John D. Hardin writes:
> FYI, a couple of headers the executable-attachment filters trapped
> today on a system I assist with:
>
> > From [EMAIL PROTECTED] Thu Jul 6 10:36:55 2006
> > Return-Path: <[EMAIL PROTECTED]>
>
> > From [EMAIL PROTECTED] Thu Jul 6 10:36:51
> 2006
> > Return-Path: <[EMAIL PROTECTED]>
>
> ...sigh.
>
> Is it worth a rule to catch nonsense like this? I guess their MTA has
> the "sender domain must resolve" checks turned off...
occasionally I've written one, to find:
- it hits like 0.0001% of spam
- my MTA tends to reject it before SpamAssassin gets involved ;)
it all depends if that got through to a user. sounds like it didn't --
in which case, a SpamAssassin rule on top of whatever else caught
it, would be just wasting CPU time.
--j.
