Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

SpamAssassin '2010' bug blocked email across world

New Year email marked as spam.

Article comments

If you sent an email in the first few hours of 2010, there is a chance that it never reached its recipient thanks to an embarrassing ‘2010' bug buried in the open source SpamAssassin anti-spam engine used by many Internet Service Providers.

According to a UK-based techie who first blogged on the issue, the fault lies with the ‘FH_DATE_PAST_20XX' rule used in conjunction with many others by the program to score the likelihood of an email being spam. This assigns an especially high score to any email it encounters that has within its header a date beyond a defined point in the future, normally a reliable sign that the email in question is suspicious.

Unfortunately, due to an oversight this rule was not updated in compiled versions of Apache SpamAssassin 3.2.0 thru 3.2.5 in time for the turning of the year, and so any email sent with a sending date between 2010 and 2099 would have had the higher score applied to it automatically.

Although this on its own would be unlikely to have stopped an email, it is likely that the number of false positives would have increased dramatically until service providers noticed the issue. Non-packaged versions of SpamAssassin would not have been affected, though only a small minority of users download the software in this form.

It is impossible to say how many emails were affected, but reports have emerged of false positives in Sweden, Germany, and The Netherlands. According to Daniel Axsäter, CEO of Swedish open source anti-spam company CronLab, the effects of the bug would have been global, affecting every country from the point it crossed the date line.

"Almost all ISPs use the standard rule set with some modifications," he said, describing the problem as probably having affected providers for anything from minutes and hours to days in some cases.

According to Axsäter, the lessons were that providers should update filters regularly, archive spam for a period of a month or more in case of problems, and offer end users a mechanism to check their filtered emails for false positives. All of these techniques were used by his company.

"Customers should simply not accept having their emails deleted if suspected as spam, but rather have them stored for a while so the ISP can do further analysis on the emails," he said. "ISPs and filtering providers need to up their game."

SpamAssassin issued a fix rapidly once it had been made aware of the problem, with advice offered from a help page on its website.

For ordinary users who worry that they might have been affected, but without a spam review report to check, the solution will have to be more basic - hit the resend button.



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *