Ben Wylie wrote:
Received: (from localhost [24.180.47.240])
by server. (NAVGW 2.5.2.12) with SMTP id M2006060503484615455
for <[EMAIL PROTECTED]>; Mon, 05 Jun 2006 03:48:47 +0100
OK, we specifically skip received headers that start with "(" at line
387 of Received.pm. Annoyingly, we don't provide debug info for when
that happens.
Is there a logical reason for this? If the idea is that SA doesn't pass the
ALL_TRUSTED rule if there are malformed Received headers, why would you make
a special exception for badly formed Received headers which begin with an
open bracket?
A quick look at the comments around the line I mentioned explains why
this was done (to skip useless qmail headers).
What broken-ass software is producing these received headers? "by
server." certainly isn't too descriptive. I suppose I could write you a
patch to fix this, but I'm not sure that it'd be included in the
standard code base.
NAVGW stands for Norton Antivirus for Gateways.
Well... :)
If you had the time to write a patch for this I would be very grateful, and
let me know what I would need to do to apply the patch, and if I would need
to make changes every time I upgraded.
Attached. If you're on *nix you can use 'patch' to apply it. If you're
on Windows doing it by hand is probably easiest. I'm on my way out...
if you can't apply it, somebody here can help, or I can when I get back.
Since it's a problem with common software it'll probably be included in
SA soon.
Daryl
Index: lib/Mail/SpamAssassin/Message/Metadata/Received.pm
===================================================================
--- lib/Mail/SpamAssassin/Message/Metadata/Received.pm (revision 411679)
+++ lib/Mail/SpamAssassin/Message/Metadata/Received.pm (working copy)
@@ -384,7 +384,8 @@
# Received: (qmail 84907 invoked from network); 13 Feb 2003 20:59:28 -0000
# Received: (ofmipd 208.31.42.38); 17 Mar 2003 04:09:01 -0000
# we don't care about this kind of gateway noise
- if (/^\(/) { return; }
+ # CUSTOM MOD: accept our broken (from though
+ if (/^\((?!from)/) { return; }
# OK -- given knowledge of most Received header formats,
# break them down. We have to do something like this, because
@@ -1009,6 +1010,15 @@
goto enough;
}
+ # CUSTOM MOD: parse our broken (from received header
+ # Received: (from localhost [24.180.47.240])
+ # by server. (NAVGW 2.5.2.12) with SMTP id M2006060503484615455
+ # for <[EMAIL PROTECTED]>; Mon, 05 Jun 2006 03:48:47 +0100
+ if (/^\(from (\S*) \[(${IP_ADDRESS})\]\) by (\S+) \(NAVGW .*?\) with /) {
+ $helo = $1; $ip = $2; $by = $3;
+ goto enough;
+ }
+
# ------------------------------------------------------------------------
# IGNORED LINES: generally local-to-local or non-TCP/IP handovers
