On Fri, May 31, 2002 at 03:11:48PM +0200, Tony L. Svanstrom wrote:
| On Fri, 31 May 2002 the voices made Sean Rima write:
| 
| > Strnagely enough I got a spam a couple of days ago that had headers and
| > body text from SA 2.20 but as I use CVS and my ISP doesn't use SA and
| > the remote server connected direct to my ISPs box.
| >
| > It looked like a clever attempt to cover up spam :) Still failed as it
| > went into my autoreport account :)
| 
| I don't really see what's so "clever" about it,

Here's the clever part :

------
X-Spam-Status: No <...>

<a real spam message>
------

If your site looks for the X-Spam-Status header to decide whether or
not to run the message through SA, it would be fooled and would NOT be
run through SA.  (that's the not-so-clever part -- the bad setup on
your side.  Moral is: don't do that!)

-D

-- 

"Wipe Info uses hexadecimal values to wipe files. This provides more 
security than wiping with decimal values." -- Norton SystemWorks 2002 Manual
 
GnuPG key : http://dman.ddts.net/~dman/public_key.gpg

Attachment: msg05732/pgp00000.pgp
Description: PGP signature

Reply via email to