Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 7C6F2200D6F for ; Mon, 1 Jan 2018 17:17:23 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 7441C160C25; Mon, 1 Jan 2018 16:17:23 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id BB551160C05 for ; Mon, 1 Jan 2018 17:17:22 +0100 (CET) Received: (qmail 887 invoked by uid 500); 1 Jan 2018 16:17:16 -0000 Mailing-List: contact users-help@spamassassin.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@spamassassin.apache.org Received: (qmail 877 invoked by uid 99); 1 Jan 2018 16:17:16 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 01 Jan 2018 16:17:16 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id D7335C087C for ; Mon, 1 Jan 2018 16:17:15 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -0.011 X-Spam-Level: X-Spam-Status: No, score=-0.011 tagged_above=-999 required=6.31 tests=[SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=disabled Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024) with ESMTP id P1ZzKGsdCYL8 for ; Mon, 1 Jan 2018 16:17:12 +0000 (UTC) Received: from bigsky.scconsult.com (bigsky.scconsult.com [67.149.19.3]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTPS id 665DA5FB9E for ; Mon, 1 Jan 2018 16:17:11 +0000 (UTC) Received: from silverclam.scconsult.com (silverclam.scconsult.com [192.168.254.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by toaster.scconsult.com (Postfix) with ESMTPSA id 3z9Mll3S6wz1dqlVg for ; Mon, 1 Jan 2018 11:17:07 -0500 (EST) From: "Bill Cole" To: users@spamassassin.apache.org Subject: Re: Malformed spam email gets through. Date: Mon, 01 Jan 2018 11:17:06 -0500 Reply-To: users@spamassassin.apache.org X-Mailer: MailMate (2.0BETAr6102) Message-ID: In-Reply-To: References: <5A496F7B.4090507@psfc.mit.edu> MIME-Version: 1.0 Content-Type: text/plain; format=flowed X-Spam-Source: on via in en archived-at: Mon, 01 Jan 2018 16:17:23 -0000 On 1 Jan 2018, at 3:54 (-0500), Rupert Gallagher wrote: > We reject anything whose mid does not include the fqdn or address > literal of their sending server. We do this because the RFC says > explicitly that the mid *MUST* have those features. This is a blatant falsehood. Relevant RFCs: https://tools.ietf.org/html/rfc5322#section-3.6.4 https://tools.ietf.org/html/rfc2822#section-3.6.4 https://tools.ietf.org/html/rfc822#section-4.6 The only "MUST" in regard to MID content in any of those is uniqueness. Use of a domain identifier is merely RECOMMENDED. Beyond that, it is *IMPOSSIBLE* for a receiving system to reliably determine whether the right-hand part of a MID is a valid host or domain identifier for the generator of the MID. -- Bill Cole bill@scconsult.com or billcole@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Currently Seeking Steady Work: https://linkedin.com/in/billcole