On Thu, 2003-08-14 at 19:08, Dirk Nienhaus wrote: > [EMAIL PROTECTED] wrote: > > > Since some of the emails from this list had already been processed by > > somebody else's spamassassin (the sender's perhaps?) and had the > > X-Spam-Status header, my procmail rule bypassed the spamassassin filter. > > Hi, at first thank you for the fast answer! > if i understand you right, you think that a sa processed email become a > required status=9999.0? > > > > I don't remember where I got the idea to skip spamassassin if the > > X-Spam-Status header was set, but I believe I found it somebody's > > reference page long ago. If that's the case, some spammers may have > > picked up on this as well and added their own X-Spam-Status header, or > > perhaps you are seeing some processing happening upstream... Based on the > > high score of your example (6.3), the latter seems more likely. > > Yes! A faked header is thinkable :( > > > In any case, I've changed my setup to skip filtering only if my custom > > header exists (which indicates my local spamassassin has processed the > > email), as follows: > > What? You create your own sa-header? Or which information in the header > did you take? I have no 100% save idea ;) >
Safest & easiest easy way to match headers from only your own SA without being vulnerable to forged or pre-existing SA headers would be to match the SA version info, after adding your own site-specific version_tag in local.cf. version_tag something -- Yorkshire Dave -- Scanned by MailScanner at wot.no-ip.com ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
