On Mon, 24 May 2004, Nick Leverton wrote:
> On Sun, May 23, 2004 at 12:03:47PM -0600, Lucas Albers wrote:
> > Mark Powell said:
> > > Ooops. That rule should of course be:
> > >
> > > header FAKE_HELO_YAHOO
> > > eval:check_for_rdns_helo_mismatch("yahoo\.com","yahoo\.com")
> > > describe FAKE_HELO_YAHOO Host HELO did not match rDNS: yahoo.com
> > >
> > > BTW This is stock SA v2.63
> > Are you saying the stock rule is wrong?
>
> http://bugzilla.spamassassin.org/show_bug.cgi?id=2871
>
> http://bugzilla.spamassassin.org/attachment.cgi?id=1682
Hi,
Don't both of these relate to a problem with:
header FORGED_YAHOO_RCVD eval:check_for_forged_yahoo_received_headers()
I believe that it's this line that's causing the problem the FP for
FAKE_HELO_YAHOO:
Received: from [216.136.131.55] (HELO web11005.mail.yahoo.com) (216.136.131.55)
by pan.salford.ac.uk (qpsmtpd/0.27-dev) with SMTP; Fri, 30 Apr 2004 02:36:19
+0100
To me there seems nothing wrong with 216.136.131.55 saying HELO
web11005.mail.yahoo.com? Unlesss I'm missing something?
Apologies if I'm completely missing the point here :(
Cheers.
--
Mark Powell - UNIX System Administrator - The University of Salford
Information Services Division, Clifford Whitworth Building,
Salford University, Manchester, M5 4WT, UK.
Tel: +44 161 295 4837 Fax: +44 161 295 5888 www.pgp.com for PGP key
