Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
A bug in SpamAssassin over the New Year led to many emails incorrectly being flagged as spam and blocked.Daniel Axsäter, chief executive officer of CronLab, claimed that this was a fairly serious incident that was causing problems for the email filtering community. He explained that many filtering companies and internet service providers use SpamAssassin as a base but create their own rules and their own and/or use third party blacklists.However, he said that the bug, which CronLab was able to avoid, caused emails to be erroneously flagged as spam due to a date stamp bug which made all emails with a date stamp in 2010 more likely to be flagged as spam.He said: “If I received an email that was dated 2014 it would sit at the top of my inbox until 2014 and this obviously needs to be prevented. The scoring system in the SpamAssassin rule-set started labelling more emails as ‘spam'. With this erroneous rule in place there could easily be a false positive rate of five to ten per cent rather than the industry norm of less than one in a million.”He said that a change to the rule from emails marked as 2010 to a later date would have prevented the problem, as emails with forged date headers still need to be stopped, but obviously 2010 was no more a forged date as of a week ago.In terms of the impact, Axsäter admitted that there would be a possible downturn for online companies who rely on newsletters for promotion who would have had their emails flagged as spam.“Maybe the newsletter is suspicious and as it comes through it has three points added to it, the rule is to start treating an email as spam at over six points, and this can stop newsletters coming through,” he said.“Many ISPs and email filtering providers immediately delete all spam and then they can't do a post mortem analysis in a situation like this. Instead we store all spam for 30 days so even if we had been affected by this bug we could have checked the spam over again to have the legitimate emails delivered. This is obviously impossible if you delete all spam straight away.”“Numerous both large and small ISPs around the world were affected by this bug and lost their clients' emails. Clients should demand more from their ISPs and spam filtering providers; not only should the filters be continuously updated, but spam needs to be stored for a period of time as well.“In addition to this, borderline spam should be made visible to the end-user through a quarantine to ensure that no real emails are mistakenly caught. By adhering to these three principles we not only avoided this situation, but we even had two further backup plans in place even if the first one failed.”See original article on scmagazineuk.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.