https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7898
Bug ID: 7898
Summary: DATE_IN_PAST depends on faked Received header
Product: Spamassassin
Version: 3.4.2
Hardware: PC
OS: Linux
Status: NEW
Severity: minor
Priority: P2
Component: Rules (Eval Tests)
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: Undefined
Created attachment 5741
--> https://bz.apache.org/SpamAssassin/attachment.cgi?id=5741&action=edit
spam which prevents DATE_IN_PAST_96_XX
got spam, which doesn't triggers DATE_IN_PAST_96_XX but should.
Faked
Received: from ec2-3-85-120-74.compute-1.amazonaws.com ([3.85.120.74]
helo=EC2AMAZ-566PBPN.ec2.internal)
by mail.dr-ph.com with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256)
(Exim 4.90_1)
(envelope-from <[email protected]>)
id 1lMSG7-0009pd-Us; Wed, 17 Mar 2021 17:14:32 +0800
prevents DATE_IN_PAST_96_XX ( or other DATE_IN_PAST tests ), but in real we are
weeks later.
Maybe a good solution could be to test the first AND the last received header.
Usualy the last received header is a trusted one, because it is our own server.
However, i think, there should be a whole set of IN_PAST_DATE_96_XX ... rules,
which are using nearly the same code as yet, except compare with the highest
difference after sort, not the lowest one.
In general, compare date-header to date from received which is the nearest one
to date AND the one which ist far away from date.
--
You are receiving this mail because:
You are the assignee for the bug.
