Ubuntu
spamassassin package

SpamAssassin's URI_OBFU_WWW rule claims "www.tuning-net.ru" is an obfuscated URL

Bug #1251237 reported by Jens
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
spamassassin (Ubuntu)
Fix Released
Medium
Unassigned

Bug Description

Mails containing this URL will be scored higher (depending on the set score, IIRC it's 2.5 for URI_OBFU_WWW plus 2.3 for FSL_RU_URL if activated).

A manual test using perl and the URI_OBFU_WWW rule regex confirms this:

> perl -ne 'print if /(?<!http:\/\/)\b_*w{2,3}(?!\.[-\w]+\.(?:com|net|org|biz|info))[^[:alnum:]]{1,3}(?:<D><O><T>+[^[:alnum:]]{1,3})?[[:alnum:]][-\w]{1,20}[[:alnum:]][^[:alnum:]]{1,3}(?:<D><O><T>+[^[:alnum:]]{1,3})?(?:c\s?o\s?m|n\s?e\s?t|o\s?r\s?g|b\s?i\s?z|i\s?n\s?f\s?o)_*\b/i;' < Mail1.txt
> www.tuning-net.ru

This URL should not be detected as obfuscated. It is plain text and looks OK (non-obfuscated).

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: spamassassin 3.3.2-2ubuntu1
ProcVersionSignature: Ubuntu 3.2.0-43.68-generic 3.2.42
Uname: Linux 3.2.0-43-generic x86_64
ApportVersion: 2.0.1-0ubuntu17.6
Architecture: amd64
Date: Thu Nov 14 14:14:04 2013
MarkForUpload: True
PackageArchitecture: all
ProcEnviron:
 TERM=xterm-256color
 PATH=(custom, no user)
 LANG=de_DE.UTF-8
 SHELL=/bin/bash
SourcePackage: spamassassin
UpgradeStatus: Upgraded to precise on 2012-05-04 (558 days ago)
mtime.conffile..etc.default.spamassassin: 2012-05-13T09:03:40.993608

Revision history for this message
Jens (jens-launchpad-net) wrote :
Revision history for this message
Robie Basak (racb) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better.

This bug should probably be fixed upstream, and then Ubuntu will pick it up. Have you considered testing the latest upstream release of spamassassin, and if affected then reporting the bug in the upstream spamassassin project?

If you need a fix for an existing stable release of Ubuntu, please comment with a justification against https://wiki.ubuntu.com/StableReleaseUpdates#When and complete steps 1 through 4 in https://wiki.ubuntu.com/StableReleaseUpdates#Procedure - and go ahead with all the steps if you can. Note that that SRU team would need to make a final decision, and that the bug needs to be fixed in the development version first - which would best happen via a new upstream release, or failing that a cherry-pick from an upstream commit.

Changed in spamassassin (Ubuntu):
importance: Undecided → Medium
Revision history for this message
Bryce Harrington (bryce) wrote :

In Xenial's spamassassin, /usr/share/spamassassin/50_scores.cf lists this rule as disabled:
...
#score URI_OBFU_WWW 3.099 3.099 2.306 2.475

If this can be reproduced on a newer version of Ubuntu, please file a fresh bug report so it can be investigated with newer log files.

Changed in spamassassin (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.