https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7702
Bug ID: 7702
Summary: Not detecting all variants of the Hotmail received
headers
Product: Spamassassin
Version: 3.4.2
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P2
Component: Plugins
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: Undefined
Created attachment 5646
--> https://bz.apache.org/SpamAssassin/attachment.cgi?id=5646&action=edit
headers of the example email
In lib/Mail/SpamAssassin/Plugin/HeaderEval.pm, in the
_check_for_forged_hotmail_received_headers subroutine
There are a number of regex's that are used to detect a valid Received header
for messages that originate from Hotmail. The one dealing with
'outbound.protection.outlook.com' needs a small change to allow for the HELO
string which may appear in the header.
For example (taken from the original email):
Received: from mail-oln040092003100.outbound.protection.outlook.com (HELO
NAM02-BL2-obe.outbound.protection.outlook.com) (40.92.3.100) by
nb1.victas.uca.org.au with ESMTPS (AES256-SHA256 encrypted); 22 Mar 2019
04:29:59 -0000
The regex does not allow for the presence of the HELO string. The modified
regex should only allow for an optional HELO string and therefore there will be
no backward compatibility problems with the modified plugin.
I have attached the full list of headers, but the above is probably sufficient
in this case. For customer privacy reasons I have excluded the main body of the
original email.
--
You are receiving this mail because:
You are the assignee for the bug.
