You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by jm...@apache.org on 2004/01/08 02:14:26 UTC
svn commit: rev 6090 - incubator/spamassassin/trunk/lib/Mail/SpamAssassin
Author: jm
Date: Mon Jan 5 00:20:43 2004
New Revision: 6090
Modified:
incubator/spamassassin/trunk/lib/Mail/SpamAssassin/EvalTests.pm
incubator/spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm
Log:
SPF tweak; avoid fetchmail-incurred FPs, and use envelope-from data from
Received headers where available.
Modified: incubator/spamassassin/trunk/lib/Mail/SpamAssassin/EvalTests.pm
==============================================================================
--- incubator/spamassassin/trunk/lib/Mail/SpamAssassin/EvalTests.pm (original)
+++ incubator/spamassassin/trunk/lib/Mail/SpamAssassin/EvalTests.pm Mon Jan 5 00:20:43 2004
@@ -3109,8 +3109,9 @@
$lasthop = $self->{relays_untrusted}->[0];
- if (defined $lasthop->{envfrom}) {
+ if ($lasthop->{envfrom}) {
# excellent, we can use this
+ dbg ("SPF: found Envelope-From in last untrusted Received header");
} else {
# fall back to using HELO
dbg ("SPF: came via >0 trusted relays, using HELO instead of Envelope-From");
Modified: incubator/spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm
==============================================================================
--- incubator/spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm (original)
+++ incubator/spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm Mon Jan 5 00:20:43 2004
@@ -2308,6 +2308,22 @@
my $envf;
+ # WARNING: a lot of list software adds an X-Sender for the original env-from
+ # (including Yahoo! Groups). Unfortunately, fetchmail will pick it up and
+ # reuse it as the env-from for *its* delivery -- even though the list software
+ # had used a different env-from in the intervening delivery. Hence, if this
+ # header is present, and there's a fetchmail sig in the Received lines, we
+ # cannot trust any Envelope-From headers, since they're likely to be
+ # incorrect fetchmail guesses.
+
+ if ($self->get ("X-Sender")) {
+ my $rcvd = $self->get ("Received");
+ if ($rcvd =~ /\(fetchmail/) {
+ dbg ("X-Sender and fetchmail signatures found, cannot trust envelope-from");
+ return undef;
+ }
+ }
+
# procmailrc notes this, amavisd are adding it, we recommend it
if ($envf = $self->get ("X-Envelope-From")) { goto ok; }