Re: RelayCountryPlugin - bad country when sasl_authenticated?

Tue, 27 Sep 2016 02:30:08 -0700 

On Tuesday 27 September 2016 at 11:16:33, Thomas Barth wrote:

> Hello,
> 
> I ve installed RelayCountryPlugin as described on this page:
> 
> https://wiki.apache.org/spamassassin/RelayCountryPlugin
> 
> The package libgeo-ip-perl (Debian 8.5) is installed. (Note at the end
> of the page)
> 
> I added the following rule to /etc/mail/spamassassin/local.cf
> 
> header          RELAYCOUNTRY_BAD X-Relay-Countries !~ /(DE|AT|CH|NL)/
> describe        RELAYCOUNTRY_BAD Relayed through black countries
> score           RELAYCOUNTRY_BAD 5.0
> 
> If not DE, AT, CH, NL add 5 points.

That's a lot.

> It works so far, but if I send a mail to my own address
> (sasl_authenticated) it also adds 5 points. Here is the log entry in
> mail.log:
> 
> Sep 27 10:51:52 txbweb amavis[6938]: (06938-01) Passed CLEAN
> {RelayedOpenRelay}, [92.72.43.207]:52422 [92.72.43.207]
> <tba...@txbweb.de> -> <tba...@txbweb.de>, Message-ID:
> <1e6cf571-8cd1-5081-2e5b-2159b91fd...@txbweb.de>, mail_id: hOuPuMcZFqmE,
> Hits: 4.001, size: 610, queued_as: B361E2DC3AD, 1480 ms
> Sep 27 10:51:52 txbweb postfix/smtpd[7008]: proxy-accept:
> END-OF-MESSAGE: 250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0
> Ok: queued as B361E2DC3AD; from=<tba...@txbweb.de> to=<tba...@txbweb.de>
> proto=ESMTP helo=<[192.168.178.156]>
> Sep 27 10:51:52 txbweb postfix/smtpd[7008]: disconnect from
> dslb-092-072-043-207.092.072.pools.vodafone-ip.de[92.72.43.207]
> 
> Hits: 4.001 (5 - other filter type) Current ip-addess 92.72.43.207 is
> from DE. Why is RelayCountryPlugin  not working for authenticated user?
> Any known  problem to the RelayCountryPlugin?

Where's the actual SA processing happening, though?  Is it possible the plugin 
may be responding to the 127.0.0.1 or 192.168.178.156 addresses (which 
certainly aren't DE, AT, CH or NL)?

Where in that network sequence is SA being called - ie: what are the headers 
on the email at the time SA sees it?


Antony.

-- 
Normal people think "If it ain't broke, don't fix it".
Engineers think "If it ain't broke, it doesn't have enough features yet".

                                                   Please reply to the list;
                                                         please *don't* CC me.

Reply via email to