logo       
<prev    next>

Re: Problem with whitelist_from_rcvd and forged reverse lookup: msg#01212

users-spamassassin

Subject: Re: Problem with whitelist_from_rcvd and forged reverse lookup

On 30.07.09 14:03, Sebastian Wiesinger wrote:
> I was under the impression that whitelist_from_rcvd checks if the
> reverse lookup is forged. But still with the following rule
>
> whitelist_from_rcvd *@alita.karotte.org localhost
>
> the attached mail is whitelisted because 220.231.127.15 resolves to
> localhost. Am I doing something wrong or is this a bug?

a bug apparently.

However, the

whitelist_from_rcvd *@alita.karotte.org localhost

should never work, because it works at network boundary, while localhost
should always be in your networks (trusted and internal too)

> >From ntchel@xxxxxxxxxxxxxxxx Thu Jul 30 13:49:11 2009
> Return-Path: <ntchel@xxxxxxxxxxxxxxxx>
> X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on alita.karotte.org
> X-Spam-Level:
> X-Spam-Status: No, score=-77.7 required=5.0 tests=BAYES_60=1,
>
> HTML_IMAGE_ONLY_04=2.041,HTML_MESSAGE=0.001,HTML_SHORT_LINK_IMG_1=0.001,
>
> MIME_HTML_ONLY=1.457,RAZOR2_CF_RANGE_51_100=0.5,RAZOR2_CF_RANGE_E8_51_100=1.5,
> RAZOR2_CHECK=0.5,RCVD_IN_BL_SPAMCOP_NET=1.96,RCVD_IN_PBL=0.905,
> RCVD_IN_SORBS_WEB=0.619,RCVD_IN_XBL=3.033,SARE_HTML_A_BODY=0.742,
> SARE_HTML_IMG_ONLY=1.666,SPF_FAIL=0.693,TVD_SPACE_RATIO=2.219,
> URIBL_BLACK=1.955,URIBL_JP_SURBL=1.501,USER_IN_WHITELIST=-100
> autolearn=no
> bayes=0.7770 version=3.2.5
> Received: from alside.com (localhost [220.231.127.15] (may be forged))
> by alita.karotte.org (8.14.3/8.14.3/Debian-5) with SMTP id
> n6UBn1BJ021997
> for <webmaster@xxxxxxxxxxxxxxxxx>; Thu, 30 Jul 2009 13:49:05 +0200
> X-DKIM: Sendmail DKIM Filter v2.8.2 alita.karotte.org n6UBn1BJ021997
> Date: Thu, 30 Jul 2009 13:49:01 +0200
> Message-Id: <200907301149.n6UBn1BJ021997@xxxxxxxxxxxxxxxxx>
> To: <webmaster@xxxxxxxxxxxxxxxxx>
> Subject: Delivery Status Notification
> From: <webmaster@xxxxxxxxxxxxxxxxx>
> MIME-Version: 1.0
> Importance: High
> Content-Type: text/html
> Status: RO
> Content-Length: 324
> Lines: 6
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> [..]
>
> --
> GPG Key-ID: 0x76B79F20 (0x1B6034F476B79F20)
> 'Are you Death?' ... IT'S THE SCYTHE, ISN'T IT? PEOPLE ALWAYS NOTICE THE
> SCYTHE.
> -- Terry Pratchett, The Fifth Elephant

--
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The 3 biggets disasters: Hiroshima 45, Tschernobyl 86, Windows 95

<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Timed Out, Sasa
Next by Date:  Re: Problem with whitelist_from_rcvd and forged reverse lookup, Sebastian Wiesinger
Previous by Thread:  Problem with whitelist_from_rcvd and forged reverse lookup, Sebastian Wiesinger
Next by Thread:  Re: Problem with whitelist_from_rcvd and forged reverse lookup, Sebastian Wiesinger
Indexes:  [Date] [Thread] [Top] [All Lists]

Google Custom Search
News | Mail Home | sitemap | FAQ | advertise