troublesome false negative
Matthias Andree
matthias.andree at gmx.de
Wed Nov 6 01:34:46 CET 2002
David Relson <relson at osagesoftware.com> writes:
> My recollection is that "ignore our own tag" was a method to avoid
> forged headers. Any X-Bogosity lines in the headers of a message coming
> into bogofilter don't belong there. Having bogofilter delete them is
> done so that the final recipient of the message doesn't get spam with a
> forged "X-Bogosity: No" header line.
While that would certainly be in the "Not Amusing" category, the setups
we suggest will not be cheated, as we always match against "X-Bogosity:
yes", and this check cannot be fooled by adding a "X-Bogosity: no"
line. Either would have have to look at the first X-Bogosity: header
only or the attacker would have to find a way to prevent the addition of
the proper X-Bogosity: header -- otherwise, I cannot see how somebody
could mount an attack.
> I understood you to say that when a message with an "X-Bogosity:" header
> line is forwarded, the "X-Bogosity:" line causes a problem. As it isn't
> in the header, there shouldn't be a problem - except for a MUA that
> checks for "X-Bogosity" without caring where in the message it is. Such
> a MUA will have _lots_ of trouble with _this_ message.
Such a MUA will have a security problem. A pretty big one en plus.
We might consider adding the host name to the X-Bogosity: header and
keep old ones, or rename the old ones X-Old-Bogosity in addition, but
that's the future and subject for discussion.
BTW, your Message-IDs make up for interesting side effects in the lexer:
The first part -- 4.3.2.7 -- is considered an IP...
get_token: 1 'message-id'
get_token: 1 '4.3.2.7'
get_token: 1 'c3a9e0'
<ducks & runs>
--
Matthias Andree
More information about the Bogofilter
mailing list