Bug 5549 - Postfix sasl Authenticated header not detected
Summary: Postfix sasl Authenticated header not detected
Status: NEW
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: spamassassin (show other bugs)
Version: 3.2.1
Hardware: Other Linux
: P5 normal
Target Milestone: Undefined
Assignee: SpamAssassin Developer Mailing List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-07-06 08:07 UTC by Matthew Dickinson
Modified: 2014-03-20 18:51 UTC (History)
3 users (show)


Attachment Type Modified Status Actions Submitter/CLA Status
[PATCH] fix authenticated sender for postfix, bug #5549 patch None flokli@flokli.de [NoCLA]
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Matthew Dickinson 2007-07-06 08:07:58 UTC 
machine running SA 3.2.1 and postfix -
I've come to the conclusion that SA is unable to pickup authentication
headers provided by postfix (smtpd_sasl_authenticated_header yes).

As far as I  can see...

>From Mail/SpamAssassin/Message/Metadata/Received.pm:
  # Postfix 2.3 and later with "smtpd_sasl_authenticated_header yes"
  elsif (/\) \(Authenticated sender: \S+\) by \S+ \(Postfix\) with /) {
    $auth = 'Postfix';
  }

However, the headers I'm getting from postfix look like:
Received: from myPC (unknown [nn.nnn.nn.nn])
    (Authenticated sender: user@server.example.com)
    by server.example.com (Postfix) with ESMTP id 68FAF524310
    for <user@example.com>; Wed,  4 Jul 2007 20:36:49 +0100 (BST)


And the source (postfix/src/smtpd/smtpd.c) seems to back this up:
out_fprintf(out_stream, REC_TYPE_NORM,
                        "\t(Authenticated sender: %s)", STR(username));
Comment 1 flokli 2014-03-19 08:49:38 UTC 
Created attachment 5193 [details]
[PATCH] fix authenticated sender for postfix, bug #5549

changes the regex to detect authenticated sender as written by postfix
Comment 2 Kevin A. McGrail 2014-03-20 18:29:56 UTC 
Comment on attachment 5193 [details]
[PATCH] fix authenticated sender for postfix, bug #5549

I think you need to check some real world examples because you are changing existing code that likely did work for older versions of postfix and we likely need yet another elsif for the version you are testing with.
Comment 3 Quanah Gibson-Mount 2014-03-20 18:40:42 UTC 
Perhaps this?

20050404

	Typo: missing comma after dsn=x.yy.zz logging. File:
	global/log_adhoc.c.

	Feature: specify "smtpd_sasl_authenticated_header = yes"
	to report the SASL login name in the Received: message
	header, so that the login name is shared with the whole
	world. Based on code by Branko F. Gracnar. Files:
	smtpd/smtpd.c, and documentation.
Comment 4 flokli 2014-03-20 18:48:39 UTC 
I'm not sure if the headers in postfix ever included the "(Postfix)" part....

According to the postfix mailing list (http://archives.neohapsis.com/archives/postfix/2005-03/1958.html),
the feature already got into postfix in the form of my patch.

Would a patch be okay that accepts both forms?

We could probably also extend the rules to support some other common "Authenticated sender:" patterns, as some tend to modify these...
Comment 5 Kevin A. McGrail 2014-03-20 18:51:16 UTC 
(In reply to flokli from comment #4)
> I'm not sure if the headers in postfix ever included the "(Postfix)" part....
> 
> According to the postfix mailing list
> (http://archives.neohapsis.com/archives/postfix/2005-03/1958.html),
> the feature already got into postfix in the form of my patch.
> 
> Would a patch be okay that accepts both forms?
> 
> We could probably also extend the rules to support some other common
> "Authenticated sender:" patterns, as some tend to modify these...

That is my point.  The SA patch has to keep existing functionality AND add flexibility for the format change.  It should include documentation such as what version of postfix specifically works and preferably some real world headers to use as test cases.