View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0002596 | unreal | ircd | public | 2005-07-21 11:20 | 2007-04-27 04:51 |
| Reporter | Wiggle | Assigned To | |||
| Priority | normal | Severity | minor | Reproducibility | sometimes |
| Status | closed | Resolution | unable to duplicate | ||
| Product Version | 3.2.3 | ||||
| Summary | 0002596: Spamfilter does not always work | ||||
| Description | When placing a spamfilter, it does not always work, however the message seems to be identical to me. This has happened more than once (figured I should only send a bug report if it happened more than once :P). Example: [15:09:05] server.domain.tld » Spamfilter added: 'http://www\.securityscan\.us/' [target: cp] [action: block] [reason: Stop spamming please.] on Thu Jul 21 13:09:08 2005 GMT (from [email protected]) * snipped serveral matches before these * [16:41:20] server.domain.tld » [Spamfilter] [email protected] matches filter 'http://www\.securityscan\.us/': [PRIVMSG #united: 'Hej, Test your computer's exposure to online security threats NOW and learn how to make your computer more secure: http://www.securityscan.us/'] [Stop spamming please.] [16:41:23] server.domain.tld » [Spamfilter] [email protected] matches filter 'http://www\.securityscan\.us/': [PRIVMSG #q3gtv: 'Hej, Test your computer's exposure to online security threats NOW and learn how to make your computer more secure: http://www.securityscan.us/'] [Stop spamming please.] [16:41:26] server.domain.tld » [Spamfilter] [email protected] matches filter 'http://www\.securityscan\.us/': [PRIVMSG #tapteam: 'Hej, Test your computer's exposure to online security threats NOW and learn how to make your computer more secure: http://www.securityscan.us/'] [Stop spamming please.] [16:41:32] server.domain.tld » [Spamfilter] [email protected] matches filter 'http://www\.securityscan\.us/': [PRIVMSG #kungpow: 'Hej, Test your computer's exposure to online security threats NOW and learn how to make your computer more secure: http://www.securityscan.us/'] [Stop spamming please.] [16:41:35] server.domain.tld » [Spamfilter] [email protected] matches filter 'http://www\.securityscan\.us/': [PRIVMSG #lbk-team: 'Hej, Test your computer's exposure to online security threats NOW and learn how to make your computer more secure: http://www.securityscan.us/'] [Stop spamming please.] [16:41:38] server.domain.tld » [Spamfilter] [email protected] matches filter 'http://www\.securityscan\.us/': [PRIVMSG #blah: 'Hej, Test your computer's exposure to online security threats NOW and learn how to make your computer more secure: http://www.securityscan.us/'] [Stop spamming please.] * At the same time in #channel ;) * [16:41:17] * ZiGVd ([email protected]) has joined #channel [16:41:17] <ZiGVd> Hej, Test your computer's exposure to online security threats NOW and learn how to make your computer more secure: http://www.securityscan.us/ [16:41:20] * ZiGVd ([email protected]) has left #channel Is this normal? What could be wrong? (BTW an off topic question; does spamfilter strip messages before it tries the regex?) | ||||
| 3rd party modules | regexban - $Id: regexban.c,v 2.1 2004/07/12 21:54:19 angrywolf Exp $ (Extended ban type ~R (ban masks with regular expressions)) [3RD] | ||||
|
|
FYI, in case you were wondering, #channel is NOT excepted in the set::spamfilter. |
|
|
[15:09:05] server.domain.tld » Spamfilter added: 'http://www\.securityscan\.us/' [^] [target: cp] [action: block] [reason: Stop spamming please.] on Thu Jul 21 13:09:08 2005 GMT (from [email protected]) http\:\/\/www\.securityscan\.us\/ is the correct regex u should be using, afaik |
|
|
Outside character classes only [ \ ^ $ . | ? * + ( and ) need escaping as far as I know. So no need to escape the slashes and colon. Besides if they would need escaping, then why did it work for most of them? |
|
|
I've no idea what the problem could be to be honest. Is the text is exactly like shown in the bugreport? or does it contain color or control codes etc? [quote](BTW an off topic question; does spamfilter strip messages before it tries the regex?)[/quote] Yes... color (mirc&rgb)/underline/bold/reverse/normal codes. |
|
|
I always just use the url, I don't escape periods or anything. spamfilter add c gline - trojan http://www.securityscan.us that's what I use and it works fine. btw I emailed the owners of the box this domain is hosted on a couple days ago and they took down the website since it contains a windows based trojan/worm. |
|
|
Syzop, it did not contain any special control/color codes. But.. oddly enough, I haven't had any issues with it anymore lately. *shrugs* |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2005-07-21 11:20 | Wiggle | New Issue | |
| 2005-07-21 11:20 | Wiggle | 3rd party modules | => regexban - $Id: regexban.c,v 2.1 2004/07/12 21:54:19 angrywolf Exp $ (Extended ban type ~R (ban masks with regular expressions)) |
| 2005-07-21 11:33 | Wiggle | Note Added: 0010232 | |
| 2005-07-25 07:59 | White_Magic | Note Added: 0010248 | |
| 2005-07-25 09:15 | Wiggle | Note Added: 0010249 | |
| 2005-07-25 19:43 | syzop | Note Added: 0010257 | |
| 2005-07-25 19:43 | syzop | Note Edited: 0010257 | |
| 2005-07-26 10:34 | avone | Note Added: 0010259 | |
| 2005-07-31 22:35 | Wiggle | Note Added: 0010303 | |
| 2005-07-31 22:35 | Wiggle | Note Edited: 0010303 | |
| 2007-04-27 04:51 |
|
Status | new => closed |
| 2007-04-27 04:51 |
|
Resolution | open => unable to duplicate |
