Package: spamass-milter Version: 0.3.2-1+b1 Severity: normal a wheezy (or jessie) mail server set up with spamass-milter in a relatively simple way (running spamd as debian-spamd, postfix' smtpd_milters set to unix:/spamass/spamass.sock and the milter_connect_macros from the README.Debian.z) incorrectly marks mails as spam mainly due to RCVD_IN_PBL (contributin 3.6 of the 5.0 often required, where users of affected mail providers have a tendency to score some more from MIME_HTML_ONLY and similar).
a typical offending header looks like this: > Received: from [212.186.251.xxx] by msvc245.server.lan (via HTTP); Tue, 24 > Feb 2015 12:13:00 +0100 clearly, that source IP is in the PBL -- it's the IP of the person who filled the web form. but RCVD_IN_PBL is a last external header, which should only be matched against lines that originate from servers under one's own control. typically, such a behavior is due to misconfiguration on spamassassin side, eg. trusted_networks / internal_networks malfunctioning due to NAT. that's not the case here, though: it happens even if trusted_networks is set to 127.0.0.1, and the same offending message piped through `spamassassin -t -D -L` does not show the RCVD_IN_PBL line. my impression is that the way spamass-milter is invoking spamassassin in a way that makes spamassassin treat more networks as local. granted, this can easily be some kind of misconfiguration on my side, but the default setup as suggested in README.Debian should get it right. i've read through [775183] and don't think they are related, but i might easily be wrong. (at least they are touching on the same subject.) best regards chrysn [775183] https://bugs.debian.org/775183 -- To use raw power is to make yourself infinitely vulnerable to greater powers. -- Bene Gesserit axiom
signature.asc
Description: Digital signature
