Bug 2445 - Filtering problem caused by CR's within quotes
Summary: Filtering problem caused by CR's within quotes
Status: REOPENED
Alias: None
Product: Claws Mail (GTK 2)
Classification: Unclassified
Component: Filtering (show other bugs)
Version: 3.7.9
Hardware: PC Linux
: P3 normal
Assignee: users
URL:
Depends on:
Blocks:
 
Reported: 2011-05-31 11:30 UTC by David Relson
Modified: 2011-07-17 21:22 UTC (History)
0 users

See Also:


Attachments
messages exhibiting the problem (2.32 KB, application/x-gzip-compressed)
2011-05-31 11:30 UTC, David Relson
no flags Details

Description David Relson 2011-05-31 11:30:37 UTC
Created attachment 987 [details]
messages exhibiting the problem

Running bogofilter, I have a claws filter rule to move all messages
with headers containing "X-Bogosity: Spam" to a spam folder.

In recent months I've noticed it failing fairly regularly.  Looking at
the problem messages, they all contain 2 CR's (ctl-m characters) in
"From: " header line.  The 2 CR's are within quotes.

It seems that Claws-Mail is interpreting the CR's as the end of header
delimeter and not scanning the rest of the header (where the
X-Bogosity line is).
Comment 1 Paul 2011-07-12 06:06:23 UTC
a blank line means end of header. these msgs are broken.
Comment 2 David Relson 2011-07-17 20:19:44 UTC
I agree that a blank line _normally_ indicates the end of the header.  In the sample messages, the "blank" line is inside quotes, as in <quote><cr><cr><quote>.  Furthermore, the construct is in a "From: " line and is followed by multiple, standard header lines - "Subject: ", "Date: ", "X-Info: ", etc. 

It seems to me that claws-mail should process quoted stings as a higher precedence than blank lines (ending the header).  Note that bogofilter does this and has been able to put it's X-Bogosity: line after all the header lines, i.e. before the unquoted blank line which is the true end of header.

I've got 30+ messages of this sort.  I suggest that the messages are a pammer's deliberate effort to get around standard message processing and to deliver a spam message.

Regards,

David
Comment 3 Paul 2011-07-17 21:22:26 UTC
And what if a header value legitimately contains a single quote symbol?

Note You need to log in before you can comment on or make changes to this bug.