On Tue, Apr 14, 2020 at 01:55:42PM +1000, Russell Coker wrote:
header SWS_AUTH Received =~
describe SWS_AUTH Mail from local SASL is good
score SWS_AUTH -10
I have the above in my SA local.conf file.
Received: from liv (unknown [x.x.x.x])
(Authenticated sender: russell(a)coker.com.au)
by smtp.sws.net.au (Postfix) with ESMTPSA id 4BB77F173
X-Spam-Status: No, score=-0.2 required=5.0 tests=DKIM_SIGNED=0.1,
UNPARSEABLE_RELAY=0.001 autolearn=disabled version=3.4.2
Above are the relevant headers of a message coming through. Why am I not
getting a -10 added to the score?
This section of Mail::SpamAssassin::Conf(3pm) might be relevant:
header SYMBOLIC_TEST_NAME header op /pattern/modifiers [if-unset: STRING]
If the header specified matches multiple headers, their text will
be concatenated with embedded \n's. Therefore you may wish to use
"/m" if you use "^" or "$" in your regular expression.
There's almost always multiple Received: headers in a message, and they're
often multi-line strings so, even though you're not using ^ or $ anchors in
the pattern, it might be worth trying:
header SWS_AUTH Received =~ /Authenticated sender/m
BTW, I have several very similar rules in my local.conf, but matching Subject:
and other headers - none for a Received: header. They work just fine.
PS: did you reload amavisd, spamc, spampd, or whatever spamassassin daemon you
use AFTER you changed the local.conf file? Changes don't take effect until
they're loaded in and the regexps compiled.