[Mimedefang] headers not showing up on quarantine messages
Nels Lindquist
nlindq at maei.ca
Thu Mar 25 14:48:12 EST 2004
On 24 Mar 2004 at 13:08, Lucas Albers wrote:
> I recently started reporting some quarantined email to spamcop.net.
Uh-oh.
> In the process I determined that a few messages did not contain the
> full headers. Any idea how to determine how the headers could be
> missing? This has only happened on very few messages.
This is a side-effect of where milter processing takes place during
the overall message flow. Sendmail doesn't actually add the last
Received: header until *after* all other processing takes place and
the message is to be relayed. Since quarantining takes place before
that, the headers aren't added. This actually occurs for *every*
message you quarantine, but you're only noticing it for direct-to-mx
spam which didn't go through another relay before arriving at yours,
and hence has no Received headers at all. You've been reporting
incorrect information to SpamCop, I'm afraid.
There is a MD function, synthesize_received_header(), which generates
the required headers, but is only called just prior to spamassassin
checking so that various header related tests can work. I've made a
small patch to my own mimedefang installation in order to to call
this function during the quarantine process and write out the
appropriate headers to an additional file (HEADERS.1). I then use a
perl script to generate "good" mail in a subdirectory which I use for
Bayes training, reporting to razor, etc. (The script also generates
Message-IDs if they're absent, which is pretty common with direct-to-
mx spam engines).
If that sounds useful I can send you my patch and my script. Or even
a modified SRPM, if you like. :-)
Nels Lindquist <*>
----
Quidquid latine dictum sit altum viditur.
Whatever is said in Latin, sounds profound.
More information about the MIMEDefang
mailing list