SA Bugzilla – Bug 4065
FORGED_MUA_OUTLOOK / Hotmail false positives
Last modified: 2005-11-13 04:01:41 UTC
Hotmail supports Outlook Express for access to users' mailboxes via HTTPmail, which is actually DAV. A side-effect of this new feature is a new message-ID format which SpamAssassin doesn't recognize. I'll attach some header extracts with examples.
Created attachment 2590 [details] Example header extracts
I think a suitable rule would be header __OE_MSGID_3 MESSAGEID =~ /^<BAY\d+-DAV\d+[A-Z0-9]{25}\@phx\.gbl>$/ meta __FORGED_OE (__OE_MUA && !__OE_MSGID_1 && !__OE_MSGID_2 && !__OE_MSGID_3 && !__UNUSABLE_MSGID)
Created attachment 2637 [details] Proposed patch based on rule above. Here is a propsed patch, based on the rule posted above. I've applied it here, and initial testing shows that hotmail messages that previously triggered the rule do not do so now, while spam messages are still marked.
header __OE_MSGID_3 MESSAGEID =~ /^<BAY\d+-DAV\d+[A-Z0-9]{25}\@phx\.gbl>$/ meta NEW_FORGED_OE (__OE_MUA && !__OE_MSGID_1 && !__OE_MSGID_2 && !__OE_MSGID_3 && !__UNUSABLE_MSGID)
NEEDSMC compare with __FORGED_OE
# [automatically generated by automc: start] # DONEMC 5: completed request from comment 5 0.015 0.0120 0.0215 0.359 0.44 1.00 __OE_MSGID_3_b4065_c2 3.473 4.9982 0.0078 0.998 0.91 1.00 __FORGED_OE_b4065_c2 0.015 0.0120 0.0215 0.359 0.44 1.00 __OE_MSGID_3_b4065_c4 3.473 4.9982 0.0078 0.998 0.91 0.01 T_MC_NEW_FORGED_OE_b4065_c4 above freqs using data from "/home/automc/corpus/html/DETAILS.new" as of Mon Feb 7 14:44:33 2005: __OE_MSGID_3_b4065_c2 = __OE_MSGID_3 from bug 4065 comment 2 full freqs: http://bugzilla.spamassassin.org/ruleqa?rule=__OE_MSGID_3_b4065_c2&date=20050207 __FORGED_OE_b4065_c2 = __FORGED_OE from bug 4065 comment 2 full freqs: http://bugzilla.spamassassin.org/ruleqa?rule=__FORGED_OE_b4065_c2&date=20050207 __OE_MSGID_3_b4065_c4 = __OE_MSGID_3 from bug 4065 comment 4 full freqs: http://bugzilla.spamassassin.org/ruleqa?rule=__OE_MSGID_3_b4065_c4&date=20050207 T_MC_NEW_FORGED_OE_b4065_c4 = NEW_FORGED_OE from bug 4065 comment 4 full freqs: http://bugzilla.spamassassin.org/ruleqa?rule=T_MC_NEW_FORGED_OE_b4065_c4&date=20050207 # ham results used: ham-daf.log ham-jm.log ham-quinlan.log ham-rODbegbie.log # spam results used: spam-daf.log spam-jm.log spam-quinlan.log spam-rODbegbie.log 167577 116363 51214 0.694 0.00 0.00 (all messages) 100.000 69.4385 30.5615 0.694 0.00 0.00 (all messages as %) bug 4065 cmt 3: ignored, lint failed # [automatically generated by automc: end]
# [automatically generated by automc: start] # DONEMC 5: completed request from comment 5 0.015 0.0120 0.0215 0.359 0.44 1.00 __OE_MSGID_3_b4065_c2 3.473 4.9982 0.0078 0.998 0.91 1.00 __FORGED_OE_b4065_c2 0.015 0.0120 0.0215 0.359 0.44 1.00 __OE_MSGID_3_b4065_c4 3.473 4.9982 0.0078 0.998 0.91 0.01 T_MC_NEW_FORGED_OE_b4065_c4 above freqs using data from "/home/automc/corpus/html/DETAILS.new" as of Mon Feb 7 14:44:37 2005: __OE_MSGID_3_b4065_c2 = __OE_MSGID_3 from bug 4065 comment 2 full freqs: http://bugzilla.spamassassin.org/ruleqa?rule=__OE_MSGID_3_b4065_c2&date=20050207 __FORGED_OE_b4065_c2 = __FORGED_OE from bug 4065 comment 2 full freqs: http://bugzilla.spamassassin.org/ruleqa?rule=__FORGED_OE_b4065_c2&date=20050207 __OE_MSGID_3_b4065_c4 = __OE_MSGID_3 from bug 4065 comment 4 full freqs: http://bugzilla.spamassassin.org/ruleqa?rule=__OE_MSGID_3_b4065_c4&date=20050207 T_MC_NEW_FORGED_OE_b4065_c4 = NEW_FORGED_OE from bug 4065 comment 4 full freqs: http://bugzilla.spamassassin.org/ruleqa?rule=T_MC_NEW_FORGED_OE_b4065_c4&date=20050207 # ham results used: ham-daf.log ham-jm.log ham-quinlan.log ham-rODbegbie.log # spam results used: spam-daf.log spam-jm.log spam-quinlan.log spam-rODbegbie.log 167577 116363 51214 0.694 0.00 0.00 (all messages) 100.000 69.4385 30.5615 0.694 0.00 0.00 (all messages as %) bug 4065 cmt 3: ignored, lint failed # [automatically generated by automc: end]
applied with a minor fix (/m modifier on regexp): r151796.
*** Bug 4181 has been marked as a duplicate of this bug. ***
*** Bug 4514 has been marked as a duplicate of this bug. ***
Retargeting to 3.0.5. (Currently moving across country so not able to work on this intensively for a few days.)
Created attachment 3218 [details] spamassassin-3.0.4-4065-fix-FORGED_MUA_OUTLOOK.patch Patch against 3.0.4.
Tested patch for a week in production. 3 votes needed
+1
+1 Committed revision 332968.