Bug 6157 - remove open-whois.org rules since domain is cybersquatted
Summary: remove open-whois.org rules since domain is cybersquatted
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: Rules (show other bugs)
Version: 3.3.0
Hardware: All All
: P1 major
Target Milestone: 3.3.0
Assignee: SpamAssassin Developer Mailing List
Depends on:
Reported: 2009-07-18 13:15 UTC by Justin Mason
Modified: 2010-04-01 10:21 UTC (History)
2 users (show)

Attachment Type Modified Status Actions Submitter/CLA Status

Note You need to log in before you can comment on or make changes to this bug.
Description Justin Mason 2009-07-18 13:15:53 UTC

affects both 3.2.x and 3.3.0:

: 341...; grep -r open-whois rules
rules/72_active.cf:header          DNS_FROM_OPENWHOIS  eval:check_rbl_envfrom('openwhois', 'bl.open-whois.org.')
rules/72_active.cf:describe        DNS_FROM_OPENWHOIS  Envelope sender listed in bl.open-whois.org.
rules/72_active.cf:urirhssub       WHOIS_1AND1PR       bl.open-whois.org.  A
rules/72_active.cf:urirhssub       WHOIS_AITPRIV       bl.open-whois.org.  A
rules/72_active.cf:urirhssub       WHOIS_CONTACTPRIV   bl.open-whois.org.  A
rules/72_active.cf:urirhssub       WHOIS_DMNBYPROXY        bl.open-whois.org.  A
[... etc.]

we need to remove these rules immediately.
Comment 1 Matt Kettler 2009-07-18 19:50:31 UTC
+1 on removing them in the swiftest manner possible, and publishing the updated rules to sa-update.

Clearly this give the squatter the potential to influence SA's accuracy. Not really to their own benefit, but they could cause problems for SA users (false positives).
Comment 2 Justin Mason 2009-07-20 07:24:06 UTC
committed, pushed to 3.2.x updates as of r795855.
Comment 3 Gary C 2009-07-21 05:03:01 UTC

Has this issue been solved? When I run my Spamscore it keeps appearing:

2.43 because of the oepn-whois.org blacklist

Can you give me a hand?

Comment 4 Justin Mason 2010-04-01 10:21:20 UTC
(In reply to comment #3)
> Has this issue been solved? When I run my Spamscore it keeps appearing:

hi -- it is fixed in SpamAssassin, yes.  please ask whoever provides the "Spamscore" service to upgrade their copy of SpamAssassin in turn.