[Bug 8149] New: EnvelopeFrom vs Return-Path

Fri, 21 Jul 2023 23:49:09 -0700 

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8149

            Bug ID: 8149
           Summary: EnvelopeFrom vs Return-Path
           Product: Spamassassin
           Version: 4.0.0
          Hardware: PC
                OS: Windows 10
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Rules
          Assignee: [email protected]
          Reporter: [email protected]
  Target Milestone: Undefined

Some MTA calling SpamAssassin might not add the Return-Path header until final
delivery, meaning the Return-Path might be unavailable to SA while processing
rules.

I noticed some of the default rules rely on the Return-Path header being
present, eg:

\share\4.000000\updates_spamassassin_org\20_head_tests.cf
__ML5

\share\4.000000\updates_spamassassin_org\20_vbounce.cf
__BOUNCE_RPATH_NULL
__BOUNCE_RPATH_MD 
__BOUNCE_RPATH_ERRMAIL
__CRBOUNCE_RP
__CRBOUNCE_RP_2
__CRBOUNCE_GETRESP
__VBOUNCE_MSGLABS


\share\4.000000\updates_spamassassin_org\72_active.cf
DSN_NO_MIMEVERSION
__RAND_HEADER (this one can be ignored i think)
__USING_VERP1


KAM.cf also uses Return-Path in some instances.

Wouldn't it be better to use EnvelopeFrom or EnvelopeFrom:addr there?
Or add a fallback to use EnvelopeFrom:addr or Return-Path:addr, eg:

describe UNPHISH_FROM_DOMAIN Trigger on valid mails, lower score
header   __UNPHISH_FROM_DOMAIN_A  EnvelopeFrom:addr =~ /\@(domain\.nl)$/i
header   __UNPHISH_FROM_DOMAIN_B  Return-Path:addr =~ /\@(domain\.nl)$/i
ifplugin Mail::SpamAssassin::Plugin::DMARC
    meta     UNPHISH_FROM_DOMAIN      ( (__UNPHISH_FROM_DOMAIN_A +
__UNPHISH_FROM_DOMAIN_B >= 1) && DMARC_PASS )
else
    meta     UNPHISH_FROM_DOMAIN      ( (__UNPHISH_FROM_DOMAIN_A +
__UNPHISH_FROM_DOMAIN_B >= 1) && ( SPF_PASS || SPF_HELO_PASS && DKIM_VALID ))
endif
tflags   UNPHISH_FROM_DOMAIN net  
score    UNPHISH_FROM_DOMAIN -2.0

-- 
You are receiving this mail because:
You are the assignee for the bug.

Reply via email to