Hi,
Ok, I debugged this a bit more.
Problem is, these headers were marked as ALL_TRUSTED:
> > | Received: from mout4.freenet.de (mout4.freenet.de
> > [IPv6:2001:748:100:40::2:6])
> > | (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
> > | (No client certificate requested)
> > | by ice.42.org (Postfix) with ESMTPS id D189AB85A
> > | for <[EMAIL PROTECTED]>; Tue, 26 Feb 2008 11:51:08 +0100 (CET)
> > | Received: from [195.4.92.23] (helo=13.mx.freenet.de)
> > | by mout4.freenet.de with esmtpa (Exim 4.69)
> > | (envelope-from <[EMAIL PROTECTED]>)
> > | id 1JTxOR-0002Vk-38; Tue, 26 Feb 2008 11:50:39 +0100
> > | Received: from [82.128.34.27] (port=1797 helo=User)
> > | by 13.mx.freenet.de with esmtpa (ID [EMAIL PROTECTED]) (port 25)
> > (Exim 4.69 #10)
> > | id 1JTxOO-0005uv-2T; Tue, 26 Feb 2008 11:50:38 +0100
The detailed problem is, the first header is completely ignored because
of its IPv6 content.
The second line contains "with esmtpa" which makes SpamAssassin
unconditionally trust this header. Case in Point:
SpamAssassin/Message/Metadata/Received.pm around line 192:
| # trusted_networks matches?
| if (!$relay->{auth} && !$trusted->contains_ip($relay->{ip})) {
| $in_trusted = 0;
It is completely irrelevant if the IP is in trusted_networks or not. If
the Received line contains "auth" which at this point contains "esmtpa"
it considers the Header good and trusted.
I fixed that particular problem for now by forcing "auth" to be empty
at the end of the "parse_received_line" function, but as $auth was
included for some reason, somebody should look closer at how to fix this
completely.
CU,
Sec
--
The problem with troubleshooting is that trouble shoots back.
