Greetings. In article <[EMAIL PROTECTED]>, Tristan Miller wrote: >> The first message in that example SHOULD have triggered >> RCVD_IN_NJABL_DUL and RCVD_IN_SORBS_DUL. >> >> As per this header: >> >> Received: from M696P000.adsl.highway.telekom.at >> (M696P000.adsl.highway.telekom.at [62.47.246.224]) >> by mail.dfki.de (Postfix) with SMTP id 90E26E4918 >> for <[EMAIL PROTECTED]>; Sun, 2 Apr 2006 00:22:49 +0200 (CEST) >> >> But for some reason the header not parsing or trust path is broken >> somewhere and SA thinks that 62.47.246.224 is internal. >> >> You might want to run the message through spamassassin with debugging >> enabled and see what it has to say about the Received: parsing. > > Here's what I get. I'm surprised that it says DNS is not available.
Duh, please ignore that. I was running my tests with the -L (local) parameter. However, even without -L the mail still isn't triggering RCVD_IN_NJABL_DUL and RCVD_IN_SORBS_DUL. However, those two tests do show up in the debug "subtests" line: debug: subtests=__ANY_OUTLOOK_MUA,__CT,__CTYPE_HAS_BOUNDARY,__CTYPE_MULTIPART_ALT,__HAS_MIMEOLE,__HAS_MSGID,__HAS_MSMAIL_PRI,__HAS_OUTLOOK_IN_MAILER,__HAS_RCVD,__HAS_SUBJECT,__HAS_X_MAILER,__HAS_X_PRIORITY,__IMG_ONLY,__MIME_BASE64,__MIME_HTML,__MIME_QP,__MIME_VERSION,__MSGID_OK_HEX,__MSGID_OK_HOST,__NEXTPART_ALL,__NEXTPART_NORMAL,__NONEMPTY_BODY,__OE_MSGID_2,__OE_MUA,__OUTLOOK_DOLLARS_MSGID,__RCVD_IN_NJABL,__RCVD_IN_SORBS,__SANE_MSGID,__SARE_BODY_BLNK_5_100,__SARE_CSTRADE4,__SARE_HAS_BG_COLOR,__SARE_HEAD_MIME_VALID,__SARE_HEAD_SUBJ_RAND,__SARE_HTML_EFONT,__SARE_HTML_HAS_DIV,__SARE_HTML_HAS_FONT,__SARE_HTML_HAS_IMG,__SARE_META_MURTY3,__SARE_URI_ANY,__SARE_WHITELIST_FLAG,__SARE_WHITE_BG_COLOR,__TAG_EXISTS_BODY,__TAG_EXISTS_HEAD,__TAG_EXISTS_HTML,__TAG_EXISTS_META,__TOCC_EXISTS What does that mean? That the tests were performed and triggered, but not reported because they are subsumed by some other test? Here are the debug messages relevant to that IP: $ spamassassin -D -t < /tmp/filing.txt 2>&1 | fgrep 62.47.246.224 debug: received-header: parsed as [ ip=62.47.246.224 rdns=M696P000.adsl.highway.telekom.at helo=M696P000.adsl.highway.telekom.at by=mail.dfki.de ident= envfrom= intl=0 id=90E26E4918 auth= ] debug: received-header: relay 62.47.246.224 trusted? no internal? no debug: metadata: X-Spam-Relays-Untrusted: [ ip=62.47.246.224 rdns=M696P000.adsl.highway.telekom.at helo=M696P000.adsl.highway.telekom.at by=mail.dfki.de ident= envfrom= intl=0 id=90E26E4918 auth= ] [ ip=192.168.4.59 rdns= helo=vca by=M696P000.adsl.highway.telekom.at ident= envfrom= intl=0 id=1FPoWo-0005g8-Ka auth= ] debug: SPF: checking HELO (helo=M696P000.adsl.highway.telekom.at, ip=62.47.246.224) debug: SPF: query for /62.47.246.224/telekom.at: result: none, comment: SPF: domain of sender telekom.at does not designate mailers debug: tokenize: header tokens for *RU = " [ ip=62.47.246.224 rdns=M696P000.adsl.highway.telekom.at helo=M696P000.adsl.highway.telekom.at by=mail.dfki.de ident= envfrom= intl=0 id=90E26E4918 auth= ] [ ip=192.168.4.59 rdns= helo=vca by=M696P000.adsl.highway.telekom.at ident= envfrom= intl=0 id=1FPoWo-0005g8-Ka auth= ]" debug: tokenize: header tokens for *r = " [192.168.4 ip*192.168.4.59 ] (helo=vca) by M696P000.adsl.highway.telekom.at smtp (Exim 4.43) id 1FPoWo-0005g8-Ka; M696P000.adsl.highway.telekom.at (M696P000.adsl.highway.telekom.at [62.47.246 ip*62.47.246.224 ]) by mail.dfki.de (Postfix) <[EMAIL PROTECTED]>; " debug: bayes token 'H*r:ip*62.47.246.224' => 0.978 debug: bayes token 'H*RU:62.47.246.224' => 0.978 Received: from M696P000.adsl.highway.telekom.at (M696P000.adsl.highway.telekom.at [62.47.246.224]) Regards, Tristan -- _ _V.-o Tristan Miller [en,(fr,de,ia)] >< Space is limited / |`-' -=-=-=-=-=-=-=-=-=-=-=-=-=-=-= <> In a haiku, so it's hard (7_\\ http://www.nothingisreal.com/ >< To finish what you
