Package: spamass-milter Version: 0.4.0-1+b1 Severity: important -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Dear Maintainer, I recently became aware that spamassassin reports a large number of false DATE_IN_FUTURE_96_Q positives. Being a pretty good spam indicator, this test has a relatively high score, causing many non-spam messages to be classified as spam. But I was unable to reproduce the problem when running spamc from the command line, using the same input emails spamass-milter had rejected. Looking further into this, I found that the problem is caused by the Received header synthesized by spamass-milter. I enabled "-d spamc" and captured these 5 examples: Jan 20 10:37:01 canardo spamass-milter[15003]: Received header for spamc: Received: from mxphxpool1028.ebay.com (mxphxpool1028.ebay.com [66.211.184.94])#015#012#011by canardo.mork.no (8.15.2/8.15.2) with ESMTPS id 00K9b03T015037#015#012#011Mon, 13 Jan 2020 18:59:12 +0100#015#012#011(envelope-from <e...@ebay.com>);#015 Jan 20 10:37:17 canardo spamass-milter[15003]: Received header for spamc: Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])#015#012#011by canardo.mork.no (8.15.2/8.15.2) with ESMTP id 00K9bHZv015075#015#012#011Mon, 20 Jan 2020 10:37:17 +0100#015#012#011(envelope-from <netdev-ow...@vger.kernel.org>);#015 Jan 20 10:38:39 canardo spamass-milter[15003]: Received header for spamc: Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])#015#012#011by canardo.mork.no (8.15.2/8.15.2) with ESMTP id 00K9cdBm015126#015#012#011Mon, 20 Jan 2020 10:38:39 +0100#015#012#011(envelope-from <linux-usb-ow...@vger.kernel.org>);#015 Jan 20 10:38:48 canardo spamass-milter[15003]: Received header for spamc: Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])#015#012#011by canardo.mork.no (8.15.2/8.15.2) with ESMTP id 00K9cdBn015126#015#012#011Mon, 13 Jan 2020 18:59:12 +0100#015#012#011(envelope-from <linux-wireless-ow...@vger.kernel.org>);#015 Jan 20 10:40:40 canardo spamass-milter[15003]: Received header for spamc: Received: from puck.nether.net (puck.nether.net [204.42.254.5])#015#012#011by canardo.mork.no (8.15.2/8.15.2) with ESMTPS id 00K9edpQ017980#015#012#011Mon, 13 Jan 2020 18:59:12 +0100#015#012#011(envelope-from <juniper-nsp-boun...@puck.nether.net>);#015 It is pretty clear from the above that only 2 of the headers use the correct current time, matching the log time. The 3 other mails all got a header with a completely bogus "Mon, 13 Jan 2020 18:59:12" date. But the bogus date is not arbitrary. Looking closer I noticed that the date is the start time for the sendmail process: bjorn@canardo:~$ ls --full-time /proc/$(pidof "sendmail: MTA: accepting connections")/cmdline -r--r--r-- 1 root root 0 2020-01-13 18:59:12.097744044 +0100 /proc/13048/cmdline This bug has caused my mail server to reject a large number of non-spam email, using tests which are enabled by default and having default scores. I do therefore consider it important. spamass-milter cannot currently not be used without either disabling the received date tests or setting the scores to 0. Bjørn - -- System Information: Debian Release: 10.2 APT prefers stable APT policy: (990, 'stable'), (500, 'stable-updates') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-6-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages spamass-milter depends on: ii adduser 3.118 ii libc6 2.28-10 ii libgcc1 1:8.3.0-6 ii libmilter1.0.1 8.15.2-14~deb10u1 ii libstdc++6 8.3.0-6 ii spamc 3.4.2-1+deb10u1 Versions of packages spamass-milter recommends: ii sendmail 8.15.2-14~deb10u1 ii spamassassin 3.4.2-1+deb10u1 spamass-milter suggests no packages. - -- Configuration Files: /etc/default/spamass-milter changed [not included] - -- no debconf information -----BEGIN PGP SIGNATURE----- iGwEARECACwWIQR3fjfc8EF8nPbC0aDXSuqSjBsiyQUCXiV7Ag4cYmpvcm5AbW9y ay5ubwAKCRDXSuqSjBsiyTB4AJ0dttXUYFUadh/5ulYmh6k/NAFsUQCdEXpqv4MH VPvo/jnPF/28b6y1dWo= =bOCA -----END PGP SIGNATURE-----
