Bug 7058 - FORGED_RELAY_MUA_TO_MX & FORGED_RELAY_MUA_TO_MX on Yahoo & AOL
Summary: FORGED_RELAY_MUA_TO_MX & FORGED_RELAY_MUA_TO_MX on Yahoo & AOL
Status: RESOLVED INVALID
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: Rules (show other bugs)
Version: unspecified
Hardware: PC Windows 7
: P2 major
Target Milestone: Undefined
Assignee: SpamAssassin Developer Mailing List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-06-18 21:28 UTC by Pascal
Modified: 2023-10-23 17:21 UTC (History)
3 users (show)


Attachment Type Modified Status Actions Submitter/CLA Status
example of header but it can easely be reproduced text/plain None Pascal [NoCLA]
recent header of a msg impacted by the rule text/plain None Pascal [NoCLA]
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Pascal 2014-06-18 21:28:07 UTC 
Created attachment 5205 [details]
example of header but it can easely be reproduced

FORGED_RELAY_MUA_TO_MX & FORGED_RELAY_MUA_TO_MX appeared from 16th june 2014
bacause there are headers like that for

AOL:
X-AOL-IP: <ip>

Yahoo:
X-Originating-IP: [<ip>]
 

=> it increase the score by 1.7 points !!
Comment 1 Giovanni Bechis 2018-01-22 21:32:12 UTC 
Rule is not active atm and 4 years passed, time to close this bz ?
Comment 2 Bill Cole 2018-01-22 22:46:35 UTC 
FORGED_RELAY_MUA_TO_MX is no longer part of the default ruleset.
Comment 3 Pascal 2023-10-23 14:26:52 UTC 
look like it is back !
/var/lib/spamassassin/3.004006/updates_spamassassin_org/72_active.cf
Comment 4 Pascal 2023-10-23 14:30:54 UTC 
can you reopen the ticket please ? I don't know how to do that.
Thank you.
Comment 5 Bill Cole 2023-10-23 16:40:27 UTC 
(In reply to Pascal from comment #4)
> can you reopen the ticket please ? I don't know how to do that.
> Thank you.

I'm sorry, but no.  

Rules that are part of the dynamically managed default ruleset are activated and deactivated based on our "RuleQA" process, whose operational details can be found at https://ruleqa.spamassassin.org. FORGED_RELAY_MUA_TO_MX appears to be intermittently useful enough based on the submitted scoring logs to get promoted to the active list. I see no reason to override the automated process in this case. 

The attached header is not usable as evidence of any problem because:

1. It is very old. We would need to see a current example. However, see #3 below

2. Attached to a dummy body, it does not score over 5.0 or anywhere near it. SA is NOT designed with the goal of every rule only hitting spam, it is BY DESIGN that sometimes a rule with a significant score hits non-spam. 

3. It is unclear what the actual transit path of the message was, but it clearly was delivered AT yahoo, a circumstance that is not anticipated by the default ruleset. The weirdness that is being caught by that rule is this:

 Received: from 127.0.0.1  (EHLO mta-meet218.mail.meetic.com) (62.23.1.218)
   by mta1403.mail.gq1.yahoo.com with SMTP; Wed, 18 Jun 2014 18:05:52 +0000

That is not a sane Received header. It is written by Yahoo, which follows its own undocumented format. A message with that sort of header (asserting a loopback source and a remote client simultaneously) should never be seen anywhere except inside Yahoo or in mail forwarded out of Yahoo using SMTP (which should not hit the active rule.) If you are going to attempt to use SA on mail that has been delivered inside Yahoo like this one, you will need to customize your rules to deal with that usage, as you would need to do for any final delivery point. 

If you need assistance with how you could do that sort of customization, the best source of help is the SpamAssassin-Users mailing list.
Comment 6 Pascal 2023-10-23 16:46:19 UTC 
Created attachment 5914 [details]
recent header of a msg impacted by the rule
Comment 7 Bill Cole 2023-10-23 17:21:07 UTC 
(In reply to Pascal from comment #6)
> Created attachment 5914 [details]
> recent header of a msg impacted by the rule

This still has the basic problem of being a delivery at Yahoo. You must do your own customization of rules to deal with that unique circumstance. 

THERE IS NO BUG HERE, there is merely your misunderstanding of how SpamAssassin works.