On Thu, 17 Jul 2003 09:45:47 -0700, [EMAIL PROTECTED] (Justin Mason) writes:
> Scott A Crosby writes: > >I just had a 100+ message thread on perl5-porters discussing the > >impact of my recent research on perl. I would not have had that had > >that list been set up to deny non-subscribers from posting. And Perl > >is being changed to be robust against the hash table attack we > >discussed. > > That was you? nice work! Yes. Thanks.. For my current work, observe this regexp used by SA: 2 '[EMAIL PROTECTED](?:[\-.0-9A-Z_a-z]+\.)+\w+' Feed it a bunch of dot's followed by a non-word... Say... '[EMAIL PROTECTED]' and, on some regexp interpreters, that line will take a few minutes to fail to match. I've not tested perl; you can if you wish. This is a preliminary result through eyeballing. There are about two dozen more within SA that have similar issues. I'm working on automated techniquees to analyze them. (And BTW, also soliciting more regular expressions. I've got 1448 from SA, but more to analyze is better.) I will make my best effort to inform you developers directly, but the more hoops I have to go through, the less likely that I will... and I'm probably not the only one. > The solution, as I mentioned in a followup mail, is to subscribe > with the "nomail" setting on. That will not send you any of > the SpamAssassin-talk traffic, but will allow posting. Its still an extra two operations. Sub, ack, And it leaves my email address in yet another subscription to keep track of. > The dev team bandwidth is greatly reduced these days due to day-job > pressures, and acting as "list mom" was becoming quite a lot of > work. The increasing volume of spam (ironically) and viruses > meant we had to do something. :( Scott ------------------------------------------------------- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here: http://www.vmware.com/wl/offer/345/0 _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
