[prev in list] [next in list] [prev in thread] [next in thread]
List: spamassassin-devel
Subject: [Bug 7877] New: Regex rawbody __WORD_INVIS and __FONT_INVIS issues
From: bugzilla-daemon () spamassassin ! apache ! org
Date: 2021-01-04 15:05:55
Message-ID: bug-7877-26 () https ! bz ! apache ! org/SpamAssassin/
[Download RAW message or body]
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7877
Bug ID: 7877
Summary: Regex rawbody __WORD_INVIS and __FONT_INVIS issues
Product: Spamassassin
Version: unspecified
Hardware: PC
OS: Windows NT
Status: NEW
Severity: major
Priority: P2
Component: spamassassin
Assignee: dev@spamassassin.apache.org
Reporter: mst@heimdalsecurity.com
Target Milestone: Undefined
Hi,
We have identified an issue with __WORD_INVIS and __FONT_INVIS regex on color:
transparent.
Due to this current regex, it also matches 'background-color:transparent', we
are getting high spam score due to this 6 if both tags.
rawbody __WORD_INVIS
/<(?!style)[a-z]+\s[^>]{1,80}(?:font(?:-size)?\s*:\s*(?:0*[01](?:\.\d+)?(?:px|pt|Q|vw| \
vh|vmin)|0+(?:\.\d+)?(?:cm|mm|in|pc|em|ex|ch|rem|lh|vmax))\s*[;'a-z]|color\s*:\s*transparent\s*[;'])[^>]{0,80}>\w{1,20}</i
rawbody __FONT_INVIS
/<(?!style)[a-z]+\s[^>]{1,80}(?:font(?:-size)?\s*:\s*(?:0*[01](?:\.\d+)?(?:px|pt|Q|vw| \
vh|vmin)|0+(?:\.\d+)?(?:cm|mm|pc|ch|rem|lh|vmax|%)|0+(?:\.0\d*)(?:em|ex|in))(?:\s[a-z]|\s*[;'])|color\s*:\s*transparent\s*[;'])[^>]{0,80}>\w/i
--
You are receiving this mail because:
You are the assignee for the bug.=
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic