Le 16/10/2012 07:57, Frederic De Mees a écrit :
When I receive mails from servers hosted in IP address space 5.0.0.0/8,
SA tags them with RCVD_ILLEGAL_IP. This address space is currently
heavily distributed in Europe.
I have found a bug report #6810
(https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6810) that says
that the bug has been fixed in June.
However I still get a score of 3.4 when such mails drop in.
How would you diagnose this ?
The bug has definitely been fixed for SpamAssassin 3.3.2, and the
bugzilla states that the same is true for all 3.3.x.
To check the content of the rule on your system, you can do
grep -R RCVD_ILLEGAL_IP /var/lib/spamassassin/3.003*/
which, on an up to date sa 3.3.2 gives:
/var/lib/spamassassin/3.003002/updates_spamassassin_org/20_head_tests.cf:header
RCVD_ILLEGAL_IP X-Spam-Relays-Untrusted =~ /
(?:by|ip)=(?=\d+\.\d+\.\d+\.\d+
)(?:(?:0|2(?:2[4-9]|[3-5]\d)|192\.0\.2|198\.51\.100|203\.0\.113)\.|(?:\d+\.){0,3}(?!(?:2(?:[0-4]\d|5[0-5])|[01]?\d\d?)\b))/
If your rule differs, then either you have an sa-update problem or the
rule hasn't been corrected for 3.3.1.
If you can't update to 3.3.2 then you can always lower the score (or
even disable by setting it to zero) for this rule in a local.cf file.
John.
--
-- Over 5000 webcams from ski resorts around the world - www.snoweye.com
-- Translate your technical documents and web pages - www.tradoc.fr