We are using the CommuniGate Pro mail server, which allows Outlook user
to submit messages using the Microsoft's MAPI protocol to submit
messages across the IMAP port. The problem that we are having is that
although the messages are submitted directly from an authenticated
client connection, spamassassin does not recognize the protocol, which
triggers a host of RBL rule hits on the messages. If I change the
submission header on the message to indicate ESMTPSA the same message
receives a minimal score. (Below is the result of spamc using an
adulterated received header.)
+++++++ Original Message +++++++++++++++++++++
Received: from [216.156.83.74] (account redacted-u...@domain.com)
by ssaihq.com (CommuniGate Pro IMAP 5.3.3)
with XMIT id 9561773; Mon, 07 Jun 2010 11:15:10 -0400
...............................................
5.9/5.0
Spam detection software, running on the system "mail.domain.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Thanks, B. Yes, I do think that we need to have
representation.
R.
Content analysis details: (5.9 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
0.0 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP
address
[216.156.83.74 listed in dnsbl.sorbs.net]
0.8 RCVD_IN_SORBS_WEB RBL: SORBS: sender is an abusable web server
2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL
[216.156.83.74 listed in psbl.surriel.com]
1.4 RCVD_IN_BRBL_LASTEXT RBL: RCVD_IN_BRBL_LASTEXT
[216.156.83.74 listed in
bb.barracudacentral.org]
-0.5 LOCAL_SERVER_CGP_MAPI Decreases score if submitted to server via CGP
MAPI connector
1.5 SUBJ_ALL_CAPS Subject is all capitals
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
1.9 MISSING_MIMEOLE Message has X-MSMail-Priority, but no X-MimeOLE
+++++++ Modified Message +++++++++++++++++++++
Received: from [216.156.83.74] (account redacted-u...@domain.com)
by ssaihq.com (CommuniGate Pro SMTP 5.3.3)
with ESMTPSA id 9561773; Mon, 07 Jun 2010 11:15:10 -0400
...............................................
0.0/5.0
Spam detection software, running on the system "mail.domain.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Thanks, B. Yes, I do think that we need to have SSAI
representation.
R.
Content analysis details: (0.0 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
-1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP
-0.5 LOCAL_SERVER_CGP_MAPI Decreases score if submitted to server via CGP
MAPI connector
1.5 SUBJ_ALL_CAPS Subject is all capitals
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
1.9 MISSING_MIMEOLE Message has X-MSMail-Priority, but no X-MimeOLE
I've created a local rule which reduces the message score based on a
locally added header, but I am reluctant to have it adjust the score
enough to counteract the scores added by the various RBLs. My preference
would be to have all locally authenticated messages, using any
submission method (CGP also accepts messages via AIRSYNC, XMPP and
others) identified and treated the same. Is there any way to have
spamassassin treat these other protocols like ESMPSA?
SpamAssassin 3.3.1
