http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5064
Summary: RCVD_IN_WHOIS_BOGONS FP on the sender's internal
network
Product: Spamassassin
Version: 3.1.3
Platform: Other
OS/Version: other
Status: NEW
Severity: normal
Priority: P5
Component: Rules
AssignedTo: [email protected]
ReportedBy: [EMAIL PROTECTED]
The RCVD_IN_WHOIS_BOGONS test is mis-firing on mail from mobistar.be, who use
externally-invalid netblocks in their internal network (to be precise,
175.175.74.19) but who deliver through a valid external MX.
It seems to me that this rule and
RCVD_IN_WHOIS_HIJACKED should use the -notfirsthop modifier, as
RCVD_IN_WHOIS_INVALID already does.
Do the corpora show any examples of spam originating from bogon/hijacked
netspace but sending through a non-bogon IP address ? If there are, those
would be missed by such a change so it'd be a bad idea - but otherwise I think
it makes sense.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
