Re: whitelist_rcvd_from: ignoring localhost handover?

[Justin Mason <jm...@jmason.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


"Gary Funck" writes:
>
>This is a follow up to my original inquiry on SA Talk:
>
>http://article.gmane.org/gmane.mail.spam.spamassassin.general/41027/match=+w
>hitelist+rcvd+funck
>
>(which went unanswered. I'd still appreciate hearing from the experts out
>there, when
>you've got a min/two. :/)
>
>(config: SA 2.63, Perl 5.8.0, RH 9.0, network checks enabled, sendmail
>8.12.8)
>
>I've got a situation where I tried to set up whitelist_from_rcvd, but I see
>the
>following in the debug output:
>
>debug: received-header: ignoring localhost handover

>which, reading the code in Received.pm seems to indicate that the Receieved:
>header
>couldn't be parsed properly?

Gary -- I think this is fixed in 2.70 svn.

- --j.


>Here's my whitelist entry (names/IP addrs changed for this example):
>
># Trusted hosts
>whitelist_from_rcvd * localhost
>whitelist_from_rcvd *@*foo.org foo.org
>
>### We can trust headers from these IP's:
>trusted_networks 127.
>trusted_networks 199.99.99.0/24     ## will rDNS to foo.org
>
>An example header:
>
>>>>From web@www.foo.org  Sat Feb  7 05:50:52 2004
>Return-Path: <we...@www.foo.org>
>Received: from www.foo.org (localhost [127.0.0.1])
>        by www.foo.org (8.12.8/8.12.8) with ESMTP id i17DoZMn008108;
>        Sat, 7 Feb 2004 05:50:35 -0800
>Received: (from web@localhost)
>        by www.foo.org (8.12.8/8.12.8/Submit) id i17DoYRj008106;
>        Sat, 7 Feb 2004 05:50:34 -0800
>Date: Sat, 7 Feb 2004 05:50:34 -0800
>From: Web Admin <we...@www.foo.org>
>Message-Id: <20...@www.foo.org>
>To: admin@foo.net
>Subject: ht://Dig Report for www.foo.net - Fri Feb  6 22:30:00 PST 2004
>
>
>Is this a bug in the Received: header parsing? I saw the following bug
>reports, but they say they're closed/fixed:
>
>http://bugzilla.spamassassin.org/show_bug.cgi?id=2787 (milestone: 2.62)
>
>
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Exmh CVS

iD8DBQFAJX2QQTcbUG5Y7woRAkEaAJ9OXq7pL5j+hEG9Y73mP34zW73RKACeOv/9
I2852oBWFtwdBTn2Xn+mABw=
=FYFq
-----END PGP SIGNATURE-----

RE: whitelist_rcvd_from: ignoring localhost handover?

[Gary Funck <ga...@intrepid.com>]

>
> and there's quite a bit of difference between them, but the mod. that is
> giving me trouble
> is code introduced at around line 165 which tries to refer to
> $trusted->get_num_nets(),
> but $trusted is undefined. Oddly an assignment to
> $trusted_networks has been
> in the code
> for a while, but wasn't referenced until this mod:

I should add, that I didn't install SA, but rather put the new Received.pm
into lib/Mail/Spamaassassin, then did make clean, make, and make test, and
it failed on the tests:

t/basic_lint................Can't call method "get_num_nets" on an undefined
value at ../blib/lib/Mail/SpamAssassin/Received.pm line 165.

Is it possible that the testing set up would exercise things in a different
way
than running SA directly?

RE: whitelist_rcvd_from: ignoring localhost handover?

[Gary Funck <ga...@intrepid.com>]

>
> Gary -- I think this is fixed in 2.70 svn.
>

Justin, thanks. Could someone suggest a patch against 2.63? I tried plugging
in this version:

Revision 6167 - , (view/download) - [select for diffs]
Modified Wed Jan 14 07:41:56 2004 UTC (3 weeks, 3 days ago) by jm
File length: 48631 byte(s)
Diff to previous 6136 (colored)
bug 2787: Received header misunderstood; bug 2896: debug code to report
unparseable received header incorrect

But I see that the 6_0 branch has this version:

Revision 6190 - , (view/download) - [selected]
Modified Sat Jan 17 22:37:48 2004 UTC (3 weeks ago) by felicity
File length: 39472 byte(s)
Diff to previous 6168 (colored)
removing execute bits on files that don't need it

and there's quite a bit of difference between them, but the mod. that is
giving me trouble
is code introduced at around line 165 which tries to refer to
$trusted->get_num_nets(),
but $trusted is undefined. Oddly an assignment to $trusted_networks has been
in the code
for a while, but wasn't referenced until this mod:

Revision 5955 - , (view/download) - [select for diffs]
Modified Sat Nov 15 02:44:49 2003 UTC (2 months, 3 weeks ago) by jmason
File length: 42888 byte(s)
Diff to previous 5870 (colored)
bug 2591: Received header format for something called 'smtpd' supported;
added internal_networks initial implementation

Here's an excerpt of that change:

@@ -92,20 +97,47 @@

   # now figure out what relays are trusted...
   my $trusted = $self->{conf}->{trusted_networks};
+  my $internal = $self->{conf}->{internal_networks};
   my $relay;
   my $first_by;
   my $in_trusted = 1;
+  my $in_internal = 1;
+
+  if ($trusted->get_num_nets() > 0 && $internal->get_num_nets() > 0) {
+    # good; we can use both reliably.
+  }
+  elsif ($trusted->get_num_nets() <= 0 && $internal->get_num_nets() > 0) {
+    $trusted = $internal;	# use 'internal' for 'trusted'
+  }
+  elsif ($trusted->get_num_nets() > 0 && $internal->get_num_nets() <= 0) {
+    # use 'trusted' for 'internal'; compatibility with SpamAssassin 2.60
+    $internal = $trusted;
+  }
+
   my $did_user_specify_trust = ($trusted->get_num_nets() > 0);
+  my $did_user_specify_internal = ($internal->get_num_nets() > 0);

   while (defined ($relay = shift @{$self->{relays}}))
   {
+    # trusted_networks matches?
     if ($in_trusted && $did_user_specify_trust && !$trusted->contains_ip
($relay->{ip}))
     {
       $in_trusted = 0;		# we're in deep water now
     }

--------

So what I'm wondering is there an easy way to fix this initialization and
move
forward, or should I fish around with trying a diff between 6190 (2.63) and
5870 (the trunk version before the refence to $trusted->get_nums() was
added?

Oh, can someone explain the relationship between the RCS version id's at the
top of the file and SVN versions?