1109 – envelope name not in header

Bug 1109 - envelope name not in header

Summary: envelope name not in header

Status:	RESOLVED WONTFIX

Alias:	None

Product:	Spamassassin
Classification:	Unclassified
Component:	spamc/spamd (show other bugs)
Version:	2.42
Hardware:	Other Linux

Importance:	P2 enhancement
Target Milestone:	---
Assignee:	SpamAssassin Developer Mailing List

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2002-10-12 14:20 UTC by Doug McCasland
Modified:	2002-10-13 10:41 UTC (History)
CC List:	0 users

Attachment	Type	Modified	Status	Actions	Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Doug McCasland 2002-10-12 14:20:22 UTC

Suggestion for test:

Look for a certain recipient address in the To/Cc headers.  A lot of spam 
doesn't contain the address of the envelope recipient, so this could be a + 
score.  

Perhaps procmailrc can be the place to call spamc with an arg. of the desired 
recipient addr.

Comment 1 Theo Van Dinter 2002-10-12 15:19:45 UTC


*** This bug has been marked as a duplicate of 1041 ***

Comment 2 Daniel Quinlan 2002-10-13 01:00:54 UTC

I don't think this is a duplicate of 1041.

Comment 3 Daniel Quinlan 2002-10-13 01:16:15 UTC

non-spam often doesn't include the envelope address in a To: or Cc: header.
This test is not going to be reliable enough to use.  Sources include:
Bcc: mail, mailing lists, and aliases.  Closing as WONTFIX.

Comment 4 Doug McCasland 2002-10-13 18:41:41 UTC

I'm sorry to see this go as a wontfix.  What is unreliable about supplying the 
acceptable ToCc addresses (or perlre or shell glob) as arguments to the test 
in the prefs file?   Or command-line arg to spamassassin or spamc?  The user 
could specify in user_prefs (new test name me_in_cc):

no_me_in_tocc  me@foobaz.com  me@someother.biz

The admin could put this in system-wide prefs:

no_me_in_tocc  *@ourdomain.com

Message gets + points if the addrs/patterns don't appear in ToCc.

============================
I also tried this semi-kludge:

required_hits           7
whitelist_to    *@bozodomain.net
whitelist_to    *@jackhack.org
score USER_IN_WHITELIST_TO -2.0

Thus message needs the -2 to be "normal" (i.e. required hits 5).  I have this 
turned on and am waiting to see how well it works.

==========================
As another attempt (in system-wide file):

header NOT_TO_ME ToCc !~ /@(bozodomain.net|jackhack.org)/
score NOT_TO_ME 2.0

But the ensuing report in the message reveals all the acceptable domain names 
in the test explanation (which in my case would be dozens of domain names), so 
I don't like this one.


Thanks

Comment 5 Daniel Quinlan 2002-10-14 02:03:47 UTC

Subject: Re: [SAdev]  envelope name not in header

dougm@bravoecho.net writes:

> I'm sorry to see this go as a wontfix.  What is unreliable about
> supplying the acceptable ToCc addresses (or perlre or shell glob) as
> arguments to the test in the prefs file?  Or command-line arg to
> spamassassin or spamc?  The user could specify in user_prefs (new
> test name me_in_cc):

Well, if that's what you want to do, then this sounds more like a
duplicate of the bug 1041 (except that is for use in a negatively
scoring rule that is designed to be computationally expensive for the
sender, so spammers could not spam for free).

> no_me_in_tocc  me@foobaz.com  me@someother.biz

You have to list every mailing list and alias.  Do you have any idea
how many addresses most people would have to list?

> The admin could put this in system-wide prefs:
> 
> no_me_in_tocc  *@ourdomain.com

No, that will not work.  Mailing lists do not put user@ourdomain.com
in To: or Cc:.

> Message gets + points if the addrs/patterns don't appear in ToCc.
> 
> ============================
> I also tried this semi-kludge:
> 
> required_hits           7
> whitelist_to    *@bozodomain.net
> whitelist_to    *@jackhack.org
> score USER_IN_WHITELIST_TO -2.0
> 
> Thus message needs the -2 to be "normal" (i.e. required hits 5).  I
> have this turned on and am waiting to see how well it works.

It won't work well because spammers put the right address in the To:
more often than not and you're skewing those messages by -2.0.  It
will raise your false negative rate by an unacceptable amount.

Unless every user provides an exhaustive list of valid To: and Cc:
recipients (and then you'd score positively if none were found) in
their own personal configuration and maintained it extremely
accurately, then this test will not work very well.

I have no idea how many addresses I would have to list -- I'm on a lot
of low-frequency mailing lists that I don't bother to procmail into
separate folders.  I'd probably have to have a list of 100 valid To:
or Cc: addresses.

And then it STILL wouldn't work because of blind carbon-copies.  I
think this trumps all of the other problems.

Dan

Comment 6 Tony L. Svanstrom 2002-10-14 04:49:29 UTC

Subject: Re: [SAdev]  envelope name not in header

> ------- Additional Comments From dougm@bravoecho.net  2002-10-13 18:41 -------
> I'm sorry to see this go as a wontfix.  What is unreliable about supplying the
> acceptable ToCc addresses (or perlre or shell glob) as arguments to the test
> in the prefs file?   Or command-line arg to spamassassin or spamc?  The user
> could specify in user_prefs (new test name me_in_cc):

 I'm sure it'd give great results locally for some, but on average I think it'd
just be a problem; and way too complicated to understand for the average user.
SA should work with as little configurations by the enduser as possible, IMHO.

From: bugzilla-daemon@hughes-family.org
To: spamassassin-devel@lists.sourceforge.net
Subject: [SAdev] [Bug 1109] envelope name not in header
X-Envelope-From: spamassassin-devel-admin@lists.sourceforge.net
X-Envelope-To: tony@svanstrom.com


	/Tony