[Bug 6105] New: Make AWL honor trusted_networks.

[bugzilla-daemon]

https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6105

           Summary: Make AWL honor trusted_networks.
           Product: Spamassassin
           Version: SVN Trunk (Latest Devel Version)
          Platform: Other
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: Plugins
        AssignedTo: dev@spamassassin.apache.org
        ReportedBy: mkettler...@verizon.net


Currently the AWL code makes it's own guessing about what's part of your
network or not, rather than using the (possibly user configured)
trusted_networks or internal_networks.

It uses a similar mechanism to the trust-path auto-guesser, making its own
guesses based on what's routable and not. 

It also  appears to make the opposite choice about the last routable IP. While
the auto-guesser assumes it's the MX, and therefore part of your network, the
AWL assumes it's "the source".

The scary part is it actually has to merge the trusted and untrusted relays
lists to do this! Picking the first untrusted would be so much more correct. T

This way when the user configures their trusted networks, we're actually using
it in the AWL. In fact, I've always assumed it worked this way, but looking at
the code, it's not.


I'm no perl coder, but shouldn't this part of Plugin/AWL.pm:
----------------------
 foreach my $rly (reverse (@{$pms->{relays_trusted}},
@{$pms->relays_untrusted}}))
    {
      next if ($rly->{ip_private});
      if ($rly->{ip}) {
        $origip = $rly->{ip}; last;
      }
    }
-----------------------

And what's that "reverse" doing in there? Isn't that going to grab untrusted
first, starting with the originating IP? (ie: isn't the first member of
pms->relays_untrusted the untrusted host dropping mail off at the trusted
network?)

be something like this:
-----------------------
    foreach my $rly (@{$pms->{relays_untrusted}})
    {
      if ($rly->{ip}) {
        $origip = $rly->{ip}; last;
      }
    }
-----------------------

Which will find the untrusted host closest to the trusted_network that actually
has an IP.


-- 
Configure bugmail: 
https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.