[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: DATE_IN_FUTURE weirdness
From: |
Andrew Daviel |
Subject: |
RE: DATE_IN_FUTURE weirdness |
Date: |
Mon, 10 May 2010 17:36:47 -0700 (PDT) |
On Fri, 7 May 2010, Shadwick, Tony wrote:
This is a known bug in older versions of SpamAssassin. Either upgrade or
manually set that score to 0. :)
I upgraded to 3.3.1, but it didn't help (needed doing anyway, so my time
wasn't really wasted).
I realized that the problem I was having, as seen by dumping $received
in _get_received_header_times() in
site_perl/xxx/Mail/SpamAssassin/Plugin/HeaderEval.pm, was in the Received
header synthesised by spamass-milter (and never seen by the recipient).
I was getting dates of 'Tue, 20 Apr 2010 09:07:15 -0700' instead of the
current one, prompting DATE_IN_FUTURE_96_Q or the older
DATE_IN_FUTURE_96_XX
I still don't understand - basically I recompiled the milter and the
problem went away. I'm not sure whether the value of macro_b passed from
sendmail was corrupted, or the one faked up from localtime if it was missing.
I also faked up a data field so I could whitelist authenticated sessions
(where the user logged in with a password before sending mail). I could
not be bothered to reproduce the exact sendmail string (besides, Postfix
does it different, so I already have 2 filters).
spamass-milter.cpp:
+ const char *macro_authtype ;
+ macro_authtype = smfi_getsymval(ctx, "{auth_type}") ;
+ if (!macro_authtype) macro_authtype = "NONE" ;
assassin->output((string)
"Received: from "+macro_s+" ("+macro__+")\r\n\t"+
+ "(authentication "+macro_authtype+")\r\n\t"+
"by "+....
/etc/mail/spamassassin/local.cf:
# add -10 for auth_type LOGIN or PLAIN etc.
header SMTP_AUTH3 Received =~ /authentication [^N][\w].{1,80}by
mx.example.com/
score SMTP_AUTH3 -10
describe SMTP_AUTH3 Sender logged in to our mailserver
I note that SpamAssassin now supports "msa_networks" for whitelisting
authenticated logins. The way I read the docs, that only works for an
external MTA - SA assumes that if it received mail from it it must have
been authenticated, it doesn't actually check. You cannot use
msa_networks on an MTA with an MX record or it will whitelist everything.
-----Original Message-----
Sent: Friday, May 07, 2010 1:13 PM
To: spamass-milt list
Subject: DATE_IN_FUTURE weirdness
..
I noticed that sometimes I get spurious DATE_IN_FUTURE_96_XX tags when
sending direct to the main MTA (the one with SA) with Alpine or
Thunderbird. But not when I try "by hand" with netcat.
--
Andrew Daviel, TRIUMF, Canada
Tel. +1 (604) 222-7376 (Pacific Time)
Network Security Manager
- DATE_IN_FUTURE weirdness, Andrew Daviel, 2010/05/07
- Message not available
- RE: DATE_IN_FUTURE weirdness,
Andrew Daviel <=