Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 379033

Summary: mail-filter/qmail-scanner: Causing problems with RBL-checks activated spamassassin on target when sender is using dial-up IP
Product: Gentoo Linux Reporter: Huemi <gentoobugs>
Component: [OLD] ServerAssignee: Net-Mail Packages <net-mail+disabled>
Status: RESOLVED FIXED    
Severity: critical    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6645
Whiteboard:
Package list:
Runtime testing required: ---

Description Huemi 2011-08-13 11:10:22 UTC 
User has dial-up IP. His ISP has put those on the PBL, because no mail should be originated directly from there.

He is authenticated and sends a mail via his mail-relay running qmail-scanner and netqmail to a user on another server.

Target is running spamassassin with RBL-checks enabled. Mail receives high spam scores/is being deleted/rejected.

Reproducible: Always

Steps to Reproduce:
1. Use dial-up IP connection
2. Send - for easier testing - yourself a mail on a server running netqmail and qmail-scanner.
3. This will work, because qmail-scanner headers are inserted afterwards. But get the mail out of your delivery folder and run "spamassassin -t < mail" against it (RBL checks have to be enabled). 
Actual Results:  
You will see high spam scores, because spamassassin doesn't strip qmail-scanner's Received: header, when mail is sent authenticated and thinks that it must do PBL-checks on your sender IP, because it doesn't detect authentication.

If target is running qmail-scanner without any adjustments, mail might be silently quarantined or even deleted.

Expected Results:  
Mail should be delivered, you should get -1 ALL-TRUSTED.

Workaround: 
1. Change the Received: to X-Qmail-Scanner-Diagnostics: in qmail-scanner's .pl file --> prevents your mails from being deleted somewhere else.
http://sourceforge.net/mailarchive/message.php?msg_id=27935860
Might be fixed in future versions, but I think this fix has to be backported, because i.e. current version 2.08 hasn't been unmasked yet, so some people might not be always running latest version ...

2. Change Spamassassin's code for handling qmail-scanner mails coming from others.
A maybe working fix can be found on spamassassin's bugzilla:
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6645
BTW: I would be for integrating that fix upstream, but when you read the comments until now, nobody upstream seems to be interested in getting this fixed in spamassassin ... --> maybe you want to tell them that this is a critical fix (although their claim that this should be fixed in qmail-scanner is correct, but that doesn't help you when you are dropping mails from others, who haven't fixed that yet ...)

BTW: maybe qmail-scanner's default should be changed to not quarantine but to reject, so sender is being informed instead of mails being silently dropped ...

Severity set to critical, because legitimate mails are handled as spam and so might be deleted (lost data ...).
Comment 1 Pacho Ramos gentoo-dev 2016-05-06 08:26:17 UTC 
Looks like this was fixed in 2.08 (and we will stabilize it soon)