Re: [exim] Exim always expands sender_rcvhost to unverified IP

[Andrew Colin Kissa via Exim-users]

> On 18 Nov 2021, at 16:53, Matt Corallo via Exim-users <exim-users@exim.org> 
> wrote:
> 
> Same, I'd think, but according to the SpamAssassin folks its incorrect. 
> According to them, a Received line like the following indicates that the host 
> was *not* verified, but Exim seems to have fully verified the FcRDNS:
> 
> Received: from o13.mailer.shopify.com ([149.72.221.62])
>    by mail.as397444.net with esmtps TLS1.3 id 1mmjFb-0034Ki-02
>    (envelope-from 
> <bounces+11006833-f9b2-vmstfpodc=mattcorallo....@mailer.shopifyemail.com>)
>    for vmstfp...@mattcorallo.com; Mon, 15 Nov 2021 21:10:54 +0000
> 
> Specifically, it seems Spamassassin is looking for something more 
> postfix-esque like
> Received: from o13.mailer.shopify.com (o13.mailer.shopify.com [149.72.221.62])
> 
> I haven't dug into any relevant RFCs to see who's fault it really is, but it 
> seems Spamassassin and Exim don't agree on how to communicate validated DNS.

Actually the reason why the rdns value is not parsed by Spamassassin in your 
case
is because your header does not include "Exim" i.e `(Exim $version_number)\n\t`.

The Spamassassin code has a switch[1] which identifies Exim headers and would 
be able
to parse your header correctly if your "$received_header_text" didn't strip out 
the MTA
version `(Exim $version_number)\n\t`.

The default "$received_header_text" should work correctly.

[1] 
https://github.com/apache/spamassassin/blob/3.4/lib/Mail/SpamAssassin/Message/Metadata/Received.pm#L548

- Andrew


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/