spamassassin-dev April 2011 archive
Main Archive Page > Month Archives  > spamassassin-dev archives
spamassassin-dev: [Bug 6576] score for TO_NO_BRKTS_DIRECT and TO

[Bug 6576] score for TO_NO_BRKTS_DIRECT and TO_NO_BRKTS_DYNIP too high

From: <bugzilla-daemon_at_nospam>
Date: Sat Apr 23 2011 - 11:29:02 GMT
To: dev@spamassassin.apache.org

https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6576

--- Comment #7 from AXB <axb.lists@gmail.com> 2011-04-23 07:28:58 EDT ---
(In reply to comment #6)
> (In reply to comment #5)
> > (In reply to comment #0)
> > > I'm using Postfix with SASL for roaming accounts. Since an update from 3.2.5 to
> > > 3.3.1 I am seeing that a few new rules are being triggered, a few of them being
> > > TO_NO_BRKTS_DIRECT and TO_NO_BRKTS_DYNIP.
> > >
> > > After running sa-update I see that these get a score of about 3.4 and 1.333
> > > which gives perfectly legitimate mails that I send through my system with
> > > Postfix and SASL a high score. I often type names from business cards, without
> > > using bracket notation, so this is a real problem for me.
> > >
> > > I have "fixed" the problem by setting these scores to 0. I could of course
> > > disable spamassassin for outgoing mail sent through SASL, but I do want to do
> > > egress filtering (there are other users on the system too and I don't
> > > necessarily trust them).
> >
> > Why are you scanning stuff sent thru SMTP-AUTH in the first place?
>
> Because it is a mail system that is shared with several users, and egress
> filtering is the right thing to do. If their machine gets hijacked by some
> trojan that starts blasting out spam mails I don't want to end up in
> blacklists.

SA may not always be the most accurate & efficient way to do this. MTA rating,
etc, would be my first choice.

> > - The rule does what it's supposed to do: tag a borked header directly
> > connecting to an MTA.
> > - It's not your typing but the way Thunderbird produces ugly headers.
>
> Could you care to explain so I know what I would be looking for? Right now I am
> guessing that it looks at the Received header that Postfix inserts, which looks
> like this:
>
> Received: from [192.168.10.167] (a1-0-0-10.adsl.example.org [10.0.0.1])
> by example.com (Postfix) with ESMTP id BB5A226013;
> Fri, 22 Apr 2011 15:38:34 +0200 (CEST)
>
> (I have anonymised the IP addresses and domain names). I don't see anything
> else that Thunderbird has inserted that could trigger this rule.

look at what the TO_NO_BRKTS_DIRECT & TO_NO_BRKTS_DYNIP rules do...

> > - Thunderbird hasn't managed yet to cleanup its headers.
>
> OK, let me try and reproduce it with other mail clients as well just to rule
> out Thunderbird.

For further advice you'll probably be better off pacing these questions in the
SA users list, where others can tell you what they did to fix similar issues.

Bugzilla isn't a support forum.

-- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.