Detecting forwarded spam
Matt Kettler
mkettler at evi-inc.com
Tue May 15 21:29:15 IST 2007
Randal, Phil wrote:
> Great idea.
>
> Not!
>
> I'll just send you 100,000 spams with an "X-Spam-Report: IsSpam=yes"
> header.
>
> Just what you wanted?
If someone wants to self-declare that all their mail is spam, why should we stop
them? Why should we not honor that and automatically treat them as spam without
further evaluation?
Do I really need to rescan the message and independently conclude that it is, in
fact, spam?
It's one thing to not trust one that says IsSpam=no, because spammers have a
motivation to fake that to bypass your filters.
However, who has any motivation to falsely declare that a message is spam?
Anyone who isn't a moron or twit?
At that point you may as well argue that GTUBE should be eliminated from
SpamAssassin because anyone can insert the GTUBE string into their message and
force your SA to categorize it as spam...
So what?
I can send you emails with GTUBE in it as well. The end result is the same, it
ends up being categorized as spam.
More information about the MailScanner
mailing list