[Bug 7416] Add logic to show when the DKIM_VALID matches the envelope-from

[bugzilla-daemon]

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7416

Kevin A. McGrail  changed:

   What|Removed |Added

 CC||kmcgr...@apache.org

--- Comment #17 from Kevin A. McGrail  ---
(In reply to Dave Jones from comment #16)
> Before I spend a lot of time setting up a sandbox, testing this patch and
> writing test cases, how do I know if this patch has the potential to be
> worthwhile enough to a dev?  My feelings won't be hurt if someone says this
> is not worth anything and we can just close this bug.

That is the catch-22 of being a dev.  You don't have to setup a sandbox
though... If it's safe, run it in your product environment with a T_ or score
of .001 so you can see how it might react.  That assumes it doesn't need any
code chages, just rules.

And you have commit rights though for sysadmin and I'm comfortable reviewing
your work when / if you want to commit.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 7416] Add logic to show when the DKIM_VALID matches the envelope-from

[bugzilla-daemon]

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7416

--- Comment #16 from Dave Jones  ---
Before I spend a lot of time setting up a sandbox, testing this patch and
writing test cases, how do I know if this patch has the potential to be
worthwhile enough to a dev?  My feelings won't be hurt if someone says this is
not worth anything and we can just close this bug.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 7416] Add logic to show when the DKIM_VALID matches the envelope-from

[bugzilla-daemon]

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7416

John Hardin  changed:

   What|Removed |Added

 CC||jhar...@impsec.org

--- Comment #15 from John Hardin  ---
(In reply to Dave Jones from comment #14)
> (In reply to Merijn van den Kroonenberg from comment #10)
> > Created attachment 5443 [details]
> > added (exported) plugin method check_dkim_valid_envelopefrom(). It will
> > check if the domain from the envelopefrom has a valid DKIM signature.
> > 
> > Added a patch to add a check_dkim_valid_envelopefrom() function. tested only
> > against a small testset of e-mail. patch against Mail-SpamAssassin-3.4.1
> > /Mail/SpamAssassin/Plugin/DKIM.pm
> 
> @devs How do patches like this one normally get put into the SA testing
> process?

Anybody can create a local SA sandbox, apply the patch and test (and ideally
create test cases for automated testing). 

Committing the changes to SVN so they are part of the standard SA release
requires committer privileges, so a dev with such privileges needs to be
convinced the patch is worthwhile.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 7416] Add logic to show when the DKIM_VALID matches the envelope-from

[bugzilla-daemon]

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7416

--- Comment #14 from Dave Jones  ---
(In reply to Merijn van den Kroonenberg from comment #10)
> Created attachment 5443 [details]
> added (exported) plugin method check_dkim_valid_envelopefrom(). It will
> check if the domain from the envelopefrom has a valid DKIM signature.
> 
> Added a patch to add a check_dkim_valid_envelopefrom() function. tested only
> against a small testset of e-mail. patch against Mail-SpamAssassin-3.4.1
> /Mail/SpamAssassin/Plugin/DKIM.pm

@devs How do patches like this one normally get put into the SA testing
process?

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 6887] Jenkins needs to have a build based on FreeBSD as Solaris1 is going away

[bugzilla-daemon]

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=6887

--- Comment #5 from Kevin A. McGrail  ---
Adding additional comments:

I did get an account on the box but never got access to wheel.


Machine was: 
hudson-fbsd.zones.apache.org

My goal was to try and build SA on box and find issue

- Checkout from SVN in normal user space - Fails
- Add any missing modules in normal user space
- more

As of today, it took 2+ months to get the account, I then did not get wheel
access and I don't even think the box exists anymore.  And infra supports only
Ubuntu now so this entire ticket is likely OBE.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 7349] Mail server responsible for SpamAssassin's Bugzilla sends a invalid HELO

[bugzilla-daemon]

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7349

Kevin A. McGrail  changed:

   What|Removed |Added

 Resolution|--- |FIXED
 CC||kmcgr...@apache.org
 Status|NEW |RESOLVED

--- Comment #1 from Kevin A. McGrail  ---
Daniel,

I don't believe there is any RFC requirement that a Helo be forward-lookup
capable.

However, testing today it uses mail.apache.org so I believe this issue is
closed.

Regards,
KAM

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 7341] digi.com

[bugzilla-daemon]

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7341

Dave Jones  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |INVALID
 CC||da...@apache.org

--- Comment #2 from Dave Jones  ---
Closing as accident or spam due to no response.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 6886] Zones Machines are EOL and need to be migrated

[bugzilla-daemon]

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=6886

Dave Jones  changed:

   What|Removed |Added

 Resolution|--- |FIXED
 Status|NEW |RESOLVED

--- Comment #10 from Dave Jones  ---
Moved hosting to sa-vm1.apach.org

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 6886] Zones Machines are EOL and need to be migrated

[bugzilla-daemon]

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=6886

--- Comment #9 from Dave Jones  ---
Moved hosting to sa-vm1.apache.org.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 6886] Zones Machines are EOL and need to be migrated

[bugzilla-daemon]

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=6886

Dave Jones  changed:

   What|Removed |Added

 CC||da...@apache.org

--- Comment #8 from Dave Jones  ---
We have moved to sa-vm1.apache.org so this issue can be closed.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 7340] BayesStore: bayes_expire table grows, remove_running_expire_tok not called

[bugzilla-daemon]

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7340

--- Comment #2 from Arnd  ---
Ping.

Anything I can do to help to get this issue resolved?

-- 
You are receiving this mail because:
You are the assignee for the bug.

Re: warn: Use of uninitialized value $4 in concatenation (.) or string at Mail/SpamAssassin/Plugin/URIDNSBL.pm line 1042.

[Kevin A. McGrail]

On 6/8/2017 9:06 AM, Bill Cole wrote:
This sample does not produce the error for me using a patched SA 3.4.1 


Concur.  I believe the issue at hand is duplicated bugs that confuse 
thing but I've considered this patched for a decently long time.

Re: warn: Use of uninitialized value $4 in concatenation (.) or string at Mail/SpamAssassin/Plugin/URIDNSBL.pm line 1042.

[Bill Cole]

On 7 Jun 2017, at 22:52, Philip Prindeville wrote:


I’m still seeing this now.

And yes, for spamhaus.  And yes, $ip is being passed in as ‘(‘.  
It should be possible to get a stack trace and figure out why it’s 
being passed in as that value...


Are we any closer to having a fix for this?


This bug has patches which have been integrated in svn:
   https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7231

This is my analysis of the root cause in a duplicate bug:
   https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7339#c2



I’m leaving a file here:

http://www.redfish-solutions.com/downloads/spamhaus.eml

where I can reproduce the issue with:

% spamassassin -D check -t spamhaus.eml


This sample does not produce the error for me using a patched SA 3.4.1

[Bug 5561] FORGED_YAHOO_RCVD false positive

[bugzilla-daemon]

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=5561

RW  changed:

   What|Removed |Added

 CC||rwmailli...@googlemail.com

--- Comment #6 from RW  ---
Yahoo have had a DMARC reject policy for over a year and before that they
didn't exactly have a spotless reputation. I don't see why a spammer would put
any effort into forging Yahoo email in 2017. 

Maybe someone with more spam could verify this but I have only 6 hits on this
rule out of 5k spams and not one contains any spoofed yahoo headers, they seem
more like the careless use of the Yahoo domain. 

It doesn't seem worth playing wackamole with Yahoo changes, I'd just look for a
DKIM-Signature header with d=yahoo.com in it.

-- 
You are receiving this mail because:
You are the assignee for the bug.

Re: Fwd: Re: [Bug 5561] FORGED_YAHOO_RCVD false positive

[Joe Quinn]

Seems like a reasonable change.

On 6/7/2017 3:41 PM, Kevin A. McGrail wrote:


Because these changes are hard-coded (ugh) and I hate making 
hard-coded changes to the received header parsing, does anyone have 
any comments on this bug?




 Forwarded Message 
Subject:[Bug 5561] FORGED_YAHOO_RCVD false positive
Date:   Tue, 06 Jun 2017 09:17:50 +
From:   bugzilla-dae...@issues.apache.org
To: dev@spamassassin.apache.org



https://bz.apache.org/SpamAssassin/show_bug.cgi?id=5561

nomen nescio  changed:

What|Removed |Added

  CC||i...@nomennesc.io

--- Comment #5 from nomen nescio  ---
Mails with the following (and similar) received headers also falsely triggered
FORGED_YAHOO_RCVD:

Received: from sonic.gate.mail.ne1.yahoo.com by
sonic309.consmr.mail.bf2.yahoo.com with HTTP; Fri, 2 Jun 2017 11:11:30 +

The following patch fixed the issue:

Index: lib/Mail/SpamAssassin/Plugin/HeaderEval.pm
===
--- lib/Mail/SpamAssassin/Plugin/HeaderEval.pm  (revision 1797757)
+++ lib/Mail/SpamAssassin/Plugin/HeaderEval.pm  (working copy)
@@ -528,6 +528,7 @@
  { return 0; }

if ($rcvd =~ /by web\S+\.mail\S*\.yahoo\.com via HTTP/) { return 0; }
+  if ($rcvd =~ /by \S+\.mail\S*\.yahoo\.com with HTTP/) { return 0; }
if ($rcvd =~ /by smtp\S+\.yahoo\.com with SMTP/) { return 0; }
my $IP_ADDRESS = IP_ADDRESS;
if ($rcvd =~

--
You are receiving this mail because:
You are the assignee for the bug.