SpamTestSPF and SpamTestHeloHost for mail send thru localhost get scored

Use this forum if you want to discuss a problem or ask a question related to a hMailServer beta release.
Post Reply
User avatar
RvdH
Senior user
Senior user
Posts: 1085
Joined: 2008-06-27 14:42
Location: Netherlands

SpamTestSPF and SpamTestHeloHost for mail send thru localhost get scored

Post by RvdH » 2020-03-13 14:46

Hmailserver's SpamTestSPF and SpamTestHeloHost for mail send thru localhost get scored, this doesn't seem right, is it?

In my opinion SpamTestSPF should be ignored if mail is coming thru 127.0.0.1, it now returns: Fail, but according RFC it should return: Pass for localhost
Same applies to SpamTestHeloHost, on localhost the reported host is the computer name, eg, it will always fail this test when send thru localhost

Thoughts?

FYI, in RMSPF.cpp martin seems to have intentionally removed the part that makes SPF result pass if send thru 127.0.0.1....why, oh why?
CIDR to RegEx: d-fault.nl/CIDRtoRegEx
DNS Lookup: d-fault.nl/DNSTools
DNSBL Lookup: d-fault.nl/DNSBLLookup
GEOIP Lookup: d-fault.nl/GeoipLookup

User avatar
mattg
Moderator
Moderator
Posts: 20900
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: SpamTestSPF and SpamTestHeloHost for mail send thru localhost get scored

Post by mattg » 2020-03-14 04:27

What if someone on the internet names their computer 'localhost'?

I'd agree to pass SPF checks for mail from 127.0.0.1 and other local host addresses (IPv6 or 127.0.1.1)

In saying that, I don't really have a use case for sending mail from computer with hmailserver installed.
My webmail is on another virtual server, and my daily drive is elsewhere on the LAN.

If I need mail sent from hMailserver, I create a message using the hMailserver API (which seems to have zero checks)
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
RvdH
Senior user
Senior user
Posts: 1085
Joined: 2008-06-27 14:42
Location: Netherlands

Re: SpamTestSPF and SpamTestHeloHost for mail send thru localhost get scored

Post by RvdH » 2020-03-14 09:42

mattg wrote:
2020-03-14 04:27
What if someone on the internet names their computer 'localhost'?`
irrelevant, my fault... i should have chosen to write local ip address instead of localhost throughout the post

See:
https://github.com/hmailserver/hmailserver/pull/324
https://github.com/hmailserver/hmailserver/pull/323
mattg wrote:
2020-03-14 04:27
I'd agree to pass SPF checks for mail from 127.0.0.1 and other local host addresses (IPv6 or 127.0.1.1)

In saying that, I don't really have a use case for sending mail from computer with hmailserver installed.
My webmail is on another virtual server, and my daily drive is elsewhere on the LAN.

If I need mail sent from hMailserver, I create a message using the hMailserver API (which seems to have zero checks)
I know once being authenticated the spam check are skipped but sometimes you particular don't like that to happen, user case:
  • External applications (without authentication)
  • Website forms
let's say you host host a bunch of websites on the same machine hmailserver is installed and I have some contact forms that need spam checking
I don't like to authenticate those as i like to be able to spam check those (SpamAssassin in particular, URIBL, bayes, razor rules)
In this example every message coming thru local ip address is (wrongly) scored with scores set in SpamTestSPF and SpamTestHeloHost even before it is passed to SpamAssassin and other spam checks, making it very likely to reach defined spam mark/delete threshold and thus wrongly mark such message as being spam
CIDR to RegEx: d-fault.nl/CIDRtoRegEx
DNS Lookup: d-fault.nl/DNSTools
DNSBL Lookup: d-fault.nl/DNSBLLookup
GEOIP Lookup: d-fault.nl/GeoipLookup

User avatar
RvdH
Senior user
Senior user
Posts: 1085
Joined: 2008-06-27 14:42
Location: Netherlands

Re: SpamTestSPF and SpamTestHeloHost for mail send thru localhost get scored

Post by RvdH » 2020-03-14 10:17

Example:

before (without the 2 pull request)
"SMTPD" 3556 22525 "2020-03-13 11:22:10.152" "127.0.0.1" "SENT: 220 mail.domain.nl ESMTP"
"SMTPD" 3556 22525 "2020-03-13 11:22:10.152" "127.0.0.1" "RECEIVED: EHLO HMAILSERVER-PC"
"DEBUG" 3556 "2020-03-13 11:22:10.152" "Executing event OnHELO"
"DEBUG" 3556 "2020-03-13 11:22:10.152" "Event completed"
"SMTPD" 3556 22525 "2020-03-13 11:22:10.152" "127.0.0.1" "SENT: 250-mail.domain.nl[nl]250-SIZE 51200000[nl]250-STARTTLS[nl]250 HELP"
"SMTPD" 3596 22525 "2020-03-13 11:22:10.152" "127.0.0.1" "RECEIVED: MAIL FROM:<someone@somedomain>"
"DEBUG" 3596 "2020-03-13 11:22:10.167" "Spam test: SpamTestHeloHost, Score: 1"
"DEBUG" 3596 "2020-03-13 11:22:10.167" "Spam test: SpamTestMXRecords, Score: 0"
"DEBUG" 3596 "2020-03-13 11:22:10.167" "Spam test: SpamTestSPF, Result: Fail"
"DEBUG" 3596 "2020-03-13 11:22:10.167" "Spam test: SpamTestSPF, Score: 1"

"DEBUG" 3596 "2020-03-13 11:22:10.167" "Total spam score: 2"
"SMTPD" 3596 22525 "2020-03-13 11:22:10.167" "127.0.0.1" "SENT: 250 OK"
"SMTPD" 3596 22525 "2020-03-13 11:22:10.167" "127.0.0.1" "RECEIVED: RCPT TO:<someone@someotherdomain>"
"SMTPD" 3596 22525 "2020-03-13 11:22:10.183" "127.0.0.1" "SENT: 250 OK"
"SMTPD" 3560 22525 "2020-03-13 11:22:10.183" "127.0.0.1" "RECEIVED: DATA"
"DEBUG" 3560 "2020-03-13 11:22:10.183" "Executing event OnSMTPData"
"DEBUG" 3560 "2020-03-13 11:22:10.183" "Event completed"
"SMTPD" 3560 22525 "2020-03-13 11:22:10.183" "127.0.0.1" "SENT: 354 OK, send."
"DEBUG" 3360 "2020-03-13 11:22:10.199" "Spam test: SpamTestDKIM, Score: 0"
after (hint: *.26)
"SMTPD" 1564 9165 "2020-03-14 09:07:42.168" "127.0.0.1" "SENT: 220 mail.domain.nl ESMTP"
"SMTPD" 5124 9165 "2020-03-14 09:07:42.168" "127.0.0.1" "RECEIVED: EHLO HMAILSERVER-PC"
"DEBUG" 5124 "2020-03-14 09:07:42.168" "Executing event OnHELO"
"DEBUG" 5124 "2020-03-14 09:07:42.168" "Event completed"
"SMTPD" 5124 9165 "2020-03-14 09:07:42.168" "127.0.0.1" "SENT: 250-mail.domain.nl[nl]250-SIZE 51200000[nl]250-STARTTLS[nl]250 HELP"
"SMTPD" 3564 9165 "2020-03-14 09:07:42.168" "127.0.0.1" "RECEIVED: MAIL FROM:<someone@somedomain>"
"DEBUG" 3564 "2020-03-14 09:07:42.184" "Spam test: SpamTestHeloHost, Score: 0"
"DEBUG" 3564 "2020-03-14 09:07:42.215" "Spam test: SpamTestMXRecords, Score: 0"
"DEBUG" 3564 "2020-03-14 09:07:42.215" "Spam test: SpamTestSPF, Result: Pass"
"DEBUG" 3564 "2020-03-14 09:07:42.215" "Spam test: SpamTestSPF, Score: 0"

"DEBUG" 3564 "2020-03-14 09:07:42.215" "Total spam score: 0"
"SMTPD" 3564 9165 "2020-03-14 09:07:42.215" "127.0.0.1" "SENT: 250 OK"
"SMTPD" 1204 9165 "2020-03-14 09:07:42.215" "127.0.0.1" "RECEIVED: RCPT TO:<someone@someotherdomain>"
"SMTPD" 1204 9165 "2020-03-14 09:07:42.231" "127.0.0.1" "SENT: 250 OK"
"SMTPD" 5124 9165 "2020-03-14 09:07:42.231" "127.0.0.1" "RECEIVED: DATA"
"DEBUG" 5124 "2020-03-14 09:07:42.231" "Executing event OnSMTPData"
"DEBUG" 5124 "2020-03-14 09:07:42.231" "Event completed"
"SMTPD" 5124 9165 "2020-03-14 09:07:42.231" "127.0.0.1" "SENT: 354 OK, send."
"DEBUG" 3396 "2020-03-14 09:07:42.246" "Spam test: SpamTestDKIM, Score: 0"
CIDR to RegEx: d-fault.nl/CIDRtoRegEx
DNS Lookup: d-fault.nl/DNSTools
DNSBL Lookup: d-fault.nl/DNSBLLookup
GEOIP Lookup: d-fault.nl/GeoipLookup

Post Reply