[Bug 8365] New: Exim 4.99+ log selector can cause Received header to use a non-standard protocol ID

Mon, 09 Feb 2026 11:12:20 -0800 

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8365

            Bug ID: 8365
           Summary: Exim 4.99+ log selector can cause Received header to
                    use a non-standard protocol ID
           Product: Spamassassin
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Libraries
          Assignee: [email protected]
          Reporter: [email protected]
  Target Milestone: Undefined

Created attachment 6056
  --> https://bz.apache.org/SpamAssassin/attachment.cgi?id=6056&action=edit
Proposed patch against SA trunk

Starting with Exim 4.99, the "tls_on_connect" log selector was introduced. The
intent of this seems to be to allow administrators to more easily determine via
logs that a particular message was sent through a connection which negotiates
TLS immediately after the connection rather than with STARTTLS, and it does so
by changing the value of its internal "$received_protocol" variable to use
"ssmtp", "essmtp", and "essmtpa" rather than the standard "smtps", "esmtps",
and "esmtpsa" values. (See
<https://exim.org/exim-html-4.99/doc/html/spec_html/ch-string_expansions.html#vi379>
for the relevant documentation.) While we don't think that many administrators
are explicitly enabling "tls_on_connect", we do see a number of users with
log_selector set to "+all", which now enables this behavior.

Unfortunately, this change to the internal variable has the effect of bleeding
through into the Received header which Exim writes to the message, causing
SpamAssassin to fail to recognize the "essmtpa" non-standard protocol value as
an authenticated SMTP hop, in turn causing some standard rules to wrongly be
applied to messages. To address this, we are patching SpamAssassin on our
installs to substitute the standard "esmtpsa" for this non-standard "essmtpa"
value in lib/Mail/SpamAssassin/Message/Metadata/Received.pm, and we think that
this change is a good candidate for inclusion in upstream. Attached is the
change against the current SpamAssassin trunk.

Please let us know if you recommend any changes to this patch.

-- 
You are receiving this mail because:
You are the assignee for the bug.

Reply via email to