[Spambayes] Spambayes pwning me?

skip at pobox.com skip at pobox.com
Mon Aug 18 02:13:50 CEST 2008


    fu> To clarify, I'm not concerned about SpamBayes having malignant code
    fu> in it, but if it has a DEP issue, that issue could be exploited to
    fu> create an email worm that replicated without me ever having to open
    fu> the email.  Microsoft enabled DEP in Windows to protect us from
    fu> flaws in software that could lead to this type of situation.
    fu> Suggesting that users disable DEP is irresponsible.  If there is a
    fu> DEP issue in SpamBayes, fix it.  If there is a DEP issue in Outlook
    fu> when dealing with add-ins, if enough people report it, Microsoft
    fu> will fix it.

I'm not a Windows person, but it would appear that DEP is a fairly common
cause of software installation problems:

    http://www.realtime-vista.com/administration/2007/04/disabling_data_execution_preve.htm

In part, it says:

    If Vista (and actually this has been around since Windows Server 2003)
    sees that a process is being spawned that "could" be unwanted, DEP shuts
    it down. This is especially common in some application installations: if
    a Windows Installer setup (MSI) calls an executable in Vista, DEP could
    very well put a stop to it. If you are trying to run an installation or
    other executable being stopped by DEP, it could save you some trouble so
    turn it off while you attempt to give it another shot&

The SpamBayes FAQ suggests listing Outlook as a safe application:

    5.8 After installing SpamBayes, Outlook crashes and then asks for the
        plug-in to be disabled.

    Are you using an Athlon 64 or Core 2 Duo with DEP? There are issues with
    DEP and Outlook with a SpamBayes-based plug-in. Listing Outlook as a
    safe application on these processors should "solve" the problem.

Also, this has been a known issue for quite awhile:

    http://mail.python.org/pipermail/spambayes/2005-August/017792.html

If Mark Hammond hasn't figured out a way around the problem short of
disabling DEP for Outlook my guess is it's not a trivial problem.

Skip


More information about the SpamBayes mailing list