You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Jeffrey Starin <je...@gmail.com> on 2014/02/14 19:19:27 UTC
check_for_numeric_helo() function wreaking havoc
Hello,
I am new to Spam Assassin and I am coming at it from a web administrator
point of view. I do not manage SpamAssassin but I along with my
websites are on the receiving end of it's work via the email we do (and
do not) receive/send for our websites.
I am not an Exim maven although I know a fair amount about SMTP activity.
So, here is the issue:
Email sent from our server website in which all of the appropriate
configuration for exim has been signed off by hostgator (our web hosting
company) as correct, is being detected by mail-tester.com as violating
the FSL_HELO_BARE_IP_2 rule to the extent that it damages our reputation
by -2.699 per outbound email.
At first, mail-tester.com claimed that our outbound email is connecting
with a domain name and NOT an IP address, which we initially thought was
the problem because the way the rule is written ". . . HELO_BARE_IP. .
." makes it seem like it could be that problem. Indeed, this rule also
triggers on untrusted_relay, although you would not know from the rule name.
Okay. So. mail-tester.com claims this is an issue with the following
snippet of header code being seen by SpamAssissin. They claim this is
what is triggering the HELO_BARE rule (based on untrusted relay):
Received: from localhost.localdomain ([127.0.0.1]:57205
helo=mydomain.com)
by mydomain.com
with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.82)
(envelope-from <li...@mydomain.com>)
id 1WDfX8-00088O-NR for testissuerey1@mail-tester.com;
Wed, 12 Feb 2014 14:31:46 -0500
Now Hostgator steps in and say, no, that's not correct, that snippet of
code is generic and perfectly fine it should not be triggering anything
in SpamAssassin.
They claim the following bit of code is doing it (triggering untrusted
relay response):
X-Mailer: PHPMailer 5.2.5 (https://github.com/Synchro/PHPMailer/)
X-phpList-version: 3.0.5
X-MessageID: systemmessage
X-ListMember:mailing-list-member@yahoo.com
Precedence: bulk
Bounces-To: listbounces@mydomain.com
List-Unsubscribe:
<http://www.mydomain.com/lists/?p=unsubscribe&email=mailing-list-member@yahoo.com&jo=1>
I certainly would like help from a knowledable source in SpamAssassin to
help us so we can tweak our installation and determine what corrective
steps need to be taken.
Thank you.
Re: check_for_numeric_helo() function wreaking havoc
Posted by John Hardin <jh...@impsec.org>.
On Fri, 14 Feb 2014, Jeffrey Starin wrote:
> So, here is the issue:
>
> Email sent from our server website in which all of the appropriate
> configuration for exim has been signed off by hostgator (our web hosting
> company) as correct, is being detected by mail-tester.com as violating
> the FSL_HELO_BARE_IP_2 rule to the extent that it damages our reputation
> by -2.699 per outbound email.
> Okay. So. mail-tester.com claims this is an issue with the following
> snippet of header code being seen by SpamAssissin. They claim this is
> what is triggering the HELO_BARE rule (based on untrusted relay):
>
> Received: from localhost.localdomain ([127.0.0.1]:57205
> helo=mydomain.com)
That helo is *not* a bare IP address, so should not be triggering that
rule.
Feel free to set up your system to send me an email directly and I'll take
a look.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
...every time I sit down in front of a Windows machine I feel as
if the computer is just a place for the manufacturers to put their
advertising. -- fwadling on Y! SCOX
-----------------------------------------------------------------------
8 days until George Washington's 282nd Birthday