This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Page tree
Skip to end of metadata
Go to start of metadata

The FromNotReplyTo Plugin

Checks if 'From:' is equal to 'Reply-To:' and set point if this is not the case.

Code

local.cf

loadplugin FromNotReplyTo plugins/FromNotReplyTo.pm
header FROM_NOT_REPLYTO eval:check_for_from_not_reply_to()
score FROM_NOT_REPLYTO 2.0
describe FROM_NOT_REPLYTO From: does not match Reply-To:

FromNotReplyTo.pm

package FromNotReplyTo;
1;

use strict;

use Mail::SpamAssassin;
use Mail::SpamAssassin::Plugin;
our @ISA = qw(Mail::SpamAssassin::Plugin);


sub new {
	my ($class, $mailsa) = @_;
	$class = ref($class) || $class;
	my $self = $class->SUPER::new( $mailsa );
	bless ($self, $class);
	$self->register_eval_rule ( 'check_for_from_not_reply_to' );
	
	return $self;
}


# Often spam uses different From: and Reply-To:
# while most legitimate e-mails does not.
sub check_for_from_not_reply_to {
	my ($self, $msg) = @_;

	my $from = $msg->get( 'From:addr' );
	my $replyTo = $msg->get( 'Reply-To:addr' );

	#Mail::SpamAssassin::Plugin::dbg( "FromNotReplyTo: Comparing '$from'/'$replyTo" );

	if ( $from ne '' && $replyTo ne '' && $from ne $replyTo ) {
		return 1;
	}

	return 0;
}

How To Use It

Simply drop FromNotReplyTo.pm into /etc/spamassasin/plugin/ (or whereever your configuration is put).

Caveats

It is a very simple plugin, so it should be used with care.

  • No labels