Odd missing X-Spam-Status: Yes header

Glenn Steen glenn.steen at GMAIL.COM
Fri Oct 28 10:29:16 IST 2005

    [ The following text is in the "ISO-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

On 27/10/05, Jim Davis <jdavis at cs.arizona.edu> wrote:
> On Thu, 27 Oct 2005, Glenn Steen wrote:
> > Why do you rely on procmail handling this?
> Procmail handles all local delivery, and I'm moving from a standalone
> spamd/spamc setup where users do something like
> :0:
> * ^X-Spam-Status: Yes
> spam
> in their .procmailrc files.  By policy, the server just tags; what users
> do with that info is up to them.
> As far as I can tell, that shouldn't be spoofable by a spammer simply
> tacking on a 'X-Spam-Status: No' flag.
Well, it is, so then you either have to look at that strategy as a
whole (perhaps go for quarantining instead, and setup/use MailWatch to
let the users manage their quarantine themselves... Or something
similar), or make sure there is no such spoofable header in the mails
prior to MS scanning them. In Postfix, if you were to use that, this
is a simple header check. Something like:
/^X-Spam-Level:/   IGNORE  # This drops the SpamAssassin spam level header
/^X-Spam-Status:/ IGNORE  # This drops the SpamAssassin spam status header
... in your header_checks file (assuming you have "header_checks =
regexp:/etc/postfix/header_checks") would probably be enough. Should
work, since it is cleanup that drops them, and wouldn't come into play
on the reinjected mails.
I'm sure other MTAs have similar features.

-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list