You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2004/01/08 00:01:56 UTC
[Bug 2906] New: Courier Received header format not detected - causing false positive on RCVD_IN_DYNABLOCK
http://bugzilla.spamassassin.org/show_bug.cgi?id=2906
Summary: Courier Received header format not detected - causing
false positive on RCVD_IN_DYNABLOCK
Product: Spamassassin
Version: 2.61
Platform: PC
OS/Version: FreeBSD
Status: NEW
Severity: major
Priority: P5
Component: Rules
AssignedTo: spamassassin-dev@incubator.apache.org
ReportedBy: mitch@webcob.com
I'm playing with a way to skip spamc altogether for local users (the third case
below) - not sure if that is the best way though as it certainly involves a
little more work than the default install (a more careful check of Received
headers BEFORE calling spamc) - but will try it anyways... (thanks to Gordon
Messmer) - at any rate, this other case seems to be a bug in SA, so here it is
again - will post the correct rule set to bypass if I get it figured out.
Thanks.
m/
With the help of Shane Williams (who received a message and showed me how it
passed his SA ok) I figured out the following:
Courier formats it's received lines like this (this trips RCVD_IN_DYNABLOCK):
Received: from bigass1.XXX.com ([66.199.X.X])
by slim1.XXX.com with esmtp; Tue, 06 Jan 2004 23:56:09 +0000
Received: from a1200 ([24.83.X.X])
(AUTH: LOGIN mitch@XXX.com)
by bigass1.XXX.com with esmtp; Tue, 06 Jan 2004 23:56:09 +0000
Shane I presume (by version numbers) is running sendmail - which has a
different Received format and DOESN'T trip RCVD_IN_DYNABLOCK:
Received: from bigass1.XXX.com (ns1.XXX.com [66.199.X.X])
by fiat.XXX.edu (8.12.10/8.12.10) with ESMTP id
i06MBJ6U020255
for <br...@XXX.edu>; Tue, 6 Jan 2004 16:11:19 -0600
Received: from a1200 ([24.83.X.X])
(AUTH: LOGIN mitch@XXX.com)
by bigass1.XXX.com with esmtp; Tue, 06 Jan 2004 22:09:53 +0000
So for starters, the "-notfirsthop" option seems to be missing my first header.
And for seconds... I will still have a problem when my first header is
AUTHENTICATED.
If I send mail to myself, my ONLY received header looks like:
Received: from a1200 ([24.83.X.X])
(AUTH: LOGIN mitch@XXX.com)
by bigass1.XXX.com with esmtp; Tue, 06 Jan 2004 23:56:09 +0000
Which I think should be ignored - although headers can be forged, the first
header can't - right? And if it says authenticated, I shouldn't be penalized
for sending mail to myself - right?
So now what - do I file a bug report ? or have I already put the info in the
right place?
Thanks a bunch for the tool - glad to do my bit - I imagine that this problem
affects all courier users. Unless I'm missing something?
Thanks!
m/
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.