Spam Filter Bug Plaguing Internet Servers

OK, this is a bit technical for my personal blog, but since I haven't yet redesigned my macexpert.com website for blogging, I decided to put it here.

Since January 1, I've discovered that a large amount of email coming into my server has been marked as spam by the built-in filtering software, SpamAssassin.  When SpamAssassin blocks a message, it flags it and stores it, along with a header that explains why it was blocked.  SpamAssassin is part of the standard mail server installation on most Linux-based internet mail servers.

I need to give you a little lesson in spam filter logic so this makes sense.  There are a number of rules that SpamAssassin applies to a message to determine whether or not to block it.  Based on the trigger, SpamAssassin assign a point value.  If the total number of points adds up to a threshold number that the administrator has put in the  settings, SpamAssassin flags the message as spam.  Typically, the default threshold number is set to 5 by default on a mail server.

After doing some investigating into the emails that were being blocked, I discovered this in the description of all my blocked messages since January 1:

3.4 FH_DATE_PAST_20XX      The date is grossly in the future.

The problem is, the dates on the messages were fine!  This means that all messages were being assigned a spam value of 3.4 out of 5 right off the bat, effectively, the threshold was being set at 1.6 (way too strict!)

I've done some research this morning and discovered the following thread on the SpamAssassin bug tracking boards: https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6269

Apparently, there is a bug that sneaked out into the current version of SpamAssassin that is causing mail servers to incorrectly flag messages for having an unusual date since Jan 1, 2010.  Ouch!!

OK, so for you people that are NOT computer geeks 🙂 here is what this means in plain English.  There is a serious bug is the spam filtering software used by many internet mail servers that is causing messages sent since January 1, 2010 to be incorrectly identified as spam. 

Until a fix is released and mail servers are updated to include it, be prepared for some of your messages to not get through to their destinations.  Also, you might want to check up on important emails you send out, because if you didn't get a response, the recipient very well may not have seen it because it was errorneously caught in their spam filter.

You may want to pass this along to people you know who are having problems like this.  I haven't seen this come up in the major online news sources yet, and it certainly is newsworthy!

Share