Re: Exclusive sender not working

Discussion re sg development. You don't have to be a developer.

Re: Exclusive sender not working

Postby Guest » Fri Aug 29, 2003 1:42 pm

By: maratheamit ( Amit Marathe )
Re: Exclusive sender not working
2002-12-09 08:17
The discussion forum has a thread in which users report that the exclusive sender is not working correctly in some cases. The bug is caused because the exclusive sender is not being treated as the pattern against which the from domain should be matched. i.e. the sense of comparison needs to be flipped.

I have checked in the bug fix to spameater.pl.
Josh, can you post a follow-up message to the
thread in the discussion forum after you have made the same change in production?

Thanks.
Amit


By: jqh1 ( Josiah Hamilton )
Re: Exclusive sender not working
2002-12-11 09:09
I made the change to production


By: syskoll ( Fred )
Re: Exclusive sender not working
2002-12-12 19:06
Amit,

I checked your modification, the diff between spameater.pl r 1.7 and 1.8. The modification is
> } elsif ($Sender && ($from =~ /^$Sender$/i
> || ".$fromdomain" =~ /\.$Sender/i
> || $to =~ /^$Sender$/i
> || ".$todomain" =~ /\.$Sender/i)) {

From examining the code, it looks like this block is processing trusted senders, not exclusives. Actually, I can't see any variables related to exclusive senders. Can you please point them to me?

Sorry for the dumb question, I am just trying to understand your work.

Thanks,

-- SysKoll


By: jqh1 ( Josiah Hamilton )
Re: Exclusive sender not working
2002-12-12 19:51
I think this is exclusives - trusted senders are handled via an sql query a littler higher up.


By: syskoll ( Fred )
Re: Exclusive sender not working
2002-12-12 21:33
OK. The tests in the code above do not allow for $Sender containing several addresses. So if a user specifies multiple exclusive senders (e.g. separated with commas), the match would fail for all exclusive senders but the first one in the list. Unless the user just specify a list of domains which would be allowd by the line
".$fromdomain" =~ /\.$Sender/i

Did I get the logic right? Do you concur, Amit? If so, should we change the code and allow a list of exclusive senders?

-- SysKoll


By: maratheamit ( Amit Marathe )
Re: Exclusive sender not working
2002-12-14 07:09
If someone wants to specify multiple exclusive domains they can do so by seperating the domains with the pipe character (instead of the comma). e.g. "cnn.com|time.com"

The reason this will work is because the pipe will be intrepreted as the regex union operator. Of course, this does not allow for multiple exclusive senders of the form "user@domain";. But I believe that is a rare enough case to not warrant changing the code.


By: maratheamit ( Amit Marathe )
Re: Exclusive sender not working
2003-02-15 21:42
Josh, it seems that you cannot enter a pipe character in the exclusive sender field. I tracked down the cause to the sanitize function in index.cgi (which is being called on the field before it is stored in the database).

Could you explain the rationale behind the sanitize function? Any particular reason you don't want pipes and semicolons as part of this field?

-- Amit


By: jqh1 ( Josiah Hamilton )
Re: Exclusive sender not working
2003-02-16 12:48
Amit,
Thanks for finding that -- the sanitize function was something I always used to use before I started using parameter-ized sql. It was intended to keep people from entering rogue sql statements (eg, SELECT * from Users where UserId=44;DELETE FROM Users; # ha ha )

I think DBI does all the escaping necessary when you use parameterized sql (the ?'s), so I just turned off that line for Sender. I'm still using sanitize in the search functions for now, though, but that should be no big deal.

Josh


By: maratheamit ( Amit Marathe )
Re: Exclusive sender not working
2003-02-16 14:37
You are right about escaping not being necessary when using parameterized sql. In fact, that's one of the reasons to use parameterized sql (apart from the efficiency reasons).

Thanks for the quick turnaround!
-- Amit
Guest
 

Return to Developers

Who is online

Users browsing this forum: No registered users and 14 guests

cron