At 11:27 AM 6/27/03 +1200, Simon Byrnand wrote:Shouldn't it be possible to simply check for the presence of spamassassin markup before calling it a second time ??
No, because that's easily abused by spammers.. all they have to do is add a spamassassin markup to the header that says "not spam" and they bypass your SA processing entirely.
So add a site specific header to show the message has been scanned.... they're unlikely to be able to forge that :)
(You had a good point though)
Regards, Simon
------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
