[Bug 5972] New: FM_FAKE_HELO_VERIZON fires if MTA does do rdns lookup

[bu...@bugzilla.spamassassin.org]

https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5972

           Summary: FM_FAKE_HELO_VERIZON fires if MTA does do rdns lookup
           Product: Spamassassin
           Version: 3.2.5
          Platform: Other
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P5
         Component: Rules
        AssignedTo: dev@spamassassin.apache.org
        ReportedBy: mouss@netoyen.net


FM_FAKE_HELO_VERIZON checks whether the helo ends in verizon.net while the rdns
does not. However, if the MTA does not lookup the rdns, this rule will fire. 

Here is an example (Mail from Matt Kettler relayed via the list)

Received: from [206.46.173.5] (HELO vms173005pub.verizon.net) (206.46.173.5)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 11 Sep 2008 13:09:28 +0000


I guess the same problem will happen with hotmail. 

here is a possible fix

# check that the rdns field contains a valid domain by looking at the last
char.
header __FHOST_RDNS  X-Spam-Relays-Untrusted =~ /^[^\]]+ rdns=[^ ]*[a-z] /i
# if Received.pm is patched to ignore obviously invalid rdns, we could simply
do: 
#header __FHOST_RDNS  X-Spam-Relays-Untrusted =~ /^[^\]]+ rdns= /i

meta FM_FAKE_HELO_VERIZON (__FHELO_VERIZON && !__FHOST_VERIZON && __FHOST_RDNS)
meta FM_FAKE_HELO_HOTMAIL (__HOTMAILCOM && !__HOST_HOTMAIL && __FHOST_RDNS)


-- 
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.