You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2014/06/13 17:16:20 UTC
[Bug 7051] New: False triggering of RCVD_ILLEGAL_IP for unknown
reason
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=7051
Bug ID: 7051
Summary: False triggering of RCVD_ILLEGAL_IP for unknown reason
Product: Spamassassin
Version: 3.4.0
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Rules
Assignee: dev@spamassassin.apache.org
Reporter: tom@tomlogic.com
I'm seeing RCVD_ILLEGAL_IP hit on a SA 3.4.0 installation on various messages
coming through Yahoo Groups. Here are headers from a recent example:
Received: from unknown (HELO ng10-vm12.bullet.mail.gq1.yahoo.com)
(98.136.219.129)
by saul.tomlogic.com with SMTP; 13 Jun 2014 07:14:56 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoogroups.com;
s=echoe; t=1402643798; bh=+SkVaHYD1ICc0TNolCj7ySWySOODUvmRLNFKBMxXTt0=;
h=Received:Received:X-Yahoo-Newman-Id:X-Sender:X-Apparently-To:X-Received:X-Received:X-Received:X-Received:X-Received:X-Received:X-Received:To:Message-ID:X-Mailer:X-Original-From:X-Originating-IP:X-eGroups-Msg-Info:X-Yahoo-Post-IP:From:X-Yahoo-Profile:Sender:MIME-Version:Mailing-List:Delivered-To:List-Id:Precedence:List-Unsubscribe:Date:Subject:Reply-To:X-Yahoo-Newman-Property:Content-Type;
b=RisvjQcZ1Fh3WTVx5WNurIwGr5OghvqC6SD/w9qvBkVtQM3aT+0ryWcGObfr2eQAhV6UfdFiR3B5WXZ9scw58QSwhXsuOWQf/+mZljUWO+xaZy2HVYM15P07v4KUXUTusiDWjkMu3pO4X+ppqwPqpTTciID2ODIa9hW35ZFeqcM=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=echoe; d=yahoogroups.com;
b=mAaYyREpmvQNsR5CNzRbOmHtKrnjuKQ0RDT92OvISGFrCt1VOpUQduCdE7nSi16oTZE1FsMQNp6IADfyRz2wipQJvK6ZJD4QKnCj460Y+5xTBJ3vSS/vcfiDMH07X9GG6CG93qiBlhfkMt0Tx/a5XPshJGs7oxHOsM3l0AV54c8=;
Received: from [98.137.0.85] by ng10.bullet.mail.gq1.yahoo.com with NNFMP; 13
Jun 2014 07:16:38 -0000
Received: from [10.193.39.27] by tg5.bullet.mail.gq1.yahoo.com with NNFMP; 13
Jun 2014 07:16:38 -0000
X-Yahoo-Newman-Id: 76254548-m1383
X-Sender: xxx@yahoogroups.com
X-Apparently-To: xxx@yahoogroups.com
X-Received: (qmail 366 invoked by uid 102); 13 Jun 2014 07:16:37 -0000
X-Received: from unknown (HELO mtaq5.grp.bf1.yahoo.com) (10.193.84.36)
by m10.grp.bf1.yahoo.com with SMTP; 13 Jun 2014 07:16:37 -0000
X-Received: (qmail 4622 invoked from network); 13 Jun 2014 07:16:37 -0000
X-Received: from unknown (HELO n1-vm3.bullet.mail.bf1.yahoo.com)
(72.30.235.159)
by mtaq5.grp.bf1.yahoo.com with SMTP; 13 Jun 2014 07:16:37 -0000
X-Received: from [66.196.81.176] by n1.bullet.mail.bf1.yahoo.com with NNFMP; 13
Jun 2014 07:16:37 -0000
X-Received: from [10.193.242.234] by t6.bullet.mail.bf1.yahoo.com with NNFMP;
13 Jun 2014 07:16:36 -0000
X-Received: from [127.0.0.1] by gapi7.grp.bf1.yahoo.com with NNFMP; 13 Jun 2014
07:16:36 -0000
To: <xx...@yahoogroups.com>
Message-ID: <ln...@YahooGroups.com>
X-Mailer: Yahoo Groups Message Poster
X-Original-From: pinballmail@yahoo.com
X-Originating-IP: 238.43.169.202
X-eGroups-Msg-Info: 1:12:0:0:0
X-Yahoo-Post-IP: 238.43.169.202
From: "xxxxx@yahoo.com [xxx]" <xx...@yahoogroups.com>
X-Yahoo-Profile: xxxxx
Sender: xxx@yahoogroups.com
MIME-Version: 1.0
Mailing-List: list xxx@yahoogroups.com; contact xxx-owner@yahoogroups.com
Delivered-To: mailing list xxx@yahoogroups.com
List-Id: <xxx.yahoogroups.com>
Precedence: bulk
List-Unsubscribe: <ma...@yahoogroups.com>
Date: 13 Jun 2014 00:16:36 -0700
Subject: [xxx] [CCPL-East] Week 02 Results!
Reply-To: xxx@yahoogroups.com
X-Yahoo-Newman-Property: groups-email-ff-m
Content-Type: multipart/alternative;
boundary="9nlWnTS9ocNmxdhsK3FKVLWiM6a5jwOaA8HvrLV"
Why is this triggering, and does there need to be a rule update? I'm dropping
the score on my machines temporarily until I can understand what's happening.
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 7051] False triggering of RCVD_ILLEGAL_IP for unknown reason
Posted by bu...@bugzilla.spamassassin.org.
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=7051
Karsten Bräckelmann <gu...@rudersport.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |INVALID
--- Comment #1 from Karsten Bräckelmann <gu...@rudersport.de> ---
(In reply to Tom Collins from comment #0)
> I'm seeing RCVD_ILLEGAL_IP hit on a SA 3.4.0 installation on various
> messages coming through Yahoo Groups. Here are headers from a recent
> example:
> X-Originating-IP: 238.43.169.202
The class A network 238/8 is part of the Multicast reserved address block.
> Why is this triggering, and does there need to be a rule update? I'm
> dropping the score on my machines temporarily until I can understand what's
> happening.
Closing RESOLVED INVALID, aka "not a bug".
Tom, if you believe the rule to hit erroneously nonetheless, please feel free
to reopen this report. For more general discussion and questions, please use
the users@ mailing-list.
--
You are receiving this mail because:
You are the assignee for the bug.