[prev in list] [next in list] [prev in thread] [next in thread]
List: spamassassin-devel
Subject: [Bug 7214] New: ALL_TRUSTED false positive
From: bugzilla-daemon () bugzilla ! spamassassin ! org
Date: 2015-06-20 6:11:55
Message-ID: bug-7214-26 () https ! bz ! apache ! org/SpamAssassin/
[Download RAW message or body]
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7214
Bug ID: 7214
Summary: ALL_TRUSTED false positive
Product: Spamassassin
Version: 3.4.1
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Rules
Assignee: dev@spamassassin.apache.org
Reporter: dev+sa@pgnd.us
I run a frontend mailserver instance
postfix 3.0.1
amavisd-new-2.10.1 (20141025)
SpamAssassin version 3.4.1
SA is called from amavisd via a postfix postqueue content_filter. Valid mail
is relayed to a second, backend postfix instance.
SA config includes
...
clear_trusted_networks
clear_internal_networks
internal_networks 127.0.0.0/8 10.2.2.0/24 10.1.1.0/24 X.X.X.X/29
trusted_networks 10.2.2.0/24 10.1.1.0/24 X.X.X.X/29
...
clear_headers
rewrite_header Subject *SPAM* _STARS(*)_
add_header spam Flag _YESNOCAPS_
add_header all Status _YESNO_, score=_SCORE_ required=_REQD_ tests=_TESTS_
autolearn=_AUTOLEARN_ version=_VERSION_
add_header all Level _STARS(*)_
add_header all Checker-Version SpamAssassin _VERSION_ (_SUBVERSION_) on
_HOSTNAME_
add_header all Relay-Country _RELAYCOUNTRY_
add_header all Relays-Untrusted _RELAYSUNTRUSTED_
...
score ALL_TRUSTED 0.001
...
X.X.X.X/29 is my ISP-provided static range; it is NOT in Google's IP space.
With the trust path set as above, all messages received from external sources
NOT in the trust path still fire 'ALL_TRUSTED'.
Incorrectly, no relays are identified as external/untrusted.
Here are the received mail headers for a test mail sent from a gmail.com
account (NOT in the trust path) to my Postfix server
------------------------------------------------------
Return-Path: MY_GUSER@gmail.com
Received: from mail-backend.DDDD.com (LHLO mail-backend.DDDD.com)
(10.2.2.13) by mail-backend.DDDD.com with LMTP; Fri, 19 Jun 2015
21:13:57 -0700 (PDT)
Received: from relay-vpn.mail.DDDD.com (internal.mail.DDDD.com [10.1.1.16])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "relay-vpn.mail.DDDD.com", Issuer "DDDD_CA" (verified OK))
by mail-backend.DDDD.com (Postfix) with ESMTPS id 64EBC10277E
for <test@DDDD.com>; Fri, 19 Jun 2015 21:13:57 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by mailhost.DDDD.com (Postfix) with ESMTP id D30EB66791
for <test@DDDD.com>; Fri, 19 Jun 2015 21:13:56 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on
mail.DDDD.com
X-Spam-Flag: NO
X-Spam-Score: 0.606
X-Spam-Level:
X-Spam-Status: No, score=0.606 tagged_above=-9999 required=5
tests=[ALL_TRUSTED=0.001, BAYES_00=-1.9, DKIM_SIGNED=0.001,
DKIM_VALID=0.001, DKIM_VALID_AU=0.001, DKIM_VERIFIED=0.001,
PYZOR_CHECK=2.5, SPF_PASS=0.001] autolearn=no autolearn_force=no
X-Spam-Relay-Country:
X-Spam-Relays-Untrusted:
X-Spam-ShortCircuit: shortcircuit=no status=no trigger_rule=none
Received: from amavis-feed.mail.DDDD.com ([10.1.1.16])
by localhost (mail.DDDD.com [127.0.0.1]) (amavisd-new, port 20002)
with ESMTP id 0iLhWtHd6QuA for <test@DDDD.com>;
Fri, 19 Jun 2015 21:13:51 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by mailhost.DDDD.com (Postfix) with ESMTP id 9B2DD66782
for <test@DDDD.com>; Fri, 19 Jun 2015 21:13:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at mail.DDDD.com
Authentication-Results: mail.DDDD.com (amavisd-new);
dkim=pass (2048-bit key) header.d=gmail.com
Received: from mailhost.DDDD.com ([127.0.0.1])
by localhost (mail.DDDD.com [127.0.0.1]) (amavisd-new, port 20001)
with ESMTP id iM1tCl38jXIQ for <test@DDDD.com>;
Fri, 19 Jun 2015 21:13:51 -0700 (PDT)
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
client-ip=209.85.220.179; helo=mail-qk0-f179.google.com;
envelope-from=MY_GUSER@gmail.com; receiver=test@DDDD.com
Received: from mail-qk0-f179.google.com (mail-qk0-f179.google.com
[209.85.220.179])
by mailhost.DDDD.com (Postfix) with ESMTPS
for <test@DDDD.com>; Fri, 19 Jun 2015 21:13:50 -0700 (PDT)
Received: by qkeo142 with SMTP id o142so54552683qke.1
for <test@DDDD.com>; Fri, 19 Jun 2015 21:13:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20120113;
h=mime-version:date:message-id:subject:from:to:content-type;
bh=g3z...Gs=;
b=BEc...w==
MIME-Version: 1.0
X-Received: by 10.140.235.195 with SMTP id g186mr27561030qhc.64.1434778428294;
Fri, 19 Jun 2015 21:13:48 -0700 (PDT)
Received: by 10.140.40.102 with HTTP; Fri, 19 Jun 2015 21:13:48 -0700 (PDT)
Date: Fri, 19 Jun 2015 21:13:48 -0700
Message-ID: <CAH...PhA@mail.gmail.com>
Subject: test
From: my_guser <MY_GUSER@gmail.com>
To: test@DDDD.com
Content-Type: text/plain; charset=UTF-8
test
------------------------------------------------------
The relay
Received: from mail-qk0-f179.google.com (mail-qk0-f179.google.com
[209.85.220.179])
is obviously not in the trust path. ALL_TRUSTED should not fire.
--
You are receiving this mail because:
You are the assignee for the bug.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic