Hi,
my guess is that for some reason an empty line is inserted in the email
somewhere above the headers and before the message is processed by
spamassassin. This will cause all headers below this empty line to be
treated as the actual body of the message, so all missing header tests
will hit and will result in what you actually see. This could be a bug
in the software you use for email content filtering...
Regards,
Savvas Karagiannidis
On 04/06/2019 17:29, Stephan Fourie wrote:
Hi,
My apologies, seems something went wrong with the formatting when it
was pasted to the pastebin. Here's a new example with spacing intact:
https://pastebin.com/raw/tQtSMQPs
In this example some of the other headers were also not 'seen'.
Thanks!
Stephan
On 2019/06/04 10:55, Matus UHLAR - fantomas wrote:
On 3 Jun 2019, at 2:20, Stephan Fourie wrote:
> We're currently seeing the rule MISSING_SUBJECT sporadically
> hitting on emails that have a subject. This issue seems to have
> started during last week, which is when clients started complaining
> about false positive detections. Please see example headers at the
> following link:
>
> https://pastebin.com/raw/GtnV67Hj
On Mon, 03 Jun 2019 11:43:44 -0400 Bill Cole wrote:
The headers are all missing the traditional space between the colon
and the header content.
On 03.06.19 19:11, RW wrote:
And this include google headers, so presumably the spaces have been
stripped locally.
now one question is,
if the spaces have been stripped prior to spam checking,
another is,
if SA does/should expect whitespaces after header fields.
if the first answer is true, then SA can't do much about misformatted
e-mail.
But since FROM_AND_TO_IS_SAME_DOMAIN was hit, I don't think the
spaces were
stripped, so
- we need to see the original message as it was scanned. Anything else,
reformated by anyone (e.g. outlook or exchange use to reformat mail),
can't help us much finding the issue.
