4754 – Mail sent during a leap second

Bug 4754 - Mail sent during a leap second

Summary: Mail sent during a leap second

Status:	RESOLVED FIXED

Alias:	None

Product:	Spamassassin
Classification:	Unclassified
Component:	Rules (show other bugs)
Version:	unspecified
Hardware:	Other other

Importance:	P5 normal
Target Milestone:	3.2.0
Assignee:	SpamAssassin Developer Mailing List

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2006-01-05 13:46 UTC by David Cantrell
Modified:	2006-03-06 20:45 UTC (History)
CC List:	0 users

Attachment	Type	Modified	Status	Actions	Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description David Cantrell 2006-01-05 13:46:31 UTC

As you may know, there was a leap second a few days ago.  During a leap second,
the time is 23:59:60.  Spamassassin thinks that a header like "Date: Sat, 31 Dec
2005 23:59:60 +0000" is an INVALID_DATE and so bumps the score of an email sent
during that second up a bit.

This bug was originally reported by Kevin Day to the NANOG mailing list, in
msgid <C6CFD816-08B5-4B44-867C-A9E656A81DB6@dragondata.com> which can be seen at
<http://www.merit.edu/mail.archives/nanog/msg14721.html>.

Comment 1 Bas Zoetekouw 2006-01-05 14:21:30 UTC

There seem to be two testing rules (T_INVALID_DATE and T_INVALID_DATE2) already
that take the leap second into account correctly.  
However, both those test rules as well as the one currently in use seem to relax
the RFC requirements a bit: all of them allow for am/pm specifiers and for a
single-digit hour, which aren't allowed according to the rfc.  Maybe this could
also be checked for?  For example (based on T_INVALID_DATE):

header T_INVALID_DATE3      Date !~
/^\s*(?:(?i:Mon|Tue|Wed|Thu|Fri|Sat|Sun),\s+)?[0-3\s]?[0-9]\s+(?i:Jan|Feb|Ma[ry]|Apr|Ju[nl]|Aug|Sep|Oct|Nov|Dec)\s+(?:[12][901])?[0-9]{2}\s+(?:[01][0-9]|2[0-3])\:[0-5][0-9](?:\:(?:[0-5][0-9]|60))?\s+(?:[+-][0-9]{4}|UT|[A-Z]{2,3}T)(?:\s+\(.*\))?\s*$/

Comment 2 Sidney Markowitz 2006-01-05 14:29:48 UTC

Felicity checked in a a fixed version as T_INVALID_DATE in the felicity sandbox

Author: felicity
Date: Sat Dec 31 21:04:34 2005
New Revision: 360476

URL: http://svn.apache.org/viewcvs?rev=360476&view=rev
Log:
deal with leap seconds in INVALID_DATE, also try to be a little more strict to
catch more spam

Modified:
    spamassassin/rules/trunk/sandbox/felicity/70_other.cf

Comment 3 Daryl C. W. O'Shea 2006-01-10 05:03:34 UTC

Moving to 3.2 since it's being worked on and can be closed once the test
failures are fixed, if they aren't already.

Comment 4 Theo Van Dinter 2006-03-07 04:45:06 UTC

yeah, this was fixed.