You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Matus UHLAR - fantomas <uh...@fantomas.sk> on 2023/03/12 09:15:41 UTC
AuthRes plugin test rules
Hello,
I'm further playing with AuthRes plugin, I have modified test rules so each
AUTHRES_ rule is equivalent to corresponding rule in SA.
I set scores to only produce small positive scores, usually to even SA scores
- valid spf/dkim/dmarc/arc is NOT a ham sign!
I have also commited patch to bug 6918 to handle "arc.chain=" results.
Let's see how these will go.
ifplugin Mail::SpamAssassin::Plugin::AuthRes
header AUTHRES_SPF_NONE eval:check_authres_result('spf', 'none')
score AUTHRES_SPF_NONE 0.001
describe AUTHRES_SPF_NONE Authentication-Results: has "spf=none" result
header AUTHRES_SPF_PASS eval:check_authres_result('spf', 'pass')
score AUTHRES_SPF_PASS 0.001
describe AUTHRES_SPF_PASS Authentication-Results: has "spf=pass" result
header AUTHRES_SPF_FAIL eval:check_authres_result('spf', 'fail')
score AUTHRES_SPF_FAIL 0.1
describe AUTHRES_SPF_FAIL Authentication-Results: has "spf=fail" result
header AUTHRES_SPF_NEUTRAL eval:check_authres_result('spf', 'neutral')
score AUTHRES_SPF_NEUTRAL 0.001
describe AUTHRES_SPF_NEUTRAL Authentication-Results: has "spf=neutral" result
header AUTHRES_SPF_SOFTFAIL eval:check_authres_result('spf', 'softfail')
score AUTHRES_SPF_SOFTFAIL 0.1
describe AUTHRES_SPF_SOFTFAIL Authentication-Results: has "spf=softfail" result
header AUTHRES_DKIM_VALID eval:check_authres_result('dkim', 'pass')
score AUTHRES_DKIM_VALID 0.1
describe AUTHRES_DKIM_VALID Authentication-Results: has "dkim=pass" result
header AUTHRES_DKIM_INVALID eval:check_authres_result('dkim', 'fail')
score AUTHRES_DKIM_INVALID 0.001
describe AUTHRES_DKIM_INVALID Authentication-Results: has "dkim=fail" result
header AUTHRES_DMARC_PASS eval:check_authres_result('dmarc', 'pass')
score AUTHRES_DMARC_PASS 0.001
describe AUTHRES_DMARC_PASS Authentication-Results: has "dmarc=pass" result
header AUTHRES_DMARC_FAIL eval:check_authres_result('dmarc', 'fail')
score AUTHRES_DMARC_FAIL 0.001
describe AUTHRES_DMARC_FAIL Authentication-Results: has "dmarc=fail" result
header AUTHRES_ARC_VALID eval:check_authres_result('arc', 'pass')
score AUTHRES_ARC_VALID 0.001
describe AUTHRES_ARC_VALID Authentication-Results: has "arc=pass" result
header AUTHRES_ARC_INVALID eval:check_authres_result('arc', 'fail')
score AUTHRES_ARC_INVALID 0.001
describe AUTHRES_ARC_INVALID Authentication-Results: has "arc=fail" result
endif
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
If Barbie is so popular, why do you have to buy her friends?
Re: AuthRes plugin test rules
Posted by Benny Pedersen <me...@junc.eu>.
Matus UHLAR - fantomas skrev den 2023-03-12 16:41:
> I set SA only to trust authentication server on my machine and I'm
> watching the results.
okay, i have now added ARC (Seal/Sign) to fuglu, its not perfekt imho,
but works as designed in fuglu
with this i got iprev working with can be seen in sa authres
let me see what i get back if anything
Re: AuthRes plugin test rules
Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.
On 18.03.23 09:34, Alex wrote:
>I'm trying to use it with amavis but there's a warning/error:
>
>Mar 18 09:30:12 iceman amavis[2970427]: (2970427-10) _WARN: Use of
>uninitialized value $result in string eq at
>/usr/share/perl5/vendor_perl/Mail/SpamAssassin/Plugin/AuthRes.pm line
>302.
there were few patches published for this plugin, available in trunk
the discussion was on this list juat 2 weeks ago:
https://marc.info/?t=167766107800001&r=1&w=2
>Mar 18 09:31:50.577 [2987252] dbg: plugin: loading
>Mail::SpamAssassin::Plugin::AuthRes from @INC
>
>This is from SA 4.0.0:
>
> 298 if ($wanted_result eq 'missing') {
> 299 return !defined($result) ? 1 : 0;
> 300 }
> 301
> 302 return ($wanted_result eq $result);
> 303 }
> 304
> 305 sub parsed_metadata {
> 306 my ($self, $opts) = @_;
> 307
>
>Any idea how to troubleshoot this?
>On Sun, Mar 12, 2023 at 11:41 AM Matus UHLAR - fantomas <uh...@fantomas.sk>
>wrote:
>
>> >>>Matus UHLAR - fantomas skrev den 2023-03-12 10:15:
>> >>>>I have also commited patch to bug 6918 to handle "arc.chain="
>> >>>>results.
>> >>>>Let's see how these will go.
>>
>> >>On 12.03.23 14:20, Benny Pedersen wrote:
>> >>>miss ARC rules imho
>>
>> >Matus UHLAR - fantomas skrev den 2023-03-12 14:38:
>> >>Or, so you mean something else than my patch?
>>
>> On 12.03.23 15:34, Benny Pedersen wrote:
>> >your posted rules have arc testing, but it miss testing for untrusted
>> >/ trusted authserv-id's
>>
>> in such case it would be great to remove what you are NOT commenting about
>> and keep what your comments are related to, not vice versa.
>>
>> rules I posted use only what AuthRes plugin found.
>>
>> The plugin has options which headers to handle (internal/trusted/all, the
>> default is "internal"), and trusted authentication servers (default: none)
>> - you must configure at least one server.
>>
>> So the trust is processes out of rules (correct approach imho).
>>
>> I set SA only to trust authentication server on my machine and I'm
>> watching
>> the results.
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Fucking windows! Bring Bill Gates! (Southpark the movie)
Re: AuthRes plugin test rules
Posted by Alex <my...@gmail.com>.
Hi,
I'm trying to use it with amavis but there's a warning/error:
Mar 18 09:30:12 iceman amavis[2970427]: (2970427-10) _WARN: Use of
uninitialized value $result in string eq at
/usr/share/perl5/vendor_perl/Mail/SpamAssassin/Plugin/AuthRes.pm line
302.
Mar 18 09:31:50.577 [2987252] dbg: plugin: loading
Mail::SpamAssassin::Plugin::AuthRes from @INC
This is from SA 4.0.0:
298 if ($wanted_result eq 'missing') {
299 return !defined($result) ? 1 : 0;
300 }
301
302 return ($wanted_result eq $result);
303 }
304
305 sub parsed_metadata {
306 my ($self, $opts) = @_;
307
Any idea how to troubleshoot this?
Thanks,
Alex
On Sun, Mar 12, 2023 at 11:41 AM Matus UHLAR - fantomas <uh...@fantomas.sk>
wrote:
> >>>Matus UHLAR - fantomas skrev den 2023-03-12 10:15:
> >>>>I have also commited patch to bug 6918 to handle "arc.chain="
> >>>>results.
> >>>>Let's see how these will go.
>
> >>On 12.03.23 14:20, Benny Pedersen wrote:
> >>>miss ARC rules imho
>
> >Matus UHLAR - fantomas skrev den 2023-03-12 14:38:
> >>Or, so you mean something else than my patch?
>
> On 12.03.23 15:34, Benny Pedersen wrote:
> >your posted rules have arc testing, but it miss testing for untrusted
> >/ trusted authserv-id's
>
> in such case it would be great to remove what you are NOT commenting about
> and keep what your comments are related to, not vice versa.
>
> rules I posted use only what AuthRes plugin found.
>
> The plugin has options which headers to handle (internal/trusted/all, the
> default is "internal"), and trusted authentication servers (default: none)
> - you must configure at least one server.
>
> So the trust is processes out of rules (correct approach imho).
>
> I set SA only to trust authentication server on my machine and I'm
> watching
> the results.
>
> --
> Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> He who laughs last thinks slowest.
>
Re: AuthRes plugin test rules
Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.
>>>Matus UHLAR - fantomas skrev den 2023-03-12 10:15:
>>>>I have also commited patch to bug 6918 to handle "arc.chain="
>>>>results.
>>>>Let's see how these will go.
>>On 12.03.23 14:20, Benny Pedersen wrote:
>>>miss ARC rules imho
>Matus UHLAR - fantomas skrev den 2023-03-12 14:38:
>>Or, so you mean something else than my patch?
On 12.03.23 15:34, Benny Pedersen wrote:
>your posted rules have arc testing, but it miss testing for untrusted
>/ trusted authserv-id's
in such case it would be great to remove what you are NOT commenting about
and keep what your comments are related to, not vice versa.
rules I posted use only what AuthRes plugin found.
The plugin has options which headers to handle (internal/trusted/all, the
default is "internal"), and trusted authentication servers (default: none)
- you must configure at least one server.
So the trust is processes out of rules (correct approach imho).
I set SA only to trust authentication server on my machine and I'm watching
the results.
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
He who laughs last thinks slowest.
Re: AuthRes plugin test rules
Posted by Benny Pedersen <me...@junc.eu>.
Matus UHLAR - fantomas skrev den 2023-03-12 14:38:
> On 12.03.23 14:20, Benny Pedersen wrote:
>> Matus UHLAR - fantomas skrev den 2023-03-12 10:15:
>>
>>> I have also commited patch to bug 6918 to handle "arc.chain="
>>> results.
>>> Let's see how these will go.
>>
>> miss ARC rules imho
>
> there are no rules in arc.chain.
ah missed that
> Or, so you mean something else than my patch?
your posted rules have arc testing, but it miss testing for untrusted /
trusted authserv-id's
i have added list.sys4.de so testing shows results from the first mails
from postfix maillist when thay started breaking dkim with mailman 3 :=)
hopefully ARC with be enabled again on that maillist so origin dkim can
be tested before mailman 3 breaks dkim, why have mailman at all support
for dkim, its a job for rspamd, not mailman
there inbound and outbound is brokken at sys4
check arc in dovecot maillist, there is lot of working examples there
thanks for solve authres in trunk
Re: AuthRes plugin test rules
Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.
On 12.03.23 14:20, Benny Pedersen wrote:
>Matus UHLAR - fantomas skrev den 2023-03-12 10:15:
>
>>I have also commited patch to bug 6918 to handle "arc.chain=" results.
>>Let's see how these will go.
>
>miss ARC rules imho
there are no rules in arc.chain.
Or, so you mean something else than my patch?
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Support bacteria - they're the only culture some people have.
Re: AuthRes plugin test rules
Posted by Benny Pedersen <me...@junc.eu>.
Matus UHLAR - fantomas skrev den 2023-03-12 10:15:
> I have also commited patch to bug 6918 to handle "arc.chain=" results.
> Let's see how these will go.
miss ARC rules imho