I experienced this bug, but found it is fixed in SpamAssassin 3.4.3 and
later by:
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7577
https://svn.apache.org/viewvc?view=revision&revision=1844813
Using the "bullseye" or "buster-backports" version of SpamAssassin
solves the problem, so I'm guessing this bug report can be closed.
If it helps, attached is a Perl script that shows the original problem
for those having trouble duplicating it.
--
Robert L Mathews
#!/usr/bin/perl
=pod
Demonstrate Debian bug 762086. On my machine, this prints this
for the first message:
* 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
* provider (address[at]yahoo.com)
And this for the second message:
* 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
* provider (address[at]yahoo.com) (address[at]gmail.com)
=cut
use Mail::SpamAssassin;
my $spamassassin = Mail::SpamAssassin->new({
debug => 0,
});
my $message_lines = <<EOF;
Date: Wed, 10 Jun 2020 17:36:38 +0000 (UTC)\r
From: "From 1" <address\@yahoo.com>\r
To: "To 1" <address\@example.com>\r
Subject: Test 1\r
\r
Test 1
EOF
my $sa_message = $spamassassin->parse($message_lines);
my $sa_status = $spamassassin->check($sa_message);
print $sa_status->get_tag('REPORT');
$sa_status->finish;
$sa_message->finish;
$message_lines = <<EOF;
Date: Wed, 10 Jun 2020 17:36:38 +0000 (UTC)\r
From: "Name 2" <address\@gmail.com>\r
To: "To 2" <address\@example.com>\r
Subject: Test 2\r
\r
Test 2
EOF
$sa_message = $spamassassin->parse($message_lines);
$sa_status = $spamassassin->check($sa_message);
print $sa_status->get_tag('REPORT');