You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by jm...@apache.org on 2004/01/08 02:14:26 UTC

svn commit: rev 6090 - incubator/spamassassin/trunk/lib/Mail/SpamAssassin

Author: jm
Date: Mon Jan  5 00:20:43 2004
New Revision: 6090

Modified:
   incubator/spamassassin/trunk/lib/Mail/SpamAssassin/EvalTests.pm
   incubator/spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm
Log:
SPF tweak; avoid fetchmail-incurred FPs, and use envelope-from data from
Received headers where available.



Modified: incubator/spamassassin/trunk/lib/Mail/SpamAssassin/EvalTests.pm
==============================================================================
--- incubator/spamassassin/trunk/lib/Mail/SpamAssassin/EvalTests.pm	(original)
+++ incubator/spamassassin/trunk/lib/Mail/SpamAssassin/EvalTests.pm	Mon Jan  5 00:20:43 2004
@@ -3109,8 +3109,9 @@
 
     $lasthop = $self->{relays_untrusted}->[0];
 
-    if (defined $lasthop->{envfrom}) {
+    if ($lasthop->{envfrom}) {
       # excellent, we can use this
+      dbg ("SPF: found Envelope-From in last untrusted Received header");
     } else {
       # fall back to using HELO
       dbg ("SPF: came via >0 trusted relays, using HELO instead of Envelope-From");

Modified: incubator/spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm
==============================================================================
--- incubator/spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm	(original)
+++ incubator/spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm	Mon Jan  5 00:20:43 2004
@@ -2308,6 +2308,22 @@
 
   my $envf;
 
+  # WARNING: a lot of list software adds an X-Sender for the original env-from
+  # (including Yahoo! Groups).  Unfortunately, fetchmail will pick it up and
+  # reuse it as the env-from for *its* delivery -- even though the list software
+  # had used a different env-from in the intervening delivery.   Hence, if this
+  # header is present, and there's a fetchmail sig in the Received lines, we
+  # cannot trust any Envelope-From headers, since they're likely to be
+  # incorrect fetchmail guesses.
+
+  if ($self->get ("X-Sender")) {
+    my $rcvd = $self->get ("Received");
+    if ($rcvd =~ /\(fetchmail/) {
+      dbg ("X-Sender and fetchmail signatures found, cannot trust envelope-from");
+      return undef;
+    }
+  }
+
   # procmailrc notes this, amavisd are adding it, we recommend it
   if ($envf = $self->get ("X-Envelope-From")) { goto ok; }