https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7911

            Bug ID: 7911
           Summary: SPF plugin does not recognise multiple results in a
                    single Authentication-Results header
           Product: Spamassassin
           Version: 3.4.4
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Plugins
          Assignee: dev@spamassassin.apache.org
          Reporter: dbuer...@gluet.ch
  Target Milestone: Undefined

RFC 8601 is the current specification of the Authentication-Results
header. According to section 4 of RFC 8601, multiple results may be
conveyed either in multiple Authentication-Results header fields or in a
single one:

> An MTA compliant with this specification adds this header field
> (after performing one or more message authentication tests) to
> indicate which MTA or ADMD performed the test, which test was
> applied, and what the result was.  If an MTA applies more than one
> such test, it adds this header field either once per test or once
> indicating all of the results.  An MTA MUST NOT add a result to an
> existing header field.

For SPF, I interpret this to mean that the following two forms are
equivalent:

1)

Authentication-Results: mail.example.org; spf=pass smtp.mailfrom=example.com
Authentication-Results: mail.example.org; spf=pass smtp.helo=mail.example.com

2)

Authentication-Results: mail.example.org;
  spf=pass smtp.helo=mail.example.com;
  spf=pass smtp.mailfrom=example.com

The SpamAssassin SPF plugin recognises both HELO and MAIL FROM results
in the first form shown above, but not in the second form. In the second
form it only recognises the last result.

The SPF plugin should treat both forms the same and should be able to
recognise both results in the second form, too.

-- 
You are receiving this mail because:
You are the assignee for the bug.

Reply via email to