Greetings,
(Although I have used SA for almost three years, I have only just joined
the users and dev lists; apologies if I misread protocol about how to
report something like this.)
I have really enjoyed the auto-white-listing feature since I upgraded
from 2.6 to 3.0 a month ago. But studying the statistics, I noticed an
apparent bug, in that my own address would occasionally drop off the
list (as reported by the check_whitelist tool). Eventually I deduced
that something about sending from my desktop (which is also my mail
server), resulting in 'ip=none' was causing the problem.
I finally tracked it down to this code in AutoWhitelist.pm in the
check_address function:
if (!defined $self->{entry}->{count} || $self->{entry}->{count} == 0) {
# no entry found
if (defined $origip) {
# try upgrading a default entry (probably from "add-addr-to-foo")
my $noipaddr = $self->pack_addr ($addr, undef);
my $noipent = $self->{checker}->get_addr_entry ($noipaddr);
if (defined $noipent->{count} && $noipent->{count} > 0) {
dbg("auto-whitelist: found entry w/o IP address for $addr: replacing
with $origip");
$self->{checker}->remove_entry($noipent);
# Now assign proper entry the count and totscore values of the no ip
entry
# instead of assigning the whole value to avoid wiping out any
information added
# to the previous entry.
$self->{entry}->{count} = $noipent->{count};
$self->{entry}->{totscore} = $noipent->{totscore};
}
}
Now, I don't use the add-addr-to-* options, but I do send tons of mail
which evaluates to 'ip=none', and the upshot of the above code is that
whenever I do, my statistics get mangled:
1. [EMAIL PROTECTED]|ip=none gets added to the list (if not present), or
its count gets incremented (if already present)
Then when I send, using the same address, via another sub-net (which I do
quite often), then e.g.:
2. [EMAIL PROTECTED]|ip=none gets converted to [EMAIL PROTECTED]|ip=129.146
Then when i send from my desktop again, see step 1. Then when I send from
another sub-net again, a variant of step 2 happens, e.g.:
3. [EMAIL PROTECTED]|ip=none gets converted to [EMAIL PROTECTED]|ip=129.147
and all other [EMAIL PROTECTED]|* entries get deleted.
Thus, my current counts are:
-11.0 ( -43.9 / 4 ) -- [EMAIL PROTECTED]|ip=none
-6.9 ( -13.9 / 2 ) -- [EMAIL PROTECTED]|ip=129.144
whereas they should be something more like this:
-#### ( -#### / 150 ) -- [EMAIL PROTECTED]|ip=none
-### ( -#### / 80 ) -- [EMAIL PROTECTED]|ip=129.146
-### ( -#### / 30 ) -- [EMAIL PROTECTED]|ip=129.147
-6.9 ( -13.9 / 2 ) -- [EMAIL PROTECTED]|ip=129.144
Note that I am intentionally obscuring the scores, as who knows what they
were, and am just guessing the rough number of messages I have sent via
the various local sub-nets in the past month.
(Also note that the output of check_whitelist is slightly off, but I have
extended it a bit, and will report that in another thread.)
So, does the above code have any real benefit? Clearly for me, who does
not use the add-addr-to-* options but does send from localhost, it is
detrimental and will shortly be removed from my local tree unless someone
points out something I am overlooking. But I am not experienced enough
to answer the more general usefulness question.
Feel free to follow up if any of the above was unclear or if there are
any other questions. Thanks.
-- John
