[Mimedefang] headers not showing up on quarantine messages

[Nels Lindquist]

On 24 Mar 2004 at 13:08, Lucas Albers wrote:

> I recently started reporting some quarantined email to spamcop.net.

Uh-oh.

> In the process I determined that a few messages did not contain the
> full headers. Any idea how to determine how the headers could be
> missing? This has only happened on very few messages. 

This is a side-effect of where milter processing takes place during 
the overall message flow.  Sendmail doesn't actually add the last 
Received: header until *after* all other processing takes place and 
the message is to be relayed.  Since quarantining takes place before 
that, the headers aren't added.  This actually occurs for *every* 
message you quarantine, but you're only noticing it for direct-to-mx 
spam which didn't go through another relay before arriving at yours, 
and hence has no Received headers at all.  You've been reporting 
incorrect information to SpamCop, I'm afraid.

There is a MD function, synthesize_received_header(), which generates 
the required headers, but is only called just prior to spamassassin 
checking so that various header related tests can work.  I've made a 
small patch to my own mimedefang installation in order to to call 
this function during the quarantine process and write out the 
appropriate headers to an additional file (HEADERS.1).  I then use a 
perl script to generate "good" mail in a subdirectory which I use for 
Bayes training, reporting to razor, etc.  (The script also generates 
Message-IDs if they're absent, which is pretty common with direct-to-
mx spam engines).

If that sounds useful I can send you my patch and my script.  Or even 
a modified SRPM, if you like. :-)

Nels Lindquist <*>
----
Quidquid latine dictum sit altum viditur.

Whatever is said in Latin, sounds profound.