SA Bugzilla – Bug 6157
remove open-whois.org rules since domain is cybersquatted
Last modified: 2010-04-01 10:21:20 UTC
http://groups.google.com/group/linux.debian.bugs.dist/browse_thread/thread/490c97eb62641887 affects both 3.2.x and 3.3.0: : 341...; grep -r open-whois rules rules/72_active.cf:header DNS_FROM_OPENWHOIS eval:check_rbl_envfrom('openwhois', 'bl.open-whois.org.') rules/72_active.cf:describe DNS_FROM_OPENWHOIS Envelope sender listed in bl.open-whois.org. rules/72_active.cf:urirhssub WHOIS_1AND1PR bl.open-whois.org. A 127.0.0.2 rules/72_active.cf:urirhssub WHOIS_AITPRIV bl.open-whois.org. A 127.0.0.19 rules/72_active.cf:urirhssub WHOIS_CONTACTPRIV bl.open-whois.org. A 127.0.0.37 rules/72_active.cf:urirhssub WHOIS_DMNBYPROXY bl.open-whois.org. A 127.0.0.15 [... etc.] we need to remove these rules immediately.
+1 on removing them in the swiftest manner possible, and publishing the updated rules to sa-update. Clearly this give the squatter the potential to influence SA's accuracy. Not really to their own benefit, but they could cause problems for SA users (false positives).
committed, pushed to 3.2.x updates as of r795855.
Hi, Has this issue been solved? When I run my Spamscore it keeps appearing: 2.43 because of the oepn-whois.org blacklist Can you give me a hand? thanks
(In reply to comment #3) > Has this issue been solved? When I run my Spamscore it keeps appearing: hi -- it is fixed in SpamAssassin, yes. please ask whoever provides the "Spamscore" service to upgrade their copy of SpamAssassin in turn.