https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7330
Bug ID: 7330
Summary: Horde webmail message (authenticated user session)
with header "by HTTPS" not on trusted path.
Product: Spamassassin
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P2
Component: Libraries
Assignee: [email protected]
Reporter: [email protected]
Authenticated user messages sent through Horde Framework (IMP) webmail
have a browser IP header line depending on (http:// https://) server url.
Received from ... by ... (Horde Framework) with HTTP; ...
or
Received from ... by ... (Horde Framework) with HTTPS; ...
This is "formally correct" but SpamAssassin doesnt recognize 'with HTTPS' as a
authenticated user on trusted path and check remote client IP against allrules.
diff Mail/SpamAssassin/Message/Metadata/Received.pm*
408c408
< if (/ by / && / with ((?:ES|L|UTF8S|UTF8L)MTPS?A|ASMTP|HTTPU?)(?: |;|$)/i)
{
---
> if (/ by / && / with
> ((?:ES|L|UTF8S|UTF8L)MTPS?A|ASMTP|HTTP(S|U)?)(?:|;|$)/i) {
Regards
Valerio Pulese
--
You are receiving this mail because:
You are the assignee for the bug.
