1884 – Amazon whitelist being exploited (?)

Bug 1884 - Amazon whitelist being exploited (?)

Summary: Amazon whitelist being exploited (?)

Status:	RESOLVED DUPLICATE of bug 846

Alias:	None

Product:	Spamassassin
Classification:	Unclassified
Component:	Rules (show other bugs)
Version:	SVN Trunk (Latest Devel Version)
Hardware:	Other Linux

Importance:	P5 normal
Target Milestone:	2.60
Assignee:	SpamAssassin Developer Mailing List

URL:
Whiteboard:
Keywords:

Duplicates (1):	1886 (view as bug list)
Depends on:
Blocks:

Reported:	2003-05-09 15:58 UTC by Reijo Pitkanen
Modified:	2003-05-24 10:04 UTC (History)
CC List:	1 user (show)

Attachment	Type	Actions	Submitter/CLA Status
first amazon sneak	text/plain	None	Reijo Pitkanen
second amazon sneak	text/plain	None	Reijo Pitkanen
third amazon sneak	text/plain	None	Reijo Pitkanen
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Reijo Pitkanen 2003-05-09 15:58:14 UTC

I have a few attachments that follow, exploiting the whitelist_rcvd_in amazon 
section.  The first faked amazon header seems to be fooling SA entirely.  
Thankfully i've only recived three.

Comment 1 Reijo Pitkanen 2003-05-09 16:00:26 UTC

Created attachment 953 [details]
first amazon sneak

Comment 2 Reijo Pitkanen 2003-05-09 16:01:04 UTC

Created attachment 954 [details]
second amazon sneak

Comment 3 Reijo Pitkanen 2003-05-09 16:01:47 UTC

Created attachment 955 [details]
third amazon sneak

Comment 4 Rod Begbie 2003-05-09 20:26:54 UTC

You gotta love "Score: -81, Auto-learn: spam" :)

Anyways, might we look for any FORGED_RCVDs and not allow the whitelist to
trigger if they're present.  Just a thought.

Comment 5 Rod Begbie 2003-05-11 21:27:30 UTC

*** Bug 1886 has been marked as a duplicate of this bug. ***

Comment 6 Theo Van Dinter 2003-05-24 18:04:24 UTC


*** This bug has been marked as a duplicate of 846 ***