On 12/03/2018 09:56 AM, Andreas Galatis wrote:
How comes that spamassassin doesn’t block mailsenders with 2 @-signs in the address?
Fist: I don't think that SpamAssassin should block anything on any single (normal) test. IMHO it should increment the spam score and something should decide to accept or reject the message based on the aggregate spam score from all the tests.
I think a LONG time ago, likely before SpamAssassin was a thing, it was valid to have multiple @ signs in an email address. This was a method of routing messages through other servers. Think UUCP bang path.
Is there any possibility to stop those mail, all of them having word- docs attached, containing a trojan horse?
I don't think the multiple @ signs have worked in a very long time. So I see no reason not to add score based on multiple @ signs. Or if there is a legitimate use for it, it should be extremely rare and the false positive rate should be acceptable.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
