----- Original Message ----- From: "Matt Kettler" <[EMAIL PROTECTED]> To: "Sandy S" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, May 18, 2004 10:48 AM Subject: Re: FP on USER_IN_DEF_WHITELIST
> At 11:07 AM 5/18/2004, Sandy S wrote: > >One of our customers forwarded us these headers of a porn spam which made it > >through Spamassassin: > > > >Return-Path: <[EMAIL PROTECTED]> > >Received: from paypal.com ([211.111.52.7]) > > by merlin.boreal.org (8.12.11/8.12.11) with SMTP id i4H3CuUm007290 > > for <snipped>; Sun, 16 May 2004 22:12:59 -0500 (CDT) > > <snip> > > >The customer didn't forward the whole message, but just to see if maybe this > >was an issue with trusted networks I ran the headers through spamassassin -D > >with the following results: > > <snip> > > >debug: received-header: parsed as [ ip=211.111.52.7 rdns=paypal.com helo= > >by=merlin.boreal.org ident= ] > > That's bad.. Notice that it thought the RDNS was paypal.com. Looks like > your Received: header format is one that SA doesn't understand. > > Ouch! We're using Sendmail version 8.104.2.26 on a BSDI 4.3.1 system. I believe that's a pretty up-to-date version of sendmail but it's not a well-supported OS. Would that be the problem? Should I report this as a bug? Thanks for your help! Sandy
