3302 – Dynamic IP and Squirrelmail

Bug 3302 - Dynamic IP and Squirrelmail

Summary: Dynamic IP and Squirrelmail

Status:	RESOLVED FIXED

Alias:	None

Product:	Spamassassin
Classification:	Unclassified
Component:	Rules (show other bugs)
Version:	2.63
Hardware:	Other Linux

Importance:	P3 normal
Target Milestone:	Undefined
Assignee:	SpamAssassin Developer Mailing List

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2004-04-25 11:38 UTC by Jan P. S
Modified:	2004-12-17 09:12 UTC (History)
CC List:	0 users

Attachment	Type	Modified	Status	Actions	Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jan P. S 2004-04-25 11:38:13 UTC

We use Squirrelmail where a PC client through a web interface is able to submit
mail from the Squirrelmail server. No SMTP transport direct from the client.

However, Spamassassin assumes that the mail is generated by the client, which 
may have a dynamic IP address. Thus RCVD_IN_DYNABLOCK is set for the mail.
This is incorrect, the SMTP transport starts ar the Squirrelmail server.

The headers:

From xxx@s5.stud.ku.dk Sun Apr 25 18:17:02 MET 2004
Received: from proxy2.adm.ku.dk (proxy2.adm.ku.dk [130.225.126.133])
        by garm.adm.ku.dk (8.12.10/8.12.10) with ESMTP id i3PGH1UD004751
        for <yyy@garm.adm.ku.dk>; Sun, 25 Apr 2004 18:17:01 +0200 (METDST)
Received: from s5.stud.ku.dk (s5.stud.ku.dk [IPv6:2001:878:100:1::137])
        by proxy2.adm.ku.dk (8.12.10/8.12.10) with ESMTP id i3PGDZD7002915
        for <yyy@garm.adm.ku.dk>; Sun, 25 Apr 2004 18:13:35 +0200
X-Relay: 127.0.0.1
Received: from s5.stud.ku.dk (localhost.0.0.127.in-addr.arpa [127.0.0.1])
        by s5.stud.ku.dk (8.12.10/8.12.10) with SMTP id i3PGGpXc014808
        for <yyy@garm.adm.ku.dk>; Sun, 25 Apr 2004 18:16:51 +0200
From: xxx <xxx@stud.ku.dk>
Received: from 62.79.92.81
        (SquirrelMail authenticated user xxx)
        by s5.stud.ku.dk with HTTP;
        Sun, 25 Apr 2004 18:16:51 +0200 (CEST)

Spamassassin is running on proxy2, and I would expect it to check the IP
address of the sending server (and not a previous server).

Jan P. Sorensen

Comment 1 Justin Mason 2004-12-17 17:42:12 UTC

I think this has been fixed.

Comment 2 Daryl C. W. O'Shea 2004-12-17 17:54:54 UTC

Yeah, it's a dup of bug 3236 which was fixed by ignoring the Squirrelmail header
altogether.

I wonder if the header would be useful having (for something at some point) now
that we can extend the trust boundary to it (bug 2462).

Comment 3 Justin Mason 2004-12-17 18:12:55 UTC

thinking: yes, it probably would be.  I didn't want to do that as part of that
bug, though, to avoid confusing the issues.

only issue I can think of is that some large webmailers do have trouble with
spammers signing up for accounts, authing against them, and sending mail that
way; but then, if someone has set up their trust boundary to trust a large
webmailer, then this is what would happen either way!