You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2016/01/26 17:06:48 UTC

[Bug 7292] New: FSL_HELO_BARE_IP_* meta rule logic is wrong

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7292

            Bug ID: 7292
           Summary: FSL_HELO_BARE_IP_* meta rule logic is wrong
           Product: Spamassassin
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Rules
          Assignee: dev@spamassassin.apache.org
          Reporter: rwmaillists@googlemail.com

The current FSL_HELO_BARE_IP_* rules are

meta    FSL_HELO_BARE_IP_1        __FSL_HELO_BARE_IP_1 && !FSL_HELO_BARE_IP_2
meta    FSL_HELO_BARE_IP_2      __FSL_HELO_BARE_IP_2 && !__VIA_ML &&
!__HAS_ERRORS_TO

which means that the lower-scoring, general case suppresses the higher-scoring
special case. It should be:


meta    FSL_HELO_BARE_IP_1        __FSL_HELO_BARE_IP_1  
meta    FSL_HELO_BARE_IP_2      __FSL_HELO_BARE_IP_2 && !__VIA_ML &&
!__HAS_ERRORS_TO && ! FSL_HELO_BARE_IP_1

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 7292] FSL_HELO_BARE_IP_* meta rule logic is wrong

Posted by bu...@bugzilla.spamassassin.org.

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7292

RW <rw...@googlemail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |rwmaillists@googlemail.com

--- Comment #2 from RW <rw...@googlemail.com> ---
A couple of points:

1) Rather than using && !ALL_TRUSTED in FSL_HELO_BARE_IP_2, it would be better
to only check untrusted relays in __FSL_HELO_BARE_IP_2 since this eliminates
other kinds of FP as well. FSL_HELO_BARE_IP_1 may benefit from the all-trusted
test, and because it's a last-external check it could also benefit from a
"auth= " check. So:

meta    FSL_HELO_BARE_IP_1        __FSL_HELO_BARE_IP_1 && !ALL_TRUSTED

meta    FSL_HELO_BARE_IP_2      __FSL_HELO_BARE_IP_2 && !FSL_HELO_BARE_IP_1
&&!__VIA_ML && !__HAS_ERRORS_TO

header  __FSL_HELO_BARE_IP_1      X-Spam-Relays-External =~ /^[^\]]+
helo=(?!127)\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3} [^\]]*auth= /i

header  __FSL_HELO_BARE_IP_2    X-Spam-Relays-Untrusted =~
/helo=(?!127)\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3} /i

2) I notice that there is a comment:

  # score limit due to partial overlap with RCVD_NUMERIC_HELO

I had a look at RCVD_NUMERIC_HELO and, despite the name and possibly the
intent, it's a test on HELO bare IP addresses in the untrusted networks. It's a
duplicate of the modified version of __FSL_HELO_BARE_IP_2 I quoted above. I
think it should go.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 7292] FSL_HELO_BARE_IP_* meta rule logic is wrong

Posted by bu...@bugzilla.spamassassin.org.

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7292

Kevin A. McGrail <km...@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |kmcgrail@apache.org

--- Comment #6 from Kevin A. McGrail <km...@apache.org> ---
Giovanni, did you want to commit this?

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 7292] FSL_HELO_BARE_IP_* meta rule logic is wrong

Posted by bu...@bugzilla.spamassassin.org.

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7292

John Hardin <jh...@impsec.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|FIXED                       |---

--- Comment #3 from John Hardin <jh...@impsec.org> ---
Reopening bug to address RW's further suggestions.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 7292] FSL_HELO_BARE_IP_* meta rule logic is wrong

Posted by bu...@bugzilla.spamassassin.org.

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7292

--- Comment #8 from Giovanni Bechis <gi...@paclan.it> ---
kmcgrail, maybe CK_HELO_DYNAMIC_SPLIT_IP in your sandbox should be reconsidered
now that RCVD_NUMERIC_HELO is gone ?

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 7292] FSL_HELO_BARE_IP_* meta rule logic is wrong

Posted by bu...@bugzilla.spamassassin.org.

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7292

Giovanni Bechis <gi...@paclan.it> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|REOPENED                    |RESOLVED
         Resolution|---                         |FIXED

--- Comment #7 from Giovanni Bechis <gi...@paclan.it> ---
Committed with commitid #1838621.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 7292] FSL_HELO_BARE_IP_* meta rule logic is wrong

Posted by bu...@bugzilla.spamassassin.org.

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7292

Giovanni Bechis <gi...@paclan.it> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |giovanni@paclan.it

--- Comment #4 from Giovanni Bechis <gi...@paclan.it> ---
Created attachment 5508
  --> https://bz.apache.org/SpamAssassin/attachment.cgi?id=5508&action=edit
helo_bare_ip fix and rcvd_numeric removal

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 7292] FSL_HELO_BARE_IP_* meta rule logic is wrong

Posted by bu...@bugzilla.spamassassin.org.

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7292

John Hardin <jh...@impsec.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED
                 CC|                            |jhardin@impsec.org

--- Comment #1 from John Hardin <jh...@impsec.org> ---
Suppression reversed, other minor tweaks per current (rather heated) users
mailing list discussion.

$ svn commit
Sending        99_doc_test.cf
Transmitting file data .
Committed revision 1726846.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 7292] FSL_HELO_BARE_IP_* meta rule logic is wrong

Posted by bu...@bugzilla.spamassassin.org.

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7292

Giovanni Bechis <gi...@paclan.it> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #5508|0                           |1
        is obsolete|                            |

--- Comment #5 from Giovanni Bechis <gi...@paclan.it> ---
Created attachment 5551
  --> https://bz.apache.org/SpamAssassin/attachment.cgi?id=5551&action=edit
helo_bare_ip fix and rcvd_numeric removal

Remove score limit on FSL_HELO_BARE_IP_2 now that it doesn't overlap with
RCVD_NUMERIC_HELO

-- 
You are receiving this mail because:
You are the assignee for the bug.