[SAtalk] SpamAssassin strips out headers added by Communigate (was re: Help Spamassassin for Communigate Pro)

[Aaron]

I saw that in my own testing.   Here's the work flow:   - Communigate calls a "spamprep" program that adds the proper envelope-to and from headers to the message file itself and deletes the original   - SpamAssassin scans that temp file with the added headers.   - The Communigate script will then take the scanned file and resubmit it by copying to the "submitted" directory (a PIPE submit)   ### here's where it gets interesting ###   - If the email is not considered spam, the headers are unaltered and the email gets delivered just as intended   - If the email *IS* considered spam, those envelope-to headers that were so nicely added are stripped away.  This is the case whether you use report_safe or not.   Without the envelope-to headers, Communigate has no choice but to attempt delivery using the to: and cc: fields of the original message, which as we all know in the case of spam is most likely bogus.   For that reason, I *MUST* simply discard all messages tagged as spam on my Communigate server, otherwise it would only act as a "spamplifier".   It has been suggested that the scripting used on Communigate is at fault, yet I can say 100% for sure that those envelope-to headers are intact when they are submitted to SpamAssassin for scanning, and ONLY when SA marks it as spam (exceeds the threshold score), it is ONLY then that the envelope-to header mysteriously vanishes, and this is the case whether report_safe is 0 or 1.   Is there any reason why SA would ignore those envelope-to: headers when rewriting an email tagged as spam?   I would LOVE to be able to give my users the option of having their spam delivered, but with the headers added so they can filter on their own, but this flaw in SA's execution prevents that.   Is it because those added headers are the very first header lines?  Would it help at all if they were further down in the headers or something?  Why wouldn't SA just copy all the existing headers anyway?   If anyone is the least bit curious about this, I can provide a sample email with those added headers and you can run it yourself, seeing how, indeed, SA does remove those headers just as I described. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of rons Sent: Monday, June 09, 2003 9:59 AM To: [EMAIL PROTECTED] I am having the following problem please help.   A real live spam met the "Any Recipient" parameter with my address being in the list of recipients (and thus passing the [EMAIL PROTECTED] paramer). However there were several other addresses (with domains other than mine) that were in the To: and Cc: headers. The message was processed and flagged as spam by SpamAssassin and re-"Submitted" via the PIPE to CommuniGatePro. CommuniGatePro not only delivered the message to my inbox (as planned) but to then via SMTP to the other addresses as well - making my server a spam amplifier (tagged spam, but spam nevertheless).