You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by fe...@apache.org on 2006/12/30 22:30:21 UTC
svn commit: r491319 -
/spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm
Author: felicity
Date: Sat Dec 30 13:30:21 2006
New Revision: 491319
URL: http://svn.apache.org/viewvc?view=rev&rev=491319
Log:
bug 4747: better handle EnvelopeFrom determination
Modified:
spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm
Modified: spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm
URL: http://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm?view=diff&rev=491319&r1=491318&r2=491319
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm Sat Dec 30 13:30:21 2006
@@ -2218,6 +2218,26 @@
my $envf;
+ # Rely on the 'envelope-sender-header' header if the user has configured one.
+ # Assume that because they have configured it, their MTA will always add it.
+ # This will prevent us falling through and picking up inappropriate headers.
+ if (exists $self->{conf}->{envelope_sender_header}) {
+ # make sure we get the most recent copy - there can be only one EnvelopeSender.
+ $envf = $self->get($self->{conf}->{envelope_sender_header}.":addr");
+ goto ok if defined $envf && ($envf =~ /\@/ || $envf =~ /^<>$/);
+ # Warn them if it's configured, but not there or not usable.
+ if (defined $envf) {
+ chomp $envf;
+ warn("message: envelope_sender_header '$envf' is not an FQDN - ignoring");
+ } else {
+ warn("message: envelope_sender_header '".$self->{conf}->{envelope_sender_header}."' not found in message");
+ }
+ # Couldn't get envelope-sender using the configured header.
+ return undef;
+ }
+
+ # User hasn't given us a header to trust, so try to guess the sender.
+
# use the "envelope-sender" string found in the Received headers,
# if possible... use the last untrusted header, in case there's
# trusted headers.
@@ -2230,19 +2250,13 @@
if (defined $lasthop) {
$envf = $lasthop->{envfrom};
+ # TODO FIXME: Received.pm puts both null senders and absence-of-sender
+ # into the relays array as '', so we can't distinguish them :(
if ($envf && ($envf =~ /\@/)) {
goto ok;
}
}
- # Use the 'envelope-sender-header' header that the user has specified.
- # We assume this is correct, *even* if the fetchmail/X-Sender screwup
- # appears.
- $envf = $self->{conf}->{envelope_sender_header};
- if ((defined $envf) && ($envf = $self->get($envf)) && ($envf =~ /\@/)) {
- goto ok;
- }
-
# WARNING: a lot of list software adds an X-Sender for the original env-from
# (including Yahoo! Groups). Unfortunately, fetchmail will pick it up and
# reuse it as the env-from for *its* delivery -- even though the list
@@ -2266,6 +2280,7 @@
# a *new* Envelope-from. check
if ($self->get ("ALL") =~ /(?:^|\n)Received:\s.*\nX-Envelope-From:\s/s) {
dbg("message: X-Envelope-From header found after 1 or more Received lines, cannot trust envelope-from");
+ return undef;
} else {
goto ok;
}