At Sat Jun 28 00:40:16 2003, Matt Kettler wrote:
> 
> The FORGED_MUA_AOL rules are written to try to recognize mail that claims 
> to be "from" an aol.com address, but doesn't appear to have been actualy 
> relayed through a mailserver with an aol-ish name.

No.  FORGED_MUA_AOL simply checks that if the X-Mailer header matches
"\bAOL\b" then the message-id must be in the format used by AOL. 

> Of course, this is all based on what email the SA-dev types have access to. 
> I'd be very surprised if they have many message headers that are from 
> messages sent by an actual AOL employee, so the patterns are designed 
> around aol-user mail.
> 
> it's implemented in EvalTests.pm using the subroutine 
> check_for_fake_aol_relay_in_rcvd.

Ah.  You're thinking of FORGED_AOL_RCVD.

> If the AOL employee consents, you can open a bug in the SA bugzilla and 
> attach a sample message to it. This will give the SADevs a copy of a 
> legitimate message to test and tweak the rules against it so that this 
> false positive case is fixed.

You should only need to attach the headers - the body shouldn't matter.

Martin
-- 
Martin Radford              |   "Only wimps use tape backup: _real_ 
[EMAIL PROTECTED] | men just upload their important stuff  -o)
Registered Linux user #9257 |  on ftp and let the rest of the world  /\\
- see http://counter.li.org |       mirror it ;)"  - Linus Torvalds _\_V


-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Reply via email to