On Wed, Oct 02, 2002 at 04:12:40PM -0500, Jeremy Turner wrote: > that header does not exist. Couldn't a spammer include this and escape > spamassassin unscathed? Or could the X-Spam-Status: header be rewritten > (if it already exists) with the content of the latest spamassassin scan?
They could, but unless you have your filter written incorrectly it's
not going to help them. For instance, here's what I use:
# If what comes in is already caught by spamassassin, flag it and continue
:0fW
* ^X-Spam-Flag: YES
| formail -A "X-Reject: Previous Spamassassin match!"
:0E
{
INCLUDERC=$HOME/.procmail.d/spamassassin
INCLUDERC=$HOME/.procmail.d/spam
}
So if it comes in with a "X-Spam-Flag: YES" header, I flag it as a
previous match and it gets stored as spam. If it doesn't, it gets
scanned by SpamAssassin. So a spammer could put in a "X-Spam-Status:
No" header if they wanted to, but it doesn't get them anywhere... :)
--
Randomly Generated Tagline:
"You have to stay in shape. My grandmother, she started walking 5 miles a
day when she was 60. She's 97 today and we don't know where the hell she
is." - Ellen DeGeneres
msg08315/pgp00000.pgp
Description: PGP signature
