rspamd
rspamd copied to clipboard
Published
20 hours ago •
rspamd
rspamd
[BUG] BLACKLIST_SPF_DKIM symbol is inserted for ANY mail coming from Google Mail Servers
Prerequisites
- [X] Put an X between the brackets on this line if you have done all of the following:
- Read about bug reporting in general: https://rspamd.com/doc/faq.html#how-to-report-bugs-found-in-rspamd
- Enabled relevant debugging logs: https://rspamd.com/doc/faq.html#how-to-debug-some-module-in-rspamd
- Checked the FAQs about Core files in case of fatal crash: https://rspamd.com/doc/faq.html#how-to-figure-out-why-rspamd-process-crashed
- Tried ASAN package and obtained the ASAN report (if possible): https://rspamd.com/doc/faq.html#asan-builds
- Checked that your issue isn't already filed: https://github.com/issues?utf8=%E2%9C%93&q=is%3Aissue+user%3Arspamd
- Checked that there is not already an experimental package or master branch
Describe the bug If any of googlemail.com or gmail.com are active for the whitelist module with BL or BOTH types, it will ALWAYS insert the BLACKLIST_SPF_DKIM symbol, although the mails are coming from google mailservers and SPF records validate, have a valid dkim signature (also, R_DKIM_ALLOW and R_SPF_ALLOW are both inserted).
Steps to Reproduce
- Put "gmail.com bl:1" and "googlemail.com bl:1" in spf_dkim_whitelist.inc
- Send any email from a google account with @googlemail.com or @gmail.com sender to your rspamd server
- BLACKLIST_SPF_DKIM symbol will be inserted, alongside R_DKIM_ALLOW and R_SPF_ALLOW.
Expected behavior If domains listed with BL only, no symbol should be inserted if R_DKIM_ALLOW and R_SPF_ALLOW exist. If domain is listed with BOTH, WHITELIST_SPF_DKIM should be inserted.
Versions
Rspamd daemon version 3.2 on Debian Buster
