https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7348
Bug ID: 7348
Summary: SPF_PASS not relieable
Product: Spamassassin
Version: 3.4.1
Hardware: All
OS: Linux
Status: NEW
Severity: critical
Priority: P2
Component: Plugins
Assignee: [email protected]
Reporter: [email protected]
as far as i know SA is supposed to re-use the SPF-header vom spf-policyd
well, the message below has a clear spf-pass but no SPF hits in the report
header and hence "whitelist_auth" did also not trigger
even if it would not re-use the "Received-SPF" header - since it was inserted
by the MTA before passing the message to the milter it is 100% sure in the
local resolver cache and dns-timeouts or errors are practically not possible at
that stage
feels somehow like a gambling machine and "whitelist_auth" needs to be 100%
relieable (not for mailchimp like in this case but in general to distinct
between forged fincancial mails and real ones)
__________________________________________
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
client-ip=198.2.182.53; helo=mail53.suw15.mcsv.net;
envelope-from=bounce-mc.us13_59462513.501201-checkin=thelounge....@mail53.suw15.mcsv.net;
[email protected]
__________________________________________
-Spam-Report: Flag: No, * -0.2 CUST_DNSWL_8_TL_N RBL:
dnswl-aggregate.thelounge.net (No Trust) * [198.2.182.53 listed in
dnswl-aggregate.thelounge.net] * -0.4 RCVD_IN_MSPIKE_H5 RBL: Excellent
reputation (+5) * [198.2.182.53 listed in wl.mailspike.net] * 0.3
URIBL_GREY Contains an URL listed in the URIBL greylist * [URIs:
campaign-archive2.com] * 1.0 NIXSPAM_IXHASH DIGEST: ix.dnsbl.manitu.net
*
-0.1 CUST_DNSWL_5_ORG_N RBL: list.dnswl.org (No Trust) * [198.2.182.53
listed in list.dnswl.org] * 0.1 HEADER_FROM_DIFFERENT_DOMAINS From and
EnvelopeFrom 2nd level mail * domains are different * -0.0
RP_MATCHES_RCVD Envelope sender domain matches handover relay domain * 0.5
CUST_BODY_BEGINS_VL BODY: Begins Very Low * 0.0 HTML_MESSAGE BODY: HTML
included in message * 1.5 BAYES_50 BODY: Bayes spam probability is 40 to
60% * [score: 0.5000] * 0.0 MIME_QP_LONG_LINE RAW:
Quoted-printable
line longer than 76 chars * -0.1 DKIM_VALID Message has at least one valid
DKIM or DK signature * 0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily * valid * -0.1 DKIM_VALID_AU Message has a valid
DKIM
or DK signature from author's * domain * 1.5 IXHASH_CHECK Message
hits one ore more IXHASH digest-sources * -0.0 RCVD_IN_MSPIKE_WL Mailspike
good senders * 0.0 T_OBFU_ATTACH_MISSP No description available. * 0.1
BOGOFILTER_UNSURE BOGOFILTER: message is Unsure with *
bogofilter-score 0.5004
X-Virus-Scanned: Yes
--
You are receiving this mail because:
You are the assignee for the bug.
