bugzilla-daemon at bugzilla
Jan 7, 2004, 4:01 PM
Post #1 of 1
(111 views)
Permalink
|
|
[Bug 2906] New: Courier Received header format not detected - causing false positive on RCVD_IN_DYNABLOCK
|
|
http://bugzilla.spamassassin.org/show_bug.cgi?id=2906
Summary: Courier Received header format not detected - causing
false positive on RCVD_IN_DYNABLOCK
Product: Spamassassin
Version: 2.61
Platform: PC
OS/Version: FreeBSD
Status: NEW
Severity: major
Priority: P5
Component: Rules
AssignedTo: spamassassin-dev [at] incubator
ReportedBy: mitch [at] webcob
I'm playing with a way to skip spamc altogether for local users (the third case
below) - not sure if that is the best way though as it certainly involves a
little more work than the default install (a more careful check of Received
headers BEFORE calling spamc) - but will try it anyways... (thanks to Gordon
Messmer) - at any rate, this other case seems to be a bug in SA, so here it is
again - will post the correct rule set to bypass if I get it figured out.
Thanks.
m/
With the help of Shane Williams (who received a message and showed me how it
passed his SA ok) I figured out the following:
Courier formats it's received lines like this (this trips RCVD_IN_DYNABLOCK):
Received: from bigass1.XXX.com ([66.199.X.X])
by slim1.XXX.com with esmtp; Tue, 06 Jan 2004 23:56:09 +0000
Received: from a1200 ([24.83.X.X])
(AUTH: LOGIN mitch [at] XXX)
by bigass1.XXX.com with esmtp; Tue, 06 Jan 2004 23:56:09 +0000
Shane I presume (by version numbers) is running sendmail - which has a
different Received format and DOESN'T trip RCVD_IN_DYNABLOCK:
Received: from bigass1.XXX.com (ns1.XXX.com [66.199.X.X])
by fiat.XXX.edu (8.12.10/8.12.10) with ESMTP id
i06MBJ6U020255
for <broot [at] XXX>; Tue, 6 Jan 2004 16:11:19 -0600
Received: from a1200 ([24.83.X.X])
(AUTH: LOGIN mitch [at] XXX)
by bigass1.XXX.com with esmtp; Tue, 06 Jan 2004 22:09:53 +0000
So for starters, the "-notfirsthop" option seems to be missing my first header.
And for seconds... I will still have a problem when my first header is
AUTHENTICATED.
If I send mail to myself, my ONLY received header looks like:
Received: from a1200 ([24.83.X.X])
(AUTH: LOGIN mitch [at] XXX)
by bigass1.XXX.com with esmtp; Tue, 06 Jan 2004 23:56:09 +0000
Which I think should be ignored - although headers can be forged, the first
header can't - right? And if it says authenticated, I shouldn't be penalized
for sending mail to myself - right?
So now what - do I file a bug report ? or have I already put the info in the
right place?
Thanks a bunch for the tool - glad to do my bit - I imagine that this problem
affects all courier users. Unless I'm missing something?
Thanks!
m/
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
|
