|
SA Bugzilla – Full Text Bug Listing |
Summary: | FSL_HELO_BARE_IP_* meta rule logic is wrong | ||
---|---|---|---|
Product: | Spamassassin | Reporter: | RW <rwmaillists> |
Component: | Rules | Assignee: | SpamAssassin Developer Mailing List <dev> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | giovanni, jhardin, kmcgrail, rwmaillists |
Priority: | P2 | ||
Version: | unspecified | ||
Target Milestone: | Undefined | ||
Hardware: | All | ||
OS: | All | ||
Whiteboard: | |||
Attachments: |
helo_bare_ip fix and rcvd_numeric removal
helo_bare_ip fix and rcvd_numeric removal |
Description
RW
2016-01-26 16:06:48 UTC
Suppression reversed, other minor tweaks per current (rather heated) users mailing list discussion. $ svn commit Sending 99_doc_test.cf Transmitting file data . Committed revision 1726846. A couple of points: 1) Rather than using && !ALL_TRUSTED in FSL_HELO_BARE_IP_2, it would be better to only check untrusted relays in __FSL_HELO_BARE_IP_2 since this eliminates other kinds of FP as well. FSL_HELO_BARE_IP_1 may benefit from the all-trusted test, and because it's a last-external check it could also benefit from a "auth= " check. So: meta FSL_HELO_BARE_IP_1 __FSL_HELO_BARE_IP_1 && !ALL_TRUSTED meta FSL_HELO_BARE_IP_2 __FSL_HELO_BARE_IP_2 && !FSL_HELO_BARE_IP_1 &&!__VIA_ML && !__HAS_ERRORS_TO header __FSL_HELO_BARE_IP_1 X-Spam-Relays-External =~ /^[^\]]+ helo=(?!127)\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3} [^\]]*auth= /i header __FSL_HELO_BARE_IP_2 X-Spam-Relays-Untrusted =~ /helo=(?!127)\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3} /i 2) I notice that there is a comment: # score limit due to partial overlap with RCVD_NUMERIC_HELO I had a look at RCVD_NUMERIC_HELO and, despite the name and possibly the intent, it's a test on HELO bare IP addresses in the untrusted networks. It's a duplicate of the modified version of __FSL_HELO_BARE_IP_2 I quoted above. I think it should go. Reopening bug to address RW's further suggestions. Created attachment 5508 [details]
helo_bare_ip fix and rcvd_numeric removal
Created attachment 5551 [details]
helo_bare_ip fix and rcvd_numeric removal
Remove score limit on FSL_HELO_BARE_IP_2 now that it doesn't overlap with RCVD_NUMERIC_HELO
Giovanni, did you want to commit this? Committed with commitid #1838621. kmcgrail, maybe CK_HELO_DYNAMIC_SPLIT_IP in your sandbox should be reconsidered now that RCVD_NUMERIC_HELO is gone ? |