http://bugzilla.spamassassin.org/show_bug.cgi?id=3430
Summary: HABEAS_SWE rule is trivially forged and should be off by
default
Product: Spamassassin
Version: 2.63
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P5
Component: Rules
AssignedTo: spamassassin-dev@incubator.apache.org
ReportedBy: 1-4-4@comcast.net
Anyone who wishes to send spam and defeat Spamassassin filtering with a high
success rate need only include the Habeas SWE haiku in their mail headers. The
SWE header is completely static and well-known, so any spammer targeting
Spamassassin can include the header and get an 8 point bonus - enough to
obfuscate a message to the point Spamassassin can't read it well and still
receive a passing score.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
Summary: HABEAS_SWE rule is trivially forged and should be off by
default
Product: Spamassassin
Version: 2.63
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P5
Component: Rules
AssignedTo: spamassassin-dev@incubator.apache.org
ReportedBy: 1-4-4@comcast.net
Anyone who wishes to send spam and defeat Spamassassin filtering with a high
success rate need only include the Habeas SWE haiku in their mail headers. The
SWE header is completely static and well-known, so any spammer targeting
Spamassassin can include the header and get an 8 point bonus - enough to
obfuscate a message to the point Spamassassin can't read it well and still
receive a passing score.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.