https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5941
Summary: parsing original SMTP Server not working properly
Product: Spamassassin
Version: 3.2.5
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P5
Component: spamassassin
AssignedTo: [email protected]
ReportedBy: [EMAIL PROTECTED]
CC: [EMAIL PROTECTED]
Hello,
I think I have hitten a bug in the way SA parses out the original SMTP host.
I send and email from my mail client (to myself) through the SMTP server of
GMX. SA thinks the Mail was sent directly from my computer (i.e. my
dsl-routers IP) without using GMXs SMTP server.
SPF_FAIL, RCVD_IN_PBL RBL, RCVD_IN_XBL RBL, RCVD_IN_SORBS_DUL and RDNS_DYNAMIC
seem to think 85.55.41.198 was the SMTP server - which is wrong. 85.55.41.198
is the IP my dsl-router uses to connect to the Internet.
The way of the mail is the following:
MUA (kmail) -> GMXs SMTP Server -> GMX forwards it from [EMAIL PROTECTED] to
[EMAIL PROTECTED] (I have set it like this in my account preferences at
GMX) -> fdm (which is a similar to fetchmail) fetches the mail via pop3 ->
procmail (gets fed by fdm) -> spamassassin (called from procmail as first
rule).
Someone on the sa-users list pointed out that the following header might be the
problem and that SA might not hanlde fdm.
Received: by localhost (fdm 1.5, account "gmx");
Mon, 14 Jul 2008 01:04:12 +0200
Full headers:
------------------------------------------------------------------------------
Return-Path: <[EMAIL PROTECTED]>
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on momo.seclinet.org
X-Spam-Level: ****
X-Spam-Status: No, score=4.3 required=5.0
tests=AWL,BAYES_40,RCVD_IN_PBL,RCVD_IN_SORBS_DUL,RCVD_IN_XBL,RDNS_DYNAMIC,SPF_FAIL,TVD_SPACE_RATIO
autolearn=no
bayes=0.2760
language=
report:
* 0.9 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
* [85.55.41.198 listed in zen.spamhaus.org]
* 3.0 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
* 0.9 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP
address
* [85.55.41.198 listed in dnsbl.sorbs.net]
* 0.7 SPF_FAIL SPF: sender does not match SPF record (fail)
* [SPF failed: Please see
http://www.openspf.org/Why?s=mfrom&id=anyaddress%40gmx.net&ip=85.55.41.198&r=momo.seclinet.org]
* -0.2 BAYES_40 BODY: Bayesian spam probability is 20 to 40%
* [score: 0.2760]
* 2.2 TVD_SPACE_RATIO BODY: TVD_SPACE_RATIO
* 0.1 RDNS_DYNAMIC Delivered to trusted network by host with
* dynamic-looking rDNS
* -3.4 AWL AWL: From: address is in the auto white-list
X-Flags: 0000
Delivered-To: GMX delivery to [EMAIL PROTECTED]
Received: by localhost (fdm 1.5, account "gmx");
Mon, 14 Jul 2008 01:04:12 +0200
Received: (qmail 6881 invoked by alias); 13 Jul 2008 22:29:06 -0000
Delivered-To: GMX delivery to [EMAIL PROTECTED]
Received: (qmail invoked by alias); 13 Jul 2008 22:29:06 -0000
Received: from 198.pool85-55-41.dynamic.orange.es (EHLO [192.168.0.25])
[85.55.41.198]
by mail.gmx.net (mp004) with SMTP; 14 Jul 2008 00:29:06 +0200
X-Authenticated: #8384405
X-Provags-ID: V01U2FsdGVkX1/KEJsVuZLKMG4BVaXLiJgyzPl76GsqwvYJeDn+q7
XuSbVqmMorwDIp
From: Tom Fernandes <[EMAIL PROTECTED]>
To: Tom Fernandes <[EMAIL PROTECTED]>
Subject: test-procmail
Date: Mon, 14 Jul 2008 00:29:04 +0200
User-Agent: KMail/1.9.9
MIME-Version: 1.0
Content-Type: text/plain;
charset="utf-8"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <[EMAIL PROTECTED]>
X-FuHaFi: 0.00
X-GMX-Antivirus: 0 (no virus found)
X-GMX-Antispam: -2 (not scanned, spam filter disabled)
X-Resent-By: Forwarder <[EMAIL PROTECTED]>
X-Resent-For: [EMAIL PROTECTED]
X-Resent-To: [EMAIL PROTECTED]
X-GMX-UID: /PQbLLcNa0AodebBJTAzUog3Njh6dE7a
X-Length: 2321
X-UID: 1521
------------------------------------------------------------------------------
thanks,
Tom
--
Configure bugmail:
https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
