Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Kerio Connect Web Client Is Not Setting Authenticated User in Received Header (Messages generated from the Kerio Web Client have the IP address of the web browser, which is likely to be in the SpamHaus PBL, but the Received Header is not marked with an authenticated user.)
  •  
ferthalangur

Messages: 3
Karma: 0
Send a private message to this user
Recently SpamAssassin on my Mailman list server (not running Kerio -- Postfix + Mailman) started to mark messages coming from my Kerio Connect server as spam because the IP address in the Received header was listed in the Spamhaus PBL. The SpamAssassin rule is RECD_IN_PBL. SpamAssassin expects to see an authenticated user substring in the Received header if the IP of the sender is in the PBL.

I was confused, because this had not been a problem in the past. What had changed was that recently I had unchecked the option "Show program name and version in network communication for non-authenticated users."

When checked, my Received headers come out like this:

Received: from [10.0.1.200] ([10.0.1.200])
	by kerio.server.hostname (Kerio Connect 8.4.3)
	for recipient@recipient-domain;
	Wed, 1 Jul 2015 19:13:59 -0400


When unchecked, my headers omit the "Kerio Connect 8.4.3)

Received: from [10.0.1.200] ([10.0.1.200])
	by kerio.server.hostname
	for recipient@recipient-domain;
	Wed, 1 Jul 2015 19:13:59 -0400


Now ... I believe that the SpamAssassin rule in question is looking for a Received header that includes (authenticated user sender<_at_>sender-domain), e.g.:
Received: from [10.0.1.200] ([10.0.1.200])
	(authenticated user sender@sender-domain)
	by kerio.server.hostname
	for recipient@recipient-domain;
	Wed, 1 Jul 2015 19:13:59 -0400


but the inclusion of the Kerio version in parentheses is sufficient [that is probably a bug in Spam Assassin ... not important for this discussion].

My question is this ... When people log in to the Kerio Connect webmail interface, they are authenticated. Kerio is putting the IP address of the web browser that connected to the webmail interface as if that web browser generated the mail and submitted it via SMTP. Why doesn't Kerio include the value of the logged-in user in the "(authenticated user ...)" part of the Received header? It is fortunate that SpamAssassin is accepting my software name as an authenticated Received header, but they might fix that feature at some point. Can this be fixed in Kerio, or at least made an admin configurable option whether to include the email addres of the logged-in user in the Received header?

Discuss ...

[Updated on: Thu, 02 July 2015 02:30]

  •  
Pavel Dobry (Kerio)

Messages: 5180
Karma: 245
Send a private message to this user
Indeed. SpamAssassin has many special checks and workarounds for some existing servers but not for Kerio.
We will add support for RFC 3848 in some next version.

Knowledge Base: http://kb.kerio.com/.
Technical support: http://www.kerio.com/support
------------------
Stay Connected Anytime, Anywhere. Discover Kerio Cloud!
Previous Topic: EWS & CardDAV Tag/Group Differences
Next Topic: Iphone 6 Public Folders
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Mar 25 14:38:18 CET 2017

Total time taken to generate the page: 0.00984 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.