https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6645
--- Comment #8 from [email protected] 2011-08-07 14:32:43 UTC --- Regarding comment 6: When a mail is sent authenticated via a relay, spamassassin should never check the dial-up IP against a PBL. The failure to detect this is a bug (at least in my opinion), because it causes legitimate mail to be detected as spam. It might be qmail-scanner's fault to insert an incorrect header and that should be fixed too, but it is spamassassin not detecting that the mail was authenticated and so it does things it should not do. Regarding comment 7 sounding like "we won't support qmail/non-RFC-compliant software": Scan through your tarball and you will find that there are some pieces of code dealing with qmail or qmail-scanner included. The tarball even contains a qmail-spamc.c file as replacement of qmail-scanner (but without capability for virus checking). Spamassassin has no problem detecting qmail's "with ESMTPA"-header. It only chokes about qmail-scanner's additional received header. It seems that there is no code combining the line "with ESMTPA" line with the according Received: ... with qmail-scanner header for correctly checking trust path. Regarding your idea to penalty score all non-RFC software you are free to do so, but do this only on your own mail system, because otherwise you will make many of your users unhappy (because of the sudden misdetection of many legitimate mail (from companies using i.e. Exchange) as spam) causing spamassassin to lose its reputation as software of outstanding quality (no user without technical knowledge would understand your decision nor would the admins having to deal with lost/undelivered mails, having to change spamassassin back to "normal"). Regarding all comments: It seems to me that until now nobody knowing how to fix this bug by patching [SPAMASSASSIN-TAR]/lib/Mail/SpamAssassin/Message/Metadata/Received.pm reads this bug report. In my opinion the fix would be to make spamassassin combine the qmail-scanner line internally with the previously inserted authentication line into one to correctly detect the authentication. If the unwillingness to fix it is because I assigned the bug to the rules-component (where maybe nobody is responsible for the Received.pm), then please tell me to which component it should be assigned or reassign it. Thanks for your interest in taking bug reports serious and seeing them as a way to improve the detection engine. -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
