[Bug 7770] New: KHOP_HELO_FCRDNS falsely triggers if HELO is uppercase.

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[Bug 7770] New: KHOP_HELO_FCRDNS falsely triggers if HELO is uppercase.

bugzilla-daemon-2
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7770

            Bug ID: 7770
           Summary: KHOP_HELO_FCRDNS falsely triggers if HELO is
                    uppercase.
           Product: Spamassassin
           Version: 3.4.0
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Rules
          Assignee: [hidden email]
          Reporter: [hidden email]
  Target Milestone: Undefined

The rule is triggered if HELO is upper case:

X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on psfcmail.mit.edu
X-Spam-Level: *
X-Spam-Status: No, score=1.4 required=5.0 tests=BODY_URI_ONLY,EMPTY_MESS,
        KHOP_HELO_FCRDNS autolearn=disabled version=3.4.0
Received: from w92exedge4.exchange.mit.edu (W92EXEDGE4.EXCHANGE.MIT.EDU
[18.7.73
.16])
        by outgoing-exchange-7.mit.edu (8.14.7/8.12.4) with ESMTP id
xA7GffnY019
407
        for <[hidden email]>; Thu, 7 Nov 2019 11:41:44 -0500

But if the HELO is lowercase, it doesn't trigger.

X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on psfcmail.mit.edu
X-Spam-Level: *
X-Spam-Status: No, score=1.0 required=5.0 tests=BODY_URI_ONLY,EMPTY_MESS
        autolearn=disabled version=3.4.0
Received: from w92exedge4.exchange.mit.edu (w92exedge4.exchange.mit.edu
[18.7.73
.16])
        by outgoing-exchange-7.mit.edu (8.14.7/8.12.4) with ESMTP id
xA7GffnY019
407
        for <[hidden email]>; Thu, 7 Nov 2019 11:41:44 -0500

--
You are receiving this mail because:
You are the assignee for the bug.
Reply | Threaded
Open this post in threaded view
|

[Bug 7770] KHOP_HELO_FCRDNS falsely triggers if HELO is uppercase.

bugzilla-daemon-2
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7770

RW <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |[hidden email]

--- Comment #1 from RW <[hidden email]> ---
FWIW it's not specifically when it's upper case. It's looking for a mismatch
between helo and rdns, and the check is case-sensitive.

--
You are receiving this mail because:
You are the assignee for the bug.
Reply | Threaded
Open this post in threaded view
|

[Bug 7770] KHOP_HELO_FCRDNS falsely triggers if HELO is uppercase.

bugzilla-daemon-2
In reply to this post by bugzilla-daemon-2
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7770

Mark London <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |[hidden email]

--- Comment #2 from Mark London <[hidden email]> ---
I don't see the useful of this rule, by itself.  A score of .4 is simply too
small to make a difference for the handful of spams,  i.e. < 5, that managed to
avoid detection at my site, that weren't caught by other means.  

I.e., about 400 spams that triggered that rule, were either blocked due to RBLs
or came from the .eu domain.

The few other spams, either had SPF_HELO_SOFTFAIL or SPF_FAIL.  

So if you want to combine KHOP_HELO_FCRDNS with those other rules, and then
assign it a decently high score (right now, it's only .4), then it might be
useful.

--
You are receiving this mail because:
You are the assignee for the bug.