I have been noticing the occasional spam slipping past spam assassin
unscathed lately but have been a bit busy to pay attention (one spam a
day is much better than the 150 each user used to get). I paid a bit
more attention to one the other day and noticed it had an X-Spam header
before it got to spam assassin. For a few seconds I thought that maybe
my ISP had started tagging silently, until I noticed that the spam score
was -83... Not the positive score it should have been, so I deduced that
spammers are forging the X-Spam header to slip by the classification rules.
I had a search on the Nabble archive for this list and couldn't find
anything specifically about this (it probably got lost in the million
results that just about any search phrase produces!) so I am hoping
someone can point me at a solution if it's been discussed before.
Is there an option for the spamassass-milter to strip X-Spam headers
before the mails are handed to Spam Assassin for processing? If not, is
there another milter I will need to use? I guess I can put it in between
milter-regex and spamass-milter.
Any ideas?
Chris M
- Forged X-Spam headers Christopher Martin
-
