False positives in antispam checking

Bug #1662367 reported by Robert Lyon on 2017-02-06
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Mahara
Medium
Robert Lyon
15.04
Medium
Unassigned
15.10
Medium
Unassigned
16.04
Medium
Unassigned
16.10
Medium
Unassigned
17.04
Medium
Robert Lyon

Bug Description

Antispam check was return false positives for domains that are not on spam list

To test:

Create a site and then
1) Edit the Configuration -> Security settings
and set Anti-spam to 'Advanced'
Turn on Spamhaus and SURBL URL blacklists
And save the settings

2) Create a group and create a forum post
In your forum post add a url in the TinyMCE Editor, eg http://aaeebl.org
And save the post

You should be alerted that the url is blacklisted (you may not be alerted - it all depends on the third party response)

You can check via terminal what is happening as well, eg for aaeebl.org you can do

dig aaeebl.org.black.uribl.com

dig aaeebl.org.spamhaus.org

dig aaeebl.org.multi.surbl.com

If any of the results have an A record in the answer section then the domain name is on a blacklist
Except if the A record is 127.0.0.1 - this means the request has been rejected before testing

also try
dig aaeebl.org.multi.surbl.org

This should pass where the .com version is failing

Reviewed: https://reviews.mahara.org/7438
Committed: https://git.mahara.org/mahara/mahara/commit/b12695f1195a54619ef24f0bd5d8096bf55bcf76
Submitter: Robert Lyon (<email address hidden>)
Branch: master

commit b12695f1195a54619ef24f0bd5d8096bf55bcf76
Author: Robert Lyon <email address hidden>
Date: Tue Feb 7 12:36:07 2017 +1300

Bug 1662367: Checking against correct antispam 'surbl' url

Was checking against multi.surbl.com but that is returning a 127.0.0.1
A record response even if url was not blacklisted.

Switched it to multi.surbl.org

behatnotneeded

Change-Id: I339e2d69d9d351fd3b27ea6e32098b2efb0ea17c
Signed-off-by: Robert Lyon <email address hidden>

Reviewed: https://reviews.mahara.org/7456
Committed: https://git.mahara.org/mahara/mahara/commit/79c7d9ff084ad4b2967208b847643adfafa8013e
Submitter: Robert Lyon (<email address hidden>)
Branch: 16.10_STABLE

commit 79c7d9ff084ad4b2967208b847643adfafa8013e
Author: Robert Lyon <email address hidden>
Date: Tue Feb 7 12:36:07 2017 +1300

Bug 1662367: Checking against correct antispam 'surbl' url

Was checking against multi.surbl.com but that is returning a 127.0.0.1
A record response even if url was not blacklisted.

Switched it to multi.surbl.org

behatnotneeded

Change-Id: I339e2d69d9d351fd3b27ea6e32098b2efb0ea17c
Signed-off-by: Robert Lyon <email address hidden>
(cherry picked from commit b12695f1195a54619ef24f0bd5d8096bf55bcf76)

Reviewed: https://reviews.mahara.org/7457
Committed: https://git.mahara.org/mahara/mahara/commit/e9dd5d9f6820e4f4d1243d8616ab8a2bb8297a99
Submitter: Robert Lyon (<email address hidden>)
Branch: 16.04_STABLE

commit e9dd5d9f6820e4f4d1243d8616ab8a2bb8297a99
Author: Robert Lyon <email address hidden>
Date: Tue Feb 7 12:36:07 2017 +1300

Bug 1662367: Checking against correct antispam 'surbl' url

Was checking against multi.surbl.com but that is returning a 127.0.0.1
A record response even if url was not blacklisted.

Switched it to multi.surbl.org

behatnotneeded

Change-Id: I339e2d69d9d351fd3b27ea6e32098b2efb0ea17c
Signed-off-by: Robert Lyon <email address hidden>
(cherry picked from commit b12695f1195a54619ef24f0bd5d8096bf55bcf76)
(cherry picked from commit 79c7d9ff084ad4b2967208b847643adfafa8013e)

Reviewed: https://reviews.mahara.org/7458
Committed: https://git.mahara.org/mahara/mahara/commit/84e9f0ee6e9fee7438b61bf98f5739ebef4adbb5
Submitter: Robert Lyon (<email address hidden>)
Branch: 15.10_STABLE

commit 84e9f0ee6e9fee7438b61bf98f5739ebef4adbb5
Author: Robert Lyon <email address hidden>
Date: Tue Feb 7 12:36:07 2017 +1300

Bug 1662367: Checking against correct antispam 'surbl' url

Was checking against multi.surbl.com but that is returning a 127.0.0.1
A record response even if url was not blacklisted.

Switched it to multi.surbl.org

behatnotneeded

Change-Id: I339e2d69d9d351fd3b27ea6e32098b2efb0ea17c
Signed-off-by: Robert Lyon <email address hidden>
(cherry picked from commit b12695f1195a54619ef24f0bd5d8096bf55bcf76)
(cherry picked from commit 79c7d9ff084ad4b2967208b847643adfafa8013e)
(cherry picked from commit e9dd5d9f6820e4f4d1243d8616ab8a2bb8297a99)

Reviewed: https://reviews.mahara.org/7459
Committed: https://git.mahara.org/mahara/mahara/commit/b294be3677d777a4de87456972f355ddd3c099b7
Submitter: Robert Lyon (<email address hidden>)
Branch: 15.04_STABLE

commit b294be3677d777a4de87456972f355ddd3c099b7
Author: Robert Lyon <email address hidden>
Date: Tue Feb 7 12:36:07 2017 +1300

Bug 1662367: Checking against correct antispam 'surbl' url

Was checking against multi.surbl.com but that is returning a 127.0.0.1
A record response even if url was not blacklisted.

Switched it to multi.surbl.org

behatnotneeded

Change-Id: I339e2d69d9d351fd3b27ea6e32098b2efb0ea17c
Signed-off-by: Robert Lyon <email address hidden>
(cherry picked from commit b12695f1195a54619ef24f0bd5d8096bf55bcf76)
(cherry picked from commit 79c7d9ff084ad4b2967208b847643adfafa8013e)
(cherry picked from commit e9dd5d9f6820e4f4d1243d8616ab8a2bb8297a99)
(cherry picked from commit 84e9f0ee6e9fee7438b61bf98f5739ebef4adbb5)

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers