You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by "Brian C. Huffman" <bh...@graze.net> on 2007/01/23 19:04:24 UTC
INVALID_TZ_EST flagged in all emails
All,
I've searched but can not find the answer to this. I'm running RedHat Enterprise Linux v4 with all latest updates and am using the amavisd-milter to call amavisd-new (v2.4.4) which in turn is using spamd (spamassassin v3.1.7). It appears that every single email that's getting filtered is getting the INVALID_TZ_EST attached. Even something as simple as just piping the text "test" through sendmail to root gives this result:
From root@graze.net Mon Jan 22 16:20:37 2007
X-Virus-Scanned: amavisd-new at graze.net
X-Spam-Score: 4.29
X-Spam-Level: ****
X-Spam-Status: No, score=4.29 tagged_above=-9999 required=5
tests=[ALL_TRUSTED=-1.8, AWL=-0.568, BAYES_60=1,
DATE_IN_FUTURE_03_06=1.961, INVALID_TZ_EST=1.883,
MISSING_SUBJECT=1.816, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001]
Date: Mon, 22 Jan 2007 16:20:26 -0500
From: root <ro...@graze.net>
To: root@graze.net
test
What can I do to determine what is causing that test to fail?
Thanks,
Brian
Re: INVALID_TZ_EST flagged in all emails
Posted by Theo Van Dinter <fe...@apache.org>.
On Tue, Jan 23, 2007 at 01:04:24PM -0500, Brian C. Huffman wrote:
> I'm running RedHat Enterprise Linux v4 with all latest updates and am using the amavisd-milter to call amavisd-new (v2.4.4) which in turn is using spamd (spamassassin v3.1.7). It appears that every single email that's getting filtered is getting the INVALID_TZ_EST attached. Even something as simple as just piping the text "test" through sendmail to root gives this result:
>
> From root@graze.net Mon Jan 22 16:20:37 2007
> X-Virus-Scanned: amavisd-new at graze.net
> Date: Mon, 22 Jan 2007 16:20:26 -0500
> To: root@graze.net
>
> What can I do to determine what is causing that test to fail?
I can't reproduce your problem. There is indeed a a rule that looks for
questionable EST-related timezone statements, but there aren't any in your
sample mail. Specifically, the rule needs "EST" to show up in a header, which
doesn't for you.
Try running the mail through spamassassin manually. If it works fine, you
need to debug the other stuff and figure out where the problem is.
--
Randomly Selected Tagline:
"So Lone Star ... Now you see that evil will always triumph because good is
dumb." - Space Balls
Re: INVALID_TZ_EST flagged in all emails
Posted by "Daryl C. W. O'Shea" <sp...@dostech.ca>.
Brian C. Huffman wrote:
> Looking through /usr/sbin/amavisd, it appears that it *does not* add the Received header if it is called via a milter (which it is). So, this wouldn't seem to be the issue.
New versions do. The old versions that don't are broken and have
greater issues (most DNSBL tests and other stuff is broken) than
INVALID_TZ_EST firing.
Daryl
Re: INVALID_TZ_EST flagged in all emails
Posted by "Daryl C. W. O'Shea" <sp...@dostech.ca>.
[back on list]
Brian C. Huffman wrote:
> On Tue, 2007-01-23 at 16:55 -0500, Daryl C. W. O'Shea wrote:
>> Brian C. Huffman wrote:
>>
>>> Looking through /usr/sbin/amavisd, it appears that it *does not* add the Received header if it is called via a milter (which it is). So, this wouldn't seem to be the issue.
>> New versions do. The old versions that don't are broken and have
>> greater issues (most DNSBL tests and other stuff is broken) than
>> INVALID_TZ_EST firing.
>>
>> Daryl
>
> Why wouldn't sendmail itself insert the proper Received line and then
> pass to amavisd (via the milter)?
The milter interface passes the headers and body as received. It does
not first prepend the received header for the local hop.
> Here are a couple of lines
> from /usr/sbin/amavisd that suggested to me that it wasn't inserting a
> header:
>
> Line 573:
> $insert_received_line = 1; # insert Received: header field? (not with
> milter)
>
> Now that could mean that they think you should set it to "0" if you're
> doing a milter although it sounds like you're saying that's not the
> correct way.
I have no idea what the "not with milter" comment means, or the context
that code is in. I've never looked at, or downloaded, the amavisd
source... I'm having a good day if I spell amavisd correctly.
> And then again this group of lines looks to me like it won't add the
> received line if delivery_method = '' (which it would for milter,
> wouldn't it)?
>
> # misnomer, this _is_ the Received line
> $hdr_edits->append_header_above_received('Received',
> received_line($conn,$msginfo,$msginfo->mail_id,1), 1)
> if c('insert_received_line') && $msginfo->delivery_method ne '' &&
> $allowed_hdrs && $allowed_hdrs->{lc('Received')};
> $hdr_edits;
> }
>
> and again here which does say that if it's implicit delivery,
> deliver_method='':
> sub delivery_method # delivery method, or empty for implicit delivery
> (milter)
> { my($self)=shift; !@_ ?
> $self->{deliv_method}:($self->{deliv_method}=shift)}
I'm not sure exactly what Received header this is referring to. Does
amavisd add some sort of "Received from localhost/wherever by amavisd"?
If it's not some "Received ... by amavisd" header, I can't think of a
reason why it would be adding Received headers EXCEPT for when it's
acting as a milter.
> I do appreciate your help, I'm just trying to understand how this all
> works.
You are running the latest version of amavisd, correct? I know for
*sure* that a milter must fake a received header before passing the
message to SA and I'm 99.9% sure that it was amavisd that wasn't doing
this only a couple of months ago.
Of course, there's a good possibility that it's not related to amavisd
(since nobody else seems to be seeing the INVALID_TZ_EST hits), but
given your simple test message passed through, the only other thing I
can think of is some screwed up timezone setting in your MTA config.
Daryl
RE: INVALID_TZ_EST flagged in all emails
Posted by "Brian C. Huffman" <bh...@graze.net>.
----- Original Message -----
From: Daryl C. W. O'Shea <sp...@dostech.ca>
Sent: Tue, 1/23/2007 4:11pm
To: Brian C. Huffman <bh...@graze.net>
Cc: users@spamassassin.apache.org
Subject: Re: INVALID_TZ_EST flagged in all emails
>
> It sounds like it may be an issue with the received header that amavisd
> is faking (as required) when it passes the message to SA.
>
> Daryl
Looking through /usr/sbin/amavisd, it appears that it *does not* add the Received header if it is called via a milter (which it is). So, this wouldn't seem to be the issue.
Thanks - I'm still looking. I'll try to run this through spamassassin w/o amavis when I get home this evening.
-b
Re: INVALID_TZ_EST flagged in all emails
Posted by "Daryl C. W. O'Shea" <sp...@dostech.ca>.
Brian C. Huffman wrote:
> All,
>
> I've searched but can not find the answer to this. I'm running RedHat
> Enterprise Linux v4 with all latest updates and am using the
> amavisd-milter to call amavisd-new (v2.4.4) which in turn is using spamd
> (spamassassin v3.1.7). It appears that every single email that's
> getting filtered is getting the INVALID_TZ_EST attached. Even something
> as simple as just piping the text "test" through sendmail to root gives
> this result:
It sounds like it may be an issue with the received header that amavisd
is faking (as required) when it passes the message to SA.
Daryl