You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2009/04/03 17:45:52 UTC
[Bug 6087] DKIM plugin support for domain signing practices (ADSP),
with overrides
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6087
--- Comment #8 from Mark Martinec <Ma...@ijs.si> 2009-04-03 08:45:51 PST ---
DKIM plugin: do not trigger ADSP rules when there is a known
likely reason of author's domain signature failure, such as a
DNS problem or a truncated message being passed to SpamAssassin.
Sending lib/Mail/SpamAssassin/Plugin/DKIM.pm
Committed revision 761708 ( https://svn.apache.org/viewcvs.cgi?view=rev&rev=761708 ).
I added the following to the POD:
As a precaution against firing DKIM_ADSP_* rules when there is a known local
reason for a signature verification failure, the domain's ADSP is considered
'unknown' when DNS lookups are disabled or a DNS lookup encountered a temporary
problem on fetching a public key from the author's domain. Similarly, ADSP
is considered 'unknown' when this plugin did its own signature verification
(signatures were not passed to SA by a caller) and a metarule __TRUNCATED was
triggered, indicating the caller intentionally passed a truncated message to
SpamAssassin, which was a likely reason for a signature verification failure.
And hereby I declare the name of a rule '__TRUNCATED' as 'taken'.
If a caller of spamc or spamassassin or whatever other sw encounters a long
message (e.g. beyond -s max_size) but wishes to pass at least some part of
it to SpamAssassin (spam messages are getting larger!), it should ensure
that a __TRUNCATED rule gets a hit, so that a DKIM plugin takes a signature
failure and a subsequent ADSP enforcement lightly. One possibility is to
prepend some dedicated message header and add a rule like:
header __TRUNCATED X-Amavis-MessageSize =~ m{\A[^\n]*TRUNCATED}m
Another possibility is when $spamassassin_obj->parse is called directly
(such as by spamd), it can pass a rule hit of a __TRUNCATED rule
through the new %suppl_attrib argument (see Bug 6088).
--
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.