Bug 1134 - Formmail phrase rule
Summary: Formmail phrase rule
Status: RESOLVED INVALID
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: Rules (show other bugs)
Version: 2.20
Hardware: All All
: P2 enhancement
Target Milestone: ---
Assignee: SpamAssassin Developer Mailing List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2002-10-22 05:25 UTC by Kjetil Kjernsmo
Modified: 2002-10-21 22:59 UTC (History)
0 users


Attachment Type Modified Status Actions Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Kjetil Kjernsmo 2002-10-22 05:25:35 UTC 
There are known bugs in Formmail.pl that allows a spammer to exploit a
vulnerable script to send spam without having his IP revealed. 

If I've got this right, you'll see the text "Below is the result of your
feedback form" in messages submitted through Formmail. Therefore, I added 
body FEEDBACK_FORM              /Below is the result of your feedback form/
describe FEEDBACK_FORM          Sent through exploited or bogus feedback form
score FEEDBACK_FORM             2.5
to my local.cf

Of course, this is problematic for those that use Formmail for feedback, those
may have to adjust the score.
Comment 1 Michael Moncur 2002-10-22 06:28:12 UTC 
This has been in SA for quite some time already:

body BUGGY_CGI                 /Below is the result of your feedback form/
describe BUGGY_CGI             Broken CGI script message
score BUGGY_CGI                      2.786
Comment 2 Kjetil Kjernsmo 2002-10-22 06:59:00 UTC 
Whoops, yeah, sorry for the redundant report! I put this rule in some time ago,
after having been annoyed by spams getting through. At that time, it wasn't in,
and I didn't realize it had been added before my bug report was caught by SA...
Sorry that I wasted your time.