spamassassin severely penalizes IPV6 link-local addresses
arpepper at uwaterloo.ca
arpepper at uwaterloo.ca
Wed Nov 1 20:26:00 UTC 2017
(This message must be read as plain text, no (un)wrapping, preferably
monospace font, retaining all my spaces as significant).
spamassassin 3.4.1-3 and 3.4.1-7 both list ubuntu-devel-discuss at lists.ubuntu.com
as "Maintainer".
Thankfully occasional updates do appear to still be made by the long-time
maintainer. (E.g. 3.4.1-8 in September 2017).
So I report here a problem we run afoul of quite a lot.
In spamassassin 3.4.1-3 to 3.4.1-7 (and before)
/usr/share/perl5/Mail/SpamAssassin/Plugin/RelayEval.pm
seems to deliberately sabotage any potential handling of IPV6 link-local
addresses.
# note using IPv4 addresses for now due to empty strings matching IP_ADDRESS
# due to bug in pure IPv6 address regular expression
sub helo_ip_mismatch {
my ($self, $pms) = @_;
my $IP_ADDRESS = IPV4_ADDRESS;
my $IP_PRIVATE = IP_PRIVATE;
for my $relay (@{$pms->{relays_untrusted}}) {
# is HELO usable?
next unless ($relay->{helo} =~ m/^$IP_ADDRESS$/ &&
$relay->{helo} !~ /$IP_PRIVATE/);
# compare HELO with IP
return 1 if ($relay->{ip} =~ m/^$IP_ADDRESS$/ &&
$relay->{ip} !~ m/$IP_PRIVATE/ &&
$relay->{helo} ne $relay->{ip} &&
# different IP is okay if in same /24
$relay->{helo} =~ /^(\d+\.\d+\.\d+\.)/ &&
index($relay->{ip}, $1) != 0);
}
0;
}
This, or perhaps similar code elsewhere causes headers such as the
following to get an effective 7 spamassassin point penalty. (2 to 3
for RDNS_NONE, and 5 for not matching ALL_TRUSTED).
=============================================================================
Received: from connhm01.connect.uwaterloo.ca ([fe80::d4bf:9432:cac5:5f3b]) by
connhm01.connect.uwaterloo.ca ([fe80::d4bf:9432:cac5:5f3b%19]) with mapi id
15.01.1034.032; Fri, 27 Oct 2017 13:06:52 -0400
=============================================================================
I have been able to sed the IPV6 addresses into an acceptable IPV4 version
and obtain a spamassassin score approximately 7 points "less spammy" (in
our context, of course).
As RFC822 attachments (I think) I include a complete sample message
followed by a version modified to pass "ALL_TRUSTED" (in our context,
of course).
Some hostnames and all list names have been made bogus, however.
To a smaller audience, I could provide similar messages without that
obfuscation.
Adrian Pepper
arpepper at uwaterloo.ca
-------------- next part --------------
An embedded message was scrubbed...
From: AR Pepper <arpepper at uwaterloo.ca>
Subject: [scs-arp] Gentle message sent via owa
Date: Fri, 27 Oct 2017 17:06:52 +0000
Size: 4353
URL: <https://lists.ubuntu.com/archives/ubuntu-devel-discuss/attachments/20171101/be45859d/attachment.mht>
-------------- next part --------------
An embedded message was scrubbed...
From: AR Pepper <arpepper at uwaterloo.ca>
Subject: [scs-arp] Gentle message sent via owa
Date: Fri, 27 Oct 2017 17:06:52 +0000
Size: 4322
URL: <https://lists.ubuntu.com/archives/ubuntu-devel-discuss/attachments/20171101/be45859d/attachment-0001.mht>
More information about the Ubuntu-devel-discuss
mailing list