On Tue, Apr 14, 2020 at 01:55:42PM +1000, Russell Coker wrote:
header SWS_AUTH Received =~ /Authenticated sender/ describe SWS_AUTH Mail from local SASL is good score SWS_AUTH -10
I have the above in my SA local.conf file.
Received: from liv (unknown [x.x.x.x]) [...] (Authenticated sender: russell@coker.com.au) by smtp.sws.net.au (Postfix) with ESMTPSA id 4BB77F173 [...] X-Spam-Status: No, score=-0.2 required=5.0 tests=DKIM_SIGNED=0.1, DKIM_VALID=-0.1,DKIM_VALID_AU=-0.1,DKIM_VALID_EF=-0.1, UNPARSEABLE_RELAY=0.001 autolearn=disabled version=3.4.2
Above are the relevant headers of a message coming through. Why am I not getting a -10 added to the score?
This section of Mail::SpamAssassin::Conf(3pm) might be relevant: header SYMBOLIC_TEST_NAME header op /pattern/modifiers [if-unset: STRING] . . . If the header specified matches multiple headers, their text will be concatenated with embedded \n's. Therefore you may wish to use "/m" if you use "^" or "$" in your regular expression. There's almost always multiple Received: headers in a message, and they're often multi-line strings so, even though you're not using ^ or $ anchors in the pattern, it might be worth trying: header SWS_AUTH Received =~ /Authenticated sender/m BTW, I have several very similar rules in my local.conf, but matching Subject: and other headers - none for a Received: header. They work just fine. PS: did you reload amavisd, spamc, spampd, or whatever spamassassin daemon you use AFTER you changed the local.conf file? Changes don't take effect until they're loaded in and the regexps compiled. craig