Bug in SA.pm patch to MS 4.34.8-1

Julian Field mailscanner at ecs.soton.ac.uk
Fri Oct 8 09:08:21 IST 2004 

<x-flowed>
At 09:03 08/10/2004, you wrote:
>Julian
>
>You provided a patch to SA.pm that adds a new header "EnvelopeFrom: ..."
>to the copy of the message passed to SA.
>
>There is a problem with this patch (see below for details). When it is
>fixed the patch also needs to be added to MCP.pm so that the
>envelope-from address can be tested by MCP rules as well.
>
>The problem with your patch is that "EnvelopeFrom" is a pseudo-header
>provided by SA to allow the address received in the "MAIL FROM" stage of
>SMTP transactions to be tested in a rule. SA _does not_ expect to see
>that header in the message.
>
>SA attempts to discover the "envelope-from" address if it is made
>available by the SMTP server. It does this by looking for a number of
>common "envelope-from" header line forms in the message. All of this is
>described in SA's (3.0.0) user config options manual pages.
>
>If SA finds any likely looking envelope-from header lines it uses a
>heuristic to determine whether they are safe to use and sets
>"EnvelopeFrom" accordingly.
>
>To avoid this heuritic failing and chosing the wrong header value to
>assign to "EnvelopeFrom", SA provides an option to set this value
>explicitly in your SA prefs.conf file(s) in either or both MailScanner
>and MailScanner-MCP.
>
>The option is:
>
>    envelope_sender_header  Name-Of-Header
>
>Note that if you use your original patch and set
>
>    envelope_sender_header EnvelopeFrom
>
>in MCP's mcp.spam.assassin.prefs.conf then in my case SA looped and ran
>out of memory!
>
>I have changed the patch (in both SA.pm and MCP.pm) to use "X-NCL-From"
>rather than "EnvelopeFrom" and it works fine if the prefs.conf has
>
>    envelope_sender_header X-NCL-From
>
>specified.
>
>It seems there might be a problem with choice of header to add in SA.pm
>and MCP.pm. If you use, say, "X-MailScanner-From" then there may already
>be similar headers in the message added by upstream MTAs. In this case
>the "envelope_sender_header" option does not appear to be of much help
>since there will be more than one header of the same name to chose from.
>
>
>I suspect that to be entirely safe each site needs a unique header to be
>added but the site needs to know what that is so that it can set
>"envelope_sender_header" accordingly.

Thanks for that. For now, I have removed the patch. SPF works on my systems
perfectly well without it. I'll let people read the SA docs and set it up
appropriately if SPF doesn't work without manual tweaking.
--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support
Buy the MailScanner book at www.MailScanner.info/store

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
</x-flowed>

More information about the MailScanner mailing list