You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by da...@apache.org on 2018/01/20 15:25:52 UTC
svn commit: r1821748 - in /spamassassin/trunk:
lib/Mail/SpamAssassin/Plugin/HeaderEval.pm rules/60_whitelist_auth.cf
Author: davej
Date: Sat Jan 20 15:25:52 2018
New Revision: 1821748
URL: http://svn.apache.org/viewvc?rev=1821748&view=rev
Log:
Bug 6946
Modified:
spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/HeaderEval.pm
spamassassin/trunk/rules/60_whitelist_auth.cf
Modified: spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/HeaderEval.pm
URL: http://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/HeaderEval.pm?rev=1821748&r1=1821747&r2=1821748&view=diff
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/HeaderEval.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/HeaderEval.pm Sat Jan 20 15:25:52 2018
@@ -54,6 +54,7 @@ sub new {
$self->register_eval_rule("check_for_forged_eudoramail_received_headers");
$self->register_eval_rule("check_for_forged_yahoo_received_headers");
$self->register_eval_rule("check_for_forged_juno_received_headers");
+ $self->register_eval_rule("check_for_forged_gmail_received_headers");
$self->register_eval_rule("check_for_matching_env_and_hdr_from");
$self->register_eval_rule("sorted_recipients");
$self->register_eval_rule("similar_recipients");
@@ -586,6 +587,22 @@ sub check_for_forged_juno_received_heade
return 0;
}
+sub check_for_forged_gmail_received_headers {
+ my ($self, $pms) = @_;
+ use constant GOOGLE_MESSAGE_STATE_LENGTH => 102;
+
+ my $from = $pms->get('From:addr');
+ if ($from !~ /\bgmail\.com$/i) { return 0; }
+
+ my $xgms = $pms->get('X-Gm-Message-State');
+ my $xreceived = $pms->get('X-Received');
+
+ if (length($xgms) eq GOOGLE_MESSAGE_STATE_LENGTH) { return 0; }
+ if ($xreceived =~ /by 10\.\S+ with SMTP id \S+/) { return 0; }
+
+ return 1;
+}
+
sub check_for_matching_env_and_hdr_from {
my ($self, $pms) =@_;
# two blank headers match so don't bother checking
Modified: spamassassin/trunk/rules/60_whitelist_auth.cf
URL: http://svn.apache.org/viewvc/spamassassin/trunk/rules/60_whitelist_auth.cf?rev=1821748&r1=1821747&r2=1821748&view=diff
==============================================================================
--- spamassassin/trunk/rules/60_whitelist_auth.cf (original)
+++ spamassassin/trunk/rules/60_whitelist_auth.cf Sat Jan 20 15:25:52 2018
@@ -462,6 +462,34 @@ def_whitelist_auth *@*.zappos.com
def_whitelist_auth *@*.redhat.com
def_whitelist_auth *@*.freshdesk.com
def_whitelist_auth *@*.planningcenteronline.com
+def_whitelist_auth *@*.ihg.com
+def_whitelist_auth *@*.opendns.com
+def_whitelist_auth *@*.loftoutlet.com
+def_whitelist_auth *@*.hrblock.com
+def_whitelist_auth *@secureworks.com
+def_whitelist_auth *@*.secureworks.com
+def_whitelist_auth *@*.crateandbarrel.com
+def_whitelist_auth *@*.redbox.com
+def_whitelist_auth *@*.lowfares.com
+def_whitelist_auth *@*.rocketloans.com
+def_whitelist_auth *@*.ganderoutdoors.com
+def_whitelist_auth *@*.mandarinoriental.com
+def_whitelist_auth *@*.retailmenot.com
+def_whitelist_auth *@*.overdrive.com
+def_whitelist_auth *@*.snapchat.com
+def_whitelist_auth *@*.cheaptickets.com
+def_whitelist_auth *@*.1800flowers.com
+def_whitelist_auth *@*.guitarcenter.com
+def_whitelist_auth *@*.vmware.com
+def_whitelist_auth *@*.katespade.com
+def_whitelist_auth *@*.gerber.com
+def_whitelist_auth *@*.pandora.net
+def_whitelist_auth *@*.alibaba.com
+def_whitelist_auth *@*.kahoot.com
+def_whitelist_auth *@email-od.com
+def_whitelist_auth *@gallupmail.com
+def_whitelist_auth *@*.stenhouse.com
+def_whitelist_auth *@*.horacemann.com
endif # Mail::SpamAssassin::Plugin::SPF