Bug 2871 - [review] FORGED_YAHOO_RCVD False Positives
Summary: [review] FORGED_YAHOO_RCVD False Positives
Status: RESOLVED FIXED
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: Rules (Eval Tests) (show other bugs)
Version: 2.61
Hardware: PC Linux
: P5 minor
Target Milestone: 2.62
Assignee: SpamAssassin Developer Mailing List
URL:
Whiteboard:
Keywords:
: 2237 (view as bug list)
Depends on:
Blocks:
 
Reported: 2003-12-28 12:43 UTC by Jacob Burckhardt
Modified: 2004-01-24 02:01 UTC (History)
1 user (show)


Attachment Type Modified Status Actions Submitter/CLA Status
Spamassassin does not recognize the yahoo received header in this email. text/plain None Jacob Burckhardt [NoCLA]
patch to delete period from regular expression patch None Jacob Burckhardt [NoCLA]
some header sets that were missed text/plain None Theo Van Dinter [HasCLA]
fix for both patch None Justin Mason [HasCLA]
My suggested patch patch None Theo Van Dinter [HasCLA]
Show Obsolete (1) Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jacob Burckhardt 2003-12-28 12:43:29 UTC 
I will attach an email in which spamassasin said FORGED_YAHOO_RCVD.  I
do not think it should say that since I sent it through yahoo.  I
think my email has a yahoo received header, but I think spamassasin
failed to recognize it as a valid received header.  I will attach a
patch which makes spamassasin recognize the header.  The patch deletes
an escaped period from the regular expression so that the expression
will match smtp014.mail.yahoo.com.  The old code did not match that
since my email header did not have a period after the "smtp".

I tested it with this command:

spamassassin < email
Comment 1 Jacob Burckhardt 2003-12-28 12:46:30 UTC 
Created attachment 1645 [details]
Spamassassin does not recognize the yahoo received header in this email.
Comment 2 Jacob Burckhardt 2003-12-28 12:48:39 UTC 
Created attachment 1646 [details]
patch to delete period from regular expression
Comment 3 Theo Van Dinter 2003-12-28 13:17:20 UTC 
moving to 2.62
Comment 4 Theo Van Dinter 2004-01-11 13:07:00 UTC 
I found a few myself that need some help unrelated to the RE.
Comment 5 Theo Van Dinter 2004-01-11 13:26:21 UTC 
Created attachment 1679 [details]
some header sets that were missed

3 merchant ratings, 1 classified notice.
Comment 6 Justin Mason 2004-01-11 21:44:30 UTC 
Created attachment 1682 [details]
fix for both

ok, just redid this (without ref to patch 1646 to avoid a CLA); it also
catches Theo's mails I think.
Comment 7 Theo Van Dinter 2004-01-12 05:48:43 UTC 
Subject: Re:  FORGED_YAHOO_RCVD False Positives

On Sun, Jan 11, 2004 at 10:39:27PM -0800, bugzilla-daemon@bugzilla.spamassassin.org wrote:
> ok, just redid this (without ref to patch 1646 to avoid a CLA); it also
> catches Theo's mails I think.

Hey, I was working on this! :P

I'll look at your patch, but mine so far goes from:

orig/results.log:  4.333  12.8782   0.2197    0.983   0.97    0.38  FORGED_YAHOO_RCVD

to

results.log:  4.302  12.8782   0.1745    0.987   0.98    0.38  FORGED_YAHOO_RCVD
Comment 8 Theo Van Dinter 2004-01-12 06:14:10 UTC 
Created attachment 1684 [details]
My suggested patch

Apparently JM and I were both working on this at the same time. ;)  It's pretty
much the same patch, although I don't explicitly ignore store.yahoo.com, I
catch it later with a (?: with SMTP) style RE.	We both remove the "\." from
the first RE.  I also added in a check for bounced/resent messages since I get
a lot of those from family members who send me things they want me to read.

This patch takes my results from

orig/results.log:  4.333  12.8782   0.2197    0.983   0.97    0.38 
FORGED_YAHOO_RCVD

to

./results.log:	4.302  12.8782	 0.1745    0.987   0.98    0.38 
FORGED_YAHOO_RCVD
Comment 9 Justin Mason 2004-01-12 10:44:35 UTC 
+1 to 1684, I think it covers a bit more than my patch does.
Sorry about that Theo, you should have accepted the bug ;)
Comment 10 Theo Van Dinter 2004-01-13 21:39:20 UTC 
applied to 2.62 and head.
Comment 11 Theo Van Dinter 2004-01-24 11:01:25 UTC 
*** Bug 2237 has been marked as a duplicate of this bug. ***