http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4813
Summary: Received parser misparses this Sendmail header
Product: Spamassassin
Version: 3.1.0
Platform: Other
OS/Version: other
Status: NEW
Severity: major
Priority: P3
Component: Libraries
AssignedTo: [email protected]
ReportedBy: [EMAIL PROTECTED]
CC: [EMAIL PROTECTED]
In a discussion on the IRC channel today, it came up that spam is hitting the
USER_IN_DEF_WHITELIST
rule. After some debugging, the issue is that the Received header is
misparsed, and the HELO name is
treated as the rDNS lookup:
Received: from Amazon.com ([66.0.37.1])
by bi-staff1.beckman.uiuc.edu (8.12.8/8.12.8) with SMTP id
k1SCIR87017358;
Tue, 28 Feb 2006 06:18:27 -0600
The problem is that in Received.pm the section/RE titled "Try to match most of
various qmail
possibilities" is loose enough that it catches the above. If I comment out
that RE, the header falls
through and is parsed correctly by the rest of the code.
In 3.0, Amazon was setup as a default whitelist via whitelist_from_rcvd. In
3.1 it was changed to a
whitelist_from_spf so this specific spam is no longer an issue, but it's
definitely bad.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
