Bug 2503 - FORGED_MUA_OUTLOOK doesn't work properly on some Mailinglists
Summary: FORGED_MUA_OUTLOOK doesn't work properly on some Mailinglists
Status: RESOLVED WONTFIX
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: Rules (show other bugs)
Version: 2.55
Hardware: PC Linux
: P5 minor
Target Milestone: 3.1.0
Assignee: SpamAssassin Developer Mailing List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-09-24 18:44 UTC by Konstantin Seiler
Modified: 2005-02-06 15:25 UTC (History)
0 users


Attachment Type Modified Status Actions Submitter/CLA Status
example message from bug 1970 application/octet-stream None Daniel Quinlan [HasCLA]
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Konstantin Seiler 2003-09-24 18:44:28 UTC 
If a proper Outlook-mail arrives via a mailinglist FORGED_MUA_OUTLOOK may fire.
In my case the listmanager used is "CommuniGate Pro LIST 4.0.6" which rewrites
the Message-ID.
Comment 1 Daniel Quinlan 2003-10-01 18:32:02 UTC 
Created attachment 1441 [details]
example message from bug 1970

Add to this bug the "Grupos" mailing list software.
Comment 2 Gary Funck 2004-02-23 22:08:11 UTC 
I originally added this as a comment to closed bug 2538, but it probably 
relates to this bug more closely, because the message came through a mailing 
list.

Here are the headers in question (names changed, but otherwise left in tact.
This is an internal list, managed by Smartlist, and a virtual domain, fyi.)

Return-Path: <info-group-request@group.net>
Received: from www.foo.org (localhost [127.0.0.1])
        by www.foo.org (8.12.8/8.12.8) with ESMTP id i1IA2DGo027968;
        Wed, 18 Feb 2004 02:02:13 -0800
Received: (from slist@localhost)
        by www.foo.org (8.12.8/8.12.8/Submit) id i1I9wxul027859;
        Wed, 18 Feb 2004 01:58:59 -0800
Resent-Date: Wed, 18 Feb 2004 01:58:58 -0800
Message-Id: <200402180958.i1I9wxul027859@www.foo.org>
Old-Old-From: "Mr. Jones" <mrjones@group.net>
To: <info-group@group.net>
Old-Subject: Feb. 18, 2004
Date: Wed, 18 Feb 2004 10:58:42 +0100
MIME-Version: 1.0
Content-Type: multipart/related;
        boundary="----=_NextPart_000_000A_01C3F60E.2C4106E0"
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Importance: Normal
Resent-Message-ID: <HhqE8B.A.AzG.idzMAB@www.foo.org>
Resent-From: info-group@group.net
Old-Old-Reply-To: info-group@group.net
X-Mailing-List: <info-group@group.net> archive/latest/2161
X-Loop: info-group@group.net
List-Post: <mailto:info-group@group.net>
List-Help: <mailto:info-group-request@group.net?subject=help>
Precedence: list
Resent-Sender: info-group-request@group.net
From: INFO GROUP <info-group@group.net>
Reply-To: info-group@group.net
Old-From: info-group@group.net
Old-Reply-To: info-group@group.net
Subject: [INFO-GROUP 2161]  Feb. 18, 2004

It is being classified as:
 2.7 FORGED_MUA_OIMO        Forged mail pretending to be from MS Outlook IMO

The metarule in question:

# Outlook IMO (Internet Mail Only)
header __OIMO_MUA               X-Mailer =~ /Outlook IMO/
header __OIMO_MSGID             MESSAGEID =~ /^<[A-P]{26}A[AB]\.[-_\w.]
+\@\S+>$/m
meta FORGED_MUA_OIMO            (__OIMO_MUA && !__OIMO_MSGID && !
__OUTLOOK_DOLLARS_MSGID && !__UNUSABLE_MSGID)
describe FORGED_MUA_OIMO        Forged mail pretending to be from MS Outlook IMO

Looking over the headers, it seems the rule is complaining aboutt the format of 
the Message-ID in spite of the fact that this message is being retransmitted 
through a list. The Resent-Message-ID could come into play here perhaps, but at 
some point might get tangled up by a list that forwards directly to another 
list.
Comment 3 Daniel Quinlan 2004-08-27 17:00:02 UTC 
moving accuracy and some bugs to 3.1.0 milestone
Comment 4 Daniel Quinlan 2004-08-27 17:18:17 UTC 
more accuracy and performance bugs going to 3.1.0 milestone
Comment 5 Justin Mason 2005-02-07 00:25:15 UTC 
I think if the mailing list doesn't preserve the Message-ID, or at least save it
as Resent-Message-ID, Original-Message-Id et al, we can't help them.