You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by si...@apache.org on 2005/12/03 23:08:29 UTC
svn commit: r345792 - in /spamassassin/branches/3.0: lib/Mail/SpamAssassin/EvalTests.pm lib/Mail/SpamAssassin/Message/Metadata/Received.pm lib/Mail/SpamAssassin/PerMsgStatus.pm rules/20_compensate.cf rules/20_head_tests.cf rules/50_scores.cf

Author: sidney
Date: Sun Nov 20 15:28:48 2005
New Revision: 345792

URL: http://svn.apache.org/viewcvs?rev=345792&view=rev
Log:
bug 3949: fix ALL_TRUSTED misfires

Modified:
    spamassassin/branches/3.0/lib/Mail/SpamAssassin/EvalTests.pm
    spamassassin/branches/3.0/lib/Mail/SpamAssassin/Message/Metadata/Received.pm
    spamassassin/branches/3.0/lib/Mail/SpamAssassin/PerMsgStatus.pm
    spamassassin/branches/3.0/rules/20_compensate.cf
    spamassassin/branches/3.0/rules/20_head_tests.cf
    spamassassin/branches/3.0/rules/50_scores.cf

Modified: spamassassin/branches/3.0/lib/Mail/SpamAssassin/EvalTests.pm
URL: http://svn.apache.org/viewcvs/spamassassin/branches/3.0/lib/Mail/SpamAssassin/EvalTests.pm?rev=345792&r1=345791&r2=345792&view=diff
==============================================================================
--- spamassassin/branches/3.0/lib/Mail/SpamAssassin/EvalTests.pm (original)
+++ spamassassin/branches/3.0/lib/Mail/SpamAssassin/EvalTests.pm Sun Nov 20 15:28:48 2005
@@ -3017,11 +3017,21 @@
 
 sub check_all_trusted {
   my ($self) = @_;
-  if ($self->{num_relays_untrusted} > 0) {
-    return 0;
-  } else {
-    return 1;
-  }
+  return $self->{num_relays_trusted} 
+        && !$self->{num_relays_untrusted}
+        && !$self->{num_relays_unparseable};
+}
+
+sub check_no_relays {
+  my ($self) = @_;
+  return !$self->{num_relays_trusted}
+        && !$self->{num_relays_untrusted}
+        && !$self->{num_relays_unparseable};
+}
+
+sub check_relays_unparseable {
+  my ($self) = @_;
+  return $self->{num_relays_unparseable};
 }
 
 ###########################################################################

Modified: spamassassin/branches/3.0/lib/Mail/SpamAssassin/Message/Metadata/Received.pm
URL: http://svn.apache.org/viewcvs/spamassassin/branches/3.0/lib/Mail/SpamAssassin/Message/Metadata/Received.pm?rev=345792&r1=345791&r2=345792&view=diff
==============================================================================
--- spamassassin/branches/3.0/lib/Mail/SpamAssassin/Message/Metadata/Received.pm (original)
+++ spamassassin/branches/3.0/lib/Mail/SpamAssassin/Message/Metadata/Received.pm Sun Nov 20 15:28:48 2005
@@ -83,6 +83,8 @@
   $self->{num_relays_untrusted} = 0;
   $self->{relays_untrusted_str} = '';
 
+  $self->{num_relays_unparseable} = 0;
+
   # now figure out what relays are trusted...
   my $trusted = $main->{conf}->{trusted_networks};
   my $internal = $main->{conf}->{internal_networks};
@@ -402,6 +404,7 @@
     $auth = $1;
   }
 
+
   if (/^from /) {
     # try to catch enveloper senders
     if (/(?:return-path:? |envelope-(?:sender|from)[ =])(\S+)\b/i) {
@@ -859,12 +862,10 @@
       goto enough;
     }
 
-    # Received: from raptor.research.att.com (bala@localhost) by
-    # raptor.research.att.com (SGI-8.9.3/8.8.7) with ESMTP id KAA14788 
-    # for <as...@example.com>; Fri, 7 Mar 2003 10:37:56 -0500 (EST)
-    if (/^from (\S+) \((\S+\@\S+)\) by (\S+) \(/) { return; }
-
-    # Received: from mmail by argon.connect.org.uk with local (connectmail/exim) id 18tOsg-0008FX-00; Thu, 13 Mar 2003 09:20:06 +0000
+    # Received: from mmail by argon.connect.org.uk with local (connectmail/exim)
+    # id 18tOsg-0008FX-00; Thu, 13 Mar 2003 09:20:06 +0000
+    # Received: from andrew by trinity.supernews.net with local (Exim 4.12)
+    # id 18xeL6-000Dn1-00; Tue, 25 Mar 2003 02:39:00 +0000
     if (/^from (\S+) by (\S+) with local/) { return; }
 
     # Received: from [192.168.1.104] (account nazgul HELO [192.168.1.104])
@@ -969,66 +970,70 @@
   # ------------------------------------------------------------------------
   # IGNORED LINES: generally local-to-local or non-TCP/IP handovers
 
+  # Received: by faerber.muc.de (OpenXP/32 v3.9.4 (Win32) alpha @
+  # 2003-03-07-1751d); 07 Mar 2003 22:10:29 +0000
+  # Received: by x.x.org (bulk_mailer v1.13); Wed, 26 Mar 2003 20:44:41 -0600
+  # Received: by SPIDERMAN with Internet Mail Service (5.5.2653.19) id <19AF8VY2>; Tue, 25 Mar 2003 11:58:27 -0500
+  # Received: by oak.ein.cz (Postfix, from userid 1002) id DABBD1BED3;
+  # Thu, 13 Feb 2003 14:02:21 +0100 (CET)
+  # ignore any lines starting with "by", we want the "from"s!
+  if (/^by /) { return; }
+
+  # Received: from raptor.research.att.com (bala@localhost) by
+  # raptor.research.att.com (SGI-8.9.3/8.8.7) with ESMTP id KAA14788
+  # for <as...@example.com>; Fri, 7 Mar 2003 10:37:56 -0500 (EST)
+  # make this localhost-specific, so we know it's safe to ignore
+  if (/^from \S+ \(\S+\@${LOCALHOST}\) by \S+ \(/) { return; }
+
   # from qmail-scanner-general-admin@lists.sourceforge.net by alpha by uid 7791 with qmail-scanner-1.14 (spamassassin: 2.41. Clear:SA:0(-4.1/5.0):. Processed in 0.209512 secs)
   if (/^from \S+\@\S+ by \S+ by uid \S+ /) { return; }
 
-  # Received: by x.x.org (bulk_mailer v1.13); Wed, 26 Mar 2003 20:44:41 -0600
-  if (/^by (\S+) \(bulk_mailer /) { return; }
-
   # Received: from DSmith1204@aol.com by imo-m09.mx.aol.com (mail_out_v34.13.) id 7.53.208064a0 (4394); Sat, 11 Jan 2003 23:24:31 -0500 (EST)
   if (/^from \S+\@\S+ by \S+ /) { return; }
 
   # Received: from Unknown/Local ([?.?.?.?]) by mailcity.com; Fri, 17 Jan 2003 15:23:29 -0000
   if (/^from Unknown\/Local \(/) { return; }
 
-  # Received: by SPIDERMAN with Internet Mail Service (5.5.2653.19) id <19AF8VY2>; Tue, 25 Mar 2003 11:58:27 -0500
-  if (/^by \S+ with Internet Mail Service \(/) { return; }
-
-  # Received: by oak.ein.cz (Postfix, from userid 1002) id DABBD1BED3;
-  # Thu, 13 Feb 2003 14:02:21 +0100 (CET)
-  if (/^by (\S+) \(Postfix, from userid /) { return; }
-
   # Received: from localhost (mailnull@localhost) by x.org (8.12.6/8.9.3) 
   # with SMTP id h2R2iivG093740; Wed, 26 Mar 2003 20:44:44 -0600 
   # (CST) (envelope-from x@x.org)
   # Received: from localhost (localhost [127.0.0.1]) (uid 500) by mail with local; Tue, 07 Jan 2003 11:40:47 -0600
-  if (/^from ${LOCALHOST} \((?:\S+\@)?${LOCALHOST}[\) ]/) { return; }
+  if (/^from ${LOCALHOST} \((?:\S+\@)?${LOCALHOST}[\)\[]/) { return; }
 
   # Received: from olgisoft.com (127.0.0.1) by 127.0.0.1 (EzMTS MTSSmtp
   # 1.55d5) ; Thu, 20 Mar 03 10:06:43 +0100 for <as...@ietf.org>
   if (/^from \S+ \((?:\S+\@)?${LOCALHOST}\) /) { return; }
 
   # Received: from casper.ghostscript.com (raph@casper [127.0.0.1]) h148aux8016336verify=FAIL); Tue, 4 Feb 2003 00:36:56 -0800
-  # TODO: could use IPv6 localhost
-  if (/^from (\S+) \(\S+\@\S+ \[127\.0\.0\.1\]\) /) { return; }
+  if (/^from (\S+) \(\S+\@\S+ \[${LOCALHOST}\]\) /) { return; }
 
   # Received: from (AUTH: e40a9cea) by vqx.net with esmtp (courier-0.40) for <as...@ietf.org>; Mon, 03 Mar 2003 14:49:28 +0000
   if (/^from \(AUTH: (\S+)\) by (\S+) with /) { return; }
 
-  # Received: by faerber.muc.de (OpenXP/32 v3.9.4 (Win32) alpha @
-  # 2003-03-07-1751d); 07 Mar 2003 22:10:29 +0000
-  # ignore any lines starting with "by", we want the "from"s!
-  if (/^by \S+ /) { return; }
+  # Received: Message by Barricade wilhelm.eyp.ee with ESMTP id h1I7hGU06122 for <sp...@lists.sourceforge.net>; Tue, 18 Feb 2003 09:43:16 +0200
+  if (/^Message by /) {
+    return;    # whatever
+  }
 
   # Received: FROM ca-ex-bridge1.nai.com BY scwsout1.nai.com ;
   # Fri Feb 07 10:18:12 2003 -0800
   if (/^FROM \S+ BY \S+ \; /) { return; }
 
-  # Received: from andrew by trinity.supernews.net with local (Exim 4.12)
-  # id 18xeL6-000Dn1-00; Tue, 25 Mar 2003 02:39:00 +0000
+  # ------------------------------------------------------------------------
+  # HANDOVERS WE KNOW WE CAN'T DEAL WITH: TCP transmission, but to MTAs that
+  # just don't log enough info for us to use (ie. no IP address present).
+  # Note: "goto unparseable" is strongly recommended here, unless you're sure
+  # the regexp won't match something in the field; otherwise ALL_TRUSTED may
+  # fire even in the presence of an unparseable Received header.
+
   # Received: from CATHY.IJS.SI by CATHY.IJS.SI (PMDF V4.3-10 #8779) id <01...@CATHY.IJS.SI>; Fri, 21 Mar 2003 20:50:56 +0100
   # Received: from MATT_LINUX by hippo.star.co.uk via smtpd (for mail.webnote.net [193.120.211.219]) with SMTP; 3 Jul 2002 15:43:50 UT
   # Received: from cp-its-ieg01.mail.saic.com by cpmx.mail.saic.com for me@jmason.org; Tue, 23 Jul 2002 14:09:10 -0700
-  if (/^from \S+ by \S+ (?:with|via|for|\()/) { return; }
+  if (/^from \S+ by \S+ (?:with|via|for|\()/) { goto unparseable; }
 
   # Received: from virtual-access.org by bolero.conactive.com ; Thu, 20 Feb 2003 23:32:58 +0100
   if (/^from (\S+) by (\S+) *\;/) {
-    return;	# can't trust this
-  }
-
-  # Received: Message by Barricade wilhelm.eyp.ee with ESMTP id h1I7hGU06122 for <sp...@lists.sourceforge.net>; Tue, 18 Feb 2003 09:43:16 +0200
-  if (/^Message by /) {
-    return;	# whatever
+    goto unparseable;  # can't trust this
   }
 
   # ------------------------------------------------------------------------
@@ -1046,6 +1051,10 @@
 
   dbg ("received-header: unknown format: $_");
   # and skip the line entirely!  We can't parse it...
+
+unparseable:
+
+  $self->{num_relays_unparseable}++;
   return;
 
   # ------------------------------------------------------------------------

Modified: spamassassin/branches/3.0/lib/Mail/SpamAssassin/PerMsgStatus.pm
URL: http://svn.apache.org/viewcvs/spamassassin/branches/3.0/lib/Mail/SpamAssassin/PerMsgStatus.pm?rev=345792&r1=345791&r2=345792&view=diff
==============================================================================
--- spamassassin/branches/3.0/lib/Mail/SpamAssassin/PerMsgStatus.pm (original)
+++ spamassassin/branches/3.0/lib/Mail/SpamAssassin/PerMsgStatus.pm Sun Nov 20 15:28:48 2005
@@ -1263,6 +1263,7 @@
   foreach my $item (qw(
 	relays_trusted relays_trusted_str num_relays_trusted
 	relays_untrusted relays_untrusted_str num_relays_untrusted
+	num_relays_unparseable
 	))
   {
     $self->{$item} = $self->{msg}->{metadata}->{$item};

Modified: spamassassin/branches/3.0/rules/20_compensate.cf
URL: http://svn.apache.org/viewcvs/spamassassin/branches/3.0/rules/20_compensate.cf?rev=345792&r1=345791&r2=345792&view=diff
==============================================================================
--- spamassassin/branches/3.0/rules/20_compensate.cf (original)
+++ spamassassin/branches/3.0/rules/20_compensate.cf Sun Nov 20 15:28:48 2005
@@ -35,6 +35,14 @@
 
 # The message was never sent via an untrustworthy host.
 header ALL_TRUSTED      eval:check_all_trusted()
-describe ALL_TRUSTED    Did not pass through any untrusted hosts
+describe ALL_TRUSTED    Passed through trusted hosts only via SMTP
 tflags ALL_TRUSTED      nice
 
+header NO_RELAYS        eval:check_no_relays()
+tflags NO_RELAYS        nice userconf
+describe NO_RELAYS      Informational: message was not relayed via SMTP
+
+header __HAS_RCVD       exists:Received
+meta NO_RECEIVED        (!__HAS_RCVD)
+tflags NO_RECEIVED      nice userconf
+describe NO_RECEIVED    Informational: message has no Received headers

Modified: spamassassin/branches/3.0/rules/20_head_tests.cf
URL: http://svn.apache.org/viewcvs/spamassassin/branches/3.0/rules/20_head_tests.cf?rev=345792&r1=345791&r2=345792&view=diff
==============================================================================
--- spamassassin/branches/3.0/rules/20_head_tests.cf (original)
+++ spamassassin/branches/3.0/rules/20_head_tests.cf Sun Nov 20 15:28:48 2005
@@ -27,6 +27,12 @@
 header HEAD_LONG		eval:check_for_long_header()
 describe HEAD_LONG		Message headers are very long
 
+header UNPARSEABLE_RELAY        eval:check_relays_unparseable()
+tflags UNPARSEABLE_RELAY        userconf
+describe UNPARSEABLE_RELAY      Informational: message has unparseable relay lines
+
+###########################################################################
+
 header NO_REAL_NAME		From =~ /^["\s]*\<?\S+\@\S+\>?\s*$/
 describe NO_REAL_NAME		From: does not include a real name
 

Modified: spamassassin/branches/3.0/rules/50_scores.cf
URL: http://svn.apache.org/viewcvs/spamassassin/branches/3.0/rules/50_scores.cf?rev=345792&r1=345791&r2=345792&view=diff
==============================================================================
--- spamassassin/branches/3.0/rules/50_scores.cf (original)
+++ spamassassin/branches/3.0/rules/50_scores.cf Sun Nov 20 15:28:48 2005
@@ -627,6 +627,11 @@
 # HTML control test
 score HTML_MESSAGE 0.001
 
+# Informational rules about Received header parsing
+score NO_RELAYS -0.001
+score NO_RECEIVED -0.001
+score UNPARSEABLE_RELAY 0.001
+
 # ok_languages and ok_locales
 score BODY_8BITS 1.500
 score CHARSET_FARAWAY 3.200