You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Dan Barker <db...@visioncomm.net> on 2004/10/21 15:15:20 UTC
What's wrong with this Message-ID:?
SpamAssassin (default settings except a few score's) 3.0.0 sez:
1.1 INVALID_MSGID Message-Id is not valid, according to RFC 2822
I can't for the life of me see anything wrong with:
Message-ID:
<A3...@AT1EX-CL1.corp.globalpay.com>
It looks to me like 2822 sez:
message-id = "Message-ID:" msg-id CRLF
msg-id = [CFWS] "<" id-left "@" id-right ">"
id-left = dot-atom-text
dot-atom-text = A383152A5ED0E842BBA4964A1D955C160B6EFB4E
id-right = dot-atom-text
dot-atom-text = AT1EX-CL1.corp.globalpay.com
RE: What's wrong with this Message-ID:?
Posted by Dan Barker <db...@visioncomm.net>.
Thanks for straightening me out. The RFC's are certainly clear on this. I
was just being dense. I've run that header into IMail from outside (without
the folding) and all is well. I'll report the bug to the globalpay.com
postmaster.
Thanks again.
Dan
<snip>
Subject: RE: What's wrong with this Message-ID:?
Message-ID:<A383152A5ED0E842BBA4964A1D955C160B6EFB4E@AT1EX-CL1.corp.globalpa
y.com>
RE: What's wrong with this Message-ID:?
Posted by Matt Kettler <mk...@evi-inc.com>.
At 12:33 PM 10/21/2004, Dan Barker wrote:
>09 Message-ID:
><A383152A5ED0E842BBA4964A1D955C160B6EFB4E@AT1EX-CL1.corp.globalp
>10 ay.com>
>11 X-MS-Has-Attach:
>12 X-MS-TNEF-Correlator:
>13 Thread-Topic: 4 Candles - A Beautiful Message
>14 Thread-Index: AcS3BWlt5dySvEvTSWeuRuweMuzolAAY/hRA
>15 From: <email addresses removed>
>16 To: <email addresses removed>
>17 and up ...
>
>Newlines with a number (nnSP) are actually in the source.
>Newlines without a number are artifacts of the 76-character/line limit.
>
>I see nothing that violates the "Continuation can happen anywhere - just
>start the next header line with whitespace"
You've violated RFC 2822 rules on header folding. Twice.
When Folding is allowed, it's only allowed between logical tokens where
whitespace is legal, you can't split a domain name in half like that.
Might I suggest reading 2.2.3. Long Header Fields
" The general rule is that wherever this standard allows for folding white
space (not
simply WSP characters), a CRLF may be inserted before any WSP."
Note that inserting a CRLF between "p" and "a" does not constitute
inserting one before a white space.
Also, folding is EXPLICITLY prohibited in the msg-id part of the
Message-ID: header.
Read section 3.6.4. Identification fields
"Since the msg-id hasa similar syntax to angle-addr (identical except that
comments and
folding white space are not allowed)"
RE: What's wrong with this Message-ID:?
Posted by Dan Barker <db...@visioncomm.net>.
Well, I've just rolled out SA to my IMail server (Windoze, gaaagh!) and my
hook to pass to SA also copies the input to a flat file. I can
rerun/edit/inspect anything that my nightly "kill -3days" hasn't yet hit.
Nice feature for this sort of thing<g>. Maybe I'll keep it.
The input file begins:
00 Received: from at1gw-002.corp.globalpay.com [64.69.192.162] by
visioncomm.net with ESMTP
01 (SMTPD32-8.13) id AC1F2720072; Thu, 21 Oct 2004 08:31:27 -0400
02 X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0
03 content-class: urn:content-classes:message
04 MIME-Version: 1.0
05 Content-Type: multipart/alternative;
06 boundary="----_=_NextPart_001_01C4B769.A6999CE1"
07 Subject: FW: 4 Candles - A Beautiful Message
08 Date: Thu, 21 Oct 2004 08:29:46 -0400
09 Message-ID:
<A383152A5ED0E842BBA4964A1D955C160B6EFB4E@AT1EX-CL1.corp.globalp
10 ay.com>
11 X-MS-Has-Attach:
12 X-MS-TNEF-Correlator:
13 Thread-Topic: 4 Candles - A Beautiful Message
14 Thread-Index: AcS3BWlt5dySvEvTSWeuRuweMuzolAAY/hRA
15 From: <email addresses removed>
16 To: <email addresses removed>
17 and up ...
Newlines with a number (nnSP) are actually in the source.
Newlines without a number are artifacts of the 76-character/line limit.
I see nothing that violates the "Continuation can happen anywhere - just
start the next header line with whitespace" rule. The Whitespace before
"ay.com>" is a tab character. There are no spaces except between the ":" and
the "<". This was verified by a hex-display edit program. That must mean the
problem isn't in the rule, but the implementation of the unfolding logic.
SA -D says:
logmsg: processing message
<A383152A5ED0E842BBA4964A1D955C160B6EFB4E@AT1EX-CL1.c
orp.globalp?ay.com> for (unknown):0.
The "?" is where the 0x0D0A09 was located. Does SA have a problem with CRLF
where LF is expected? Kinda kinks the Gates-Challenged croud. I see the \n,
\t and \r in the rule. Obviously, the ? is not in the list. However, I
believe the unfolder has already flummoxed the pooch.
Hacking the 0x0D0A09 to a 0x0A0920 gives:
logmsg: processing message
<A383152A5ED0E842BBA4964A1D955C160B6EFB4E@AT1EX-CL1.c
orp.globalp?ay.com> for (unknown):0.
Hacking the 0x0D0A09 to a 0x0A2020 gives:
logmsg: processing message
<A383152A5ED0E842BBA4964A1D955C160B6EFB4E@AT1EX-CL1.c
orp.globalp?ay.com> for (unknown):0.
Hacking the 0X0D0A09 to a 0x414243 gives:
logmsg: processing message
<A383152A5ED0E842BBA4964A1D955C160B6EFB4E@AT1EX-CL1.c
orp.globalpABCay.com> for (unknown):0. << Finally, a Sane report! Just not
too useful.
To whom do I complain<g>?
Anyone wanting the original source can get it from ftp.visioncomm.net,
anonymous, bin, get saparser.zip (3 KB).
Can I attach things on this reflector? Would that be polite?
Dan
<snip>
Fred sez: Here is the rule from 3.0
header __SANE_MSGID MESSAGEID =~ /^<[^<>\\ \t\n\r\x0b\x80-\xff]+\@[^<>\\
\t\n\r\x0b\x80-\xff]+>\s*$/m
header __HAS_MSGID MESSAGEID =~ /\S/
header __MSGID_COMMENT MESSAGEID =~ /\(.*\)/m
meta INVALID_MSGID __HAS_MSGID && !(__SANE_MSGID || __MSGID_COMMENT)
describe INVALID_MSGID Message-Id is not valid, according to RFC 2822
Re: What's wrong with this Message-ID:?
Posted by Fred <sp...@freddyt.com>.
Here is the rule from 3.0
header __SANE_MSGID MESSAGEID =~ /^<[^<>\\ \t\n\r\x0b\x80-\xff]+\@[^<>\\
\t\n\r\x0b\x80-\xff]+>\s*$/m
header __HAS_MSGID MESSAGEID =~ /\S/
header __MSGID_COMMENT MESSAGEID =~ /\(.*\)/m
meta INVALID_MSGID __HAS_MSGID && !(__SANE_MSGID || __MSGID_COMMENT)
describe INVALID_MSGID Message-Id is not valid, according to RFC 2822
It's a little hard to understand, basically you must have /\S/ and neither
of the other two? I assume this means your msgid had some type of character
not fitting the set above.
I placed your MSGID in a sample message and ran it through my SA install.
It did not cause that rule to hit. This leads me to believe something
happened that is not reproducable with just the msgid you pasted into that
message. Please send a copy of the message which is causing your issue and
if something is wrong with the rule, someone will take action to get this
corrected in a future release.
Frederic Tarasevicius
Internet Information Services, Inc.
http://www.i-is.com/
810-794-4400
mailto:info@i-is.com
Dan Barker wrote:
> SpamAssassin (default settings except a few score's) 3.0.0 sez:
>
> 1.1 INVALID_MSGID Message-Id is not valid, according to RFC
> 2822
>
> I can't for the life of me see anything wrong with:
>
> Message-ID:
> <A3...@AT1EX-CL1.corp.globalpay.com>
Re: What's wrong with this Message-ID:?
Posted by Matt Kettler <mk...@comcast.net>.
At 09:15 AM 10/21/2004 -0400, you wrote:
>I can't for the life of me see anything wrong with:
>
>Message-ID:
><A3...@AT1EX-CL1.corp.globalpay.com>
>
>It looks to me like 2822 sez:
First, I'm assuming that line break before the < is an artifact of your
mail client, and isn't in the real message. (This is one reason why
copy-pasting bits of spam into a message body make analysis difficult)
Looking at the rule I can't see why that message ID would match the rule in
SA 3.0, but I don't have my test box handy at the moment.
Is there any chance there are line breaks, or non-ascii chars in the middle
we can't see here?
header __SANE_MSGID MESSAGEID =~ /^<[^<>\\
\t\n\r\x0b\x80-\xff]+\@[^<>\\ \t\n\r\x0b\x80-\xff]+>\s*$/m
header __HAS_MSGID MESSAGEID =~ /\S/
header __MSGID_COMMENT MESSAGEID =~ /\(.*\)/m
meta INVALID_MSGID __HAS_MSGID && !(__SANE_MSGID ||
__MSGID_COMMENT)
describe INVALID_MSGID Message-Id is not valid, according to RFC 2822