Spam detection software, running on the system "master.squid-cache.org",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: I hope it's not a duplicate post since my last post was marked
as spam for some reason. I am using sample validator script called cert_valid.pl.
Everything is working as is (I can see stuff in the log in debug mode) but
I could not change the behavior when there is an error. [...]
Content analysis details: (9.6 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 CK_HELO_DYNAMIC_SPLIT_IP Relay HELO'd using suspicious hostname
(Split IP)
1.0 FORGED_YAHOO_RCVD 'From' yahoo.com does not match 'Received' headers
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(signup_mail2002[at]yahoo.com)
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: cert_valid.pl]
0.0 RCVD_IN_DNSWL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to DNSWL
was blocked. See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[192.0.186.121 listed in list.dnswl.org]
0.9 SPF_FAIL SPF: sender does not match SPF record (fail)
[SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=gcwsg-squid-users%40m.gmane.org;ip=192.0.186.121;r=master.squid-cache.org]
0.0 T_HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail
domains are different
0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines
3.9 HELO_DYNAMIC_IPADDR2 Relay HELO'd using suspicious hostname (IP addr
2)
0.0 T_FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and
EnvelopeFrom freemail headers are different
1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
2.5 HELO_DYNAMIC_HCC Relay HELO'd using suspicious hostname (HCC)
--- Begin Message ---
- Subject: sslcrtvalidator_program
- From: WorkingMan <signup_mail2002@xxxxxxxxx>
- Date: Thu, 4 Dec 2014 15:32:41 +0000 (UTC)
- User-agent: Loom/3.14 (http://gmane.org/)
I hope it's not a duplicate post since my last post was marked as spam for
some reason.
I am using sample validator script called cert_valid.pl. Everything is
working as is (I can see stuff in the log in debug mode) but I could not
change the behavior when there is an error.
For example when I receive an error
(X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE) that I want to return OK
instead of ERR but SQUID still shows the error page in the browser.
I made both cases return OK just to see if from validator I can change
SQUID behavior so we can customize the result.
$response = "";
my $len = length($response);
if ($haserror) {
$response = $channelId." OK ".$len." ".$response."\1";
} else {
$response = $channelId." OK ".$len." ".$response."\1";
}
Let me know if there is a way to modify SQUID behavior from the validator
program. Based on docs it appears that SQUID remembers the SSL errors. I
was wondering if there was logic to remove the error and allow client to
proceed when the validator returns OK even if there was an error during
SQUID validation.
Thanks
--- End Message ---
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
