René Berber wrote:
Daryl C. W. O'Shea wrote:
René Berber wrote:
I read all the page before asking, and I understand that it follows the trust
path page. The fact is SA is not detecting the authentication, and there is
nothing in that page that gives a clue as to why, it just mentions that
LOCAL_AUTH_RCVD rule and it certainly doesn't say it's not needed for sendmail.
The second line of the sections starts with "Note: The problem described
was fixed in version 3.0.2.". To me that would infer that it works with
Sendmail, one of the most popular MTAs on the planet.
In your case you found a bug that happens when an auth'd user's IP
address has sub-optimal DNS entries (see your later mail), but in any
other case I don't see how this isn't clear that it should work with
Sendmail.
dbg: metadata: X-Spam-Relays-Untrusted: [ ip=200.52.129.137
rdns=mail.legosoft.com.mx helo= by=cactus-soft.dyndns.org ident=
[EMAIL PROTECTED] intl=0 id=J9POUJ-0001MC-JY auth= ] [
ip=189.149.70.163 rdns=dsl-189-149-70-163.prod-infinitum.com.mx
helo=MARISELA
by=mail.legosoft.com.mx ident= envfrom= intl=0 id=kB3G26P6019032 auth= ]
It doesn't look like you have your trusted_networks configured
correctly. Fix that before you even attempt to get auth token detection
working.
It is configured correctly (don't assume something you don't know), it is in my
mailscanner.cf, like this :
I'm rarely one to make assumptions about things, but when I do, it's
usually about something I don't know. There's not much point in making
assumptions about something you already know. In any case, I didn't
assume anything, I said "It doesn't look like", and with the little info
you provided at the time, looking only at those debug lines it really
didn't look like you'd configured it.
Maybe I should be more verbose about things like that, but I suspect the
list is better off with some number of terse answers from people who are
really familiar with the code than verbose answers to far fewer questions.
Any help clarifying how the LOCAL_AUTH_RCVD rule is used, or an
alternative to
make SA recognize the authenticated user, will be appreciated.
I've updated the DynablockIssues wiki page to be clear that custom rules
are only a workaround for less than helpful MTAs.
I've ran SA with -D, it sees the (standard sendmail) header and created the 2
trusted pseudo-headers, but doesn't detect the authentication:
$ spamassassin -x -D -t < S.eml
[824] dbg: logger: adding facilities: all
[824] dbg: logger: logging level is DBG
[824] dbg: generic: SpamAssassin version 3.1.7
Great, this debug snippet is useful.
...
[824] dbg: received-header: unknown format: via tmail-2002(14) (invoked by user
rberber) for rberber; Sun, 3 Dec 2006 13:01:33 -0600
[824] dbg: received-header: unparseable: via tmail-2002(14) (invoked by user
rberber) for rberber; Sun, 3 Dec 2006 13:01:33 -0600
[824] dbg: received-header: parsed as [ ip=200.52.129.137
rdns=mail.legosoft.com.mx helo= by=cactus-soft.dyndns.org ident=
[EMAIL PROTECTED] intl=0 id=J9POUJ-0001MC-JY auth= ]
[824] dbg: received-header: relay 200.52.129.137 trusted? yes internal? yes
[824] dbg: received-header: parsed as [ ip=189.149.70.163
rdns=dsl-189-149-70-163.prod-infinitum.com.mx helo=MARISELA
by=mail.legosoft.com.mx ident= envfrom= intl=0 id=kB3G26P6019032 auth= ]
[824] dbg: received-header: relay 189.149.70.163 trusted? no internal? no
[824] dbg: metadata: X-Spam-Relays-Trusted: [ ip=200.52.129.137
rdns=mail.legosoft.com.mx helo= by=cactus-soft.dyndns.org ident=
[EMAIL PROTECTED] intl=1 id=J9POUJ-0001MC-JY auth= ]
[824] dbg: metadata: X-Spam-Relays-Untrusted: [ ip=189.149.70.163
rdns=dsl-189-149-70-163.prod-infinitum.com.mx helo=MARISELA
by=mail.legosoft.com.mx ident= envfrom= intl=0 id=kB3G26P6019032 auth= ]
[824] dbg: metadata: X-Spam-Relays-Internal: [ ip=200.52.129.137
rdns=mail.legosoft.com.mx helo= by=cactus-soft.dyndns.org ident=
[EMAIL PROTECTED] intl=1 id=J9POUJ-0001MC-JY auth= ]
[824] dbg: metadata: X-Spam-Relays-External: [ ip=189.149.70.163
rdns=dsl-189-149-70-163.prod-infinitum.com.mx helo=MARISELA
by=mail.legosoft.com.mx ident= envfrom= intl=0 id=kB3G26P6019032 auth= ]
...
The message headers are :
even more useful!
Received: via tmail-2002(14) (invoked by user rberber) for rberber; Sun, 3 Dec
2006 13:01:33 -0600
...
Received: from mail.legosoft.com.mx ([200.52.129.137])
by cactus-soft.dyndns.org with esmtps (TLSv1:AES256-SHA:256)
(Exim 4.63)
(envelope-from <[EMAIL PROTECTED]>)
id J9POUJ-0001MC-JY
for [EMAIL PROTECTED]; Sun, 03 Dec 2006 13:01:32 -0600
Received: from MARISELA (dsl-189-149-70-163.prod-infinitum.com.mx
[189.149.70.163] (may be forged))
(authenticated bits=0)
by mail.legosoft.com.mx (8.13.8/8.13.8) with ESMTP id kB3G26P6019032
for <[EMAIL PROTECTED]>; Sun, 3 Dec 2006 10:02:16 -0600 (CST)
...
Daryl
