I've opened bug 5901.
Thanks,
Robert
Justin Mason schrieb:
actually, if you could open a bug that'd be great -- I wasn't
planning on backporting the fix to 3.2.x updates.
--j.
=?ISO-8859-15?Q?Robert_M=FCller?= writes:
Fine - thanks for the quick reply. I assume there's no need for a bug
report regarding this issue, correct?
So I'll do nothing more but waiting for the fix via sa-update :-)
Robert
Justin Mason schrieb:
=?ISO-8859-15?Q?Robert_M=FCller?= writes:
Hi all,
as I'm facing raising amount of bounces on my mailserver in the last 2
months, I tried to use the vbounce ruleset to identify the ones caused
by UBE faking the sender address.
This was generally successful, but surprisingly there are a lot of
UBE-bounces which are not recognized by vbounce.
After digging a little bit into this (I'm not a SA-expert), it showed
that the body-rule " __HAVE_BOUNCE_RELAYS" is giving a "1", but often no
header rule "__BOUNCE*" seems to give a hit.
One of the most likely rules to be IMHO true is the
"__BOUNCE_FROM_DAEMON" one, but this one nearly never gives a hit.
Looking at the regexp in this line, the "+" after the \S seems not to be
correct from my point of view, I would suggest a "*" here, as it is in
"__BOUNCE_RPATH_MD".
So for testing purposes I modified the line
old:
header __BOUNCE_FROM_DAEMON From =~
/(?:(?:daemon|deamon|majordomo|postmaster|virus|scanner|devnull|automated-response|SMTP.gateway|mailadmin|mailmaster|surfcontrol|You_Got_Spammed)\S+\@|<>)/i
to new:
header __BOUNCE_FROM_DAEMON From =~
/(?:(?:daemon|deamon|majordomo|postmaster|virus|scanner|devnull|automated-response|SMTP.gateway|mailadmin|mailmaster|surfcontrol|You_Got_Spammed)\S*\@|<>)/i
and now, also the bounces formerly not recognized are correctly identified.
Can someone confirm that this is a "typo"? Or have I misunderstood
something?
yep, you're quite right -- thanks!
--j.
