You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2004/04/12 22:35:18 UTC

[Bug 3259] New: patch to perform sender verification

http://bugzilla.spamassassin.org/show_bug.cgi?id=3259

           Summary: patch to perform sender verification
           Product: Spamassassin
           Version: 2.63
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P3
         Component: Rules (Eval Tests)
        AssignedTo: spamassassin-dev@incubator.apache.org
        ReportedBy: arijort@speakeasy.net


This is not a bug report but a submission of a patch that implements a new feature.

This patch implements a "sender verification" routine which is inspired by that
function within postfix.  The postfix documentation that I followed is available
here:
http://www.porcupine.org/postfix-mirror/newdoc/ADDRESS_VERIFICATION_README.html

In summary, this code takes the envelope-from of a mail and initiates a smtp
probe against the mx host for the domain in the envelope-from.  If this smtp
probe fails, the address is considered invalid and the SpamAssassin score is
applied to this mail.

This routine can be invokved in the local.cf with the following example
configuration:

header UNVERIFIED_ADDRESS eval:verify_sender()
describe UNVERIFIED_ADDRESS Address verification failed
score UNVERIFIED_ADDRESS 0.5


There are certain problems with this code as-is:

1) It assumes the envelope-from is retreivable from the                        
                         
Return-Path: header which is true in postfix-land.  I'm not                    
                         
sure about elsewhere.                                                          
                         
                                                                               
                         
2) There's still a bunch of debugging code in here.  I thought                 
                         
I'd leave it in in this patch, in case it helps anyone else                    
                         
get it working.                                                                
                         
                                                                               
                         
3) It relies on 2 extra perl modules: Net::DNS and Net::SMTP                   
                         
which might be better outside the spamd process space.  Maybe                  
                         
a sender verification daemon?                                                  
                         
                                                                               
                         
4) It only checks with the highest priority mx record for a given              
                         
domain and does not move on to lower priority records.  Simplicity             
                         
is the reason here.                                                            
                         

Feedback appreciated.


ari



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.