Hi,
On Tue, Feb 26, 2008 at 14:56 +0100, Stefan `Sec` Zehl wrote:
>
[... on producing ALL_TRUSTED with these header ...]
>
> | Received: from mout4.freenet.de (mout4.freenet.de
> [IPv6:2001:748:100:40::2:6])
> | (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
> | (No client certificate requested)
> | by ice.42.org (Postfix) with ESMTPS id D189AB85A
> | for <[EMAIL PROTECTED]>; Tue, 26 Feb 2008 11:51:08 +0100 (CET)
> | Received: from [195.4.92.23] (helo=13.mx.freenet.de)
> | by mout4.freenet.de with esmtpa (Exim 4.69)
> | (envelope-from <[EMAIL PROTECTED]>)
> | id 1JTxOR-0002Vk-38; Tue, 26 Feb 2008 11:50:39 +0100
> | Received: from [82.128.34.27] (port=1797 helo=User)
> | by 13.mx.freenet.de with esmtpa (ID [EMAIL PROTECTED]) (port 25)
> (Exim 4.69 #10)
> | id 1JTxOO-0005uv-2T; Tue, 26 Feb 2008 11:50:38 +0100
I did some more Tests with these headers.
They are unconditionally marked as trusted. The problem is the following
line from "spamassasin -D -L -t":
| [52994] dbg: received-header: could not parse IPv4 address, assuming IPv6
As soon as this line appears, sa trusts everything. No matter what you
set in trusted_networks or anywhere else. It doesn't even parse that
header at all (notice that there are only two "parsed as" lines):
| [53147] dbg: received-header: parsed as [ ip=195.4.92.23 rdns=
helo=13.mx.freenet.de by=mout4.freenet.de ident= [EMAIL PROTECTED] intl=0
id=1JTxOR-0002Vk-38 auth=esmtpa msa=0 ]
| [53147] dbg: received-header: relay 195.4.92.23 trusted? yes internal? yes
msa? no
| [53147] dbg: received-header: parsed as [ ip=82.128.34.27 rdns= helo=User
by=13.mx.freenet.de ident= envfrom= intl=0 id=1JTxOO-0005uv-2T auth=esmtpa
msa=0 ]
| [53147] dbg: received-header: relay 82.128.34.27 trusted? yes internal? yes
msa? no
Replacing the "[IPv6:2001:748:100:40::2:6]" with "[1.2.3.4]", everything
is back to normal:
| [53033] dbg: received-header: parsed as [ ip=1.2.3.4 rdns=mout4.freenet.de
helo=mout4.freenet.de by=ice.42.org ident= envfrom= intl=0 id=D189AB85A auth=
msa=0 ]
| [53033] dbg: received-header: relay 1.2.3.4 trusted? no internal? no msa? no
| [53033] dbg: received-header: parsed as [ ip=195.4.92.23 rdns=
helo=13.mx.freenet.de by=mout4.freenet.de ident= [EMAIL PROTECTED] intl=0
id=1JTxOR-0002Vk-38 auth=esmtpa msa=0 ] [53033] dbg: received-header: relay
195.4.92.23 trusted? no internal? no msa? no
| [53033] dbg: received-header: parsed as [ ip=82.128.34.27 rdns= helo=User
by=13.mx.freenet.de ident= envfrom= intl=0 id=1JTxOO-0005uv-2T auth=esmtpa
msa=0 ]
| [53033] dbg: received-header: relay 82.128.34.27 trusted? no internal? no
msa? no
So it appears that spamassassins v6 support is broken. -- Is there some config
option i missed, or is the only solution to turn off IPv6 on my mailserver?
CU,
Sec
--
"The General who in a hundred battles is always victorious is not as
great as the one who achieves his objectives without fighting."
-- Sun Tzu
