You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Jeremy Fairbrass <jf...@hotmail.com> on 2007/01/09 11:01:20 UTC
Bug with FAKE_HELO_MSN
Hi all,
I'm not sure if this is a bug with the FAKE_HELO_MSN rule, or if I'm just
overlooking something...
I just received a legitimate email from MSN.com (to verify an email address
for MSN Messenger). The email triggered the FAKE_HELO_MSN rule, but I can't
see why. Here are the 3 Received headers that appeared in the email:
Received: from servera02.blusmtp4.msn.com (servera02.blusmtp.msn.com
[65.55.238.141])
by myserver.com (myserver.com [123.123.123.123])
with ESMTP id md50000080742.msg
for <me...@mydomain.com>; Tue, 09 Jan 2007 10:12:33 +0100
Received: from servera03.tk2smtp4.msn.com ([10.20.194.192]) by
servera02.blusmtp4.msn.com with Microsoft SMTPSVC(6.0.3790.1830);
Tue, 9 Jan 2007 04:12:07 -0500
Received: from TK2PPBAT3A01 ([65.54.136.164]) by servera03.tk2smtp4.msn.com
with Microsoft SMTPSVC(6.0.3790.1830);
Tue, 9 Jan 2007 01:12:06 -0800
As you can see, the host and rDNS are both ending with msn.com - why did the
rule trigger?
I assume this rule only checks against the most recent Received header,
right? Or does it check against all Received headers? Regardless, it should
not have fired even against any of the older Received headers, as far as I
can tell.
Any comments?
Cheers,
Jeremy