https://issues.apache.org/SpamAssassin/show_bug.cgi?id=7132
Bug ID: 7132
Summary: RCVD_IN_PBL false positive from X-Originating-IP
Product: Spamassassin
Version: 3.4.0
Hardware: PC
OS: Windows 7
Status: NEW
Severity: normal
Priority: P2
Component: Rules
Assignee: [email protected]
Reporter: [email protected]
First let me state this is NOT an outgoing email issue like other bug reports
on this subject. This is an incoming email being received from another mail
server.
Spamassassin is running on mx1.ctgameinfo.com. Mail is routed to it via
spamass-milter over socket file.
Some minor data has been changed for privacy reasons. The IP address 1.2.3.4
represents the residential adsl IP address of the sender.
Why is 1.2.3.4 being checked against PBL? Of course the originating residential
IP is going to be listed in PBL, that is the point of PBL.
I also do not understand why the RDNS_NONE rule is hit by this. The received
header clearly shows rdns is working, and the 1.2.3.4 also has working rdns (of
the form d1-2-3-4.bchsia.telus.net)
Email headers
-------------
Return-Path: <[email protected]>
X-Original-To: [email protected]
Delivered-To: [email protected]
Received: from cmta3.telus.net (cmta3.telus.net [209.171.16.76])
by mx1.ctgameinfo.com (Postfix) with ESMTP id EF99C4787F
for <[email protected]>; Tue, 3 Feb 2015 16:02:12 -0800 (PST)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.98.5 at spamass
Received: from mtlp000203.email.telus.net ([172.20.100.250])
by cmta3.telus.net with TELUS
id o02B1p01R5Q8SMY0102BBp; Tue, 03 Feb 2015 17:02:11 -0700
X-Originating-IP: 1.2.3.4
X-Authority-Analysis: v=2.0 cv=HdzKuF48 c=1 sm=1 a=FKkrIqjQGGEA:10
a=VDjVIzFGpyMA:10 a=IkcTkHD0fZMA:10 a=aatUQebYAAAA:8 a=87ezdhtkhnusMjfAvXkA:9
a=QEXdDO2ut3YA:10 a=XvapDdnUjFUA:10 a=B6NL9imSmI8A:10 a=T74AievCaeNgEnAZ:21
a=KTfQ0v5V-U0IL0Cz:21 a=4bd358MHcbnBkp+IcMzszA==:117
Date: Tue, 3 Feb 2015 17:02:11 -0700 (MST)
From: name <[email protected]>
To: othername <[email protected]>
Message-ID: <[email protected]>
In-Reply-To: <[email protected]>
Subject: *****SPAM***** For Wednesday class
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------=_54D16186.FCDC03DC"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [1.2.3.4]
X-Mailer: Zimbra 8.0.7_GA_6037 (ZimbraWebClient - IE7 (Win)/8.0.7_GA_6021)
Thread-Topic: For Wednesday class
Thread-Index: 5+zgt8qFs/3YXUxFRkhDWI63D900jg==
X-Spam-Flag: YES
X-Spam-Status: Yes, score=5.4 required=5.0 tests=AWL=0.601,RCVD_IN_PBL=3.558,
RDNS_NONE=1.274,UNPARSEABLE_RELAY=0.001 autolearn=no autolearn_force=no
version=3.4.0 bayes=0.5 dcc=spamass 1102; Body=1 Fuz1=1 Fuz2=1
pyzor=Reported
0 times.
X-Spam-Report:
* 3.6 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
* [1.2.3.4 listed in zen.spamhaus.org]
* 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
* 0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay
lines
* 0.6 AWL AWL: Adjusted score from AWL reputation of From: address
X-Spam-Level: *****
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
spamass.ctgameinfo.com
--
You are receiving this mail because:
You are the assignee for the bug.
