You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spamassassin.apache.org by bu...@issues.apache.org on 2010/11/22 13:30:20 UTC

[Bug 6501] RCVD_IN_PBL wrongly catching IP addresses in X-Originating-IP header

https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6501

mak <no...@gmx.de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |noroutetohorst@gmx.de

--- Comment #8 from mak <no...@gmx.de> 2010-11-22 07:30:11 UTC ---
I can confirm this problem and think this is a serious bug, because it
significantly raises the number of false positives.

(In reply to comment #7)

> AFAICT spamassassin is behaving exactly as expected, since nothing in the OP's
> headers indicates to SA that the webmail is authenticated. Fix that, and the
> problem will go away. 

Is there any rule in the email related RFCs that says, that there has to be any
header information about authentication?
If yes, please tell me where.
If no, this is a bug and has to be fixed, as the X-Originating-IP header is by
no means relevant for checking against blacklists. Only the Received headers
are.

-- 
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.