On Thu, 19 Jan 2006, Mike Sassaman wrote:
> > Well, if SA can't parse the format generated by your
> > mailserver, that would
> > affect all messages which don't have any additional Received:
> > headers beyond the
> > local delivery (which would be nearly all your spam/virus email).
>
> Fair enough. I am using a relatively basic Sendmail installation (on
> OpenBSD3.8). How could I check to see if I was generating unparseable
> headers (and hopefully fix)?
That may be the answer. In the sendmail milter API the milter gets an
original copy of the incoming message, before sendmail alters it in any
way, including -before- adding the local 'Received:' header.
Thus a spamassasin-milter must internally synthesize a 'Received:' header
that correctly mimics the sendmail generated one, as it passes the
message on to "spamd". If the smtp-vilter code isn't doing that
(either not at all or not correctly) it could cause your problem.
I know that the 'miltrassassin' milter had a bug that would cause
it to generate broken 'Received:' headers under certain input
corner-cases.
Hmm, I've never looked at smtp-vilter before. Looking at the code
now, I'm underwhelmed by their 'Received:' header synthesis code
(IE it's pretty lame).
And I think that I may see what the cause of your problem is. For
some strange reason they're using the '{client_addr}' macro rather
than the '_' macro for the address of the sending host.
Now '_' is in the sendmail milter default macro list, '{client_addr}'
is NOT. Did you explicitly add the '{client_addr}' macro to your
sendmail config file Milter.macros.connect parameter?
If you're not wedded to smtp-vilter you might want to consider using
a different milter or spend time trying to enlighten the authors
of that code and seeing if you can get it fixed.
Dave
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
