spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matus UHLAR - fantomas <uh...@fantomas.sk>
Subject Re: __DOS_DIRECT_TO_MX superflous __DOS_RELAYED_EXT
Date Sat, 27 Apr 2019 13:21:13 GMT
>On Fri, 26 Apr 2019 15:44:54 +0200
>Matus UHLAR - fantomas wrote:
>> when looking at __DOS_DIRECT_TO_MX I have noticed that it consists of
>> one superflous rule:
>...
>> I believe hitting __DOS_SINGLE_EXT_RELAY implies not hitting
>> __DOS_RELAYED_EXT, because:
>>
>> header __DOS_SINGLE_EXT_RELAY   X-Spam-Relays-External =~ /^\[ [^\]]+
>> \]$/ header __DOS_RELAYED_EXT        ALL-EXTERNAL
>> =~ /(?:^|\n)[Rr][eE][cC][eE][iI][vV][eE][dD]:\s.+\n[Rr][eE][cC][eE][iI][vV][eE][dD]:\s/s
>>
>> looking at the docs, __DOS_RELAYED_EXT only matches when there are
>> multiple Received: headers in external relays, however such mail
>> would have multiple relays in X-Spam-Relays-External and thus it
>> could not match __DOS_SINGLE_EXT_RELAY

On 26.04.19 19:13, RW wrote:
>I noticed this myself. IIRC I didn't mention it because it's harmless
>and it's difficult to establish that there aren't rare corner cases
>where it's needed.

this is just why I ask - just for sure.

>I think that __DOS_SINGLE_EXT_RELAY could FP where an external
>MTA, configured to use a smart host, authenticates into the internal
>network (see bug 7590)

I don't quite understand the bug.  The presence of authentication header
should cause the rest of headers being in the trusted/internal network.

I think authentication should cause behaviour just as 81.171.57.60 was in
msa_networks.

> - possibly __DOS_SINGLE_EXT_RELAY mitigates
>that.

you apparently mean __DOS_RELAYED_EXT ;-)

-- 
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Saving Private Ryan...
Private Ryan exists. Overwrite? (Y/N)

Mime
View raw message