New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Return-Path before sending message to SpamAssassin #116

Open
RvdHout opened this Issue Jul 19, 2015 · 4 comments

Comments

Projects
None yet
2 participants
@RvdHout
Copy link

RvdHout commented Jul 19, 2015

SpamAssassin uses the EnvelopeFrom pseudo-header value for it's SPF checks, for some weird reason SpamAssassin is not able to find the EnvelopeFrom pseudo-header on it's own when it is passed by hmailServer, so it tries a few common values, eg:

envelope_sender_header Name-Of-Header
SpamAssassin will attempt to discover the address used in the 'MAIL FROM:' phase of the SMTP transaction that delivered this message, if this data has been made available by the SMTP server. This is used in the EnvelopeFrom pseudo-header, and for various rules such as SPF checking.

By default, various MTAs will use different headers, such as the following:

X-Envelope-From
Envelope-Sender
X-Sender
Return-Path

SpamAssassin will attempt to use these, if some heuristics (such as the header placement in the message, or the absence of fetchmail signatures) appear to indicate that they are safe to use. However, it may choose the wrong headers in some mailserver configurations. (More discussion of this can be found in bug 2142 and bug 4747 in the SpamAssassin BugZilla.)

To avoid this heuristic failure, the envelope_sender_header setting may be helpful. Name the header that your MTA or MDA adds to messages containing the address used at the MAIL FROM step of the SMTP transaction.

If the header in question contains < or > characters at the start and end of the email address in the right-hand side, as in the SMTP transaction, these will be stripped.

If the header is not found in a message, or if it's value does not contain an @ sign, SpamAssassin will issue a warning in the logs and fall back to its default heuristics.

(Note for MTA developers: we would prefer if the use of a single header be avoided in future, since that precludes 'downstream' spam scanning. http://wiki.apache.org/spamassassin/Env ... InReceived details a better proposal, storing the envelope sender at each hop in the Received header.)

More info:
https://www.hmailserver.com/forum/viewtopic.php?f=8&p=177529
@RvdHout

This comment has been minimized.

Copy link

RvdHout commented Aug 19, 2015

Is there some sort of notification to see if a bug/issue is looked into?

The fact the Return-Path is missing in messages passed to spamassassin is realy i bug in my opinion as it was part of your code in the 4.x versions, see: https://www.hmailserver.com/forum/viewtopic.php?p=16474#p16474

@martinknafve

This comment has been minimized.

Copy link
Collaborator

martinknafve commented Aug 20, 2015

@RvdHout

This comment has been minimized.

Copy link

RvdHout commented Aug 21, 2015

Oke, thanks

@martinknafve martinknafve added this to the 5.7 milestone Apr 23, 2016

@RvdHout

This comment has been minimized.

Copy link

RvdHout commented Jul 17, 2016

Bump, i think 'we' really need this feature added back in as SpamAssassin SPF checks are basically useless without it!

RvdHout added a commit to RvdHout/hmailserver that referenced this issue Aug 6, 2017

- Sub OnHELO(oClient) hmailserver#153 hmailserver#153
- Fixed Incorrect DEBUG logging for event 'OnDeliverMessage' hmailserver#181 hmailserver#181
- Include HTMLBody into IMAP TEXT search hmailserver#193
- Fixed implicit conversion: "int" to "unsigned char" hmailserver#204
- Faulty: SMTP 'Disconnect client after too many invalid commands' hmailserver#160 hmailserver#160
- SMTP server error "550 Unsupported ESMTP extension" on MAIL FROM:... AUTH=<> [with fix] hmailserver#164 hmailserver#164
- Remove 15GB backup limit hmailserver#69 hmailserver#69
- Speed up 'update hm_messages set messageflags' hmailserver#221 hmailserver#221
- https://www.hmailserver.com/forum/viewtopic.php?f=7&p=196733#p196733 (Ofice 2016 Read-Receipt Bug)
- Add Return-Path as topmost header before sending the message to SA (+ delete Return-Path header after the SA check completes) hmailserver#116
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment