You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2004/02/04 20:17:25 UTC

[Bug 3004] New: SA doesn't recognize CommuniGate Received Header format

http://bugzilla.spamassassin.org/show_bug.cgi?id=3004

           Summary: SA doesn't recognize CommuniGate Received Header format
           Product: Spamassassin
           Version: 2.63
          Platform: Other
        OS/Version: Windows 2000
            Status: NEW
          Severity: normal
          Priority: P5
         Component: Rules
        AssignedTo: spamassassin-dev@incubator.apache.org
        ReportedBy: marc@steuer.com


Virtually every message with an AOL "from" user address is triggering 
FAKE_HELO_AOL and NO_RDNS_DOTCOM_HELO rules.  In the example that follows, 
I've confirmed that forward and reverse DNS lookups for 64.12.136.4 and imo-
m01.mx.aol.com are valid.  Yet, the rules are being triggered. 

SA 2.63, Perl 5.6.1 and CommuniGate Pro 4.1.8/CGPSA 1.3b2 on a Win2K server

Received: from imo-m01.mx.aol.com ([64.12.136.4] verified)
  by xxx.com (CommuniGate Pro SMTP 4.1.8)
  with ESMTP id 875522 for yyy@xxx.com; Tue, 03 Feb 2004 08:37:38 -0800
Received: from Dwsf@aol.com
	by imo-m01.mx.aol.com (mail_out_v36_r4.12.) id m.b9.3bfe3305 (4116)
	 for <Sl...@aol.com>; Tue, 3 Feb 2004 11:14:06 -0500 (EST)
From: Dwsf@aol.com
Message-ID: <b9...@aol.com>
Date: Tue, 3 Feb 2004 11:14:06 EST
To: Slowhand101967@aol.com
MIME-Version: 1.0
Content-Type: multipart/alternative; 
boundary="part1_b9.3bfe3305.2d5122ce_boundary"
X-Mailer: 7.0 for Windows sub 10708
Subject: ** Possible SPAM ** DRUM WORLD NEWS 2004
Date: Tue, 3 Feb 2004 11:14:06 EST
Message-Id: <b9...@aol.com>
X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on zzz.yyy.com
X-Spam-Status: Yes, hits=11.6 required=5.0 tests=ADDR_NUMS_AT_BIGSITE=2.699,
	BAYES_44=-0.001,FAKE_HELO_AOL=2.354,HTML_FONTCOLOR_BLUE=0.1,
	HTML_FONTCOLOR_RED=0.101,HTML_FONT_BIG=0.267,HTML_MESSAGE=0.1,
	NO_DNS_FOR_FROM=1.65,NO_RDNS_DOTCOM_HELO=4.099,NO_REAL_NAME=0.16,
	RCVD_IN_SBLCSMA=0.1 autolearn=no version=2.63
X-Spam-Level: ***********
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------=_401FCE5A.385A0000"
X-TFF-CGPSA-Filter: Scanned
X-TFF-CGPSA-Version: 1.3b2



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.