Opinion on X-AntiAbuse: headers?

Matt Kettler mkettler at evi-inc.com
Fri Apr 18 21:44:58 IST 2008

Julian Field wrote:
> Hugo van der Kooij wrote:
>> * PGP Signed by an unverified key: 04/16/08 at 22:13:23
>> Hi,
>> This might be pushing the boundry of being on or off-topic.
> Since when did that stop anyone? :-)
>> But does anyone know when valid email actually contain X-AntiAbuse: 
>> headers?
> When a non-spammer puts them in by mistake? They certainly aren't worth 
> the 0's and 1's they are written in.
>> So far (2 years now) I have only seen them in spam and never in legit
>> traffic. I think over 90% of the times it is a poorly managed website
>> with some broken email script.
> They may actually be a good indication of spam. Ask the SA folks what 
> they think.

I get these from several of my associates in small companies who use hosted 
services for web/email.

Also, a search of posts to this very lists reveals several posters who have 
them. Most recently, posts by "Johnny Stork" and "Edward Prendergast" have 
X-AntiAbuse headers in them.

In general, hosted services are ripe with spammers. This is why most hosted 
services add the headers for their own uses, but that doesn't mean there aren't 
any legitimate companies using hosted services..

More information about the MailScanner mailing list