http://bugzilla.spamassassin.org/show_bug.cgi?id=3417
[EMAIL PROTECTED] changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|WONTFIX |
------- Additional Comments From [EMAIL PROTECTED] 2004-05-22 12:41 -------
>In terms of a third-party plugin, I can't see why not if someone else
implements that
I have looked at the code and found, that all I need exist in two subs -
check_for_from_dns and check_rbl_backend in EvalTests.pm
I combine this two subs and create new one, that implemented my rule.
I think this rule will be very effective and recomend you to include it in
stable (2.6x) version of SpamAssasin.
Sorry for bad english.
Here the diff:
EvalTests.pm:
< sub check_for_from_mx {
< my ($self) = @_;
<
< my $from = $self->get ('Reply-To:addr');
< if (!defined $from || $from !~ /[EMAIL PROTECTED]/) {
< $from = $self->get ('From:addr');
< }
< return 0 unless ($from =~ /\@(\S+)/);
< $from = $1;
<
< # First check that DNS is available, if not do not perform this check
< return 0 unless $self->is_dns_available();
< $self->load_resolver();
<
< if ($from eq 'compiling.spamassassin.taint.org') {
< # only used when compiling
< return 0;
< }
<
< if ($self->{conf}->{check_mx_attempts} < 1) {
< return 0;
< }
<
<
< local ($_);
<
< # First check that DNS is available, if not do not perform this check
< return 0 if $self->{conf}->{skip_rbl_checks};
< return 0 unless $self->is_dns_available();
< $self->load_resolver();
<
< # How many IPs max you check in the received lines
< my $checklast=$self->{conf}->{num_check_received};
<
< my @fullips = map { $_->{ip} } @{$self->{relays_untrusted}};
<
< # Make sure a header significantly improves results before adding here
< # X-Sender-Ip: could be worth using (very low occurance for me)
< # X-Sender: has a very low bang-for-buck for me
< my @originating;
< for my $header ('X-Originating-IP', 'X-Apparently-From') {
< my $str = $self->get($header);
< next unless defined $str;
< push (@originating, ($str =~ m/($IP_ADDRESS)/g));
< }
<
< return 0 unless (scalar @fullips + scalar @originating > 0);
<
< # Let's go ahead and trim away all Reserved ips (KLC)
< # also uniq the list and strip dups. (jm)
< my @ips = ();
< my %seen = ();
< foreach my $ip (@fullips) {
< next if (exists ($seen{$ip})); $seen{$ip} = 1;
< if (!($ip =~ /${IP_IN_RESERVED_RANGE}/o)) { push(@ips, $ip); }
< }
<
< dbg("Got the following IPs: ".join(", ", @ips), "rbl", -3);
<
< if (scalar @ips + scalar @originating > 0) {
< # If name is foo-notfirsthop, check all addresses except for
< # the originating one. Suitable for use with dialup lists, like the PDL.
< # note that if there's only 1 IP in the untrusted set, do NOT pop the
< # list, since it'd remove that one, and a legit user is supposed to
< # use their SMTP server (ie. have at least 1 more hop)!
< if ($set =~ /-notfirsthop$/) {
< if (scalar @ips > 1) { pop @ips; }
< }
< # If name is foo-firsttrusted, check only the Received header just
< # after it enters our trusted networks; that's the only one we can
< # trust the IP address from (since our relay added that header).
< # And if name is foo-untrusted, check any untrusted IP address.
< elsif ($set =~ /-(first|un)trusted$/) {
< push(@ips, @originating);
< if ($1 eq "first") {
< @ips = ( $ips[0] );
< }
< else {
< shift @ips;
< }
< }
< else {
< # create a new list to avoid undef errors
< my @newips = ();
< my $i; for ($i = 0; $i < $checklast; $i++) {
< my $ip = pop @ips; last unless defined($ip);
< push (@newips, $ip);
< }
< # add originating IPs as untrusted IPs
< for my $ip (@originating) {
< next if (exists ($seen{$ip})); $seen{$ip} = 1;
< if (!($ip =~ /${IP_IN_RESERVED_RANGE}/o)) { push(@newips, $ip); }
< }
< @ips = @newips;
< }
< }
< dbg("But only inspecting the following IPs: ".join(", ", @ips), "rbl", -3);
<
<
< # Try check_mx_attempts times to protect against temporary outages.
< # sleep between checks to give the DNS a chance to recover.
< my @mxips = ();
< for my $i (1..$self->{conf}->{check_mx_attempts}) {
< my @mx = Net::DNS::mx($self->{res}, $from);
< dbg ("DNS MX records found: " . scalar(@mx));
<
< dbg("DNS MX records: ".join(", ", @mx), "mx", -3);
<
< # return 0 if (scalar @mx > 0);
< foreach my $mx (@mx) {
< my $query = $self->{res}->search($mx);
< if ($query) {
< my $count = 0;
< foreach my $rr ($query->answer) {
< if ($rr->type eq "A") {
< $count++;
< push (@mxips, $rr->rdatastr);
< }
< }
< dbg ("DNS A records found: $count");
< }
< }
< if ($i < $self->{conf}->{check_mx_attempts}) {sleep
$self->{conf}->{check_mx_delay}; };
< }
< foreach my $ip (@ips) {
< my $flag = 1;
< foreach my $mxip (@mxips) {
< $flag = 0 if ($ip eq $mxip);
< }
< return 1 if ($flag eq 1);
< }
<
< return 0;
< }
20_head_tests.cf:
header NO_MX_FOR_FROM eval:check_for_from_mx()
describe NO_MX_FOR_FROM Sender IP should be in the list of mx records of
a Domain in From header
tflags NO_MX_FOR_FROM net
50_scores.cf:
score NO_MX_FOR_FROM 0 1.105 0 1.650
Where can I read something about "SPF"?
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
