Friday, February 4, 2011

Rule FSL_RU_URL is dangerous

https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6533
This rule was accidentally auto-promoted into the live sa-update rules channel.  It might be very effective against the many .ru URL's common in spam, but it is entirely too prejudiced to be safe as a default rule.  Spamassasin upstream has corrected procedures to prevent an issue like this from happening again, but unfortunately they've been having some temporary problems in pushing a new rule update.  Meanwhile, it might be a good idea to disable this rule in your local.cf.

score FSL_RU_URL 0
On the other hand, if you really never expect to have legitimate mail with a .ru URL, you may want to explicitly include this prejudiced rule in your local.cf.  It is not recommended though.

No comments:

Post a Comment