Bug 4752 - bug in Received header parsing code
Summary: bug in Received header parsing code
Status: RESOLVED WORKSFORME
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: Libraries (show other bugs)
Version: SVN Trunk (Latest Devel Version)
Hardware: Other other
: P5 normal
Target Milestone: Undefined
Assignee: SpamAssassin Developer Mailing List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-01-05 05:38 UTC by Daniel Quinlan
Modified: 2019-11-27 09:21 UTC (History)
1 user (show)


Attachment Type Modified Status Actions Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Daniel Quinlan 2006-01-05 05:38:46 UTC 
The Received header parsing code can determine the trust boundary
incorrectly if the message is relayed from a private network,
through a public network, and back into a similarly numbered
(same class B) private network.  The bug "happens" here, although
it's easily debatable that it's caused where $first_by is set:

      # if the 'from' IP addr shares the same class B mask (/16) as
      # the first relay found in the message, it's still on the
      # user's network.
      elsif (Mail::SpamAssassin::Util::ips_match_in_16_mask
                                        ([ $relay->{ip} ], $first_by))
      {
        dbg("received-header: 'from' ".$relay->{ip}." is near to first 'by'");
        $inferred_as_trusted = 1;
      }
Comment 1 Henrik Krohns 2019-11-27 09:21:54 UTC 
No such code is found. Assuming fixed ages ago, closing.