https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8149
Bug ID: 8149
Summary: EnvelopeFrom vs Return-Path
Product: Spamassassin
Version: 4.0.0
Hardware: PC
OS: Windows 10
Status: NEW
Severity: normal
Priority: P2
Component: Rules
Assignee: dev@spamassassin.apache.org
Reporter: ruud.vd.h...@gmail.com
Target Milestone: Undefined
Some MTA calling SpamAssassin might not add the Return-Path header until final
delivery, meaning the Return-Path might be unavailable to SA while processing
rules.
I noticed some of the default rules rely on the Return-Path header being
present, eg:
\share\4.000000\updates_spamassassin_org\20_head_tests.cf
__ML5
\share\4.000000\updates_spamassassin_org\20_vbounce.cf
__BOUNCE_RPATH_NULL
__BOUNCE_RPATH_MD
__BOUNCE_RPATH_ERRMAIL
__CRBOUNCE_RP
__CRBOUNCE_RP_2
__CRBOUNCE_GETRESP
__VBOUNCE_MSGLABS
\share\4.000000\updates_spamassassin_org\72_active.cf
DSN_NO_MIMEVERSION
__RAND_HEADER (this one can be ignored i think)
__USING_VERP1
KAM.cf also uses Return-Path in some instances.
Wouldn't it be better to use EnvelopeFrom or EnvelopeFrom:addr there?
Or add a fallback to use EnvelopeFrom:addr or Return-Path:addr, eg:
describe UNPHISH_FROM_DOMAIN Trigger on valid mails, lower score
header __UNPHISH_FROM_DOMAIN_A EnvelopeFrom:addr =~ /\@(domain\.nl)$/i
header __UNPHISH_FROM_DOMAIN_B Return-Path:addr =~ /\@(domain\.nl)$/i
ifplugin Mail::SpamAssassin::Plugin::DMARC
meta UNPHISH_FROM_DOMAIN ( (__UNPHISH_FROM_DOMAIN_A +
__UNPHISH_FROM_DOMAIN_B >= 1) && DMARC_PASS )
else
meta UNPHISH_FROM_DOMAIN ( (__UNPHISH_FROM_DOMAIN_A +
__UNPHISH_FROM_DOMAIN_B >= 1) && ( SPF_PASS || SPF_HELO_PASS && DKIM_VALID ))
endif
tflags UNPHISH_FROM_DOMAIN net
score UNPHISH_FROM_DOMAIN -2.0
--
You are receiving this mail because:
You are the assignee for the bug.
