3654 – check_for_from_dns doesn't like two From lines in header

Bug 3654 - check_for_from_dns doesn't like two From lines in header

Summary: check_for_from_dns doesn't like two From lines in header

Status:	RESOLVED WORKSFORME

Alias:	None

Product:	Spamassassin
Classification:	Unclassified
Component:	Rules (Eval Tests) (show other bugs)
Version:	2.63
Hardware:	Other Linux

Importance:	P5 normal
Target Milestone:	3.1.0
Assignee:	SpamAssassin Developer Mailing List

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2004-08-01 13:12 UTC by Henk van de Kamer
Modified:	2004-11-04 12:06 UTC (History)
CC List:	0 users

Attachment	Type	Modified	Status	Actions	Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Henk van de Kamer 2004-08-01 13:12:23 UTC

Investigating a SpamAssassin report with a NO_DNS_FOR_FROM I found strange MX 
and A queries in the guilty DNS:

pc-active.nlforumbeheer@pc-active.nl

Looking carefully at the headers I saw the following (replace xx with nl, just 
to protect the existing e-mailaddress :-) :

From: forumbeheer@pc-active.xx
Message-ID: <635dba7d80189a20a79274c24ec2d741@www.pc-active.nl>
Date: Sun,  1 Aug 2004 20:22:42 +0200
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: PHP
X-MimeOLE: Produced By phpBB2
From: forumbeheer@pc-active.xx


I can now create all kinds off strange e-mails with simular results. The real 
bug is of course in phpBB, but I think that SpamAssassin must also check for 
bad headers. I haven't tried to include lots of rubish between the two From 
lines, but possible this could lead to all kinds of other unwanted behavior...

Comment 1 Daniel Quinlan 2004-08-01 18:01:17 UTC

This should be fixed in 3.0.0-pre3 - can you try it to see if it has been
fixed?

Comment 2 Henk van de Kamer 2004-08-03 00:54:08 UTC

The problem was discovered on a production server. Not a machine to experiment 
with :-)

May be someone else has a machine available to test this? Just make a fake e-
mail with two From: lines and feed it to spamc. If one of the testresults is 
NO_DNS_FOR_FROM the problem is probably still present. If you have access to 
the querylogs of the DNS you can look voor entries met an @ sign.

I can try to build an server with the latest version, but because of other 
commitments this will probably not be done before the end of this month. I 
leave it up to you to close this bug. If my test or someone else find that it 
is still present, it could be reopened I think?

Thanks for the great work. My users love trhe reduction of spam in their mail...

Comment 3 Daniel Quinlan 2004-08-27 16:59:35 UTC

moving accuracy and some bugs to 3.1.0 milestone

Comment 4 Daniel Quinlan 2004-08-27 17:17:53 UTC

more accuracy and performance bugs going to 3.1.0 milestone

Comment 5 Theo Van Dinter 2004-11-04 21:06:13 UTC

I've tested and have been unable to reproduce this issue with 3.0.1.  If there's
still a problem when using the 3.0-series, we can reopen the ticket. :)