https://issues.apache.org/SpamAssassin/show_bug.cgi?id=7051
Bug ID: 7051
Summary: False triggering of RCVD_ILLEGAL_IP for unknown reason
Product: Spamassassin
Version: 3.4.0
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Rules
Assignee: [email protected]
Reporter: [email protected]
I'm seeing RCVD_ILLEGAL_IP hit on a SA 3.4.0 installation on various messages
coming through Yahoo Groups. Here are headers from a recent example:
Received: from unknown (HELO ng10-vm12.bullet.mail.gq1.yahoo.com)
(98.136.219.129)
by saul.tomlogic.com with SMTP; 13 Jun 2014 07:14:56 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoogroups.com;
s=echoe; t=1402643798; bh=+SkVaHYD1ICc0TNolCj7ySWySOODUvmRLNFKBMxXTt0=;
h=Received:Received:X-Yahoo-Newman-Id:X-Sender:X-Apparently-To:X-Received:X-Received:X-Received:X-Received:X-Received:X-Received:X-Received:To:Message-ID:X-Mailer:X-Original-From:X-Originating-IP:X-eGroups-Msg-Info:X-Yahoo-Post-IP:From:X-Yahoo-Profile:Sender:MIME-Version:Mailing-List:Delivered-To:List-Id:Precedence:List-Unsubscribe:Date:Subject:Reply-To:X-Yahoo-Newman-Property:Content-Type;
b=RisvjQcZ1Fh3WTVx5WNurIwGr5OghvqC6SD/w9qvBkVtQM3aT+0ryWcGObfr2eQAhV6UfdFiR3B5WXZ9scw58QSwhXsuOWQf/+mZljUWO+xaZy2HVYM15P07v4KUXUTusiDWjkMu3pO4X+ppqwPqpTTciID2ODIa9hW35ZFeqcM=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=echoe; d=yahoogroups.com;
b=mAaYyREpmvQNsR5CNzRbOmHtKrnjuKQ0RDT92OvISGFrCt1VOpUQduCdE7nSi16oTZE1FsMQNp6IADfyRz2wipQJvK6ZJD4QKnCj460Y+5xTBJ3vSS/vcfiDMH07X9GG6CG93qiBlhfkMt0Tx/a5XPshJGs7oxHOsM3l0AV54c8=;
Received: from [98.137.0.85] by ng10.bullet.mail.gq1.yahoo.com with NNFMP; 13
Jun 2014 07:16:38 -0000
Received: from [10.193.39.27] by tg5.bullet.mail.gq1.yahoo.com with NNFMP; 13
Jun 2014 07:16:38 -0000
X-Yahoo-Newman-Id: 76254548-m1383
X-Sender: [email protected]
X-Apparently-To: [email protected]
X-Received: (qmail 366 invoked by uid 102); 13 Jun 2014 07:16:37 -0000
X-Received: from unknown (HELO mtaq5.grp.bf1.yahoo.com) (10.193.84.36)
by m10.grp.bf1.yahoo.com with SMTP; 13 Jun 2014 07:16:37 -0000
X-Received: (qmail 4622 invoked from network); 13 Jun 2014 07:16:37 -0000
X-Received: from unknown (HELO n1-vm3.bullet.mail.bf1.yahoo.com)
(72.30.235.159)
by mtaq5.grp.bf1.yahoo.com with SMTP; 13 Jun 2014 07:16:37 -0000
X-Received: from [66.196.81.176] by n1.bullet.mail.bf1.yahoo.com with NNFMP; 13
Jun 2014 07:16:37 -0000
X-Received: from [10.193.242.234] by t6.bullet.mail.bf1.yahoo.com with NNFMP;
13 Jun 2014 07:16:36 -0000
X-Received: from [127.0.0.1] by gapi7.grp.bf1.yahoo.com with NNFMP; 13 Jun 2014
07:16:36 -0000
To: <[email protected]>
Message-ID: <[email protected]>
X-Mailer: Yahoo Groups Message Poster
X-Original-From: [email protected]
X-Originating-IP: 238.43.169.202
X-eGroups-Msg-Info: 1:12:0:0:0
X-Yahoo-Post-IP: 238.43.169.202
From: "[email protected] [xxx]" <[email protected]>
X-Yahoo-Profile: xxxxx
Sender: [email protected]
MIME-Version: 1.0
Mailing-List: list [email protected]; contact [email protected]
Delivered-To: mailing list [email protected]
List-Id: <xxx.yahoogroups.com>
Precedence: bulk
List-Unsubscribe: <mailto:[email protected]>
Date: 13 Jun 2014 00:16:36 -0700
Subject: [xxx] [CCPL-East] Week 02 Results!
Reply-To: [email protected]
X-Yahoo-Newman-Property: groups-email-ff-m
Content-Type: multipart/alternative;
boundary="9nlWnTS9ocNmxdhsK3FKVLWiM6a5jwOaA8HvrLV"
Why is this triggering, and does there need to be a rule update? I'm dropping
the score on my machines temporarily until I can understand what's happening.
--
You are receiving this mail because:
You are the assignee for the bug.
