inconsistent SPF - bug
Julian Field
mailscanner at ecs.soton.ac.uk
Mon Dec 13 21:51:36 GMT 2004
[ The following text is in the "ISO-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
Thanks for that, I will work on this tomorrow.
Mark Nienberg wrote:
> Julian,
>
> I think I've tracked down the problem with inconsistent SPF test
> results. In the following discussion I will assume that MailScanner is
> set up with the defaults of :
>
> Envelope From Header = X-MailScanner-From: (in MailScanner.conf)
> envelope_sender_header X-MailScanner-From (in spam.assassin.prefs.conf)
>
> Bad SPF results seem to come from messages that have passed through
> another MailScanner server and already had the X-MailScanner-From
> header added.
>
> In "SA.pm" you construct the message to pass to SA by starting with
> an X-MailScanner-From header at the top, then addding the original
> headers (which might include an X-MailScanner-From header), and then
> adding the message body. Spamassassin then extracts the envelope
> information from the headers by looking for X-MailScanner-From. If
> there is more than one such header, SA joins the values rather than
> using the first one, as you might expect. See SA's "get_envelope_from"
> subroutine in "PerMsgStatus.pm" for the procedure it uses. I haven't
> invetigated what SPF does with the mess it receives, but I suspect it
> throws away everything before the final @, so that it performs the check
> using the domain that was in the final X-MailScanner-From header instead
> of the one that you added at the top of the message.
>
> I think the solution is for MailScanner to delete any X-MailScanner-From
> headers (or whatever is specified in envelope_sender_header) from the
> original message headers before adding them to the message that will
> be passed to SpamAssassin.
>
> --
> Mark Nienberg, SE
> Tipping Mar + associates
> 1906 Shattuck Ave
> Berkeley, CA 94704
> http://www.tippingmar.com
>
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
> Support MailScanner development - buy the book off the website!
>
--
Julian Field
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list