SpamAssassin's URI_OBFU_WWW rule claims "" is an obfuscated URL

Bug #1251237 reported by Jens on 2013-11-14
This bug affects 1 person
Affects Status Importance Assigned to Milestone
spamassassin (Ubuntu)

Bug Description

Mails containing this URL will be scored higher (depending on the set score, IIRC it's 2.5 for URI_OBFU_WWW plus 2.3 for FSL_RU_URL if activated).

A manual test using perl and the URI_OBFU_WWW rule regex confirms this:

> perl -ne 'print if /(?<!http:\/\/)\b_*w{2,3}(?!\.[-\w]+\.(?:com|net|org|biz|info))[^[:alnum:]]{1,3}(?:<D><O><T>+[^[:alnum:]]{1,3})?[[:alnum:]][-\w]{1,20}[[:alnum:]][^[:alnum:]]{1,3}(?:<D><O><T>+[^[:alnum:]]{1,3})?(?:c\s?o\s?m|n\s?e\s?t|o\s?r\s?g|b\s?i\s?z|i\s?n\s?f\s?o)_*\b/i;' < Mail1.txt

This URL should not be detected as obfuscated. It is plain text and looks OK (non-obfuscated).

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: spamassassin 3.3.2-2ubuntu1
ProcVersionSignature: Ubuntu 3.2.0-43.68-generic 3.2.42
Uname: Linux 3.2.0-43-generic x86_64
ApportVersion: 2.0.1-0ubuntu17.6
Architecture: amd64
Date: Thu Nov 14 14:14:04 2013
MarkForUpload: True
PackageArchitecture: all
 PATH=(custom, no user)
SourcePackage: spamassassin
UpgradeStatus: Upgraded to precise on 2012-05-04 (558 days ago)
mtime.conffile..etc.default.spamassassin: 2012-05-13T09:03:40.993608

Jens (jens-launchpad-net) wrote :
Robie Basak (racb) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better.

This bug should probably be fixed upstream, and then Ubuntu will pick it up. Have you considered testing the latest upstream release of spamassassin, and if affected then reporting the bug in the upstream spamassassin project?

If you need a fix for an existing stable release of Ubuntu, please comment with a justification against and complete steps 1 through 4 in - and go ahead with all the steps if you can. Note that that SRU team would need to make a final decision, and that the bug needs to be fixed in the development version first - which would best happen via a new upstream release, or failing that a cherry-pick from an upstream commit.

Changed in spamassassin (Ubuntu):
importance: Undecided → Medium
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers