n***@novirus.com
2003-08-22 03:57:12 UTC
This looks like an interesting tidbit, from a bounce. It might help anybody
wanting to filter.
Note that most of the accumulated points came from:
"Forged mail pretending to be from MS Outlook"
The header it seems to refer to is:
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
[the vast majority, maybe all, of bounces that report headers have that same
one]
The "spam" report:
X-Spam-Report: ---- Start SpamAssassin results
6.70 points, 6 required;
* 0.8 -- From: does not include a real name
* 0.6 -- Invalid Date: header (not RFC 2822)
* 0.1 -- RAW: Message includes Microsoft executable program
* 0.8 -- Date: is 6 to 12 hours before Received: date
* 0.5 -- Message has X-MSMail-Priority, but no X-MimeOLE
* 0.4 -- Spam tool pattern in MIME boundary
* 3.5 -- Forged mail pretending to be from MS Outlook
---- End of SpamAssassin results
wanting to filter.
Note that most of the accumulated points came from:
"Forged mail pretending to be from MS Outlook"
The header it seems to refer to is:
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
[the vast majority, maybe all, of bounces that report headers have that same
one]
The "spam" report:
X-Spam-Report: ---- Start SpamAssassin results
6.70 points, 6 required;
* 0.8 -- From: does not include a real name
* 0.6 -- Invalid Date: header (not RFC 2822)
* 0.1 -- RAW: Message includes Microsoft executable program
* 0.8 -- Date: is 6 to 12 hours before Received: date
* 0.5 -- Message has X-MSMail-Priority, but no X-MimeOLE
* 0.4 -- Spam tool pattern in MIME boundary
* 3.5 -- Forged mail pretending to be from MS Outlook
---- End of SpamAssassin results
--
Ken
Ken