[prev in list] [next in list] [prev in thread] [next in thread] 

List:       spamassassin-devel
Subject:    [Bug 7877] New: Regex rawbody __WORD_INVIS and __FONT_INVIS  issues
From:       bugzilla-daemon () spamassassin ! apache ! org
Date:       2021-01-04 15:05:55
Message-ID: bug-7877-26 () https ! bz ! apache ! org/SpamAssassin/
[Download RAW message or body]

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7877

            Bug ID: 7877
           Summary: Regex rawbody __WORD_INVIS and __FONT_INVIS  issues
           Product: Spamassassin
           Version: unspecified
          Hardware: PC
                OS: Windows NT
            Status: NEW
          Severity: major
          Priority: P2
         Component: spamassassin
          Assignee: dev@spamassassin.apache.org
          Reporter: mst@heimdalsecurity.com
  Target Milestone: Undefined

Hi,

We have identified an issue with __WORD_INVIS and __FONT_INVIS regex on color:
transparent.
Due to this current regex, it also matches 'background-color:transparent', we
are getting high spam score due to this 6 if both tags.

rawbody   __WORD_INVIS                 
/<(?!style)[a-z]+\s[^>]{1,80}(?:font(?:-size)?\s*:\s*(?:0*[01](?:\.\d+)?(?:px|pt|Q|vw| \
vh|vmin)|0+(?:\.\d+)?(?:cm|mm|in|pc|em|ex|ch|rem|lh|vmax))\s*[;'a-z]|color\s*:\s*transparent\s*[;'])[^>]{0,80}>\w{1,20}</i


  rawbody   __FONT_INVIS                 
/<(?!style)[a-z]+\s[^>]{1,80}(?:font(?:-size)?\s*:\s*(?:0*[01](?:\.\d+)?(?:px|pt|Q|vw| \
vh|vmin)|0+(?:\.\d+)?(?:cm|mm|pc|ch|rem|lh|vmax|%)|0+(?:\.0\d*)(?:em|ex|in))(?:\s[a-z]|\s*[;'])|color\s*:\s*transparent\s*[;'])[^>]{0,80}>\w/i


-- 
You are receiving this mail because:
You are the assignee for the bug.=


[prev in list] [next in list] [prev in thread] [next in thread]