Bug 3236 - IP address of Squirrelmail user should not be subjected to rules
Summary: IP address of Squirrelmail user should not be subjected to rules
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: Rules (show other bugs)
Version: 2.63
Hardware: All All
: P5 normal
Target Milestone: 3.1.0
Assignee: SpamAssassin Developer Mailing List
: 4008 (view as bug list)
Depends on:
Reported: 2004-04-03 08:14 UTC by Simon Perreault
Modified: 2005-03-10 17:33 UTC (History)
2 users (show)

Attachment Type Modified Status Actions Submitter/CLA Status
Proposed patch patch None Simon Perreault [NoCLA]
Ignores Received header inserted by IMP. patch None George A. Theall [NoCLA]
Extend IMP-Patch to IMP and Horde3 patch None Joerg Friedrich [NoCLA]

Note You need to log in before you can comment on or make changes to this bug.
Description Simon Perreault 2004-04-03 08:14:07 UTC
Squirrelmail logs the IP address of the sender of the message by adding a
Received header like this:

Received: from
        (SquirrelMail authenticated user synapse)
        by mail.nomis80.org with HTTP;
        Sat, 3 Apr 2004 10:33:43 -0500 (EST)

In that case, this may trigger rules such as RCVD_IN_DYNABLOCK and RCVD_IN_SORBS:

	*  2.5 RCVD_IN_DYNABLOCK RBL: Sent directly from dynamic IP address
	*      [ listed in dnsbl.sorbs.net]
	*  0.1 RCVD_IN_SORBS RBL: SORBS: sender is listed in SORBS
	*      [ listed in dnsbl.sorbs.net]

The IP address of the Squirrelmail user should not be checked against any such
rules. It is easy to discard the Received header as it contains the SquirrelMail
Comment 1 Simon Perreault 2004-04-03 08:48:16 UTC
Created attachment 1877 [details]
Proposed patch

Wow, I am really impressed by the readability of SpamAssassin's code. It took
me only 5 minutes to locate where changes should be made.

This patch simply skips any Received header added by SquirrelMail to indicate
the IP address of the user. This IP address should be checked against any rule.
The $by in this header could be used, but it will be repeated in the next
Received header as the $ip.
Comment 2 Justin Mason 2004-04-20 18:59:14 UTC
thanks, fix checked in now.  I didn't use your code though; I wanted to escape
higher up just to be more paranoid about it.  (rev 10143)
Comment 3 maubere 2004-11-02 21:51:12 UTC
the same applies for the webmail client IMP (www.horde.org). Can you extend this
patch to work with IMP too?
Comment 4 George A. Theall 2004-11-08 14:07:30 UTC
Created attachment 2511 [details]
Ignores Received header inserted by IMP.
Comment 5 Justin Mason 2004-12-15 13:45:25 UTC
*** Bug 4008 has been marked as a duplicate of this bug. ***
Comment 6 Joerg Friedrich 2005-03-11 02:32:30 UTC

I would like reopen this bug because the IMP-Patch never made into svn.
I extended the patch to detect also the new IMP/Horde versions.

Btw. feel free to move this patch to Bug 4008 which is about IMP and not
Squirrel :-)

Yours, Joerg
Comment 7 Joerg Friedrich 2005-03-11 02:33:42 UTC
Created attachment 2693 [details]
Extend IMP-Patch to IMP and Horde3
Comment 8 Daryl C. W. O'Shea 2005-03-11 08:37:05 UTC
Subject: Re:  IP address of Squirrelmail user should not be subjected
 to rules

There's no need to ignore the header since it is automatically trusted 
provided the mail originates from your own IMP server (due to the 'with 
HTTP' token -- see bug 2462).

If the mail doesn't originate from your network there is no reason to 
ignore it since you do want it so you can tell where the message 
originated from.