You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Benny Pedersen <me...@junc.eu> on 2023/06/03 18:03:38 UTC
authres do not parse sender-id
Jun 3 19:51:15.822 [17570] dbg: authres: parsing
Authentication-Results: mx.junc.eu (amavisd-new); dkim=fail (2048-bit
key) reason="fail (message has been altered)" header.d=junc.eu
Jun 3 19:51:15.822 [17570] dbg: authres: parsing
Authentication-Results: medusa.blackops.org; dkim=fail reason="signature
verification failed" (2048-bit key; unprotected) header.d=junc.eu
header.i=@junc.eu header.b=qOEWxmNG; dkim-atps=neutral
Jun 3 19:51:15.822 [17570] dbg: authres: parsing
Authentication-Results: medusa.blackops.org; sender-id=fail
(NotPermitted) header.sender=opendmarc-users-bounces@trusteddomain.org;
spf=fail (NotPermitted)
smtp.mfrom=opendmarc-users-bounces@trusteddomain.org
Jun 3 19:51:15.822 [17570] dbg: authres: skipping header, unknown
property for spf/smtp: mfrom
Jun 3 19:51:15.822 [17570] dbg: authres: parsing
Authentication-Results: medusa.blackops.org; sender-id=pass
header.from=me@junc.eu; spf=none smtp.mfrom=me@junc.eu
Jun 3 19:51:15.823 [17570] dbg: authres: skipping header, unknown
property for spf/smtp: mfrom
Jun 3 19:51:15.823 [17570] dbg: authres: results: dkim=fail
dkim-atps=neutral
Jun 3 19:51:15.824 [17570] dbg: spf: EnvelopeFrom not found in first
external Received header
Jun 3 19:51:15.824 [17570] dbg: spf: found EnvelopeFrom
'opendmarc-users-bounces@trusteddomain.org' from header
Jun 3 19:51:15.879 [17570] dbg: spf: ignoring any Received-SPF headers
from internal hosts, by admin setting
Jun 3 19:51:15.888 [17570] dbg: spf: using Mail::SPF for SPF checks
Jun 3 19:51:15.889 [17570] dbg: spf: checking EnvelopeFrom
(helo=medusa.blackops.org, ip=208.69.40.157,
envfrom=opendmarc-users-bounces@trusteddomain.org)
Jun 3 19:51:15.900 [17570] dbg: spf: query for
opendmarc-users-bounces@trusteddomain.org/208.69.40.157/medusa.blackops.org:
result: pass, comment: , text: Mechanism 'mx' matched
Jun 3 19:51:15.915 [17570] dbg: dkim: using Mail::DKIM version
1.20230212
Jun 3 19:51:15.916 [17570] dbg: dkim: providing our own resolver:
Mail::SpamAssassin::DnsResolver
Jun 3 19:51:15.918 [17570] dbg: dkim: performing public DKIM key lookup
and signature verification
Jun 3 19:51:15.922 [17570] dbg: dkim: DKIM signature i=@junc.eu
d=junc.eu
Jun 3 19:51:15.922 [17570] dbg: dkim: FAILED DKIM, i=@junc.eu,
d=junc.eu, s=default, a=rsa-sha256, c=relaxed/simple, unknown key size,
fail, matches author domain
Jun 3 19:51:15.922 [17570] dbg: dkim: DKIM signature verification
result: FAIL (MESSAGE HAS BEEN ALTERED)
Jun 3 19:51:15.922 [17570] dbg: dkim: performing public ARC key lookup
and signature verification
Jun 3 19:51:15.922 [17570] dbg: dkim: ARC signature verification
result: none
Jun 3 19:51:15.922 [17570] dbg: dkim: adsp: performing lookup on
_adsp._domainkey.junc.eu
Jun 3 19:51:15.923 [17570] dbg: dkim: adsp result: D/discardable (dns:
discardable), author domain 'junc.eu'
Jun 3 19:51:15.926 [17570] dbg: dkim: FAILED signature by junc.eu,
author me@junc.eu, no valid matches
Jun 3 19:51:15.926 [17570] dbg: dkim: author me@junc.eu, not in any
dkim welcomelist
Jun 3 19:51:15.926 [17570] dbg: spf: ignoring any Received-SPF headers
from internal hosts, by admin setting
Jun 3 19:51:15.926 [17570] dbg: spf: checking HELO
(helo=medusa.blackops.org, ip=208.69.40.157)
Jun 3 19:51:15.928 [17570] dbg: spf: query for
208.69.40.157/medusa.blackops.org: result: none, comment: , text: No
applicable sender policy available
Jun 3 19:51:15.930 [17570] dbg: spf: def_welcomelist_from_spf:
opendmarc-users-bounces@trusteddomain.org is not in
DEF_WELCOMELIST_FROM_SPF
Jun 3 19:51:15.930 [17570] dbg: spf: welcomelist_from_spf:
opendmarc-users-bounces@trusteddomain.org is not in user's
WELCOMELIST_FROM_SPF
is sender-id still not depricated ?
unknown key size is here bogos when dkim is breaked, it should say more
like dkim signed msg is not valid
using sa 4 with all trunk patches made local
Re: authres do not parse sender-id
Posted by Benny Pedersen <me...@junc.eu>.
Henrik K via users skrev den 2023-06-05 07:30:
> On Sat, Jun 03, 2023 at 08:03:38PM +0200, Benny Pedersen wrote:
>> Jun 3 19:51:15.822 [17570] dbg: authres: skipping header, unknown
>> property
>> for spf/smtp: mfrom
>
> Fixed this:
> https://svn.apache.org/viewvc?view=revision&revision=1910234
Jun 5 13:47:31.782 [13934] dbg: authres: parsing
Authentication-Results: mx.junc.eu (amavisd-new); dkim=fail (2048-bit
key) reason="fail (message has been altered)" header.d=junc.eu
Jun 5 13:47:31.782 [13934] dbg: authres: parsing
Authentication-Results: medusa.blackops.org; dkim=fail reason="signature
verification failed" (2048-bit key; unprotected) header.d=junc.eu
header.i=@junc.eu header.b=qOEWxmNG; dkim-atps=neutral
Jun 5 13:47:31.782 [13934] dbg: authres: parsing
Authentication-Results: medusa.blackops.org; sender-id=fail
(NotPermitted) header.sender=opendmarc-users-bounces@trusteddomain.org;
spf=fail (NotPermitted)
smtp.mfrom=opendmarc-users-bounces@trusteddomain.org
Jun 5 13:47:31.782 [13934] dbg: authres: parsing
Authentication-Results: medusa.blackops.org; sender-id=pass
header.from=me@junc.eu; spf=none smtp.mfrom=me@junc.eu
Jun 5 13:47:31.782 [13934] dbg: authres: results: dkim=fail
dkim-atps=neutral sender-id=pass spf=fail
solved
Re: authres do not parse sender-id
Posted by Henrik K via users <us...@spamassassin.apache.org>.
On Sat, Jun 03, 2023 at 08:03:38PM +0200, Benny Pedersen wrote:
> Jun 3 19:51:15.822 [17570] dbg: authres: skipping header, unknown property
> for spf/smtp: mfrom
Fixed this:
https://svn.apache.org/viewvc?view=revision&revision=1910234
Re: authres do not parse sender-id
Posted by Benny Pedersen <me...@junc.eu>.
Noel Butler skrev den 2023-06-05 10:43:
> On 05/06/2023 03:38, Matus UHLAR - fantomas wrote:
>
>>> is sender-id still not depricated ?
>>
>> it's status: historic. It's also patended and since it's broken by
>> design, there's no reason to support or use it.
>
> Supporting it used to tip you over the "your-not-spam" line with MS's
> cleanfeed, no idea if it still works that way as I lost my MS contact
> when she left for greener pastures.
+1
X-Spam-Status No, score=-8.268 tagged_above=-9999 required=5
tests=[AUTHRES_AUTH_NONE=1.5, AUTHRES_DKIM_PASS=-1.5, DKIM_SIGNED=0.1,
DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25,
HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-2, RCVD_IN_DNSWL_HI=-5,
RCVD_IN_MSPIKE_H5=-1, RCVD_IN_MSPIKE_WL=-0.01, RELAYCOUNTRY_GOOD=-0.1,
RELAYCOUNTRY_GREY=0.1, SPF_HELO_PASS=-0.1, SPF_PASS=-0.1,
T_SCC_BODY_TEXT_LINE=-0.01, UNPARSEABLE_RELAY=0.001,
USER_IN_DEF_SPF_WL=-0.2] autolearn=no autolearn_force=no
Authentication-Results mx.junc.eu (amavisd-new); dkim=pass (2048-bit
key) header.d=ausics.net
Authentication-Results apache.org; auth=none
Authentication-Results spamproc1-he-fi.apache.org (amavisd-new);
dkim=pass (2048-bit key) header.d=ausics.net
>
> --
> Regards,
your signature is still big, keeping autoreader on
Re: authres do not parse sender-id
Posted by Noel Butler <no...@ausics.net>.
On 05/06/2023 03:38, Matus UHLAR - fantomas wrote:
>> is sender-id still not depricated ?
>
> it's status: historic. It's also patended and since it's broken by
> design, there's no reason to support or use it.
Supporting it used to tip you over the "your-not-spam" line with MS's
cleanfeed, no idea if it still works that way as I lost my MS contact
when she left for greener pastures.
--
Regards,
Noel Butler
This Email, including attachments, may contain legally privileged
information, therefore at all times remains confidential and subject to
copyright protected under international law. You may not disseminate
this message without the authors express written authority to do so.
If you are not the intended recipient, please notify the sender then
delete all copies of this message including attachments immediately.
Confidentiality, copyright, and legal privilege are not waived or lost
by reason of the mistaken delivery of this message.
Re: authres do not parse sender-id
Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.
On 03.06.23 20:03, Benny Pedersen wrote:
>Jun 3 19:51:15.822 [17570] dbg: authres: parsing
>Authentication-Results: medusa.blackops.org; sender-id=fail
>(NotPermitted)
>header.sender=opendmarc-users-bounces@trusteddomain.org; spf=fail
>(NotPermitted) smtp.mfrom=opendmarc-users-bounces@trusteddomain.org
>Jun 3 19:51:15.822 [17570] dbg: authres: skipping header, unknown
>property for spf/smtp: mfrom
>Jun 3 19:51:15.822 [17570] dbg: authres: parsing
>Authentication-Results: medusa.blackops.org; sender-id=pass
>header.from=me@junc.eu; spf=none smtp.mfrom=me@junc.eu
>Jun 3 19:51:15.823 [17570] dbg: authres: skipping header, unknown
>property for spf/smtp: mfrom
>is sender-id still not depricated ?
it's status: historic. It's also patended and since it's broken by design,
there's no reason to support or use it.
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux is like a teepee: no Windows, no Gates and an apache inside...