1;
use constant IPV4_ADDRESS => qr/\b
(?:1\d\d|2[0-4]\d|25[0-5]|\d\d|\d)\.
(?:1\d\d|2[0-4]\d|25[0-5]|\d\d|\d)\.
(?:1\d\d|2[0-4]\d|25[0-5]|\d\d|\d)\.
(?:1\d\d|2[0-4]\d|25[0-5]|\d\d|\d)
\b/ox;
sub check_ipv4 {
my ($rcvd) = @_ ;
my $IP_ADDRESS = IPV4_ADDRESS;
if ($rcvd =~ /helo=($IP_ADDRESS)\b/i) {
return 1;
}
return 0;
}
my $helostring = "helo=242.8.168.192.in-addr.arpa";
ok(check_ipv4($helostring) == 1);
--
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
[Bug 5878] IPV4_ADDRESS regexp matches ip.ad.dr.in-addr.arpa format
Posted by bu...@bugzilla.spamassassin.org.
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5878
dan pritts <da...@yahoo.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |danpritts@yahoo.com
--- Comment #4 from dan pritts <da...@yahoo.com> 2008-12-12 13:34:36 PST ---
I got a bunch of similar FP's with RCVD_NUMERIC_HELO today; a bunch of my staff
was staying at the same hotel, and using the hotel's internet service.
[30294] dbg: rules: ran header rule HELO_DYNAMIC_IPADDR2 ======> got hit:
"[ ip=66.238.164.2 rdns=66.238.164.2.ptr.us.xo.net
helo=154.3.168.192.in-addr.arpa.noptr.antlabs.com
by=magus.merit.edu ident= envfrom= intl=0 id=ADD7B225CEB auth= "
The actual Received line is:
Received: from 154.3.168.192.in-addr.arpa.noptr.antlabs.com
(66.238.164.2.ptr.us.xo.net [66.238.164.2])
by magus.merit.edu (Postfix) with ESMTP id ADD7B225CEB;
Thu, 11 Dec 2008 22:40:02 -0500 (EST)
Tony's analysis seems correct to me. I'm not sure if there's something better
than using a literal space in the regexp (\s instead perhaps?) but \b is
clearly wrong.
thanks all for all your hard work on SA.
--
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
[Bug 5878] IPV4_ADDRESS regexp matches ip.ad.dr.in-addr.arpa format
Posted by bu...@bugzilla.spamassassin.org.
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5878
--- Comment #1 from Tony Finch <do...@dotat.at> 2008-10-27 05:38:54 PST ---
Created an attachment (id=4383)
--> (https://issues.apache.org/SpamAssassin/attachment.cgi?id=4383)
Correct ip address boundary check
--
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
[Bug 5878] IPV4_ADDRESS regexp matches ip.ad.dr.in-addr.arpa format
Posted by bu...@bugzilla.spamassassin.org.
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5878
Adam Katz <an...@khopis.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |laas.toom@gmail.com
--- Comment #10 from Adam Katz <an...@khopis.com> 2010-02-01 11:26:07 UTC ---
*** Bug 6256 has been marked as a duplicate of this bug. ***
--
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
[Bug 5878] IPV4_ADDRESS regexp matches ip.ad.dr.in-addr.arpa format
Posted by bu...@bugzilla.spamassassin.org.
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5878
Tony Finch <do...@dotat.at> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dot@dotat.at
--- Comment #3 from Tony Finch <do...@dotat.at> 2008-10-27 05:40:24 PST ---
My site has encountered a false positive because of this bug.
(Aside: I am not sure if bug#5767 is related or not - it is not reproducible.)
I don't think the problem here is IPV4_ADDRESS, but rather the way that
check_for_numeric_helo() uses it. The code uses $rcvd =~
/helo=($IP_ADDRESS)\b/i but \b matches dots inside hostnames not the ends of
hostnames. It should be a space instead.
Patch attached.
--
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
[Bug 5878] IPV4_ADDRESS regexp matches ip.ad.dr.in-addr.arpa format
Posted by bu...@bugzilla.spamassassin.org.
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5878
--- Comment #7 from Mark Martinec <Ma...@ijs.si> 2009-08-13 09:08:22 PST ---
Bug 5878: IPV4_ADDRESS regexp matches ip.ad.dr.in-addr.arpa format
(attempting a fix; do we have any tests for this?)
Sending lib/Mail/SpamAssassin/Plugin/RelayEval.pm
Committed revision 803940 ( https://svn.apache.org/viewcvs.cgi?view=rev&rev=803940 ).
--
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
[Bug 5878] IPV4_ADDRESS regexp matches ip.ad.dr.in-addr.arpa format
Posted by bu...@bugzilla.spamassassin.org.
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5878
--- Comment #8 from Justin Mason <jm...@jmason.org> 2009-08-13 09:45:43 PST ---
(In reply to comment #7)
> Bug 5878: IPV4_ADDRESS regexp matches ip.ad.dr.in-addr.arpa format
> (attempting a fix; do we have any tests for this?)
yep, I think we do. t/ip_addrs.t
--
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
[Bug 5878] IPV4_ADDRESS regexp matches ip.ad.dr.in-addr.arpa format
Posted by bu...@bugzilla.spamassassin.org.
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5878
--- Comment #6 from Mark Martinec <Ma...@ijs.si> 2009-08-13 08:54:47 PST ---
Created an attachment (id=4516)
--> (https://issues.apache.org/SpamAssassin/attachment.cgi?id=4516)
Suggested patch
--
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
[Bug 5878] IPV4_ADDRESS regexp matches ip.ad.dr.in-addr.arpa format
Posted by bu...@bugzilla.spamassassin.org.
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5878
Mark Martinec <Ma...@ijs.si> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
--- Comment #9 from Mark Martinec <Ma...@ijs.si> 2009-08-13 11:25:03 PST ---
closing
--
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
[Bug 5878] IPV4_ADDRESS regexp matches ip.ad.dr.in-addr.arpa format
Posted by bu...@bugzilla.spamassassin.org.
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5878
--- Comment #2 from Tony Finch <do...@dotat.at> 2008-10-27 05:39:13 PST ---
Created an attachment (id=4384)
--> (https://issues.apache.org/SpamAssassin/attachment.cgi?id=4384)
Correct ip address boundary check
--
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
[Bug 5878] IPV4_ADDRESS regexp matches ip.ad.dr.in-addr.arpa format
Posted by bu...@bugzilla.spamassassin.org.
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5878
Mark Martinec <Ma...@ijs.si> changed:
What |Removed |Added
----------------------------------------------------------------------------
Priority|P5 |P4
Target Milestone|Undefined |3.3.0
--- Comment #5 from Mark Martinec <Ma...@ijs.si> 2009-08-06 12:33:12 PST ---
If it is still broken, it should be fixed for 3.3.0.
--
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.