Blacklist header scanning

[Ken Anderson]

Mikael Lönnroth wrote:
>>MailScanner always uses the envelope information, not whatever someone
>>happens to have put in the headers. It will continue to operate that way
>>unless *lots* of people want any other solution.
> 
> 
> Clients like Outlook Express use header information only so it gets a bit
> confusing for the blacklist admin. Looks like I have to look at the code
> myself then :-)
> 
> Regards,
> Mikael
> 

This is also somewhat true for whitelists, since the To in the headers 
isn't the same as the To envelope for some lists.

But, blacklists on email addresses really only work on legitimate email. 
Spammers don't use _real_ email addresses, nor do they use the same 
email address every time (remember the days when spammers were honest?).

The result is that user entered whitelists are usually correct, except 
for some list email, and user entered blacklists are misleading and 
useless. It's really a joke that Outlook clients have built in 
'blacklist sender' as a feature before adding any _real_ help for spam 
like a bayes filter (+1 for Mozilla/Thunderbird).

If you really want to use blacklists for spam protection, you'd probably 
need to create a system so that a user could simply forward an email to 
a script or a human that could determine the original envelope FROM, 
based on the mail log.

Ken A.