SA Bugzilla – Bug 1273

Deceptive URLs using user name

Last modified: 2002-12-23 11:25:07 UTC

• • Home
  • | New
  • | Browse
  • | Search
  • |
    [?]
  • | Reports
  • | Help
  • | New Account
  • | Log In
    Remember [x]
  • | Forgot Password
    Login: [x]

Bug 1273 - Deceptive URLs using user name

Summary: Deceptive URLs using user name

Status: RESOLVED FIXED Alias: None Product: Spamassassin Classification: Unclassified Component: Rules (show other bugs) Version: 2.31 Hardware: Other other Importance: P2 enhancement Target Milestone: --- Assignee: SpamAssassin Developer Mailing List URL: Whiteboard: Keywords: Depends on: Blocks:		Reported: 2002-12-08 09:16 UTC by uncommon Modified: 2002-12-23 11:25 UTC (History) CC List: 0 users

Attachment Type Modified Status Actions Submitter/CLA Status Add an attachment (proposed patch, testcase, etc.) Note You need to log in before you can comment on or make changes to this bug.

Description uncommon 2002-12-08 09:16:56 UTC I got a spam with a URL which was supposedly to a CNN article, but it was actually as follows: http://www.cnn.com:USArticle1840@www.liquidshirts.com/ Obviously the URL actually links to liquidshirts.com. Apparently there was nothing else suspicious in the headers, so SpamAssassin let it slip completely. Comment 1 Theo Van Dinter 2002-12-23 20:25:07 UTC I added a test version of T_WEIRD_PORT to fix it's fp of this message, and added a test rule to look for user/pass combinations in URLs. We'll see how that goes.

---

• Format For Printing
•  - XML
•  - Clone This Bug
•  - Top of page

This is SA Bugzilla: the Apache SpamAssassin bug system. In case of problems with the functioning of SA Bugzilla, please contact bugzilla-admin@apache.org. Please Note: this e-mail address is only for reporting problems with SA Bugzilla. Mail about any other subject will be silently ignored.

• • Home
  • | New
  • | Browse
  • | Search
  • |
    [?]
  • | Reports
  • | Help
  • | New Account
  • | Log In
    Remember [x]
  • | Forgot Password
    Login: [x]