Mailing List Archive

[Bug 7877] New: Regex rawbody __WORD_INVIS and __FONT_INVIS issues
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7877

Bug ID: 7877
Summary: Regex rawbody __WORD_INVIS and __FONT_INVIS issues
Product: Spamassassin
Version: unspecified
Hardware: PC
OS: Windows NT
Status: NEW
Severity: major
Priority: P2
Component: spamassassin
Assignee: dev@spamassassin.apache.org
Reporter: mst@heimdalsecurity.com
Target Milestone: Undefined

Hi,

We have identified an issue with __WORD_INVIS and __FONT_INVIS regex on color:
transparent.
Due to this current regex, it also matches 'background-color:transparent', we
are getting high spam score due to this 6 if both tags.

rawbody __WORD_INVIS
/<(?!style)[a-z]+\s[^>]{1,80}(?:font(?:-size)?\s*:\s*(?:0*[01](?:\.\d+)?(?:px|pt|Q|vw|vh|vmin)|0+(?:\.\d+)?(?:cm|mm|in|pc|em|ex|ch|rem|lh|vmax))\s*[;'a-z]|color\s*:\s*transparent\s*[;'])[^>]{0,80}>\w{1,20}</i

rawbody __FONT_INVIS
/<(?!style)[a-z]+\s[^>]{1,80}(?:font(?:-size)?\s*:\s*(?:0*[01](?:\.\d+)?(?:px|pt|Q|vw|vh|vmin)|0+(?:\.\d+)?(?:cm|mm|pc|ch|rem|lh|vmax|%)|0+(?:\.0\d*)(?:em|ex|in))(?:\s[a-z]|\s*[;'])|color\s*:\s*transparent\s*[;'])[^>]{0,80}>\w/i

--
You are receiving this mail because:
You are the assignee for the bug.