You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2006/01/05 05:38:48 UTC
[Bug 4752] New: bug in Received header parsing code
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4752
Summary: bug in Received header parsing code
Product: Spamassassin
Version: SVN Trunk (Latest Devel Version)
Platform: Other
OS/Version: other
Status: NEW
Severity: normal
Priority: P5
Component: Libraries
AssignedTo: dev@spamassassin.apache.org
ReportedBy: quinlan@pathname.com
The Received header parsing code can determine the trust boundary
incorrectly if the message is relayed from a private network,
through a public network, and back into a similarly numbered
(same class B) private network. The bug "happens" here, although
it's easily debatable that it's caused where $first_by is set:
# if the 'from' IP addr shares the same class B mask (/16) as
# the first relay found in the message, it's still on the
# user's network.
elsif (Mail::SpamAssassin::Util::ips_match_in_16_mask
([ $relay->{ip} ], $first_by))
{
dbg("received-header: 'from' ".$relay->{ip}." is near to first 'by'");
$inferred_as_trusted = 1;
}
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.