spam score for each test in header

Sat May 17 17:42:52 IST 2003

I'm trying to get the encapsulation going at the moment, but Eudora seems
to do some very strange things with the message I produce. But from what I
read of RFC1521 I am doing it right.

If the rfc822 encapsulation doesn't work well (it should in theory, but...)
then I could look at the MIME structure.
If it is a multipart/alternative, then attach the HTML and text parts as
attachments.
If it isn't an alternative, then add the HTML and text parts to the list of
attachments.

I can just fix the names of the attachments to something like
"OriginalMessage.html" and "OriginalMessage.txt". Any other type of
original body data would, I guess, just end up being "OriginalMessage.dat".
But I don't yet know what would happen to HTML messages that included
images shipped with the message. Hopefully references to them would still
work from the OriginalMessage.html attachment.

At 14:57 16/05/2003, you wrote:
>I believe the way to do this is to embed the whole message, headers and
>all, as content-type message/rfc822. The easy way to verify this is to
>forward an existing email as an attachment in Mozilla, or most other email
>programs, and then look at the message source.
>
>Tim
>
>On Fri, 2003-05-16 at 08:57, Stephen Swaney wrote:
>>I'll find out what thet do and get back to you.
>>
>>
>>On Fri, 2003-05-16 at 08:50, Julian Field wrote:
>>>The bit I'm not sure about here is what to do with multipart-alternative
>>>messages (where you have HTML and plain-text versions). These already
>>>have more than 1 part, so I'm not sure what to put in the "attachment"
>>>that contains the original message.
>>>
>>>If I delete the plain-text version, all the pine/mutt users in the world
>>>will hate me. But if I delete the HTML version, all the Outlook users in
>>>the world will hate me.
>>>
>>>Any ideas what the system this firm has created actually does with the
>>>message?
>>>Do we have the ability to be able to pipe messages through it to find
>>>out? Or do you know who created it, as I might be able to extract the
>>>answer from their tech support :-)
>>>
>>>At 13:11 16/05/2003, you wrote:
>>>>I agree with not messing with the message, but one firm has created a
>>>>system where when a message is detected as spam, the original spam is
>>>>encapsulated as a attachment to a message that reads:
>>>>
>>>>-----------------------------
>>>>
>>>>Our mailscanner believes that the attachment to this message sent to
>>>>you by
>>>>
>>>>      <mailto:spammer at junkmail.com>spammer at junkmail.com
>>>>
>>>>Subject:
>>>>
>>>>     Work from Home, Make big Bucks!!!
>>>>
>>>>is Unsolicited Commerial Email (Spam). Unless you are sure that this
>>>>message is incorrectly thoght to be Spam, please delete this message
>>>>without opening it. Onpening Spam messages might allow the Spammer to
>>>>verify your email address.
>>>>
>>>>If you believe that this message has been uncorrectly marked a spam,
>>>>please forward this email to
>>>><mailto:whitlist at company.com>whitelist at our-company.com
>>>>
>>>>------------------------------
>>>>
>>>>When this technique is combined with good {Spam?} and {High Spam?}
>>>>scoring, it might allow the identification of false positives while
>>>>hiding offensive images and messages.
>>>>
>>>>Note that email to <mailto:whitelist at our-com>whitelist at ourcompany.com
>>>>is not automatically whitelisted but examined to see if it should be.
>>>>
>>>>Thoughts?
>>>>
>>>>
>>>>On Fri, 2003-05-16 at 06:01, Julian Field wrote:
>>>>>
>>>>>At 10:19
>>>>>16/05/2003, you wrote:
>>>>> >Brilliant !!!  Thanks Julian.
>>>>> >
>>>>> >I am 100% happy with your solution.   But if I may push my
>>>>>luck...  How
>>>>> >difficult would it be to transfer this header line into an attachment
>>>>>to
>>>>> >the message named something like "spam_score_details.txt",
>>>>>and get the
>>>>> >list of test & scores in a neat format with carriage returns
>>>>>after each
>>>>> >score, and an explanation at the top for the user saying something
>>>>>like
>>>>> >"Your MailScanner system has performed the following tests to
>>>>>determine if
>>>>> >it was spam. Please see yout local IT officer for more details".
>>>>>Or leave
>>>>> >us to create that piece of text so that we can add our contact
>>>>>details, etc.?
>>>>>
>>>>>Not keen on that. MailScanner doesn't mess with the message more than
>>>>>it
>>>>>has to, and this would create an attachment on every single message.
>>>>>Even
>>>>>if you just do this with spam, you are adding to your spam load
>>>>>problem,
>>>>>not reducing it.
>>>>>--
>>>>>Julian Field<http://www.MailScanner.info>www.MailScanner.info
>>>>>MailScanner thanks
>>>>>transtec Computers for their
>>>>>support
>>>>
>>>>
>>>>
>>>>--
>>>>
>>>>Stephen Swaney
>>>><<mailto:Steve at swaney.com>Steve at swaney.com>
>>>>
>>>>Linux Systems Solutions, Inc.
>>>>
>>>
>>>--
>>>Julian Field
>>><http://www.mailscanner.info/>www.MailScanner.info
>>>MailScanner thanks transtec Computers for their support

--
Julian Field
www.MailScanner.info
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20030517/ed320370/attachment.html