You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2006/09/27 22:49:39 UTC
[Bug 5112] New: helo not found if received header does not explicitly include helo=some_address
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5112
Summary: helo not found if received header does not explicitly
include helo=some_address
Product: Spamassassin
Version: 3.1.4
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P4
Component: Regression Tests
AssignedTo: dev@spamassassin.apache.org
ReportedBy: chris@northfolk.ca
I believe there is a problem with the Received.pm file. If a received header
includes a helo statment (helo=mail.example.com) then there are no problems.
But if the helo statment is not included for situations where helo=rdns, then
spamassassin thinks the helo does not exist.
from spamd.log:
Wed Sep 27 14:40:03 2006 [2631] dbg: received-header: parsed as [ ip=209.237.227
.198 rdns=brutus.apache.org helo= by=aurora.northfolk.ca ident= envfrom= intl=0
id=1GSgCJ-00042R-8Q auth= ]
Wed Sep 27 14:40:03 2006 [2631] dbg: received-header: relay 209.237.227.198 trus
ted? no internal? no
Wed Sep 27 14:40:03 2006 [2631] dbg: spf: checking HELO (helo=, ip=209.237.227.1
98)
Wed Sep 27 14:40:03 2006 [2631] dbg: spf: cannot get HELO, cannot use SPF
Wed Sep 27 14:40:03 2006 [2631] dbg: spf: checking EnvelopeFrom (helo=, ip=209.2
37.227.198, envfrom=www-data@brutus.apache.org)
Wed Sep 27 14:40:03 2006 [2631] dbg: spf: cannot get HELO, cannot use SPF
from header:
Received: from brutus.apache.org ([209.237.227.198])
by aurora.northfolk.ca with esmtp (Exim 4.50)
id 1GSgCJ-00042R-8Q
for chris@northfolk.ca; Wed, 27 Sep 2006 14:40:06 -0600
Received: by brutus.apache.org (Postfix, from userid 33)
id 4288B7141D1; Wed, 27 Sep 2006 20:36:10 +0000 (GMT)
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5112] helo not found if received header does not explicitly include helo=some_address
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5112
------- Additional Comments From axel.mueller@t-systems.com 2006-12-27 07:05 -------
Same here, many errors like this:
Dec 27 15:31:59 vps832469583 spamd[15485]: spamd: connection from
vps832469583.serverpool.info [127.0.0.1] at port 50876
Dec 27 15:31:59 vps832469583 spamd[15485]: spamd: setuid to Debian-exim
succeeded
Dec 27 15:31:59 vps832469583 spamd[15485]: spamd: processing message <01c729c3
$cd4410a0$6c822ecf@thwartcarpetbaggers> for Debian-exim:107
Dec 27 15:31:59 vps832469583 spamd[15485]: received-header: parsed as [
ip=83.82.15.205 rdns=53520fcd.cable.casema.nl helo=acer-2d17133cc5
by=vps832469583.serverpool.info ident= envfrom= intl=0 id=1GzZp0-00059R-Ec
auth= ]
Dec 27 15:31:59 vps832469583 spamd[15485]: received-header: relay 83.82.15.205
trusted? no internal? no
Dec 27 15:31:59 vps832469583 spamd[15485]: received-header: parsed as [
ip=209.8.40.66 rdns=mail2.advancedhosters.com helo=mail2.abagor.ru
by=axelcity.de ident= envfrom= intl=0 id=+,7AG.-+8T=*.-,: auth= ]
Dec 27 15:31:59 vps832469583 spamd[15485]: received-header: relay 209.8.40.66
trusted? no internal? no
Dec 27 15:31:59 vps832469583 spamd[15485]: spf: checking HELO (helo=acer-
2d17133cc5, ip=83.82.15.205)
Dec 27 15:31:59 vps832469583 spamd[15485]: spf: cannot check HELO of 'acer-
2d17133cc5', skipping
Dec 27 15:31:59 vps832469583 spamd[15485]: spf: cannot get Envelope-From,
cannot use SPF
Dec 27 15:31:59 vps832469583 spamd[15485]: spf: def_spf_whitelist_from: could
not find useable envelope sender
Dec 27 15:31:59 vps832469583 spamd[15485]: spf: spf_whitelist_from: could not
find useable envelope sender
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5112] helo not found if received header does not explicitly include helo=some_address
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5112
jm@jmason.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
Target Milestone|Undefined |3.2.0
------- Additional Comments From jm@jmason.org 2007-01-09 07:33 -------
hi Axel --
*please* stop pasting, and use attachments instead. Pasting corrupts
the headers.
Anyway, I've changed the code to match your suggestion -- it caused
a test failure, but I've checked that and it appears your suggestion
was right, and our test case was incorrect ;)
svn commit -m "bug 5112: the default Debian configuration for Exim does not
record a HELO string if the HELO matched reverse DNS; take this into account"
lib/Mail/SpamAssassin/Message/Metadata/Received.pm t/rcvd_parser.t
Sending lib/Mail/SpamAssassin/Message/Metadata/Received.pm
Sending t/rcvd_parser.t
Transmitting file data ..
Committed revision 494435.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5112] helo not found if received header does not explicitly include helo=some_address
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5112
------- Additional Comments From axel.mueller@t-systems.com 2007-01-09 06:33 -------
Hi!
This seems to be an problem with debian exim MTA. In the standard debian
config of exim, he write only the helo string (helo=xxxx) if it is different
from the rdns!! If not, it looks then like this:
Received: from server040.webpack.hosteurope.de ([80.237.130.48]:52313)
by vps832469583.serverpool.info with esmtps (TLS-
1.0:DHE_RSA_3DES_EDE_CBC_SHA:24)
(Exim 4.50)
id 1GzVLs-0002Oz-7b
for axel@axelcity.de; Wed, 27 Dec 2006 10:45:49 +0100
Received: by server040.webpack.hosteurope.de running ExIM using esmtpa
from i59f77b8d.versanet.de ([89.247.123.141] helo=[127.0.0.1]); authenticated
id 1GzVLR-00030Z-LO; Wed, 27 Dec 2006 10:45:09 +0100
Message-ID: <45...@psautoservice.de>
Date: Wed, 27 Dec 2006 10:45:15 +0100
From: PS Autoservice <ma...@psautoservice.de>
User-Agent: Thunderbird 1.5.0.9 (Windows/20061207)
MIME-Version: 1.0
To: axel@axelcity.de
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: 7bit
X-bounce-key: webpack.hosteurope.de;mail@psautoservice.de;1167212741;906b12f0;
X-SA-Exim-Connect-IP: 80.237.130.48
X-SA-Exim-Mail-From: mail@psautoservice.de
X-Spam-Checker-Version: SpamAssassin 3.1.4 (2006-07-26) on
vps832469583.serverpool.info
X-Spam-Level:
X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham
version=3.1.4
X-Spam-Report:
Subject: Reifenmontage
X-SA-Exim-Version: 4.2 (built Thu, 03 Mar 2005 10:44:12 +0100)
X-SA-Exim-Scanned: Yes (on vps832469583.serverpool.info)
Sender: mail@psautoservice.de
As you can see, no helo string. In that case, SA has no helo Statement and the
spf Tests failed.
Personally i changed the exim config to make shure that every time an
helo=xxxx Steatement is in the header, but i think SA should do that by
themself.
Axel
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5112] helo not found if received header does not explicitly include helo=some_address
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5112
------- Additional Comments From jm@jmason.org 2006-12-27 07:15 -------
Axel -- please attach a message that demonstrates this. the logs you paste are
entirely valid, AFAICS, since 'acer-2d17133cc5' is indeed a HELO string that is
unusable for SPF-checking...
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5112] helo not found if received header does not explicitly include helo=some_address
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5112
------- Additional Comments From chris@northfolk.ca 2007-01-09 10:13 -------
Justin, the new Received.pm appears to have fixed the problem. Spamassassin
correctly identifies helo when helo=rdns. Thanks.
FYI: This problem exists for all exim default installs, not just Debian. The
main variable used for writing out the headers in exim is $sender_rcvhost.
>From http://www.exim.org/exim-html-4.66/doc/html/spec_html/ch11.html#SECTexpvar
$sender_rcvhost
This is provided specifically for use in Received: headers. It starts with
either the verified host name (as obtained from a reverse DNS lookup) or, if
there is no verified host name, the IP address in square brackets. After that
there may be text in parentheses. When the first item is a verified host name,
the first thing in the parentheses is the IP address in square brackets,
followed by a colon and a port number if port logging is enabled. When the
first item is an IP address, the port is recorded as “port=xxxx” inside the
parentheses.
There may also be items of the form “helo=xxxx” if HELO or EHLO was used and
its argument was not identical to the real host name or IP address, and
“ident=xxxx” if an RFC 1413 ident string is available. If all three items are
present in the parentheses, a newline and tab are inserted into the string, to
improve the formatting of the Received: header.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5112] helo not found if received header does not explicitly include helo=some_address
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5112
------- Additional Comments From jm@jmason.org 2007-01-09 10:40 -------
thanks Chris. I think we now handle all of those...
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5112] helo not found if received header does not explicitly include helo=some_address
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5112
------- Additional Comments From axel.mueller@t-systems.com 2007-01-09 07:06 -------
Here an header with different rdns/helo:
Received: from gate.jakob.de ([217.145.101.130]:60178 helo=gate2.jakob.de)
by vps832469583.serverpool.info (envelope-from
<su...@verleihshop.de>)
with esmtps (TLS-1.0:DHE_RSA_3DES_EDE_CBC_SHA:24)
(Exim 4.50)
id 1H3KFP-0005pI-08
for dvd@axelcity.de; Sat, 06 Jan 2007 23:42:55 +0100
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.