False positives in antispam checking
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mahara |
Fix Released
|
Medium
|
Robert Lyon | ||
15.04 |
Fix Released
|
Medium
|
Unassigned | ||
15.10 |
Fix Released
|
Medium
|
Unassigned | ||
16.04 |
Fix Released
|
Medium
|
Unassigned | ||
16.10 |
Fix Released
|
Medium
|
Unassigned | ||
17.04 |
Fix Released
|
Medium
|
Robert Lyon |
Bug Description
Antispam check was return false positives for domains that are not on spam list
To test:
Create a site and then
1) Edit the Configuration -> Security settings
and set Anti-spam to 'Advanced'
Turn on Spamhaus and SURBL URL blacklists
And save the settings
2) Create a group and create a forum post
In your forum post add a url in the TinyMCE Editor, eg http://
And save the post
You should be alerted that the url is blacklisted (you may not be alerted - it all depends on the third party response)
You can check via terminal what is happening as well, eg for aaeebl.org you can do
dig aaeebl.
dig aaeebl.
dig aaeebl.
If any of the results have an A record in the answer section then the domain name is on a blacklist
Except if the A record is 127.0.0.1 - this means the request has been rejected before testing
also try
dig aaeebl.
This should pass where the .com version is failing
Patch for "master" branch: https:/ /reviews. mahara. org/7438